Category: PHP

I have a plain PHP project which used composer to install packages but the composer.json file doesn’t exist anymore. The vendor folder contains all the currently used packages and the autoload.php file.

Now I need to install and use aws package but once I run the composer require command, all old packages get removed from the vendor. And when I restore them from a backup, they don’t work. The app doesn’t recognize them anymore.

How to use the aws package or any other package in such a situation?
Here’s the app/init.php file of the project (not all of it)

define('ROOT_PATH', realpath(__DIR__ . '/..') . '/');
const APP_PATH = ROOT_PATH . 'app/';
const PLUGINS_PATH = ROOT_PATH . 'plugins/';
const THEME_PATH = ROOT_PATH . 'themes/altum/';
......
OTHER LOGIC AND CONSTANTS HERE
......
require_once APP_PATH . 'helpers/Affiliate.php';
/* Autoload for vendor */
require_once ROOT_PATH . 'vendor/autoload.php';

I tried to download the folder of aws and copy it to the vendor folder then in the PHP file:

use AltumMiddlewaresCsrf;
use AltumTitle;
use AwsS3S3Client;

But I get an error

PHP Fatal error:  Uncaught Error: Class 'AltumControllersAwsS3S3Client' not found

Im working for my project where i scrape form different skin websites and you can see which has cheaper skins. So i made my first scraper and it doesnt scrape. Could use some help.

`use IlluminateHttpRequest;
use GoutteClient;

class CsmoneyController extends Controller
{
public function index(Request $request)
{
$client = new Client();

    $crawler = $client->request('GET', 'https://cs.money/market');
    $skins = $crawler->filterXPath('.BuyPage_body__27jeL')->each(function ($node) {
        $name = $node->filterXPath('.market-item__name')->text();
        $price = $node->filterXPath('//div[contains(@class, "styles_price__1m7op")]/span[contains(@class, "price_currency__1RmBq")]')->text();
        $image = $node->filterXPath('//img[@class="BaseCard_image_content__2GmuD"]')->attr('src');
        $float = $node->filterXPath('.csm_ui__text__6542e csm_ui__body_12_regular__6542e CSGODescription_description__3cUg_ large')->eq(0)->text();
        $condition = $node->filterXPath('.market-item__params .param')->eq(1)->text();
        return [
            'name' => $name,
            'price' => $price,
            'image' => $image,
            'float' => $float,
            'condition' => $condition
        ];
    });

    return view('scraper', ['skins' => $skins]);
}

}`

the link below is from one of my webpages to display specific user profile when the view button is clicked but the problem is that it displays the user id on address bar which I think is not good practice for security issues how can this be prevented but achieve the desired output?

HTML button

<button><a href="view.php?member_id=<?php echo $roww['member_id'];?>">View</a> </button>

the php code from view.php file

if (isset($_GET['snippet_id'])) {
    $snippet_id = $_GET['snippet_id'];

    try {
        $stmt = $pdo->prepare('SELECT * FROM snippets WHERE snippet_id = :id');
        $stmt->execute([':id' => $snippet_id]);
        $row = $stmt->fetch(PDO::FETCH_ASSOC);
        $count = $stmt->rowCount();
    } catch (PDOException $e) {
        echo 'Error: ' . $e->getMessage();
        exit();
    }
}

`Uniserver apache logs error:  PHP Fatal error:  Uncaught mysqli_sql_exception: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ','',,'2015-03-20',,'','Lunedi')'

$nome = $_POST['nome1'];$cognome = $_POST['cognome1'];$utente = $_POST['user1'];$email = $_POST['email1'];$provincia = $_POST['prov1'];$citta = $_POST['cit1'];$cap = $_POST['cap1'];$via = $_POST['via1'];$civ= $_POST['civ1'];$tel = $_POST['tel1'];$passw = $_POST['passw1'];     $sql = "INSERT INTO docenti (nome, cognome, utente, email, provincia, citta, cap, via, civico, nascita, telefono, password, libero)VALUES ('$nome','$cognome','$utente','$email','$provincia','$citta',$cap,'$via',$civ,'2015-03-20',$tel,'$passw','Lunedi')";

if(mysqli_query($conn, $sql)){echo ("query eseguita");} else{echo "ERROR: $sql. " . mysqli_error($conn)`;}mysqli_close($conn);

(it turns out to be a fatigue problem…i can’t solve tips??; should insert the values ​​into a ‘docenti’ table.There is also a IDdocente (Primary Key autoincremental integer type) but which I have not entered in the query, is that correct??)

can any one help me. I match old and new password using Password_verify function using php. but it is not working.

if (isset($_POST['update_profile'])) {
    $conn = mysqli_connect('localhost','root','','pos');
    $id = $_POST['id'];
    $username = $_POST['username'];
    $email = $_POST['email'];
   $oldpass = $_POST['op'];

