Page 1 of 2 12 Last
  • Jump to page:
    #1
  1. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    845
    Rep Power
    0

    Question Why Wrong Conditions Get Triggered ?


    Folks,

    The script is supposed to check if a folder exists or not. If not then create it.
    Since the folder does not exists then I expect the following code's line 76-80 to build one under the $user. But it is not getting built.
    Why is that ?

    Lines 76-80:
    PHP Code:
    if(!is_dir("$directory_path.  "$user")) 
                { 
                    
    $mode "0777"
                    
    mkdir("$directory_path"$user"$modeTRUE); 
                } 
    Full Code
    PHP Code:
    <?php 

    //Required PHP Files. 
    include 'config.php'
    include 
    'header.php'
    include 
    'account_header.php'

    ?> 
        
        <!DOCTYPE html> 
        <html> 
        <head> 
        <title>member Identity Video Verification Page</title> 
            <meta charset="utf-8"> 
        </head> 
        <body> 
        <body background="background.png"> 
        <p align="center"><h2>Member Identitiy Video verificarion Page</h2> </p> 
        <p align="left"> 
        <?php 
        
    //Welcome User by name. Display Log-out Link. 
        
    echo 'Welcome '; echo "$first_name "; echo "$middle_name "; echo "surname "?> 
        <br> 
        <?php 
        
    //Prompt user to video confirm their account by reading their account details in front of a video camera. 
        
    echo 'To verify your account, heed the following instructions.'?> <br> 
        <br> 
        <br> 
        <?php echo '1. Stand in front of your video camera and read-out the following text you see in bold text.'?> <br> 
        <?php echo '2. Make sure the video is no longer than 3 minutes.'?> <br> 
        <?php echo '3. Attach the video on the form below to submit it to us.'?> <br> 
        <?php echo "4. Click the \"<b>Submit</b>\" button and submit the form."?> <br> 
        <br> 
        <br> 
        <?php //TypeCasted the INT to STRING on the 1st parameter of sha1 as it needs to be a STRING. 
        
    $account_video_verification_code sha1( (string) mt_rand(099999999)); 
        echo 
    "<b>My $social_network_name Id is: $id"?></b> <br> 
        <?php echo "<b>My $social_network_name Username is: $username"?></b> <br> 
        <?php echo "<b>My Domain is: $primary_website_domain"?></b> <br> 
        <?php echo "<b>My Primary Website Email is: $primary_website_email"?></b> <br> 
        <?php echo "<b>My Name is: $first_name $middle_name $surname"?></b> <br> 
        <?php echo "<b>My Gender is: $gender"?></b> <br> 
        <?php echo "<b>My Age Range is: $age_range"?> </b> <br> 
        <?php echo "<b>My Religion is: $religion"?></b> <br> 
        <?php echo "<b>My $social_network_name account_video_verification_code is: $account_video_verification_code"?></b> <br> 

        <?php 
        
    if (isset($_POST["id_verification_video_file_submit"])) 
        { 
            
    $id_verification_video_file trim($_POST["id_verification_video_file_submit"]); 
            if(
    strlen($id_verification_video_file)<1//WHY IS NOT THIS GIVING ALERT IF FILE NAME IS ZERO DUE TO USER FAILING TO SELECT & UPLOAD A FILE ? 
            

                echo 
    "You must upload your video file that you just created!"
                exit(); 
            }         
        } 
        
        
    //Check whether the form was submitted or not. 
        
    if($_SERVER["REQUEST_METHOD"] == "POST"
        { 
            
    //Check whether the file was uploaded or not without any errors. 
            
    if(!isset($_FILES["id_verification_video_file"]) && $_FILES["is_verification_video_file"]["Error"] == 0
            { 
                
    $Errors = Array(); 
                
    $Errors[] = "Error: " $_FILES["id_verification_video_file"]["ERROR"];         
                
    print_r($_FILES); ?> <br> <?php 
                print_r
    ($_ERRORS); 
                exit(); 
            } 
            else 
            { 
                
    //Feed Id Video Verification File Upload Directory Path. 
                
    $directory_path "uploads/videos/id_verifications/"
                
    //Make Directory under $user in 'uploads/videos/id_verifications' Folder. 

                
    if(!is_dir("$directory_path.  "$user")) 
                { 
                    
    $mode "0777"
                    
    mkdir("$directory_path"$user"$modeTRUE); 
                } 
                
    //Grab File details. 
                
    $Errors = Array(); 
                
    $file_name $_FILES["id_verification_video_file"]["name"]; 
                
    $file_tmp $_FILES["id_verification_video_file"]["tmp_name"]; 
                
    $file_type $_FILES["id_verification_video_file"]["type"]; 
                
    $file_size $_FILES["id_verification_video_file"]["size"]; 
                
    //Grab File Extension details. 
                
    $file_extension pathinfo($file_namePATHINFO_EXTENSION); 
                if(
    file_exists("$directory_path"$user/" "$file_name")) 
                { 
                    echo 
    "<b><font size ='5' font color ='red'>File $file_name already exists! It has been uploaded before!</b></color></size>";   
                    exit(); 
                } 
                else 
                { 
                    
    //Feed allowed File Extension(s). 
                    
    $allowed_file_extensions = array("mp4" => "video/mp4","wmv" => "video/wmv"); 
                    
    //Feed allowed file size. 
                    
    $max_file_size_allowed_in_bytes 1024*1024*100//Allowed limit: 100MB. 
                    
