Jump to content

dalecosp

Members
  • Content Count

    467
  • Joined

  • Last visited

  • Days Won

    8

dalecosp last won the day on December 21 2018

dalecosp had the most liked content!

Community Reputation

29 Good

About dalecosp

  • Rank
    Advanced Member

Contact Methods

  • Website URL
    https://www.ombe.com

Profile Information

Recent Profile Visitors

22,388 profile views
  1. The quid pro quos of going to "MySQLI" include changing your connection string and the query syntax. The one big "gotcha" to me when converting old to new (MySQL to MySQLI) was the lack of a mysqli_result() function in the older days, but now you can do something like this: $data = $result->fetch_row()[0]; ... which seems fairly handy to me in place of mysql_result. I'm not sure when this syntax became valid, off the top of my head. PDO is generally touted as great for security and portability. I'm not totally convinced, but the use of prepared statements is preferable to its alternative. I had written quite a bit more here, but I think at this point a good read or two would be in order. I'm not sure there's any 'one size fits all' answer to this issue. This is a thoughtful and well-informed take on the subject. The Reddit comments on it are also kind of interesting. SitePoint discussion. Jim Westergren tested, and prefers, PDO with ATTR_EMULATE_PREPARES. Quora seems to prefer PDO, but there's some really bad info on this page also. I've been in your shoes, and our management wanted quick-n-dirty. I modified everything to MySQLI with a few search/replace operations in the IDE, adapting the connection code, and replacing calls to mysqli_result(). Took very little time at all. If they preferred PDO for security and portability, I would've done that. though.
  2. There are three echo() constructs that would produce output. A fourth such construct is commented out so it won't run. echo $data[$j]; echo ","; echo "<br>"; If you'd like a space after the comma, add a space after the comma in the 2nd echo shown above. If you're viewing this program's output in a browser, the "<br>" should produce a lineBReak. If you're not, it will just be so much garbledy-gook. Probably this line: //echo "n" Was actually mean to write a 'newline', like this: echo "\n"; Enabling (uncommenting) that line (with the change as shown) would produce a linebreak in console/non-browser output. The whole thing could be one-lined (including an additional space as I mentioned) thusly: echo $data[$j] . ", <br>\n";
  3. Just for additional info, MySQL's max_connection variable has a lower limit of 1 and a max limit of 100000, and the default value for all recent versions of MySQL is 151. We run max_connections=250 on a VM that hosts 4 sites with moderate traffic and about 60 more that get very little. We occasionally have "too many connections" errors, generally when some bot comes by that doesn't read Robots.txt (or a new one that we've haven't added there).
  4. Instead of just dumping mysqli_error(), also dump the statement you tried to make. See if you can see why it wouldn't work. If necessary, try it against a test database.
  5. <?php $foo = "Foobar"; echo "$foo"; // Foobar. echo $foo; // Foobar. Functionally equivalent to above, no quotes needed. echo '$foo'; // $foo. A literal string, and not what we wanted. $foo = "/home/dalecosp/php"; file_put_contents($foo . "/" . 'bar', "This is file content"); // writes the given sentence into /home/dalecosp/php/bar. file_put_contents("$foo/" . "bar", "This is file content"); // does the same thing; because of double-quote variable interpolation, the trailing slash is added to /home/dalecosp/php (it was not given when $foo was assigned). file_put_contents("$foo" . "/bar", "This is file content"); // does the same thing. The slash is still in the string. file_put_contents("$foo/" . '/bar', "This is file content"); // does the same thing, because we literally want '/bar' to be appended to the path given by $foo. file_put_contents('$foo' . '/bar', "This is file content"); // will almost certainly fail, "no such directory $foo/bar". Single quotes are a literal string. Double quotes do variable interpolation. They aren't needed if the variable is all that's required; it's an easy way to concatenate strings or insert a variable into a string.
  6. Welcome to PHPFreaks! There sure are some around here.
  7. Google Translate works for me! (For some subset of languages we're interested in, that is....)
