PHP notice : Undefined index: HTTPS

Quote

Post by make-oc » Fri May 01, 2009 9:56 am

Hi folks

I'm getting this Notice from two functions and can't completely solve this myself.

system\helper\image.php:

Code: Select all

<?php
final class HelperImage {
    static public function resize($filename, $width, $height) {
        if (!file_exists(DIR_IMAGE . $filename)) {
            return;
        } 
    
        $old_image = $filename;
        $new_image = 'cache/' . eregi_replace('\.([a-z]{3,4})', '-' . $width . 'x' . $height . '.jpg', $filename);
 
        if (!file_exists(DIR_IMAGE . $new_image) || (filemtime(DIR_IMAGE . $old_image) > filemtime(DIR_IMAGE . $new_image))) {
            $image = new Image(DIR_IMAGE . $old_image);
            $image->resize($width, $height);
            $image->save(DIR_IMAGE . $new_image);
        }
        ### PHP notice : Undefined index: HTTPS
        ### Changing this seems to work
+-      #if (@$_SERVER['HTTPS'] != 'on') {
++      if (HTTPS_SERVER != 'on') {
            return HTTP_IMAGE . $new_image;
        } else {
            return HTTPS_IMAGE . $new_image;
        }
    }
}
?>
And in catalog\controller\common\layout.php;

Code: Select all

<?php  
class ControllerCommonLayout extends Controller {
    protected function index() {
        $this->data['title'] = $this->document->title;
        $this->data['description'] = $this->document->description;
        ### PHP notice : Undefined index: HTTPS
        $this->data['base'] = (@$this->request->server['HTTPS'] != 'on') ? HTTP_SERVER : HTTPS_SERVER;
Just to let you know ;-)

Cheers
make-oc
New member
Posts
54
Joined
Tue Apr 07, 2009 2:17 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by phpuk » Fri May 01, 2009 10:30 am

Hi,

You can safely ignore php Notice warnings.

Note:
The environment variable $_SERVER['HTTPS'] only exists when SSL is running as it is created by the SSL module.

The @ symbol in front of the command if (@$_SERVER['HTTPS'] != 'on') is supposed to suppress these notices.

Phil.
phpuk
Global Moderator
Posts
457
Joined
Wed Mar 25, 2009 10:57 am
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by make-oc » Fri May 01, 2009 10:46 am

Hi Phil

Yes I'm aware of this — see this just as an info, if someone want's to debug it.

The people I work with are strict on "every variable has to be declared", so right now they don't allow OC on the server, without more debugging and testing…

Cheers
make-oc
New member
Posts
54
Joined
Tue Apr 07, 2009 2:17 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by Daniel » Fri May 01, 2009 9:07 pm

i run testing with strict aswell!

if you don't know what the problem is shows you don't kbnow what your doing.
User avatar
Daniel
Administrator
Posts
5627
Joined
Fri Nov 03, 2006 6:57 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by Daniel » Fri May 01, 2009 11:44 pm

"The people I work with are strict on "every variable has to be declared", so right now they don't allow OC on the server, without more debugging and testing…"

the peopel you work with don't know what there doing.

If they don't know you can use @ signs in strict mode then i don't think they know how to test scripts properly. Why even post this as an error? If you change the code and you are getting an error thats because you chanegd the code incorrectly.

OpenCart runs perfectly in strict mode. That is the only mode I build my applications in.
User avatar
Daniel
Administrator
Posts
5627
Joined
Fri Nov 03, 2006 6:57 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by make-oc » Sat May 02, 2009 2:38 pm

Oh well, don't take it personally…
These people do know what they're doing I'm sure and they just put everything through the same testing process. For them it's more that quote:"the @ is disguising undeclared variables". Their list of "PHP notice" is actually a bit longer by now — when I posted this it seemed to be just two… so I thought it be just two things to change in the next release maybe. Other projects collect this kind of info happily, so I did what I'm used to.
But hey all your call…

Cheers
make-oc
New member
Posts
54
Joined
Tue Apr 07, 2009 2:17 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by Daniel » Sat May 02, 2009 7:14 pm

"so I thought it be just two things to change in the next release maybe"

What the hell are you talking about? the @ sign will not display an error in strict mode. Its a perfectly allowed thing to do. I will never not use @ because there is nothing wrong with using @.

Please ask your bosses where they got this stupied idea from. What web site did they find this information from or did they come up with this themseleves?

Having undefined varibles open is fine if you have registered globals off or using them within a function or a class. Nothing can affect the open variables because of the way opencart is coded. Do you or your bosses really thing you have found a security bug? When I have experts testing the code on a daily basises and have not found a security problem?
User avatar
Daniel
Administrator
Posts
5627
Joined
Fri Nov 03, 2006 6:57 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by make-oc » Sun May 03, 2009 12:51 pm

Look, we're a bunch of people from different continents who put a few hours in a pro bono project. Two of us work for a larger ISP an got us a free hosting package, so we just simply have to play by their employers rules — and no I don't even now all of their rules and reasons why they have them in place.
None of them ever heard of OC before, plus the lack of documentation doesn't make it easy for them to get the go ahead and I tried to help, as I brought OC into play.
"I will never not use @ because there is nothing wrong with using @" is your decicion, I respect that.
For someone who does not know you or the project, you can maybe understand that with their background they may draw diffrent conclusions and declaring two varibles didn't seem much, at the time.