    $max_file_size_allowed_in_kilobytes 1024*100
                    
    $max_file_size_allowed_in_megabytes 100
                    
    //Verify File Extension. 
                    
    if(!array_key_exists($file_extension,$allowed_file_extensions)) die("Error: Select a valid video file format. Select an MP4 or WAV file."); 
                    
    //verify MIME Type of the file. 
                    
    elseif(!in_array($file_type,$allowed_file_extensions)) 
                    { 
                        
    $Errors[] = "Error:<font size ='5' font color ='red'><b>There was a problem uploading your video file $file_name! Make sure your file is an MP4 or a WAV file. You may try again now.</b></color></size>"
                    } 
                    
    //Verify File Size. Allowed Max Limit: 100MB. 
                    
    elseif($file_size>$max_file_size_allowed) die("Error: Your Video File Size is larger than the allowed limit of: $max_file_size_allowed_in_megabytes."); 
                    
    //Move uploaded File to newly created directory on the server. 
                    
    move_uploaded_file("file_tmp","$directory_path"$user/" "$file_name"); 
                    
    //Notify user their File was uploaded successfully. 
                    
    echo "<font size ='5' font color ='red'><b>Your Video File \"$file_name\" has been uploaded successfully! You will get notified once your Id has been verified successfully.</b></color></size>"
                    
    //Grab User's Sponsor details to notify the Sponsor to Verify User'd ID by watching user's uploaded Video. 
                    
    $query "SELECT id,account_activation_status,id_video_verification_status,primary_website_domain,primary_website_email,username,first_name,middle_name,surname FROM users WHERE username = ?"
                    
    $stmt mysqli_prepare($conn,$query); 
                    
    mysqli_stmt_bind_param($stmt,'s',$db_sponsorusername); 
                    
    mysqli_stmt_execute($stmt); 
                    
    $result mysqli_stmt_bind_result($stmt,$db_sponsor_id,$db_sponsor_account_activation_status,$db_sponsor_id_video_verification_status,$db_sponsor_primary_website_domain,$db_sponsor_primary_website_email,$db_sponsor_username,$db_sponsor_first_name,$db_sponsor_middle_name,$db_sponsor_surname);  
                    
    mysqli_stmt_fetch($stmt); 
                    
    mysqli_stmt_close($stmt); 
                    
                    
    //Notify User's Sponsor to Verify User's Id. 
                    
    $recipient_username $sponsor_username
                    
    $sender_username "admin"
                    
    $message "Dear $user, <br> 
                    <br> 
                    One of your referrals have confirmed their Id by uploading a video with their personal details. <br> 
                    We need you to watch their video and verify their personal details to the best of your knowledge. <br> 
                    You may find their video by <a href=\"uploads\\videos\\id_verifications\\
    $user\\$file_name\">clicking here</a>. <br> 
                    <br> 
                    <br> 
                    Your recruit should be reading-out the following script in (<font color=\"blue\"><b>bold BLUE</color> text</b> below) word for word and line for line in-front of their camera. <br> 
                    1. If the details about your recruit are accurate in the script; And <br> 
                    2. If they manage to read-out every line in the script accurately word for word and line for line; And <br> 
                    3. Providing the video is no longer than 5 minutes; <br> 
                    then: <br> 
                    <a href=\"verify_id.php?verifying_action=verify&verifying_user=
    $user\">Click to verify $user</a>. <br> 
                    <br> 
                    Else, <a href=\"verify_id.php?verifying_action=unverify&verifying_user=
    $user\">Click to Unverify $user</a>. <br> 
                    <br> 
                    <font color = \"red\"><b>WARNING: Do not verify this recruit if their details are not correct in the script or if they fail to read-out their correct details on the video. <br> 
                    Doing so, will result in you bearing all the liabilities of the damages they cause anywhere in the world using their falsely verified account.</b></color> <br> 
                    <br> 
                    Regards <br> 
                    <br> 
                    Admin <br> 
                    <br> 
                    <font size =\"4\">SCRIPT START</font size> <br> 
                    <font color =\"blue\">My Social_network_name Id is: 
    $id; <br> 
                    My 
    $social_network_name Username is: $username; <br> 
                    My 
    $social_network_name Primary Website Domain is: $primary_website_domain; <br> 
                    My 
    $social_network_name Primary Website Email is: $primary_website_email; <br> 
                    My Name is: 
    $title $first_name $middle_name $surname; <br> 
                    My Gender is: 
    $gender; <br> 
                    My Age-Range is: 
    $age_range; <br> 
                    My Religion is: 
    $religion; <br> 
                    My 
    $social_network_name account_video_verification_code is: $account_video_verification_code; <br> 
                    </color> 
                    </size> 
                    <b><font size=\"4\">SCRIPT END</font size></b> <br> 
                    <br> 
                    "

                    
                    
    $stmt mysqli_prepare($conn,"INSERT INTO notices(recipient_username,sender_username,message) VALUES (?,?,?)"); 
                    
    mysqli_stmt_bind_param($stmt,'sss',$recipient_username,$sender_username,$message); 
                    
    mysqli_stmt_execute($stmt); 
                    
                    
    //Check if user's Video Verification File upload NOTIFICATION was successfully submitted to Mysql Database or not. 
                    
    if(!$stmt
                    { 
                        echo 
    "<b><font size ='5' font color ='red'>Sorry! our system is currently experiencing a problem in NOTIFYING the appropriate person to verify your Id. You may experience a delay in getting your Id verified.</b>"
                        exit(); 
                    } 
                    else 
                    { 
                        
    //Email User's Sponsor to verify user's Id. 
                        