    $sql = "SELECT password from users where id = '$id'";

    $result = mysqli_query($conn, $sql) or die('Querry Error');
    if(mysqli_num_rows($result)>0){
        while ($row = mysqli_fetch_assoc($result)) {
       $rowpass = $row['password'];
            if(password_verify($oldpass,$rowpass) ) {
            echo "Password Ok";
            }else{
                echo "Password Not Ok";
            }
        }
    }
}

Hi! can any one help me. I match old and new password using Password_verify function using php. but it is not working.

if (isset($_POST['update_profile'])) {
    $conn = mysqli_connect('localhost','root','','pos');
    $id = $_POST['id'];
    $username = $_POST['username'];
    $email = $_POST['email'];
   $oldpass = $_POST['op'];

    $sql = "SELECT password from users where id = '$id'";

    $result = mysqli_query($conn, $sql) or die('Querry Error');
    if(mysqli_num_rows($result)>0){
        while ($row = mysqli_fetch_assoc($result)) {
       $rowpass = $row['password'];
            if(password_verify($oldpass,$rowpass) ) {
            echo "Password Ok";
            }else{
                echo "Password Not Ok";
            }
        }
    }
}

I know this is a very popular question but I haven’t been able to find a working solution for Laravel 6. I am using windows Plesk to setup the Laravel project.

I don’t want to set my document root to the public folder.

I’ve tried the .htaccess mod_rewrite method

RewriteEngine On
RewriteCond %{REQUEST_URI} !^/public/
RewriteRule ^(.*)$ /public/$1 [L,QSA]

and also this

<IfModule mod_rewrite.c>
   RewriteEngine on
   RewriteCond %{HTTPS} off
   RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
   RewriteRule ^(.*)$ public/$1 [L]
</IfModule>

Is there a decent method of removing ‘public’ in a development environment that:Works with L6

Thanks

when sending request get to login page instead of showing data

well im new to this so dont know what to try. used echo var_dump but everything is fine

<?php
$username = "*************";
$password = "********************";
$url = "************************************************";

$headers = array(
    "Authorization: Basic " . base64_encode($username . ":" . $password),
    "Content-Type: application/json"
);

$options = array(
    "http" => array(
        "header"  => implode("rn", $headers),
        "method"  => "GET"
    )
);

$context = stream_context_create($options);
$response = file_get_contents($url, false, $context);


echo $response;
?>

my environment

Ubuntu 18.04
php-fpm 7.2.24
Apache 2.4.49

My PHP webapp use custom function to delete expired users sessions.

At beginning of main script I something like that:

define("SESSION_SAVE_PATH", "/tmp/my_php_sessions"); 
define("SESSION_EXPIRE_SECONDS", 36000); // 10h

function session_custom_garbage_collector()
{
    if (!is_dir(SESSION_SAVE_PATH)) {
        mkdir(SESSION_SAVE_PATH, 0777, true);
    }

    $files = glob(SESSION_SAVE_PATH . '/sess_*');
    $now = time();
    foreach ($files as $file) {
        if (file_exists($file)) {
            $mfile_time = filemtime($file);
            if ($now - $mfile_time >= SESSION_EXPIRE_SECONDS) {
                unlink($file);
            }
        }
    }
}
session_custom_garbage_collector();    
ini_set("session.save_path", SESSION_SAVE_PATH);

sometimes on production environment i see this kind of warning:

PHP Warning:  unlink(/tmp/my_php_sessions/sess_7b2v6gipv5riclv1og0b8su9du): No such file or directory in ....

looking at the code above I cannot explain why this happen, it sounds adsurd to me!

Trying to replicate this behaviour on development environment lead me to nothing.

Any suggestions?

I’m not being able to insert any data to MySQL database due to this error that I’m getting after inserting and submitting the form.

Warning: Undefined array key “image” in C:xampphtdocseCommerceadminitems.php on line 304

Warning: Trying to access array offset on value of type null in C:xampphtdocseCommerceadminitems.php on line 304

Warning: Undefined array key “image” in C:xampphtdocseCommerceadminitems.php on line 305

Warning: Trying to access array offset on value of type null in C:xampphtdocseCommerceadminitems.php on line 305

this is some code of items.php:

elseif ($action == 'Add') {

        ?>

<h1 class="text-center">Add New Item</h1>
<div class="container">
    <form class="form-horizontal" action="?action=Insert" method="POST" enctype="multipart/form-data">
 <div class="form-group form-group-lg">
        <label for="image" class="col-sm-2 control-label">Item Image</label>
        <div class="col-sm-10 col-md-6">
            <input type="file" name="image" id="image" class="form-control" required="required">

