CodeIgniter Forums

Help: Sending Mass Emails

Posted by: El Forum - 06-26-2007, 01:32 PM - No Replies

	[eluser]Unknown[/eluser] Hi, I'm really a newbie when it comes to this so I was wondering what would be the best practice on sending mass emails, kinda like for a newsletter. I was thinking that I can run a loop but then the server would time out on me if the script timeout settings is set. Thank you, Any advice would be highly appreciated.

xss_clean dosen't work propertly

Posted by: El Forum - 06-26-2007, 11:27 AM - No Replies

[eluser]droopy[/eluser]
looking at this function (xss_clean in class CI_Input) i've spooted, that i isn't filtering css expressions.
css expressions allows to put javascript into css rule, it works only in IE, but it's still about 60% of all users.
via expressions one can do everything that js alows, so it's a big danger.

more about this way of puting js, and other xss exploits here: http://ha.ckers.org/xss.html

example of expression:

Code:
<DIV STYLE="width: expression(alert('XSS'));">

i think xss cleaning should by improved, at least 'expression' word should by filtered as well as 'javascript'

i would like to point one more problem, there is so many ways to smuggle javascript, that i think is imposible to catch it all, so i think it should be mentioned in the manual, that xss filtering dosn't give 100% security

xss can by made even without javascript, for examle img tag: < img src="path_to_admin_file" />, where "path_to_admin_file" is path to file, with deletes something, for example: "/admin/article/del/3" or something like that. if user with administrators rights 'sees' such img, it deletes the article...

allowing any html tag from user is unsafe...

ps. sorry if i've made any mistakes in text, english isn't my native language :>

Need help with CI and .htaccess

Posted by: El Forum - 06-26-2007, 10:38 AM - No Replies

[eluser]bigg-media[/eluser]
I have a website that I am working on.

The important part of my .htaccess

Code:
RewriteEngine On

  RewriteRule ^index.html$ home.html [L]

  RewriteCond %{REQUEST_FILENAME} !-f

  RewriteCond %{REQUEST_FILENAME} !-d

  RewriteCond $1 !^(index\.php|crm|system)

  RewriteRule ^(.*)$ index.php/home/index/$1 [L]

I have a main controller home that all pages are run through. I did this since when we built the site, they wanted all preexisting pages mapped to the new pages. (ex. resslaws.html needs to map to /system/application/default/view/default/content/resslaws.php which is pulled view the home controller).

Now my problem. I am creating a simple crm system for the client. I started with a separate crm folder under application with it's own config files, templates, etc. No matter what I do, when I try to access this new app, I get a 500 error, but the error message is shown inside the template of the first app.

The error log shows a premature ejaculation of the headers (premature end of script headers). I have checked all of my scripts for the whitespaces before and after php tags, and can't seem to find any.

I have now moved a separate instance of CI to a crm folder under root and the same problems still exist. I also tried to just run the new app as a controller using the new template within the existing CI app. No luck that way either.

If I disable Rewrite, I still get the 500 error, so there are issued besides the fact that it is pulled through the other template.

initial setup
index.php
crm.php
system
-application
--crm
--default

now
crm
-index.php
-system
--application
---crm
system
-application
--default
index.php

The site is hosted on lunarpages.

Any help would be appreciated.

Brent

htaccess problems

Posted by: El Forum - 06-26-2007, 08:54 AM - No Replies

[eluser]St0neyx[/eluser]
Hi,

I'm not that good with htaccess files so i copied mine from the forum.

my htaccess code

Code:
RewriteEngine on

RewriteCond $1 !^(index\.php|css|font|images|includes)

RewriteRule ^(.*)$ /index.php/$1 [L]

This code makes the index.php disapear from the url.
example
www.site.com/index.php/controller/function/segments
after htaccess
www.site.com/controller/function/segments

now i also want this in my url
www.site.com/controller?blaat=blaat

this is not accepted, how can i make this acceptable?
in the config ? is an allowed char for the url.

I don't want to piss people off, but dont come with solutions like
why don't u just do www.site.com/controller/blaat
because thats not what i need..

Update statement in active record class

Posted by: El Forum - 06-26-2007, 07:12 AM - No Replies

[eluser]MaDe[/eluser]
Hi there,

I found out, that in active record class statements like "UPDATE table SET field1 = field2+1" are not possible, as the $this->db->set() function only accepts arrays of key/value pairs or a key/value pair as 2 parameters. In both cases, the value parameter is escaped, which will not work in the example above. If I'm wrong here, please tell me Smile

Would it not be a good solution to have the ability to set only ONE parameter ($this->db->set('field1 = field2 + 1') Wink and NOT escape that one? That would be the same way, the $this->db->where() function works.

Wouldn't that be a solution?