    $to $db_sponsor_primary_website_email
                        
    $subject "Your ".$site_name." Verify Your Referral's Id!"
                        
    $body nlbr(
                        ===============================\r\n 
                        "
    .$site_name." \r\n 
                        ===============================\r\n 
                        From: "
    .$site_admin_email." \r\n 
                        To: "
    .$db_sponsor_primary_website_email." \r\n 
                        Subject: Yours "
    .$subject." \r\n 
                        
                        Message: "
    .$db_sponsor_first_name." ".$db_sponsor_middle_name." ".$db_sponsor_surname." \r\n 
                        One of your referrals have confirmed their Id by uploading a video with their personal details. \r\n 
                        We need you to watch their video and verify their personal details to the best of your knowledge. \r\n 
                        You may find their video listed in your "
    .$site_name." account's \"Verify Id\" section. \r\n 
                        
    $site_domain/home.php. \r\n"); 
                        
    $headers "From: " $site_admin_email ."\r\n";                     
                        if(!
    mail($to,$subject,$body,$headers)) 
                        { 
                            echo 
    "Sorry! our system is currently experiencing a problem in EMAILING the appropriate person to verify your Id. You may experience a delay in getting your Id verified."
                            exit(); 
                        } 
                        else 
                        { 
                            echo 
    "Our system has managed to EMAIL the appropriate person to verify your Id. Hopefully, your Id will be verified soon (providing you gave your accurate details)."
                            exit(); 
                        } 
                    } 
                } 
            } 
        } 
    ?> 
        
        <form enctype="multipart/form-data" ACTION="" METHOD="POST"> 
        <fieldset> 
        <p align="left"><h3><?php $site_name?>ID Verification Form</h3> </p> 
        <div class="form-group"> 
            <p align="left"><label>Video File:<label> 
            <input type="file" name="id_verification_video_file" id="id_verification_video_file" value="Uploaded 'Id verifcation Video File.'"> </p> 
        </div> 
    </fieldset> 
        <p align="left"><button type="submit" class="btn btn-default" name="id_verification_file_submit">Submit! </button> </p> 
    </form> 

    </body> 
    </html> 

    <?php 

    include 'footer.php'

    ?>
    Q2.
    Lines 48-56 checks if the user has attached a video file or not.
    If there is no file attached then the user should get an alert to attach a video file.
    But, guess what ? The alert does not come. Strange!
    PHP Code:
    if (isset($_POST["id_verification_video_file_submit"])) 
        { 
            
    $id_verification_video_file trim($_POST["id_verification_video_file_submit"]); 
            if(
    strlen($id_verification_video_file)<1//WHY IS NOT THIS GIVING ALERT IF FILE NAME IS ZERO DUE TO USER FAILING TO SELECT & UPLOAD A FILE ? 
            

                echo 
    "You must upload your video file that you just created!"
                exit(); 
            }         
        } 
    Instead, the following gets triggered saying the file already exists (file already uploaded in the past) when in reality it has not.
    PHP Code:
    if(file_exists("$directory_path"$user/" "$file_name")) 
                { 
                    echo 
    "<b><font size ='5' font color ='red'>File $file_name already exists! It has been uploaded before!</b></color></size>";   
                    exit(); 
                } 
    Weird! What is going on here ? This script worked more than 4wks ago.
    But, when I tested it tonight, it has gone hay-wire.
    Last edited by UniqueIdeaMan; June 13th, 2018 at 06:51 PM.
  2. #2
  3. Code Monkey V. 0.9
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Mar 2005
    Location
    A Land Down Under
    Posts
    2,416
    Rep Power
    2105
    What errors are you getting?

    What debugging have you done?

    I feel like we've all said this many times before...
  4. #3
  5. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,820
    Rep Power
    9646
    Originally Posted by Catacaustic
    What errors are you getting?
    Careful what you wish for: there are tons of problems with this code.
  6. #4
  7. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    845
    Rep Power
    0
    Originally Posted by Catacaustic
    What errors are you getting?

    What debugging have you done?

    I feel like we've all said this many times before...
    I am not getting any errors bud.
    I was specific in my op what the problems are.
    Brief: When you, the account holder, upload your video, it is supposed to check if a folder exists under your account username or not. If not, then it is supposed to create one and then upload your video on it.
    Eg. uploads/videos/id_verifications/catacaustic
    That means, if these folders don't exist then it should create it:
    uploads/videos/id_verifications/
    And then it should check whether the "account username" folder exists or not. In our case, whether the "catacaustic" folder exists or not. If not, then create it like so:
    uploads/videos/id_verifications/catacaustic.
    Finally, it is supposed to upload your video file there.

    Now the problem is, these folders do not exist:
    uploads/videos/id_verifications/
    Neither the account username folder. In our case: catacaustic.
    So, this whole path does not exist: uploads/videos/id_verifications/catacaustic.
    And so these folders should have got created. But they don't.
    Another issue is that, you get false confirmation that the video file exists (has already been uploaded in the past).
    In our case, since these folders do not exist:
    uploads/videos/id_verifications/catacaustic
    Then there is no question of any video files getting uploaded there or existing there. Let is face it. If the folders do not exist, then how can the video file get uploaded there ?
    The script is giving false alert that the video file already exists in the folder. When in reality the video file does not exist there.
    Remember, you are only supposed to get this alert that the video file already exists if you try re-uploading the same video file in the same path again:
    uploads/videos/id_verifications/catacaustic.

