Jump to content

dalecosp

Members
  • Content Count

    471
  • Joined

  • Last visited

  • Days Won

    8

Posts posted by dalecosp


  1. +1 for a development environment.

    I use Oracle's Virtualbox and install a BSD-family OS with Apache+PHP ... you might be able to even find a Docker container or something like that for free out there someplace.

    As far as what will happen, the biggest recent changes to PHP, in terms of effect, at our company were removing the old mysql_* stuff (although most of it was long gone, we found out that some infrequently-used LAN software and reports still had some mysql_* stuff in them, and the removal of mcrypt().


  2. Drag 'n drop is done with an AJAX system; a JavaScript front-end script packages the image data into a FormData object, and the AJAX operation will POST that to a PHP handler script on the server, which then does the work to put it someplace just like we did in the Elder Days when we used a basic upload form in HTML.  So, at the very least you need two scripts, one PHP and one in JS.


  3. Pretty URLs are fairly simple.  Either use mod_rewrite (for Apache servers) or its equivalent on your system to do the complete work, or use it to redirect to a centralized script that reads the URL parameters and shows content based on that parameter.

    At work, we have listings like:  www.ombe.com/listing/2151404/Uninet-Developer-for-use-in-Ricoh-Aficio-200,-250,-345g

    mod_rewrite has this rule:  

    RewriteRule ^listing/([0-9]+)/?.*$ listing?$1 [NC,L]

    "Listing" does something like this:

    $product_num = intval($_SERVER['QUERY_STRING']);

    Of course there's a LOT more, config and security modules before this point, and error handling for invalid query strings, and so on.

     

     


  4. The quid pro quos of going to "MySQLI" include changing your connection string and the query syntax.  The one big "gotcha" to me when converting old to new (MySQL to MySQLI) was the lack of a mysqli_result() function in the older days, but now you can do something like this:

    $data = $result->fetch_row()[0];

    ... which seems fairly handy to me in place of mysql_result.  I'm not sure when this syntax became valid, off the top of my head.

    PDO is generally touted as great for security and portability.  I'm not totally convinced, but the use of prepared statements is preferable to its alternative.

    I had written quite a bit more here, but I think at this point a good read or two would be in order.  I'm not sure there's any 'one size fits all' answer to this issue.

    This is a thoughtful and well-informed take on the subject.    The Reddit comments on it are also kind of interesting.

    SitePoint discussion.

    Jim Westergren tested, and prefers, PDO with ATTR_EMULATE_PREPARES.

    Quora seems to prefer PDO, but there's some really bad info on this page also.

    I've been in your shoes, and our management wanted quick-n-dirty.  I modified everything to MySQLI with a few search/replace operations in the IDE, adapting the connection code, and replacing calls to mysqli_result().  Took very little time at all.

    If they preferred PDO for security and portability, I would've done that. though.


  5. There are three echo() constructs that would produce output.  A fourth such construct is commented out so it won't run.
     

    echo $data[$j];
    
    echo ",";
    
    echo "<br>";


    If you'd like a space after the comma, add a space after the comma in the 2nd echo shown above.

    If you're viewing this program's output in a browser, the "<br>" should produce a lineBReak.  If you're not, it will just be so much garbledy-gook.

    Probably this line:

    //echo "n"

    Was actually mean to write a 'newline', like this:

    echo "\n";


    Enabling (uncommenting) that line (with the change as shown) would produce a linebreak in console/non-browser output.

    The whole thing could be one-lined (including an additional space as I mentioned) thusly:
     

    echo $data[$j] . ", <br>\n";

     

    • Like 1

  6. Just for additional info, MySQL's max_connection variable has a lower limit of 1 and a max limit of 100000, and the default value for all recent versions of MySQL is 151.

    We run max_connections=250 on a VM that hosts 4 sites with moderate traffic and about 60 more that get very little.  We occasionally have "too many connections" errors, generally when some bot comes by that doesn't read Robots.txt (or a new one that we've haven't added there).


  7. <?php
    
    $foo = "Foobar";
    
    echo "$foo";  // Foobar.
    echo $foo;    // Foobar.  Functionally equivalent to above, no quotes needed.
    echo '$foo';   // $foo.  A literal string, and not what we wanted.
    
    $foo = "/home/dalecosp/php";
    
    file_put_contents($foo . "/" . 'bar', "This is file content");  // writes the given sentence into /home/dalecosp/php/bar.
    file_put_contents("$foo/" . "bar", "This is file content");   // does the same thing; because of double-quote variable interpolation, the trailing slash is added to /home/dalecosp/php (it was not given when $foo was assigned).
    file_put_contents("$foo" . "/bar", "This is file content");   // does the same thing.  The slash is still in the string.
    file_put_contents("$foo/" . '/bar', "This is file content");   // does the same thing, because we literally want '/bar' to be appended to the path given by $foo.
    file_put_contents('$foo' . '/bar', "This is file content");    // will almost certainly fail, "no such directory $foo/bar".



    Single quotes are a literal string.
    Double quotes do variable interpolation.  They aren't needed if the variable is all that's required; it's an easy way to concatenate strings or insert a variable into a string.


  8. Quote

     Page1.html - select the important category that you want to see information about

                     Page2.html  ... etc.