  8. Goodness gracious, great balls of AJAX! What in God's green earth are you selling? Because if it's not blow, crypto-currency or heavily-discounted precious metals ain't no one got time to load a page with one data item on it.
  9. That might be worth a try. You'd have to be careful about where you put your labels ....
  10. Sounds an interesting use case. All in the same folder? 'Cause if the path is different, "config.php" (or 'myApp.ini' or something similar) at least has the distinction of being an appropriate name for a configuration file. I once created 65 sites in one day using logic files, templates, and a config munger that changed "config.php" to contain appropriate defaults for the DOCROOT they were in. One of my proud "not proud" moments, I guess. 😉😉
  11. I'm not sure I understand 100% ... loop them for creation or reading? For reading, you'd need to know the element's name attributes (from the HTML) when processing the data in the handler script.
  12. Well, can you put them in the form somehow? Traditionally that might be done with <input type='hidden'>, if it's not possible to move the <form> tags to the appropriate locations. If you can't do that, I'm not sure what to tell you, because that sounds like front-end type magic (AJAX). Well, I kind of showed that in a more/less procedural style in my post above. If you want you could wrap that in a function; keep in mind you'd need to either declare $db to be global or establish a connection (or connection object) INSIDE your function. As Barand showed you, PDO or the newer MySQL(i) both assign the ID of the last inserted value to $db->insert_id; you can assign this to a variable and use it in your final SQL statement.
  13. He's just telling you how to get the ID of the last inserted row. You wrote pseudo-code, so that's not the only thing you need help with, I'd expect? Here's your pseudo-code with comments that I hope will help. I'll post again with some direct answers to your two points, above. <?php # First off, your code is accepting $_POST data at face value. # An attacker might be able to do something evil with that. # # Next, where's the SQL connection happening? I'll do a mysqli ... $db = mysqli_connect("localhost", "user", "pass", "db_name"); # NOTE: I don't do ANY error checking in this script. You'll NEED # to do that, because almost any invalid hit on the MySQL server will # halt execution of the script. $title = $_POST['$title']; $pageType = $_POST['$value']; # This code (and 3 others later) will make PHP expect a var named '#areaSelect' # in the POST data. You may need to do a print_r(), var_dump(), or use other debug-type # technique to ensure that you are indeed getting a var with that name from the browser. # (In other words, I wonder if you're confusing JS's DOM element ID's with POST data). $displayId = $_POST['#areaSelect']; # yields a UNIX_TIMESTAMP. As it's only used in one SQL statement, you # might just use MySQL's UNIX_TIMESTAMP() function and omit this. $start_time = now(); # see note above $end_time = $_POST['#datePicker']; $slide_order = $_POST['#orderSet']; $duration = $_POST['#durationSet']; # depending on the data type, you might not want to quote all the values (e.g. # MySQL may try to store integers as strings if they're quoted, and that might be # "not what you want" or even cause your statement to fail). $sql = "INSERT INTO pages(title, page_type_id, display_id, start_time, end_time, slide_order, duration) VALUES ('$title','$pageType','$displayId','$start_time','$end_time','$slide_order','$duration')"; $db->query($sql); $page_id = $db->insert_id; //Here, pass the content from the included fullwidth.php extarea content and the panel_type_id # you have a table named 'content', with a column named 'content', into which # you want to insert a variable named '$content' ... OK. But can we discuss naming? ;-) $content = $_POST['textArea'] $sql = "INSERT INTO content(content) Values('$content')"; $db->query($sql); $content_id = $db->insert_id; # typo here? $id is a PHP variable. # Also bug: I'm fairly sure you want ($id == "FullPage") ... not an assignment. if(#id = FullPage){ $panel_type = 1; } # This is where Barand's comment is helpful ... knowing how to get the Insert ID. $sql = INSERT INTO panels (panel_type_id, page_id, cont_id) VALUES ('$panel_type', $page_id, $content_id); $db->query($sql);
  14. Another good font, free ... "Gonville", by Simon Tatham: https://git.tartarus.org/?p=simon/gonville.git
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.