STRANGE SQL update error... Help Anyone RESOLVED

Posted by: El Forum - 06-26-2007, 07:08 AM - No Replies

[eluser]Unknown[/eluser]

Quote:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'table = '', semetry = 'semetry', polish = 'polish', girdle = '', culet = '', flo' at line 1

UPDATE ss_products_attributes SET diamond = '', carat_weight = '', color = '', fancy_color = '', cut = 'cut', clarity = 'clarity', depth = '', table = '', semetry = 'semetry', polish = 'polish', girdle = '', culet = '', floresence = 'floresence', measurement = '' WHERE products_id = '2'

I keep gitting the error can anyone tell me what maybe the cause

here is the code

Code:
$pd = array(

        'diamond' => $_POST['diamond'],

        'carat_weight' => $_POST['carat_weight'],

        'color' => $_POST['color'],

        'fancy_color' => $_POST['fancy_color'],

        'cut' => $_POST['cut'],

        'clarity' => $_POST['clarity'],

        'depth' => $_POST['depth'],

        'table' => $_POST['table'],

        'semetry' => $_POST['semetry'],

        'polish' => $_POST['polish'],

        'girdle' => $_POST['girdle'],

        'culet' => $_POST['culet'],

        'floresence' => $_POST['floresence'],

        'measurement' => $_POST['measurement']

        );

        //$this->gen_db->update_data_set('ss_products_attributes',"products_id = '{$_POST['products_id']}'",$pd);

        $this->db->where("products_id = '{$_POST['products_id']}'");

        $this->db->update('ss_products_attributes', $pd);

Quick pagination question

Posted by: El Forum - 06-26-2007, 02:54 AM - No Replies

[eluser]worchyld[/eluser]
I finally got pagination to work, but I have a question.

Why does CI need to run two queries to do the pagination job? The first is to count all records, and the other is to get the records from a certain range.

Is accessing the database twice really the right way to do pagination, or have I made a big error?

Code:
class Customer_list extends Controller {

    // Constructor

    function Customer_list() {

        parent::Controller();

        $this->load->database();

        $this->output->enable_profiler(TRUE);

    } // end function

    // A paginated list of all customers.

    function index() {        

        $this->load->library('pagination');

        $this->load->library('table');

            $this->load->helper('url');    

        $this->load->model('Customer_list_model');

        $config['base_url']     = site_url('customer_list/index/');

                // access database once.

        $config['total_rows']   = $this->db->count_all('ci_customers');

        $config['per_page']     = 10;

        $num    = $config['per_page'];

        $offset    = $this->uri->segment(3);

        $this->pagination->initialize($config);

                // access the database again?

        $data['results']    = $this->Customer_list_model->get_customers($num, $offset);

        $data['pageTitle']    = 'Some Page Title';

        $this->table->set_heading('ID', 'Name');

        // Load View ------------------------------------------------------

        $this->load->view('customer_list', $data);

    } // end function

} // end class

Multi-page forms, sessions or hidden fields?

Posted by: El Forum - 06-25-2007, 11:43 PM - No Replies

[eluser]Pete Smith[/eluser]
Once again dipping into the well of wisdom here...

So I'm creating a fairly complex order form, and I want to break it up into several pages.

Say for the sake of argument, 3 pages, or 3 steps.

Step 1: Enter your general information (name, address, email, etc)
Step 2: Enter customizing information for the items you're ordering. On this page there will be both textareas and file upload fields (for company logos).
Step 3: Get a total cost, enter CC info and stuff, and place the order.

Obviously I need to carry data forward from steps 1 & 2 to that final step.

I'm trying to ascertain the best way to do that. I could use hidden fields, or I could use sessions. Or maybe there's a 3rd, better option?

My fear with CI Sessions is that 4K limit on the cookie (do any of the 3rd party CI session replacements work around the cookie limit?). At the same time, hidden fields are feeling pretty cumbersome.

Any thoughts/ideas from those who've done something similar?

Problems with PHP5.

Posted by: El Forum - 06-25-2007, 09:32 PM - No Replies

[eluser]hrundel[/eluser]
Hi, all!
For become familiar with CI, I used PHP4 version and all worked great. But when I switched to PHP5 CI not worked. Even empty project with echo "test", in main controller not showed the string "test".
And problems not in php5 settings, since other my projects (not based on CI) worked perfectly on php5.
I'm used such code (as it described in documentation)

Code:
class Main extends Controller {

    function __construct()

    {

        parent::Controller();

    }

    function index()

    {

        echo "test";

    }

}

result is empty page in browser. I'm also looked at apache logs, and there no errors (all requests return 200 code) and in logs of CI no any errors.
What I do not such as needed?

Any benchmarks available ?

Posted by: El Forum - 06-25-2007, 09:12 PM - No Replies

[eluser]chrisranjana.com[/eluser]
Are there any benchmarks available for testing the increase in speed of coding using codeigniter ?

Say for example..taking a simple membership project as an example if a programmer uses PHP5 and does not use any other frameworks etc and codes it and if the same programmer used codeigniter what will be performance gain he will achieve ? Will he be able to complete the project faster if so by how much % ? etc

Pages (7765): « Previous 1 … 7755 7756 7757 7758 7759 … 7765 Next »

Welcome, Guest

You have to register before you can post on our site.

Latest Threads

CLI Error
by ltarrant
7 minutes ago

Running Codeigniter Queue
by warcooft
1 hour ago

Get folder path instead o...
by pippuccio76
3 hours ago

Codeignighter not resondi...
by mikehoague
3 hours ago

Where can I find a reliab...
by InsiteFX
9 hours ago

Myth Auth register a new ...
by InsiteFX
9 hours ago

Does CodeIgniter Shield H...
by tarcisiodev1
10 hours ago

Caching Question
by ozornick
Yesterday, 08:26 AM

Codeigniter and ReactJS
by murugappan
Yesterday, 01:18 AM

C4 Latest version shield ...
by kenjis
05-18-2024, 04:41 PM

Forum Statistics

» Members: 88,273
» Latest member: dagatructiep88
» Forum threads: 77,670
» Forum posts: 376,482

Full Statistics

Search Forums

(Advanced Search)