    Goodness gracious, great balls of AJAX!  What in God's green earth are you selling? Because if it's not blow, crypto-currency or heavily-discounted precious metals ain't no one got time to load a page with one data item on it.


  9. Sounds an interesting use case.  All in the same folder?  'Cause if the path is different, "config.php" (or 'myApp.ini' or something similar) at least has the distinction of being an appropriate name for a configuration file.

    I once created 65 sites in one day using logic files, templates, and a config munger that changed "config.php" to contain appropriate defaults for the DOCROOT they were in.  One of my proud "not proud" moments, I guess. ??


  10. Quote

    1. How to insert values that aren't in the form such as the content and panel_type ID from fullwidth.php as well as the passed in $value in templates.php


    Well, can you put them in the form somehow?  Traditionally that might be done with <input type='hidden'>, if it's not possible to move the <form> tags to the appropriate locations.

    If you can't do that, I'm not sure what to tell you, because that sounds like front-end type magic (AJAX).

     

    Quote

    2. How to create a function that does the main inserting with the ability to grab 2 different IDs used as foreign keys for panels.


    Well, I kind of showed that in a more/less procedural style in my post above.  If you want you could wrap that in a function; keep in mind you'd need to either declare $db to be global or establish a connection (or connection object) INSIDE your function.  As Barand showed you, PDO or the newer MySQL(i) both assign the ID of the last inserted value to $db->insert_id; you can assign this to a variable and use it in your final SQL statement.

    • Thanks 1

  11. He's just telling you how to get the ID of the last inserted row.  You wrote pseudo-code, so that's not the only thing you need help with, I'd expect?

    Here's your pseudo-code with comments that I hope will help.  I'll post again with some direct answers to your two points, above.

    <?php
    
    # First off, your code is accepting $_POST data at face value.
    # An attacker might be able to do something evil with that.
    #
    # Next, where's the SQL connection happening?  I'll do a mysqli ...
    
    $db = mysqli_connect("localhost", "user", "pass", "db_name");
    
    # NOTE: I don't do ANY error checking in this script.  You'll NEED
    # to do that, because almost any invalid hit on the MySQL server will
    # halt execution of the script.
    
    $title       = $_POST['$title'];
    $pageType    = $_POST['$value'];
    
    # This code (and 3 others later) will make PHP expect a var named '#areaSelect'
    # in the POST data. You may need to do a print_r(), var_dump(), or use other debug-type
    # technique to ensure that you are indeed getting a var with that name from the browser.
    # (In other words, I wonder if you're confusing JS's DOM element ID's with POST data).
    
    $displayId   = $_POST['#areaSelect'];
    
    # yields a UNIX_TIMESTAMP.  As it's only used in one SQL statement, you 
    # might just use MySQL's UNIX_TIMESTAMP() function and omit this.
    
    $start_time  = now(); 
    
    # see note above
    $end_time    = $_POST['#datePicker'];
    $slide_order = $_POST['#orderSet'];
    $duration    = $_POST['#durationSet'];
    
    # depending on the data type, you might not want to quote all the values (e.g.
    # MySQL may try to store integers as strings if they're quoted, and that might be
    # "not what you want" or even cause your statement to fail).
    
    $sql = "INSERT INTO pages(title, page_type_id, display_id, start_time, end_time, slide_order, duration) 
            VALUES 
    	    ('$title','$pageType','$displayId','$start_time','$end_time','$slide_order','$duration')";
    
    $db->query($sql);
    $page_id = $db->insert_id;
    
    //Here, pass the content from the included fullwidth.php extarea content and the panel_type_id
    
    # you have a table named 'content', with a column named 'content', into which 
    # you want to insert a variable named '$content' ... OK.  But can we discuss naming? ;-)
    $content = $_POST['textArea']
    $sql     = "INSERT INTO content(content) Values('$content')";
    $db->query($sql);
    $content_id = $db->insert_id;
    
    # typo here?  $id is a PHP variable.
    # Also bug:  I'm fairly sure you want ($id == "FullPage") ... not an assignment.
    if(#id = FullPage){
    
        $panel_type = 1;
    }
    
    # This is where Barand's comment is helpful ... knowing how to get the Insert ID.
    $sql = INSERT INTO panels (panel_type_id, page_id, cont_id)
                VALUES ('$panel_type', $page_id, $content_id);
    $db->query($sql);

     


  12. On 6/6/2018 at 3:44 PM, ignace said:

    Well, pretty much everyone on here has a "Donate to me!" button so go ahead and buy us all a round ;) :P Congrats on the promotion!

    Yeah, but does anyone ever actually punch it .... and follow through?

    Congrats, Maxxd ... I'm sure you'll be a tip-top rep for the community :-)


  13. 3 hours ago, ginerjm said:

    I dont' know if one can produce a piece of a music score using just css and html.  You could do it as a pdf using a package such as FPDF wherein you could write a function that produces a blank staff. Then you would proceed to overwrite that with the appropriate notes of music that you want to see placed meticulously upon it.  It would be a tedious piece of code to generate but once you have the ability to produce a blank staff line adding the notes wouldn't be much more work.


    Noteflight.com


    Bet they wrote a ship-load ;) of JS for that ....

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.