CLU

It seems that you are right, I wasnt thinking about them being essentially on the same domain. Cheers for helping out... Also a heads up on another potential issue with the colorbox and the long. Because everything within the innit file is absolute so the site path being stated as www.domain.com... if a user types domain.com ... then when they click on the login link it throws an error, as its not including the www. The simple solution i fount was to create a htaccess file and just make sure the url is changed to match that within the innit file. Just a heads up. Thanks again.

At the moment the two sites that I have tested are on local servers, I was running tests to check everything and this is when i came across this issue. They are both reading from different databases, could the issue be with regards to the salt being the same?

It still seems to allow the user access irrespective of whether there PW and usernames are the same... So it just allows access... I really cannot find out how to prevent this....

Hi Guys, I think I have came across a potential security issue with the build a CMS. It seems there is a worrying issue, that being if you had two different sites, then the users that login for one would be able to log into the other. I think this must have something to do with the session start. Although there would have to be some form of serendipity as the users will have to be using the same browser, but still this seems to be rather worrying. Would/does anyone have a solution to this? Maybe this could be solved by changing the salt? If anyone could help that would be great. CLU

Hi Guys ok, Im starting to get the hang of PHP OOP and MVC, what i cannot seem to prevent are Notices: Undefined Variables. I understand i can switch this off, but i just want to know why proper way to get this done. Does anyone know. Here is my code: From my model m_settings: function siteSettings() { if ($stmt = $FS->Database->query("SELECT * FROM site_settings WHERE id='1'")) $row = mysqli_fetch_array($stmt); } This is just grabbing the results from a database and relaying them onto the view... which is the following: v_index.php: <tr><td>Browser Title: <input type="text" name="browser_title" value="<?php echo $row['browser_title'];?>" placeholder="Enter your sites browser title here."> </td></tr> <tr><td>Site Meta-Tags: <input type="text" name="met_tag" value="<?php echo $row['meta_tag'];?>" placeholder="Site Meta-Tags go here."> </td></tr> <tr><td>Description: <input type="text" name="description" value="<?php echo $row['description'];?>" placeholder="Site Description."> </td></tr> All the code above is placed within a table. This is the controller <?php include('../init.php'); include("models/m_settings.php"); $Settings = new Settings(); $FS->Template->load(APP_PATH . 'settings/views/v_index.php'); I can't understand why I'm getting the following Notices : <br /><b>Notice</b>: Undefined variable: row in <b>/Applications/MAMP/htdocs/ukmocks/app/settings/views/v_index.php</b> on line <b>26</b><br /> The above happens for every $row echoed out... I know i can add some code to the top of the page that will get rid of the notices, but i love to learn and want to know why this si happening If anyone can help give me a shout Thanks again

So do you think i could have it in just one function... Maybe this could be easier... Basically for the two mysqli quieries is checking to see if the typwe within the database is test, and if it is then it will echo the title and body, I have updated this to use the Exerpt so that it only shows 10 characters form the post. But I think (correct me if im wrong) but could i just fetch the array in the top query and then just display the results in the following $row['title'] and the same for post. I think by watching your tutorials on here has really helped me learning OOP... As it seems other tuts online made it confusing... Let me know what you think. Also im not sure if you have found this bug within safari (seemingly is a css bug) but it seems that sometime if you float content within the WYSIWYG editor the content overlaps the content below... I have added <div>'s that clear but as soon as you log out it is fine... This issue is not present in Mozzilla, but in the Webkit browsers its present... Just thought I'd give you a heads up if you have experienced this before?

Hi Ben, Thanks again for your help... It would seem whilst we have came to the same'ish conclusion.... I did this lastnight function display_blog() { $blog_posts = $this->load_blog(); if ($this->FS->Auth->checkLoginStatus()) { $blog_start = '<div class="fs_edit">'; $blog_link = '<a class="fs_edit_quotes" href="' . SITE_PATH . 'app/blog/index.php">Edit Blog</a>'; $blog_end = '</div>'; echo $blog_start . $blog_link . $blog_end; } else { echo $blog_posts; } } function load_blog() { $stmt = $this->FS->Database->query("SELECT id, type, LEFT(title, 10)AS title_excerpt, title, author FROM blog_posts ORDER BY id Limit 3"); $row = mysqli_fetch_array($stmt); if ($row['type'] == 'text') { $stmt = $this->FS->Database->prepare('SELECT id, title, body, type FROM blog_posts ORDER BY id Limit 1'); $stmt->execute(); $stmt->bind_result($id, $title, $body, $type); while ( $row = $stmt->fetch() ) : echo'<div id="last_posts">'; echo $title; echo $body; echo'</div>'; endwhile; } } I am using some if statements to make sure the posts are text, as the last thing i want on the home page is image' and/or videos... Seems to be working fine. I also tried the above code and that worked fine aswell... LEt me know if there is anything i shouldnt be doing or maybe could i refactor this code to be more effective? So out of curiosity when should i prepared statements... Is that when im only going to bind the results? It just seems that someone wont be able to bind '*' as its everything... Let me know your thoughts and once again thanks for your help...

