Joomla 3.x com_content support easier config.
Thứ Hai, 23 tháng 10, 2017
joomla 3.8 Sef article remove id - SOLVED
Description: Url rewrite remove article id.
Joomla 3.x com_content support easier config.
Joomla 3.x com_content support easier config.
Thứ Hai, 18 tháng 9, 2017
Joomla 3.x admin json error SOLVED
Description: Joomla backend save article, module, or config view issue "0 - Error decoding JSON data"
The reason: param at database {} break quote.
This many reason from many table. So need view error.
Step #1:
Here https://forum.joomla.org/viewtopic.php?f=706&t=937036 on Oct 19 the user ibrentlam offered the following solution:
The error is pulled in the file:
/libraries/vendor/joomla/registry/src/Format/Json.php`
line 72
I changed it to:
throw new \RuntimeException(sprintf('Error decoding JSON data: %s the bad data is: %s', json_last_error_msg(), $data));
so I could actually see the data.
Step #2: reload joomla admin BackEnd, view detail data error view
Step #3: backup database before edit, find data to know: table name, row id.
Step #4: Focus at column PARAM, check {} quote
The reason: param at database {} break quote.
This many reason from many table. So need view error.
Step #1:
Here https://forum.joomla.org/viewtopic.php?f=706&t=937036 on Oct 19 the user ibrentlam offered the following solution:
The error is pulled in the file:
/libraries/vendor/joomla/registry/src/Format/Json.php`
line 72
I changed it to:
throw new \RuntimeException(sprintf('Error decoding JSON data: %s the bad data is: %s', json_last_error_msg(), $data));
so I could actually see the data.
Step #2: reload joomla admin BackEnd, view detail data error view
Step #3: backup database before edit, find data to know: table name, row id.
Step #4: Focus at column PARAM, check {} quote
Thứ Năm, 3 tháng 8, 2017
PHP HTML special decode textarea
Description: load data have htmlspecialchars, example: html char, new line, special char.... This need decode 1 again.
Solution: decode again htmlspecialchars_decode at PHP load.
More: At prevent sql rejection $_POST have special char at Textarea. This need encode to safe data.
<php?
echo htmlspecialchars_decode($product['COLUMN_DATA']);
?>
Solution: decode again htmlspecialchars_decode at PHP load.
More: At prevent sql rejection $_POST have special char at Textarea. This need encode to safe data.
<php?
echo htmlspecialchars_decode($product['COLUMN_DATA']);
?>
Chủ Nhật, 4 tháng 6, 2017
Php the best way prevent SQL Injection
Description: hacker add query sql to input _POST, _GET param. So need clean each input value.
Solution: Filter all _POST, _GET param. 2 case:
#Case 1: Number, String with htmlspecialchars.
#Case 2: _Post as array - Multi select box need array_walk_recursive check each item.
The code will convert all special character to UTF-8.
<?php
/*prevent Sql Injection*/
function _CleanInputChars(&$value){
return htmlspecialchars($value, ENT_QUOTES, 'UTF-8');
}
foreach ($_POST as $key => $value) {
/*Array*/
if(is_array($value)){
array_walk_recursive($value, "_CleanInputChars");
}
else{
/*Number,String*/
$_POST[$key] = _CleanInputChars($value);
}
}
foreach ($_GET as $key => $value) {
/*Array*/
if(is_array($value)){
array_walk_recursive($value, "_CleanInputChars");
}
else{
/*Number,String*/
$_GET[$key] = _CleanInputChars($value);
}
}
/*END prevent Sql Injection*/
?>
Example for Mysqli
Mysli '#' mean mysql no execute query after '#'.
Form username input:
nouser" or 1=1#
nouser' or 1=1#
Solution: Filter all _POST, _GET param. 2 case:
#Case 1: Number, String with htmlspecialchars.
#Case 2: _Post as array - Multi select box need array_walk_recursive check each item.
The code will convert all special character to UTF-8.
<?php
/*prevent Sql Injection*/
function _CleanInputChars(&$value){
return htmlspecialchars($value, ENT_QUOTES, 'UTF-8');
}
foreach ($_POST as $key => $value) {
/*Array*/
if(is_array($value)){
array_walk_recursive($value, "_CleanInputChars");
}
else{
/*Number,String*/
$_POST[$key] = _CleanInputChars($value);
}
}
foreach ($_GET as $key => $value) {
/*Array*/
if(is_array($value)){
array_walk_recursive($value, "_CleanInputChars");
}
else{
/*Number,String*/
$_GET[$key] = _CleanInputChars($value);
}
}
/*END prevent Sql Injection*/
?>
Example for Mysqli
Mysli '#' mean mysql no execute query after '#'.
Form username input:
nouser" or 1=1#
nouser' or 1=1#
Thứ Bảy, 11 tháng 3, 2017
Thứ Tư, 22 tháng 2, 2017
PHP warning session_start() - SOLVED
Description: PHP Warning: session_start(): Cannot send session cache limiter - headers already sent
It's hard to check. So wast much time to debug.
On internet guide is session_start() is the top code+html : YES- this right
BUT: it's really hard debug on big site working.-> waste much time
The simple way is:
1. Create 1 file testsession.php
Add code
<?php
session_start();
error_reporting(E_ALL ^ E_NOTICE);
?>
2. Upload to host
3. Run file testsession.php
Check view error_log at root folder: No error_log, NO waring -> is GOOD status. This mean is OK
4. Check many parts source: this is the important step
Check above HTML
Check head
Check body
....
I found issue so easy.
Good luck
Đăng ký:
Bài đăng (Atom)