    If you check my code then you will see I have made no errors on my conditions that check whether the folders exist or not and whether the video file exists in the folder or not.

    PHP Code:
    //Feed Id Video Verification File Upload Directory Path. 
                
    $directory_path "uploads/videos/id_verifications/"
                
    //Make Directory under $user in 'uploads/videos/id_verifications' Folder. 

                
    if(!is_dir("$directory_path.  "$user")) 
                { 
                    
    $mode "0777"
                    
    mkdir("$directory_path"$user"$modeTRUE); 
                } 
                
    //Grab File details. 
                
    $Errors = Array(); 
                
    $file_name $_FILES["id_verification_video_file"]["name"]; 
                
    $file_tmp $_FILES["id_verification_video_file"]["tmp_name"]; 
                
    $file_type $_FILES["id_verification_video_file"]["type"]; 
                
    $file_size $_FILES["id_verification_video_file"]["size"]; 
                
    //Grab File Extension details. 
                
    $file_extension pathinfo($file_namePATHINFO_EXTENSION); 
                if(
    file_exists("$directory_path"$user/" "$file_name")) 
                { 
                    echo 
    "<b><font size ='5' font color ='red'>File $file_name already exists! It has been uploaded before!</b></color></size>";   
                    exit(); 
                } 
    Those lines are the concerned ones.
    Full script in my original post.

    Error reporting file has been included. It looks like this:
    PHP Code:
    <?php 

    //ERROR REPORTING CODES.
    declare(strict_types=1);
    ini_set('display_errors''1');
    ini_set('display_startup_errors''1');
    error_reporting(E_ALL);
    mysqli_report(MYSQLI_REPORT_ERROR MYSQLI_REPORT_STRICT);

    ?>
    I am not getting any errors. Issue is the wrong conditions get triggered for some reason. Puzzling!
    If you leave the "Choose File" (file upload) blank and click the "Submit" button then you get false alert:
    File already exists! It has been uploaded before!
    That is the real issue here.
    Last edited by UniqueIdeaMan; June 14th, 2018 at 07:46 AM.
  8. #5
  9. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    845
    Rep Power
    0
    Originally Posted by requinix
    Careful what you wish for: there are tons of problems with this code.
    Impoverished Moderator,
    He is not wishing for anything.
    How about you point us to where exactly these tonnes of code errors are ?
  10. #6
  11. Contributing User
    Devshed Frequenter (2500 - 2999 posts)

    Join Date
    Mar 2006
    Posts
    2,674
    Rep Power
    1841
    I don't do php, remember?
    Now, as I see it you do stuff to get user info prior to displaying this page, then prompt them to record themselves saying that block of text at the top of the code - by the way that greeting you give them includes the literal surname, not a variable called $surname. Now, let's say they do that they do what with the video? I presume it has something to do with that input="file" bit toward the bottom of the code? They either drag'n'drop the file onto something or enter a name? What happens to the file then? But assuming the file is uploaded and is 'hovering about' in digital limbo, they click the submit button which (I presume) causes the page to refresh with the action of POST, whereupon you display all that text again and start on the code beneath it, checking to see if the file has been uploaded? In the first set of tests involving the strlen of the trim(..) $_POST variable ... where does it get a value from? From what I can see you name it in the button 'stanza' of code, but no value. In that second block of tests just after the checking of this being a POST did you mean to have two different array names having values checked?
    The moon on the one hand, the dawn on the other:
    The moon is my sister, the dawn is my brother.
    The moon on my left and the dawn on my right.
    My brother, good morning: my sister, good night.
    -- Hilaire Belloc
  12. #7
  13. Impoverished Moderator
    Devshed Supreme Being (6500+ posts)

    Join Date
    Mar 2007
    Location
    Washington, USA
    Posts
    16,820
    Rep Power
    9646
    Originally Posted by UniqueIdeaMan
    How about you point us to where exactly these tonnes of code errors are ?
    In order as I see them:

    - Deprecated HTML.
    - Typos.
    - Variables in strings that don't need to be in strings.
    - Echoing strings in PHP that don't need to be echoed in PHP.
    - Mismatching variable names.
    - Thinking any file upload data at all is in $_POST.
    - exit/die-ing in (what should be) the middle of the page.
    - Logic error about checking for file upload errors.
    - Not being careful about the array keys in $_FILES.
    - Not even being consistent about using the wrong array keys in $_FILES.
    - The mkdir mode as a string.
    - Incorrect HTML markup.
    - Not supporting uppercase file extensions.
    - Relying on the file MIME type.
    - Not checking for file upload errors.
    - Trying to process the uploaded file even if the file type was disallowed.
    - No protection against forged file uploads.

    Don't ask me to clarify because I won't visit this thread again.

    Comments on this post

    • Sepodati agrees : mic drop
  14. #8
  15. Banned (not really)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 1999
    Location
    Caro, Michigan
    Posts
    14,946
    Rep Power
    4554
    mkdir() returns a value for a reason. You have no idea whether it's failing or not.

