| |
| |
| |
|
Page: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
Comments:
<0> Monkey_b: oscommerce is a security mess, do not use it, period... but i'm not sure, check freshmeat/sourceforge
<1> ive been browsing hotscripts all day... i found an amazing cart, but it costs $1300... which im willing to drop, but just wanna make sure i dont jump into it if there are alternatives
<0> O.o
<2> yeh, everyone asks the question, but noone seems to know a top quality cart
<3> why not just write your own?
<1> cause i can save a ton of time buying one
<2> seems strange there's not an API in PEAR
<0> we should get a bunch of coders together and write a hashhashphpshopcart
<2> agaffney: who has the time to write a fully functional cart? it's a lot of work
<1> that would be an awesome idea itrebal
<4> arpad - i think -- right now, there is a loop that is producing $ins_data["data"][$i][variousfields]
<1> i dont really know where to discuss this kind of stuff
<3> aidan: I did :)
<1> aidan, look at this sample cart... ready to go out of box, its the one im talking about http://www.airvaecommerce.com/Ac3/?p=0&pj=index
<3> it's in production and deployed across ~7 sites in various forms :P
<1> i nearly soiled my pants :P
<1> its like department store quality
<0> that is a pretty nice looking cart
<4> and another loop that is producing the exact same ["data"][$i]["variousfields"] with the one exception that for each ["data"][$i], there is the additional [id] at the end
<3> is there a way to tell if an array() is being used as a list or a hash?
<2> "Welcome . If you are not , create a new account or log in now" kinda lets them down
<2> agaffney: nope
<1> ive used zencart, cubecart, oscommerce, whatever... always trying to customize and work within their limits, but it never comes out quite right
<0> Monkey_b: do not create it
<0> Monkey_b: rather, do not buy it
<1> really
<0> http://www.airvaecommerce.com/Ac3/?p=uvl&id=abc
<1> it looks mighty impressive
<2> agaffney: you can foreach it, but it's kinda boring
<3> aidan: bah, that's what I figured. I guess I'll just test the key to see if it's numeric
<5> you can but it's pretty expensive
<0> http://www.airvaecommerce.com/Ac3/?p=uvl&id=106
<0> give it bad data and it explodes
<1> oh :\
<2> haha, you smashed it, itrebal :)
<0> :)
<1> see thats why i came and asked if anyone knew of good high end carts... this is the only one ive been able to find
<1> but i dont want to jump into it if there are other options
<0> how soon do you need it?
<1> no immediate rush, but ive been searching for so long im exhausted
<1> there are thousands of crappy carts out there
<1> i need something to really bring my store to a new level... cubecart isnt going to do that no matter how much i mod it
<0> the issue i have with that cart is how easy it is to destory
<5> agaffney: if (array_keys($a) === range(0, count($a) - 1))
<1> i mean, an empty page because of bad parameters can't be THAT bad... can it?
<1> someone would have to hit a mistyped link, or purposely try and put the params in, to break it
<1> as long as it doesnt compromise security its not that big a deal
<2> I don't see an empty page, I see heaps of raw code
<1> really?
<2> Monkey_b: if they haven't bothered to check for bad input, then the chances are VERY high they haven't bothered to secure against it
<1> good point
<1> everything seems so impressive though
<1> but yea, security is important :\
<2> Monkey_b: when it comes down to it, if the API is quality, the layout is easy to change provided it's written using templates
<2> my point is, forget how it looks, that's like the dressing on a cake... if the cake is made of poo, you are still in trouble
<1> yes
<1> understood
<6> or: can't polish a turd
<3> arpad-: ooh, thanks
<0> rarman1: you could polish a silver turd :/
<3> that'd be one interesting turd
<6> ... but it would still be a turd at heart ;)
<0> Monkey_b: by the way, oscommerce has more of a turd base than that one, it seems
<2> okay, I'm hitting the sack
<2> bonne nuit!
<1> any of u guys interested in putting together a ##shoppingcart or the like?
<1> dont really want to keep discussing this stuff in hear since it may get me kicked
<7> hello
<7> is there a function that receives a mysql date type string and gives me the year and the month?
<8> amak: PHP can give you the month and year
<8> amak: Why get it from MySQL?
<6> amak: yes. lookup strtotime and date
<7> Jemt: i've a column on mysql date format and i want to get the year and the month.