        </div>
    </div>


    <!-- End Tags Field -->
    <!-- Start Submit Field -->
    <div class="form-group form-group-lg">
        <div class="col-sm-offset-2 col-sm-10">
            <input type="submit" value="Add Item" class="btn btn-primary btn-sm" />
        </div>
    </div>
    <!-- End Submit Field -->
    </form>

</div>

<?php

    } elseif ($action == 'Insert') {

        if ($_SERVER['REQUEST_METHOD'] == 'POST') {

            echo "<h1 class='text-center'>Insert Item</h1>";
            echo "<div class='container'>";

            // Get Variables From The Form

            $name = $_POST['name'];
            $desc = $_POST['description'];
            $price = $_POST['price'];
            $country = $_POST['country'];
            $status = $_POST['status'];
            $member = $_POST['member'];
            $cat = $_POST['category'];
            $tags = $_POST['tags'];
line 304:   $image = $_FILES['image']['name'];
line 305:   $tmpImage = $_FILES['image']['tmp_name'];

            // Validate The Form

            $formErrors = array();

            if (empty($name)) {
                $formErrors[] = 'Name Can't be <strong>Empty</strong>';
            }

            if (empty($desc)) {
                $formErrors[] = 'Description Can't be <strong>Empty</strong>';
            }

            if (empty($price)) {
                $formErrors[] = 'Price Can't be <strong>Empty</strong>';
            }

            if (empty($country)) {
                $formErrors[] = 'Country Can't be <strong>Empty</strong>';
            }

            if ($status == 0) {
                $formErrors[] = 'You Must Choose the <strong>Status</strong>';
            }

            if ($member == 0) {
                $formErrors[] = 'You Must Choose the <strong>Member</strong>';
            }

            if ($cat == 0) {
                $formErrors[] = 'You Must Choose the <strong>Category</strong>';
            }

            if (empty($image)) {
                $formErrors[] = 'You Must Choose the <strong>Image</strong>';
            }

            // Loop Into Errors Array And Echo It

            foreach ($formErrors as $error) {
                echo '<div class="alert alert-danger">' . $error . '</div>';
            }

            // Check If There's No Error Proceed The Update Operation

            if (empty($formErrors)) {

                move_uploaded_file($tmpImage, "./items_images/$image");

                // Insert Userinfo In Database

                $stmt = $pdo->prepare("INSERT INTO

        items(itemName, Description, Price, Country_Made, Status, Add_Date, Cat_ID, User_ID, tags, image)

        VALUES(:zname, :zdesc, :zprice, :zcountry, :zstatus, now(), :zcat, :zmember, :ztags, :zimage)");

                $stmt->execute(array(

                    'zname' => $name,
                    'zdesc' => $desc,
                    'zprice' => $price,
                    'zcountry' => $country,
                    'zstatus' => $status,
                    'zcat' => $cat,
                    'zmember' => $member,
                    'ztags' => $tags,
                    'zimage' => $image
                ));

                // Echo Success Message

                $theMsg = "<div class='alert alert-success'>" . $stmt->rowCount() . ' Record Inserted</div>';

                redirectHome($theMsg, 'back');

            }

        } else {

            echo "<div class='container'>";

            $theMsg = '<div class="alert alert-danger">Sorry You Cant Browse This Page Directly</div>';

            redirectHome($theMsg);

            echo "</div>";

        }

        echo "</div>";

I don’t know how to solve this error.

i try to composer install in my php project, im using php storm.

i get the following error:

- Root composer.json requires php ^8.0.2 but your php version (8.0.0) does not satisfy that requirement.

phpinfo() -> php 8.1.13

php -v in terminal:

PHP 8.1.13 (cli) (built: Dec  8 2022 20:54:05) (NTS)
Copyright (c) The PHP Group
Zend Engine v4.1.13, Copyright (c) Zend Technologies

But why composer say, my php version is 8.0.0

I have a voyager installation (ive not used it for about a year) but tried to go back to it, tried to run migrations, serve, composer update but keep getting this error

In helpers.php line 3:

Undefined constant “RowTypeClass”

It was running fine last time i used it so im not sure whats changed i havent updated anything

    "larapack/hooks": "^1.0",
    "larapack/voyager-hooks": "^1.2",
    "laravel/framework": "^8.75",
    "laravel/sanctum": "^2.11",
    "laravel/tinker": "^2.5",
    "tcg/voyager": "^1.6"

is from my composer.json

I’m at a bit of a loss what to do as its in the vendor files

Tried looking online but not found anything related, any guidance would be appreciated

i have tried to upload my documents to make jazzcash sandbox acccount, they are not uploading on clicking upload button… how to upload them to get merchant account
This is the picture of error

I have a WordPress website. One of my friends said I have to disable the wp-json/wp/v2/pages file otherwise hackers can check my data easily. So I tried the below code on my website and disabled the rest API response.