    In addition to all of the **** above.
    -- Cigars, whiskey and wild, wild women. --
  16. #9
  17. Code Monkey V. 0.9
    Devshed Regular (2000 - 2499 posts)

    Join Date
    Mar 2005
    Location
    A Land Down Under
    Posts
    2,416
    Rep Power
    2105
    Originally Posted by UniqueIdeaMan
    He is not wishing for anything.
    Wrong.

    I was wishing that you had listened to any one of the 1,000,000 times that everyone on here has told you to go and learn basic debugging skills and learn how to figure out what the code does without copy-and-pasting outdated scripts that are somewhat less then useless.

    Come on, do some work yourself. Learn how to output error messages. Learn what functions do, what they return and how to handle that.

    Again, that's all first-level programming. If you can't do that for yourself and don't want to learn it, give up now because you will never be able to get it.
  18. #10
  19. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    845
    Rep Power
    0
    Thanks to Simon JM I fixed my variable name typo.
    Thanks to Requinix fixed some typos too.
    Ok, here is my first round of update. Not complete yet as I still got to understand Requinix's rest of her hints.
    I still got to ponder Sepo's hint too.
    The original error is gone now. I do not get this error any more:
    File already exists! It has been uploaded before!
    But I now get a new error:
    Notice: Undefined index: id_verification_video_file in C:\xampp\htdocs\test\confirm_id_v1.php on line 80

    Line 80 looks like this:
    PHP Code:
    $id_verification_video_file trim($_POST["id_verification_video_file"]); 
    And so, I do not see that there is an undefined index as the variable has been set.
    Anyway, originally the html form was below line 80. I now took it above on line 49.
    Note my comments in CAPITALs.

    Update:
    PHP Code:
    <?php 

    //Required PHP Files. 
    include 'config.php'
    include 
    'header.php'
    include 
    'account_header.php'

    ?> 
        
        <!DOCTYPE html> 
        <html> 
        <head> 
        <title>Member Identity Video Verification Page</title> 
            <meta charset="utf-8"> 
        </head> 
        <body> 
        <body background="background.png"> 
        <p align="center"><h2>Member Identitiy Video verificarion Page</h2> </p> 
        <p align="left"> 
        <?php 
        
    //Welcome User by name. Display Log-out Link. 
        //echo 'Welcome '; echo "$first_name "; echo "$middle_name "; echo "surname "; 
        
    echo 'Welcome '; echo "$first_name "; echo "$middle_name "; echo "$surname "?> 
        <br> 
        <?php 
        
    //Prompt user to video confirm their account by reading their account details in front of a video camera. 
        
    echo 'To verify your account, heed the following instructions.'?> <br> 
        <br> 
        <br> 
        <?php echo '1. Stand in front of your video camera and read-out the following text you see in bold text.'?> <br> 
        <?php echo '2. Make sure the video is no longer than 3 minutes.'?> <br> 
        <?php echo '3. Attach the video on the form below to submit it to us.'?> <br> 
        <?php //echo "4. Click the <b>Submit</b>\" button and submit the form."; ?> <br> 
        <?php echo "4. Click the <b>'Submit'</b> button to submit the form."?> <br>
        <br> 
        <br> 
        <?php //TypeCasted the INT to STRING on the 1st parameter of sha1 as it needs to be a STRING. 
        
    $account_video_verification_code sha1( (string) mt_rand(099999999)); 
        echo 
    "<b>My $social_network_name Id is: $id"?></b> <br> 
        <?php echo "<b>My $social_network_name Username is: $username"?></b> <br> 
        <?php echo "<b>My Domain is: $primary_website_domain"?></b> <br> 
        <?php echo "<b>My Primary Website Email is: $primary_website_email"?></b> <br> 
        <?php echo "<b>My Name is: $first_name $middle_name $surname"?></b> <br> 
        <?php echo "<b>My Gender is: $gender"?></b> <br> 
        <?php echo "<b>My Age Range is: $age_range"?> </b> <br> 
        <?php echo "<b>My Religion is: $religion"?></b> <br> 
        <?php echo "<b>My $social_network_name account_video_verification_code is: $account_video_verification_code"?></b> <br> 
        
        <form enctype="multipart/form-data" ACTION="" METHOD="POST"> 
        <fieldset> 
        <p align="left"><h3><?php echo "$site_name"?>ID Verification Form</h3> </p> 
        <div class="form-group"> 
            <p align="left"><label>Video File:<label> 
            <input type="file" name="id_verification_video_file" id="id_verification_video_file" value="Uploaded 'Id verifcation Video File.'"> </p> 
        </div> 
        </fieldset> 
        <p align="left"><button type="submit" class="btn btn-default" name="id_verification_file_submit">Submit! </button> </p> 
        </form> 

        <?php 
        
    //GETTING RID OF THIS WHOLE IF CONDITION AND ADDING IT INSIDE THE if($_SERVER["REQUEST_METHOD"] == "POST") 
        /*if (isset($_POST["id_verification_video_file_submit"])) 
        { 
            $id_verification_video_file = trim($_POST["id_verification_video_file_submit"]); 
            if(strlen($id_verification_video_file)<1) //WHY IS NOT THIS GIVING ALERT IF FILE NAME IS ZERO DUE TO USER FAILING TO SELECT & UPLOAD A FILE ? 
            { 
                //echo "You must upload your video file that you just created!"; 
                echo 'You must upload your video file that you just created!'; 
                exit(); 
            }         
        }
    */    
        
        //Check whether the form was submitted or not. 
        
    if($_SERVER["REQUEST_METHOD"] == "POST"
        { 
            
    //ADDED THE FOLLOWING if FROM ABOVE 
            //if (isset($_POST["id_verification_video_file_submit"])) //PONDERING TO RID THIS LINE AS IT SEEMS UNNECESSARY SINCE THE LINE ABOVE EXISTS. Q1: SHALL I RID IT OR NOT ?
            //{ 
                
    $id_verification_video_file trim($_POST["id_verification_video_file"]); 
                if(
    strlen($id_verification_video_file)<1//Q2: WHY IS NOT THIS GIVING ALERT IF FILE NAME IS ZERO DUE TO USER FAILING TO SELECT & UPLOAD A FILE ? 
                