Hi Ben, There errors that i am getting are the following: Notice: Undefined variable: result in /Applications/MAMP/htdocs/ukmocks/app/cms/models/m_cms.php on line 211 Fatal error: Call to a member function fetch_object() on a non-object in /Applications/MAMP/htdocs/ukmocks/app/cms/models/m_cms.php on line 211 That line seems to be 'while ($row = $result->fetch_object())'... Any ideas whats going on? Thanks again...

HI Ben, thanks for your reply. I tired that code out but as soon as that code is added and the call of <?php $FS->Cms->display_blog(); ?> is added to my index page the page breaks and i get a HTTP ERROR 500 (Internal Error Page) display. This is really confusing as to why it is not working... Because from the code above it seems logical to me and it should work... Any other suggestions?

Thant for your reply Symphlion, excuse my ignorance but i still can't work it out... I have changed the code to which i think you was talking about... function load_blog() { // get contents from database if ($stmt = $this->FS->Database->prepare("SELECT * FROM blog_posts ORDER BY id")) { $stmt->execute(); $stmt->store_result(); if ($stmt->num_rows > 0) { $stmt->bind_result($blog_posts); $stmt->fetch(); $stmt->close(); return $status; } else { $stmt->close(); return FALSE; } } } function display_blog() { // get content $status = $this->load_blog(); echo $status; // check login status if ($this->FS->Auth->checkLoginStatus()) { echo $status; } else { } } I changed the return to $status which is a column within the database and have echoed that out.. Im still having trouble... I appreciate your time and help... How would you write it out... Im sure this is probably something simple that i am over looking :-/

Really appreciate your replies guys... @Ben the page loads as normal... But does not display anything to do with the stated function. But when i am logged in it does echo out the ''You are logged in"... Really don't know what i am doing wrong? @symphlion I thought by having 'return $blog_posts;' That i would be returning the result? The second thing was just testing to see if just echoing anything out would work. Still trying to work it out... Can you guys see something I'm missing? Thanks again

Hi everyone, I wonder if anyone can see what i am doing wrong here... I have created a table called blog_posts and just want to echo the posts onto my index page. I have created the cms application from Bens tutorials, and essentially i am trying to copy what he did with his code to create two new functions (display_blog and load_blog) All i want to do is use this function on my index page... But cannot see where i am going wrong.... Heres my code: (m_cms.php) function load_blog() { // get contents from database if ($stmt = $this->FS->Database->prepare("SELECT * FROM blog_posts ORDER BY id")) { $stmt->execute(); $stmt->store_result(); if ($stmt->num_rows > 0) { $stmt->bind_result($blog_posts); $stmt->fetch(); $stmt->close(); return $blog_posts; } else { $stmt->close(); return FALSE; } } } function display_blog() { // get content $blog_posts = $this->load_blog(); // check login status if ($this->FS->Auth->checkLoginStatus()) { echo'You are logged in'; } else { echo $blog_posts; } } Code on my index page : <?php $FS->Cms->display_blog();?> If anyone can give me some guidance I would appreciate it alot Kind Regards CLU

This looks good, nice work ben. Do you think i could take the view code and put it into a class. Then call the class to display a database?

Hi Guys, I was wondering that for somereason when ever I add anything jquery or javascript to the flightpath cms certain things stop working... I think this has something to do with the noconflict... But how do i use this with jquery on the frontend of the site? If anyone has any help this would be most appreciated... Kind Regards

@neliuz Yea got it sorted, the issue was within the config file. As i was/am using MAMP on my mac within my HTdocs folder i had another folder (With the cms and site within) From this i never added the folder name to the path within the plugins config file... So it stated the path was wrong. All you have to do is create a fold (I called mine upload) and place it on the front end of your site... Type in its relative path... so mine was /images/uploaded_images (No trailing slash) and hey presto it worked. Hope this helps bud.