//disable wp-jon file
if( ! is_user_logged_in() ) {
remove_action('rest_api_init', 'create_initial_rest_routes', 99);
}

Now If anyone is accessing the URL wp-json/wp/v2/pages they will get the message “No route was found matching the URL and request method.” and it’s working for me.

Now my issue is if someone is accessing the URL mydomain.com/wp-json then it’s showing the JSON response, How can I block this URL?

I authenticated with postman with the following : https://xx/services/oauth2/token endpoint, and in body I have grant_type : password and some others, how can I call this in PHP and receive the same output( in postman i receive an access token and some others).

i need to store the event insert into database i don’t what i miss please help me i used PHP 8.0 this events are created and respond 200 OK payment_intent.succeeded,payment_method.attached, charge.succeeded,payment_intent.succeeded and also Webhook url is correct please help?

<?php
//secret.php
// Keep your Stripe API key protected by including it as an environment variable
// or in a private script that does not publicly expose the source code.

// This is your test secret API key.
$stripeSecretKey = 'sk_test_51MqG2jBbneKn9awSabftRMnZeMxZZZsBO6uOAP1RFzeY6we3FLCF1yM3pcuwZycYQE5GJAzEDKf9fierGVHL48yS00UbfOkJbT';


<?php
//webhook.php
require_once '../vendor/autoload.php';
require_once '../secrets.php';
require('./include/config.php');

StripeStripe::setApiKey($stripeSecretKey);
// Replace this endpoint secret with your endpoint's unique secret
// If you are testing with the CLI, find the secret by running 'stripe listen'
// If you are using an endpoint defined with the API or dashboard, look in your webhook settings
// at https://dashboard.stripe.com/webhooks
$endpoint_secret = 'whsec_oolku8vdsvyWii1aL5xEffkFMMZH6z6P';

$payload = @file_get_contents('php://input');
$event = null;

try {
  $event = StripeEvent::constructFrom(
    json_decode($payload, true)
  );
} catch(UnexpectedValueException $e) {
  // Invalid payload
  echo '⚠️  Webhook error while parsing basic request.';
  http_response_code(400);
  exit();
}
if ($endpoint_secret) {
  // Only verify the event if there is an endpoint secret defined
  // Otherwise use the basic decoded event
  $sig_header = $_SERVER['HTTP_STRIPE_SIGNATURE'];
  try {
    $event = StripeWebhook::constructEvent(
      $payload, $sig_header, $endpoint_secret
    );
  } catch(StripeExceptionSignatureVerificationException $e) {
    // Invalid signature
    echo '⚠️  Webhook error while validating signature.';
    http_response_code(400);
    exit();
  }
}

$id = $event->data->object->id;
$amount = $event->data->object->amount_captured;
$currency = $event->data->object->currency;
$cus_email = $event->data->object->receipt_email;
$name = $event->data->object->billing_details->name;

// Handle the event
switch ($event->type) {
  case 'payment_intent.succeeded':
    $paymentIntent = $event->data->object; // contains a StripePaymentIntent
    // Then define and call a method to handle the successful payment intent.
    // handlePaymentIntentSucceeded($paymentIntent);
    break;
  case 'payment_method.attached':
    $paymentMethod = $event->data->object; // contains a StripePaymentMethod
    // Then define and call a method to handle the successful attachment of a PaymentMethod.
    // handlePaymentMethodAttached($paymentMethod);
    break;
  case 'charge.succeeded':
    // $paymentMethod = $event->data->object; // contains a StripePaymentMethod
    // Then define and call a method to handle the successful attachment of a PaymentMethod.

    // mysqli_query($con, "INSERT INTO tbl_chargeSuccess (txn_id, amount, currency) VALUES ($id, $amount, $currency)");
    $stmt = $con->prepare("INSERT INTO tbl_chargeSuccess (txn_id, amount, currency, cus_email, name) VALUES (?, ?, ?, ?, ?)");
    $stmt->bind_param("sdsss", $id, $amount, $currency, $cus_email, $name);
    $stmt->execute();
    if (!$stmt) {
      # code...
      echo 'There was an error'.mysqli_error($con);
    }    
    $stmt->close();
    $con->close();
    // handlePaymentMethodAttached($paymentMethod);
    break;

  default:
    // Unexpected event type
    error_log('Received unknown event type');
}

http_response_code(200);

i need to store the event insert into database i don’t what i miss please help me i used PHP 8.0 this events are created and respond 200 OK payment_intent.succeeded,payment_method.attached, charge.succeeded,payment_intent.succeeded and also Webhook url is correct please help?