                    
    //echo "You must upload your video file that you just created!"; REPLACED DBL QUOTES WITH SNGL QUOTES. 
                    
    echo 'You must upload your video file that you just created!'
                    exit(); 
                
    //}         
            
    }      
            else 
            { 
                
    //Feed Id Video Verification File Upload Directory Path. 
                
    $directory_path "uploads/videos/id_verifications/"
                
    //Make Directory under $user in 'uploads/videos/id_verifications' Folder. 

                
    if(!is_dir("$directory_path"$user")) 
                { 
                    
    $mode "0777"
                    
    //mkdir("$directory_path" . "$user", $mode, TRUE); 
                    
    mkdir("$directory_path"$user""$mode"TRUE); //Thanks Requinix for my "$mode" typo hint.
                

                
    //Grab File details. 
                
    $file_name $_FILES["id_verification_video_file"]["name"]; 
                
    $file_tmp $_FILES["id_verification_video_file"]["tmp_name"]; 
                
    $file_type $_FILES["id_verification_video_file"]["type"]; 
                
    $file_size $_FILES["id_verification_video_file"]["size"]; 
                
    //Grab File Extension details. 
                
    $file_extension pathinfo($file_namePATHINFO_EXTENSION); 
                if(
    file_exists("$directory_path"$user/" "$file_name")) 
                { 
                    echo 
    "<b><font size ='5' font color ='red'>File $file_name already exists! It has been uploaded before!</b></color></size>";   
                    exit(); 
                } 
                else 
                { 
                    
    //Feed allowed File Extension(s). 
                    
    $allowed_file_extensions = array("mp4" => "video/mp4","wmv" => "video/wmv"); 
                    
    //Feed allowed file size. 
                    
    $max_file_size_allowed_in_bytes 1024*1024*100//Allowed limit: 100MB. 
                    
    $max_file_size_allowed_in_kilobytes 1024*100
                    
    $max_file_size_allowed_in_megabytes 100
                    
    //Verify File Extension. 
                    
    if(!array_key_exists($file_extension,$allowed_file_extensions)) die("Error: Select a valid video file format. Select an MP4 or WAV file."); 
                    
    //Verify MIME Type of the file. 
                    
    elseif(!in_array($file_type,$allowed_file_extensions)) 
                    { 
                        echo 
    "Error:<font size ='5' font color ='red'><b>There was a problem uploading your video file $file_name! Make sure your file is an MP4 or a WAV file. You may try again now.</b></color></size>"//THANKS TO REQUINIX FOR BRINNGING IT TO MY ATTENTION I AM STILL PROCESSING THE SCRIPT AFTER THIS LINE WHEN I SHOULD NOT. 
                    
    exit(); //ADDED THIS LINE. 
                    

                    
    //Verify File Size. Allowed Max Limit: 100MB. 
                    
    elseif($file_size>$max_file_size_allowed) die("Error: Your Video File Size is larger than the allowed limit of: $max_file_size_allowed_in_megabytes."); //Fixed variable name typo. Thanks to Requinix & Simon JM. 
                    
    elseif($file_size>$max_file_size_allowed_in_megabytes) die("Error: Your Video File Size is larger than the allowed limit of: $max_file_size_allowed_in_megabytes."); 
                    
    //Move uploaded File to newly created directory on the server. 
                    
    move_uploaded_file("file_tmp","$directory_path"$user/" "$file_name"); 
                    
    //Notify user their File was uploaded successfully. 
                    
    echo "<font size ='5' font color ='red'><b>Your Video File \"$file_name\" has been uploaded successfully! You will get notified once your Id has been verified successfully.</b></color></size>"
                    
    //Grab User's Sponsor details to notify the Sponsor to Verify User'd ID by watching user's uploaded Video. 
                    
    $query "SELECT id,account_activation_status,id_video_verification_status,primary_website_domain,primary_website_email,username,first_name,middle_name,surname FROM users WHERE username = ?"
                    
    $stmt mysqli_prepare($conn,$query); 
                    
    mysqli_stmt_bind_param($stmt,'s',$db_sponsorusername); 
                    
    mysqli_stmt_execute($stmt); 
                    
    $result mysqli_stmt_bind_result($stmt,$db_sponsor_id,$db_sponsor_account_activation_status,$db_sponsor_id_video_verification_status,$db_sponsor_primary_website_domain,$db_sponsor_primary_website_email,$db_sponsor_username,$db_sponsor_first_name,$db_sponsor_middle_name,$db_sponsor_surname);  
                    
    mysqli_stmt_fetch($stmt); 
                    
    mysqli_stmt_close($stmt); 
                    
                    
    //Notify User's Sponsor to Verify User's Id. 
                    