Also i created the folder images within the root resources for the site not the application... if that is any help

@ Ben & neliuz, Did your get the JBimages plugin working? No matter what i try with the config.php file I always get the plugin telling me "The upload path does not appear to be valid." Here are my tinymce settings = <script type="text/javascript"> tinyMCE.init({ // General options mode : "none", theme : "advanced", plugins : "style,table,advimage,advlink,inlinepopups,media,contextmenu,paste,fullscreen,noneditable,visualchars,xhtmlxtras,vimeo,jbimages,spellchecker,insertdatetime,youtube", width : "913", height : "300", // Theme options // Style, image and video theme_advanced_buttons1 : "youtube,vimeo,jbimages,styleselect,formatselect,fontselect,fontsizeselect,spellchecker,forecolor,|,code,preview,fullscreenbullist,numlist,|,outdent,indent,undo,redo,|,link,unlink,anchor,charmap,", // This is text aspects theme_advanced_buttons2 : "justifyleft,justifycenter,justifyright,justifyfull,|,,bold,italic,underline,strikethrough,insertdate,paste", theme_advanced_buttons3 : "", theme_advanced_buttons4 : "", theme_advanced_toolbar_location : "top", theme_advanced_toolbar_align : "center", theme_advanced_statusbar_location : "bottom", theme_advanced_resizing : false, relative_urls:false, // Skin options skin : "cirkuit", // Example content CSS (should be your site CSS) content_css : "<?php echo SITE_CSS; ?>, <?php echo APP_RESOURCES; ?>css/tiny_mce_style.css" }); setTimeout(function() {tinyMCE.execCommand('mceAddControl', false, 'field');}, 0); </script> and this is my settings for the path in config.php (within the plugin) $config['img_path'] = '/resources/images'; Let me know your thoughts and if anyone has got this working. Kind Regards

The post was very helpful, this should prevent the issue that I have been having. Do you think this could be the reason as to why the Vimeo Video was plugin was not working? as this also seemed to break it.

It seems to be trying to input any content after I have pasted and updated prior, that it does not update the database... so odd.

HI Guys, Just wondering if anyone got this issue that I have been having, sometimes when i paste content directly into tinymce and try to input more content after the part pasted prior it does not update the database. Even if i safely paste the content in by pressing the paste button, I still get this issue. It doesn't happen all the time, just every so often... Checked the entire cms and cannot spot any errors. the code for Tiny MCE within the v_edit file is the following <!-- jQuery Block Start--> <!-- jQuery is used to catch the forms submit process --> <script type="text/javascript"> jQuery(document).ready(function($){ $('#edit').submit(function(e){ //Disable the default browser refresh e.preventDefault(); //Ajax to process the form var id = "<?php echo $this->getData('block_id')?>"; var type = $('#type').val(); //This is for TinyMCE Ajax <?php if($this->getData('block_type') == 'wysiwyg') {?> tinyMCE.triggerSave(); <?php }?> var content = $('#field').val(); //Passing the values onto Ajax var dataString = 'id=' + id + '&field=' + content + '&type=' +type; //Call ajax $.ajax({ type: "POST", url: "<?php echo SITE_PATH; ?>app/cms/edit.php", data: dataString, cache: false, success: function(html) { $('#cboxLoadedContent').html(html); } }); }); //jQuery to close the box $('#fs_cancel').live('click', function(e){ //This is addressing the issue with open close then reopen issue if(tinyMCE.getInstanceById('field')) { tinyMCE.execCommand('mceFocus', false, 'field'); tinyMCE.execCommand('mceRemoveControl', false, 'field'); } }); }); </script> <?php if($this->getData('block_type') == 'wysiwyg') { ?> <script type="text/javascript"> tinyMCE.init({ // General options mode : "none", skin : "thebigreason", theme : "advanced", plugins : "pagebreak,style,layer,table,save,advhr,advimage,advlink,emotions,iespell,insertdatetime,\n\ preview,media,searchreplace,print,contextmenu,paste,directionality,fullscreen,noneditable,\n\ visualchars,nonbreaking,xhtmlxtras,template,wordcount,advlist,autosave,vimeo,jbimages", // Theme options theme_advanced_buttons1 : "fontsizeselect,bold,italic,underline,strikethrough,justifyleft,justifycenter,justifyright,\n\ justifyfull,link,unlink,paste,pasteword,pastetext,fullscreen,undo,redo,forecolor,backcolor,\n\ code,vimeo,jbimages", theme_advanced_buttons2 : "", theme_advanced_buttons3 : "sub,sup,|,charmap,iespell,advhr,", theme_advanced_buttons4 : "", theme_advanced_toolbar_location : "top", theme_advanced_toolbar_align : "center", height:"300", width:"700" }); //once again below is to load the editor addressing open close issue setTimeout(function() {tinyMCE.execCommand('mceAddControl', false, 'field');}, 0); </script> <? }?> <!-- jQuery Block End--> <div id="fs_wrapper"> <form action="" method="post" id="edit"> <div class="row"> <h1>Edit Content <?php // echo $this->getData('block_id'); ?></h1> <p>Click and edit below</p> </div> <div class="row"> <?php echo $this->getData('cms_field');?> <input type="hidden" id="type" value="<?php $this->getData('block_type');?>"> </div> <br/> <input type="submit" name="submit" class="green_button" value="Submit"> <br/><br/> <a href="#" id="fs_cancel">Cancel</a> </form> If anyone could help that would be great. Kind Regards