Where do you have the experts testing results published? Where can you point anyone intrested in the projects coding standards? Would be good reference material…
make-oc
New member
Posts
54
Joined
Tue Apr 07, 2009 2:17 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by make-oc » Tue May 05, 2009 12:36 pm

Just having read the whole thing again, I'd like to say there is no need for you Daniel, to bark at people you don't know and for myself I stated from the beginning
Just to let you know ;-)
But since you asked…
where they got this stupied idea
Let me name one project instead:
DrupalCore has decided it does not want any @ at all, plus any PHP Notice issues were fixed already!
This must be several hundreds of developers that wouldn't know what they're doing — according to you.

OC has ~750 "@$…"in it's code, so how do you know when it's a Notice or an Error?
From http://php.net/manual/en/language.opera ... ontrol.php
Warning

Currently the "@" error-control operator prefix will even disable error reporting for critical errors that will terminate script execution. Among other things, this means that if you use "@" to suppress errors from a certain function and either it isn't available or has been mistyped, the script will die right there with no indication as to why.
By the way: The entire PHPMyAdmin project has a single @$ in its code

And a note on
I have experts testing the code on a daily basises…
None of the experts caught your mistake "BCC using mail to All Customers necessary" http://forum.opencart.com/viewtopic.php ... 8569#p1856

Even the best make Errors — I guess this is why Lerdorf maybe thought of Error reporting as well as the "@" — I don't think anyone meant it as the "ultimate silencer".

A error_reporting() somewhere in the settings seems more appropriate to me.
make-oc
New member
Posts
54
Joined
Tue Apr 07, 2009 2:17 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by Daniel » Tue May 05, 2009 6:30 pm

because its people like you who are giving less experienced programmers bad ideas of how to code.

@ sign is perfectly acceptable. PHP strict would still sho an error if it was not.

I only use @ on undefind indexes and using my long php programming experience to stop errors appearing in certain functions when there is no need for them.
User avatar
Daniel
Administrator
Posts
5627
Joined
Fri Nov 03, 2006 6:57 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by regulatethis » Wed May 06, 2009 1:32 am

You sir, are a giant a$$hole. You're only hurting your own app by jumping down the throat of people who try to to help. Even if they're wrong (in this case I happen to agree with the OP), being such a prick about this will basically discourage anyone from speaking up about potential problems.

But oh wait, you don't need anyone's help because you have your "experts" who test the code on a daily "basises". hahaha angry nerd idiot.
regulatethis
Newbie
Posts
1
Joined
Wed May 06, 2009 1:23 am
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by Daniel » Wed May 06, 2009 4:51 am

Ok i'm sorry.
User avatar
Daniel
Administrator
Posts
5627
Joined
Fri Nov 03, 2006 6:57 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by hans blond » Fri May 08, 2009 6:20 am

Hi
I have watched opencard for some time, because it would be nice to see a small and simple opensource shop.

So far I stay away because I found the dokumentation not existing, no comments in the code not any list with variables that can be used, no project roadmap, no todos and I too don't think there is any need for all the "@$xxx" and I was/am wondering what this is all about, which I thought would make it difficult for me or anyone else to contribute to the project. And when i wanted to use it last november it also had a sqlinjection problem!

@Daniel
Do you just want the project to stay yours only? Or do you want people to help and work with them together?

From this post it looks like you want it a oneman show and rather get offended when people don't share your idea or style -- in my opinion this is the road to nowhere of any project. You cant expect other people to allways know why you made a decission and if you really have thought about all aspects possible.
So when I see code with no comments, docu and -- really 750 -- "@$xxx" I'd say it's time for refactoring and good talks with other programmers.
hans blond
Newbie
Posts
2
Joined
Fri May 08, 2009 5:47 am
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by Daniel » Fri May 08, 2009 7:28 am

hans blond wrote: last november it also had a sqlinjection problem!

OpenCart 1.x was not out last november!

You could ask Qphoria about the 0.x version, but I think your making the SQL injection problem up.

There was a minor problem in 1.1.8 that was an SQL injection. It would not allow a hacker to get any information or change anything though. I was made aware of the problem by a security group so i fixed it straght away. There was also another minor problem.
User avatar
Daniel
Administrator
Posts
5627
Joined
Fri Nov 03, 2006 6:57 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by Daniel » Fri May 08, 2009 7:37 am

Actually just to make a point out of how good the security is of opencart. Out of the 3 years I have been working on it. There has only been 2 security bugs reported. Only 1 has been confirmed as real and it was a minor one.

The other was this:

SELECT * FROM product WHERE category_id = '1' ORDER BY {vunribility }

No information or data manpuliation can happen at the end of the query. php won't allow multiple querys to be run from a single mysql_query call.
User avatar
Daniel
Administrator
Posts
5627
Joined
Fri Nov 03, 2006 6:57 pm
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by hans blond » Fri May 08, 2009 1:43 pm

you are funny

i make the thing up, because i get date wrong and still you agree it happened, a joke

how can anybody keep update and understand all diffrent versions there are, anyway. This is also somthing difficult. Why have you splite and why do you release versions every week. You allways write fix it in next version, this is sloppy and a nightmare for anyone trying to use or trying to contribute.

I only look into the bug forum sometimes and I am wondering if this is only a testing version of the other opencart - the zero one? is this what it is?
hans blond
Newbie
Posts
2
Joined
Fri May 08, 2009 5:47 am
Top

Re: PHP notice : Undefined index: HTTPS

Quote

Post by waye » Fri May 08, 2009 5:13 pm

well, daniel is just telling the truth! I think you are more funny then him >:(

Also, I think opencart are great and powerful shopping cart compare with other carts. this cart have improve a lot recently, that why lot of people using it and don't mind to keep upgrate it.

BTW, You don't even use it so why you complaining about it?
waye
Newbie
Posts
12
Joined
Fri May 08, 2009 5:02 pm
Top
Post Reply
Return to “Bug Reports”
Who is online

Users browsing this forum: No registered users and 14 guests