    $recipient_username $sponsor_username
                    
    $sender_username "admin"
                    
    $message "Dear $user, <br> 
                    <br> 
                    One of your referrals have confirmed their Id by uploading a video with their personal details. <br> 
                    We need you to watch their video and verify their personal details to the best of your knowledge. <br>  
                    You may find their video by <a href=\"uploads\videos\id_verifications\$user\$file_name\">clicking here</a>. <br> 
                    <br> 
                    <br> 
                    Your recruit should be reading-out the following script in (<font color=\"blue\"><b>bold BLUE</color> text</b> below) word for word and line for line in-front of their camera. <br> 
                    1. If the details about your recruit are accurate in the script; And <br> 
                    2. If they manage to read-out every line in the script accurately word for word and line for line; And <br> 
                    3. Providing the video is no longer than 5 minutes; <br> 
                    then: <br> 
                    <a href=\"verify_id.php?verifying_action=verify&verifying_user=
    $user\">Click to verify $user</a>. <br> 
                    <br> 
                    Else, <a href=\"verify_id.php?verifying_action=unverify&verifying_user=
    $user\">Click to Unverify $user</a>. <br> 
                    <br> 
                    <font color = \"red\"><b>WARNING: Do not verify this recruit if their details are not correct in the script or if they fail to read-out their correct details on the video. <br> 
                    Doing so, will result in you bearing all the liabilities of the damages they cause anywhere in the world using their falsely verified account.</b></color> <br> 
                    <br> 
                    Regards <br> 
                    <br> 
                    Admin <br> 
                    <br> 
                    <font size =\"4\">SCRIPT START</font size> <br> 
                    <font color =\"blue\">My Social_network_name Id is: 
    $id; <br> 
                    My 
    $social_network_name Username is: $username; <br> 
                    My 
    $social_network_name Primary Website Domain is: $primary_website_domain; <br> 
                    My 
    $social_network_name Primary Website Email is: $primary_website_email; <br> 
                    My Name is: 
    $title $first_name $middle_name $surname; <br> 
                    My Gender is: 
    $gender; <br> 
                    My Age-Range is: 
    $age_range; <br> 
                    My Religion is: 
    $religion; <br> 
                    My 
    $social_network_name account_video_verification_code is: $account_video_verification_code; <br> 
                    </color> 
                    </size> 
                    <b><font size=\"4\">SCRIPT END</font size></b> <br> 
                    <br> 
                    "

                    
                    
    $stmt mysqli_prepare($conn,"INSERT INTO notices(recipient_username,sender_username,message) VALUES (?,?,?)"); 
                    
    mysqli_stmt_bind_param($stmt,'sss',$recipient_username,$sender_username,$message); 
                    
    mysqli_stmt_execute($stmt); 
                    
                    
    //Check if user's Video Verification File upload NOTIFICATION was successfully submitted to Mysql Database or not. 
                    
    if(!$stmt
                    { 
                        echo 
    "<b><font size ='5' font color ='red'>Sorry! our system is currently experiencing a problem in NOTIFYING the appropriate person to verify your Id. You may experience a delay in getting your Id verified.</b>"
                        exit(); 
                    } 
                    else 
                    { 
                        
    //Email User's Sponsor to verify user's Id. 
                        
    $to $db_sponsor_primary_website_email
                        
    $subject "Your ".$site_name." Verify Your Referral's Id!"
                        
    $body nlbr(
                        ===============================\r\n 
                        "
    .$site_name." \r\n 
                        ===============================\r\n 
                        From: "
    .$site_admin_email." \r\n 
                        To: "
    .$db_sponsor_primary_website_email." \r\n 
                        Subject: Yours "
    .$subject." \r\n 
                        
                        Message: "
    .$db_sponsor_first_name." ".$db_sponsor_middle_name." ".$db_sponsor_surname." \r\n 
                        One of your referrals have confirmed their Id by uploading a video with their personal details. \r\n 
                        We need you to watch their video and verify their personal details to the best of your knowledge. \r\n 
                        You may find their video listed in your "
    .$site_name." account's \"Verify Id\" section. \r\n 
                        
    $site_domain/home.php. \r\n"); 
                        
    $headers "From: " $site_admin_email ."\r\n";                     
                        if(!
    mail($to,$subject,$body,$headers)) 
                        { 
                            echo 
    "Sorry! our system is currently experiencing a problem in EMAILING the appropriate person to verify your Id. You may experience a delay in getting your Id verified."
                            exit(); 
                        } 
                        else 
                        { 
                            echo 
    "Our system has managed to EMAIL the appropriate person to verify your Id. Hopefully, your Id will be verified soon (providing you gave your accurate details)."
                            exit(); 
                        } 
                    } 
                } 
            } 
        } 
    ?> 
        
    </body> 
    </html> 

    <?php 

    include 'footer.php'

    ?>
    I have my questions "q1" & "q2" in the update's comments. Do address them.
    Also, let me know if this update is a slight improvement or not. Or, did I screw it up even more ?
    Yes, I have not addressed all my mistakes you guys pointed-out but that is because I still got to understand your hints. I did my best for now (1hr's work).

    Yeah. Problem is, I read tutorials but how am I supposed to know it is outdated ?
    Gonna have to check the old manual now for this.