Damn it, it is always the simplest thing... I was looking for something within my code that was wrong, and didn't pay attention to the form elements. I guess its all part of the learning curve. Thanks again Ben.

This has been bugging me all morning, and i cannt for the life of me find where im going wrong, when previewing within the browser, im getting 3 notices: Notice: Undefined index: number in /Applications/MAMP/htdocs/CRUD_project/backend/luckyloves.php on line 71 Notice: Undefined index: email in /Applications/MAMP/htdocs/CRUD_project/backend/luckyloves.php on line 72 Notice: Undefined index: web in /Applications/MAMP/htdocs/CRUD_project/backend/luckyloves.php on line 73 for the Script : <?php //This is the Update and Create Page. include('connection.php'); //Connect to the databae and then create the form function //Make sure all variables are defined here function renderForm($name = '', $number = '', $email = '', $web = '', $error = '', $id = '') { ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> <title> <?php if($id != '') { echo "Edit A Love"; } else { echo "Create A New Love"; } ?> </title> </head> <body> <?php // This is getting the errors and displaying them (If any) if($error != '') { echo "<div style='padding:10px; border:1px solid red; color:red'/>" . $error . "</div>"; } ?> <!-- Form to Process the Edit and Delete --> <form action="" method="post"> <?php if($id != '') { ?> <!-- We hide the id --> <input type="hidden" name="id" value="<?php echo $id; ?>"/> <?php } ?> <p>Name:</p> <input type="text" name="name" value="<?php echo $name; ?>"/> <p>Number:</p> <input type="text" name="name" value="<?php echo $number; ?>"/> <p>Email:</p> <input type="text" name="name" value="<?php echo $email; ?>"/> <p>Web Address:</p> <input type="text" name="name" value="<?php echo $web; ?>"/> <br/> <input type="submit" name="submit" value="submit"/> </form> </body> </html> <?php } //we check to see if the id is set //if it is then we EDIT else we CREATE NEW if(isset($_GET['id'])) { //editing the exisitng record renderForm(NULL, NULL, NULL, NULL, NULL, $_GET['id']); } else { //Create a new record if(isset($_POST['submit'])) { //htmlentities converts all characters to html entities. //ENT_QUOTES will prevent SQL injections $name = htmlentities($_POST['name'], ENT_QUOTES); $number = htmlentities($_POST['number'], ENT_QUOTES); $email = htmlentities($_POST['email'], ENT_QUOTES); $web = htmlentities($_POST['web'], ENT_QUOTES); if($name == '' || $number == '' || $email == '' || $web == '') { $error = 'ERROR: Please fill in all required fields'; //error above displayed, but we dont want the user to reenter //the fields so we present the form with the already entered //results from above. renderForm($name, $number, $email, $web, $error); } } else { renderForm(); } } ?> Can anyone see where im going wrong? Im stating the variables within the renderForm function I cannot understand why im getting these Notices. Kind Regards.

Thanks Ben.

Hi Guys, Just quick one, I completed ben's tut on CRUD with mysqli, within my editor (Netbeans) when using bind_param in regards to the used question marks for the values, i get a small warning stating "Possible accidental assignment, assignments in conditions should be avoided." Code works fine, but can anyone explain what this might mean? Any guidance on this would be appreciated. Kind Regards.