<7> rarman1: thanks
<6> amak: np
<8> amak: Ah, IC
<8> Well, strtotime should be sufficient
<9> amak: Use MySQL's DATE_FORMAT()
<9> Jemt: If you can do it with the Database, do so.
<8> Frixon: Why?
<9> Jemt: Because MySQL can?
<8> Ah, the formating?
<9> Yes, the formatting
<8> I agree
<7> hmmm
<6> Frixon: I've had an issue where the mysql server was in a different time zone than the webserver, so the date would be incorrect... php is fast and sufficient for what you are doing.
<7> i've separated the domain and database levels, i dont want to mix it
<9> rarman1: Well, that's a really special case.
<6> true but where do php date functions fail to deliver?
<9> Did I say they fail?
<6> ok, so why is the mysql date format better?
<10> If I have <form method="post" action="whatever.php"><input type=submit id="foo" name="test" value="Edit"></form> will whatever.php receive the 'id' field?
<10> (In the $_POST[] global)
<9> rarman1: Because you don't have to use another abstaction layer.
<9> *abstraction
<10> Because it doesn't seem to, but I can't think why that information wouldn't be submitted as well.
<6> what if you are trying to support mulitple databases?
<7> Frixon: i cant find the strtotime gnu manual can someone help me?
<9> amak: php.net/strtotime
<6> http://php.net/
<6> gtg later and good luck amak
<7> Frixon: but it points to a gnu manual and that link is broken
<9> What GNU Manual?
<9> You mean the input formats?
<9> Well, the link isn't broken. And I think looking at the examples in the PHP manual will be enough to understand.
<11> how do i run a php script in debug mode
<11> so i can step on it 1 line at a time
<12> \zxc: i dont see why php would recieve the field/variable "id", its an argument to the tag that is used within the browser, not sent with the form. you will get a var named "name" though
<12> \zxc: err, a var named "test", i mean
<7> Frixon: "The string to parse, according to the GNU Date Input Formats syntax. Before PHP 5.0, microseconds weren't allowed in the time, since PHP 5.0 they are allowed but ignored."
<10> But I want another field for arbitrary information.
<7> Frixon: ok it worked
<9> oooo-: You need a debugger therefor
<4> hi
<13> Any one that knows where i can find the ultimate web security tutorial
<10> rawtaz_: Is it possible to submit something else there? Or should I just use a hidden input?
<14> splitin: there is no ultimate web security tutorial
<14> because every system is so diverse and different, and then one's style of writing...it is just impossible
<9> splitin: http://frixon.de/post_security.png ;)
<12> \zxc: not sure what you mean :) for each var/information youll have to put an input there, hidden or text or something else, yeah
<10> rawtaz_: Okay, thanks.
<12> np
<13> but how can u make the site as safe as possibole
<15> I'm doing SELECT SUM(attendance) and the number should be "10,000" but it's only returning "10"
<16> What permissions should I apply to a php file that contains the root p***word for my mysql server?
<16> 711? (I'm on linux)
<9> john_doe: Most important is to not have it in the DocumentRoot
<17> I am on linux too
<17> has anyone ever had any trouble with strpos and getting it to properly find a word in a sentence string?
<18> woozleWork- no
<17> I had to break down the sentence word by word to get it properly see it
<9> woozleWork: I don't think that's a problem of strpos
<17> well I'm trying to parse a file, so it reads in the description of an item and is suppose to look through it for items we don't want to be parsed
<19> Someone can tell me what a '?' means in a PCRE?
<17> it pulls the exclusion item list from mysql and compares the two, but it just wouldn't find then
<17> err them
<17> until I broke it apart word by word
<7> levander: PCRE is related with regular expressions?
<19> amak: PCRE = perl compatible regular expression, used in preg_* functions
<7> levander: well in regular expressions ? means 0 or one "ba?b" can match "bab" or "bb"
<19> amak: thanks
<20> !+##php
<21> ##php is really 'Pretty Horny People'. The computer language is just a cover.
<20> bah!
<22> how would I turn 10000 into 10,000?
<18> http://www.php.net/number_format
<20> add a comma
<18> And I thought I was the master of the obvious
<20> Dragnslcr too many stupid ppl in here lately, sometimes that's all they really need to know.
Return to
#php
or
Go to some related
logs:
default ubuntu root
vlc suse yast-source
porn goto1
#perl
#lisp
#debian
#perl
#css
xss accept-lang
#linux
|
|