    Thanks
  20. #11
  21. No Profile Picture
    Contributing User
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jul 2003
    Posts
    4,459
    Rep Power
    653
    Clearly the variable has NOT been set or you would not be getting that error. Once again, what debugging have you done on your own (Hint: print_r)?
    Last edited by gw1500se; June 18th, 2018 at 08:33 AM.
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  22. #12
  23. Banned (not really)
    Devshed Supreme Being (6500+ posts)

    Join Date
    Dec 1999
    Location
    Caro, Michigan
    Posts
    14,946
    Rep Power
    4554
    Normally I'd be quite amazed that someone could use the right variable in one area and a completely different variable in another area, but I know you copy and paste **** and have no clue what's going on. So I'm not.
    -- Cigars, whiskey and wild, wild women. --
  24. #13
  25. No Profile Picture
    Contributing User
    Devshed Novice (500 - 999 posts)

    Join Date
    Jan 2017
    Posts
    845
    Rep Power
    0
    Thanks for the hint guys. Seems like I am missing things. I will have to dbl check now.
  26. #14
  27. No Profile Picture
    Contributing User
    Devshed Specialist (4000 - 4499 posts)

    Join Date
    Jul 2003
    Posts
    4,459
    Rep Power
    653
    Originally Posted by UniqueIdeaMan
    Seems like I am missing things.

    On that we can all agree.
    There are 10 kinds of people in the world. Those that understand binary and those that don't.
  28. #15
  29. No Profile Picture
    Contributing User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Aug 2016
    Posts
    139
    Rep Power
    65
    You have probably been told most of the following, multiple times, but here it is again -

    Programming is an exact science. The computer only does exactly what the code you write tells it to do. In order to write code that accomplishes something useful, you must have a clearly defined goal for (each section of) the code. In order to write code that works, you must learn, through research, enough about the statements you are using, in each language - php, sql, javascript, css, html, so that you can use them correctly. Knowing what the statements do, what each one is contributing to the goal, is how you troubleshoot problems when the code doesn't work. You determine at what point the code is doing what you expect and at what point it is not.

    To get php and your code to help you, you need to ALWAYS -

    1) Have php set up so that it reports (error_reporting should be set to E_ALL) and displays (display_errors should be set to ON) or logs (log_errors should be set to ON) all errors and doesn't hide any output if you have any header() redirects in the code (output buffering should be set to OFF.)

    2) Have error handling (either using exceptions or program logic) for all statements that can fail.

    3) Validate all input data before using it and set up unique and helpful error messages for each different validation test that fails.

    If you store the error messages from the error handling and validation in an array, the array serves as a error flag. If the array is empty, there are no errors. If the array is not empty, there are errors.

    Your current goal is to upload a file, check for upload errors, validate the uploaded file information, then finally use the uploaded file information.

    I recommend that you forget about any extra things and start with the just the html and php you need to do this. Once you have learned how to upload a file, you can add other things to this.

    To do this, you need form processing code, which should come before the start of your html document, and you need a valid html document (your current document isn't even valid, with markup coming after the </html> tag) that contains a form that is capable of uploading a file (requires a post method form, with an enctype attribute, and a type='file' form field.) You also need to write and test each functional part of the code before going onto the next.

    Processing a post method form has an error mode, due to the total submitted post data exceeding the post_max_size setting, where the $_FILES (and $_POST) array will be empty. After you detect that a post method form has been submitted, you must detect this error condition. There are other things that can cause the $_FILES array to be empty - invalid form, uploads not enabled on the server. For a minimal application, you can just test if the $_FILES array is empty. If the array is empty, set up an appropriate error message.

    After testing for the above condition, continue with the upload error checking.

    After you have determined that the file was successfully uploaded, you can validate the things about the uploaded file that you care about.

    After you have validated the uploaded file information, you can use the submitted data.

    So, to get you started, here is an outline of the logic you need -

    PHP Code:
    <?php

    $errors 
    = []; // define an array to hold errors

    //Check whether the form was submitted or not.
    if($_SERVER["REQUEST_METHOD"] == "POST")
    {
        
    // detect the post_max_size error mode here...
        
    if(empty($_FILES))
        {
            
    $errors['file'] = "Total posted data exceeds server maximum size setting."// you can add more specific infomraiton to this message by using the #_SERVER['CONTENT_LENGTH'] and post_max_size values
        
    }
        
        
    // check for uplaod errors, in the $_FILES[...]['error'] element here...
        
    if(empty($errors))
        {
            
        }
        
        
    // if no upload errors, validate the uploded file information here...
        
    if(empty($errors))
        {
            
        }
        
        
    // if no erros, use the submitted data here...
        
    if(empty($errors))
        {
            
        }
    }

    // the html docuement starts here...
    ?>
    <!DOCTYPE html>
    <html>
    <head>
    <title>Member Identity Video Verification Page</title>
    <meta charset="utf-8">
    </head>
    <body>
    <?php
    // display any errors
    if(!empty($errors))
    {
        echo 
    implode('<br>',$errors);
    }
    ?>
    <form enctype="multipart/form-data" method="POST">
    <label>Video File:
    <input type="file" name="id_verification_video_file"></label>
    <button type="submit">Submit!</button>
    </form>
    </body>
    </html>

    Comments on this post

    • UniqueIdeaMan agrees : Thank you for your lengthy explanation!
    Last edited by DSmabismad; June 19th, 2018 at 10:22 AM. Reason: fixed typo in outline logic
Page 1 of 2 12 Last
  • Jump to page:

IMN logo majestic logo threadwatch logo seochat tools logo