QuickOldCar
Staff Alumni-
Posts
2,972 -
Joined
-
Last visited
-
Days Won
28
Everything posted by QuickOldCar
-
I agree with others to use pdo and prepared statements. It's just easier and can always be done without many steps and special circumstances. Your query was created by yourself and not using a dynamic value...so doesn't really matter much. Doing a query for 1 is safe. "SELECT aboutme FROM testing where id=1" If you were to be using from saved data, REQUEST, POST, GET, COOKIE or SESSION then it's very important to never trust the input. A quick example. $id = $_GET['id']; $result = mysqli_query($con,"SELECT aboutme FROM testing where id=$id"); Now it's whatever someone can type in the address bar is directly inserted into the query. Which is bad unless escaped or checked for values you allow or expect. Can use mysqli_real_escape_string() $id = mysqli_real_escape_string($con, $id); $result = mysqli_query($con,"SELECT aboutme FROM testing where id=$id"); Can also check to see if that dynamic variable is always a digit and not perform a query if is not one. Instead send them a message or some action. Is a pile of filters for sanitizing and validating plus other built in functions can use to check against the variable to ensure you are getting the correct type of data you expect. http://php.net/manual/en/ref.var.php
-
What determines the order of insert processing sequence?
QuickOldCar replied to greenace92's topic in PHP Coding Help
The data should be checked server side and after the form submitted. Them changing it prior to submitting the form should not matter. -
Yeah.... what they said. ^^^
-
Log in script issues. I have to log in twice before log in takes
QuickOldCar replied to pioneerx01's topic in PHP Coding Help
Yes is treated as a subdomain. add a htaccess redirect to make all www redirect to non www. You can also do this at your domain registrar. -
IgnitionBackend - A new, portable, modular framework based on PHP
QuickOldCar replied to Allenph's topic in Other Libraries
This is gonna need lots more code and fixes for people to start using it. You usually need something pretty decent to get others to get onboard and wanting to contribute to a project. I looked it over fast, is so much to say about it, be easier in a chat. For prior to php5, forget those people...nobody should be using so old a version. As for your path issues...define root folders and paths and use that for the rest of your scripts. If you create an installer could do discovery from that folder location. You can store a file outside of root directory for admin, but I feel is best to store it hashed in a database upon a first install and saved in db. Do permissions for users and handle it all via sessions with proper checks. -
<?php //Set path to data file $url = "http://www.spotternetwork.org/data.php"; $xml = simplexml_load_file($url); $json = json_encode($xml); $array = json_decode($json, TRUE); $data = array(); $number = 0; foreach ($array['spotter'] as $spotter) { foreach ($spotter as $att) { if (!in_array($data[$number], $data)) { $data[$number] = $att; } } $number++; } echo "<pre>"; print_r($data); echo "<pre>"; ?> Results: Array( [0] => Array ( [num] => 43892 [ago] => 3237 [report_at] => 2016-05-04 06:15:42 [lat] => 49.8028831 [lng] => -96.9140015 [name] => Francis Lavigne-theriault [callsign] => [phone] => 2048941561 [email] => nzpchasers@hotmail.com [first] => Francis [last] => Lavigne-Theriault [freq] => CB ch.19 or 9 [twitter] => https://twitter.com/NZPChasers [note] => NZP Chasers [ss] => 0 [ctv] => 0 [wdt] => 0 [scl] => 0 ) [1] => Array ( [num] => 381 [ago] => 2956 [report_at] => 2016-05-04 06:20:23 [lat] => 41.7750587 [lng] => -87.7680969 [name] => Adam Lucio [callsign] => [phone] => 7733838985 [email] => t4rip911@comcast.net [first] => Adam [last] => Lucio [freq] => [twitter] => [note] => facebook.com/tornadochasing [ss] => 0 [ctv] => 2 [wdt] => 0 [scl] => ) [2] => Array ( [num] => 1000 [ago] => 2713 [report_at] => 2016-05-04 06:24:26 [lat] => 28.7588730 [lng] => -81.3610764 [name] => Rob Dale [callsign] => N8GSK [phone] => [email] => rdale@skywatch.org [first] => Rob [last] => Dale [freq] => 145.390MHz [twitter] => [note] => Meteorologist [ss] => 0 [ctv] => 2 [wdt] => 0 [scl] => ) [3] => Array ( [num] => 44433 [ago] => 2510 [report_at] => 2016-05-04 06:27:49 [lat] => 42.4483376 [lng] => -88.2940445 [name] => Jesse Walters [callsign] => [phone] => 8474567064 [email] => JWSevereWeather@gmail.com [first] => Jesse [last] => Walters [freq] => [twitter] => JWSevereWeather [note] => [ss] => 0 [ctv] => 2 [wdt] => 0 [scl] => 0 ) [4] => Array ( [num] => 19525 [ago] => 1464 [report_at] => 2016-05-04 06:45:15 [lat] => 41.8083725 [lng] => -87.7275162 [name] => James Baugh [callsign] => [phone] => 7733153289 [email] => jimmybaugh@hotmail.com [first] => James [last] => Baugh [freq] => [twitter] => StormTechChaser [note] => Trained Spotter [ss] => 0 [ctv] => 0 [wdt] => 0 [scl] => ) [5] => Array ( [num] => 6296 [ago] => 1154 [report_at] => 2016-05-04 06:50:25 [lat] => 38.8094177 [lng] => -94.7813110 [name] => Brett Cooper [callsign] => [phone] => 9134613339 [email] => brettc@replayirc.com [first] => Brett [last] => Cooper [freq] => [twitter] => bctrainers [note] => [ss] => 0 [ctv] => 0 [wdt] => 0 [scl] => ) [6] => Array ( [num] => 32871 [ago] => 86 [report_at] => 2016-05-04 07:08:13 [lat] => 39.5936432 [lng] => -104.9869995 [name] => Troy Tucker [callsign] => [phone] => 7204101679 [email] => tuckertroy65@gmail.com [first] => troy [last] => tucker [freq] => [twitter] => [note] => awn wether on zello [ss] => 0 [ctv] => 0 [wdt] => 0 [scl] => ) [7] => Array ( [num] => 7688 [ago] => 76 [report_at] => 2016-05-04 07:08:23 [lat] => 37.5649986 [lng] => -100.8710022 [name] => Brandon Copic [callsign] => [phone] => [email] => [first] => Brandon [last] => Copic [freq] => [twitter] => BrandonCopicWx [note] => www.Facebook.com/BVStormChasing [ss] => 0 [ctv] => 0 [wdt] => 0 [scl] => ) [8] => Array ( [num] => 12431 [ago] => 76 [report_at] => 2016-05-04 07:08:23 [lat] => 43.2178650 [lng] => -75.4620285 [name] => Craig Larkin [callsign] => KB2FED [phone] => 315-520-9645 [email] => kb2fed@gmail.com [first] => Craig [last] => Larkin [freq] => 146.520 or 146.550 simp [twitter] => [note] => EC- Oneida County, NY [ss] => 0 [ctv] => 2 [wdt] => 0 [scl] => ) [9] => Array ( [num] => 2899 [ago] => 73 [report_at] => 2016-05-04 07:08:26 [lat] => 39.3093491 [lng] => -80.7072754 [name] => Ricky Shreve [callsign] => KC5RBA [phone] => 304-933-9522 [email] => KC5RBA@AOL.COM [first] => Ricky [last] => Shreve [freq] => 146.520 PL Tone - 94.8 [twitter] => [note] => SKYWARN ID PB6041 West Union FD [ss] => 0 [ctv] => 0 [wdt] => 0 [scl] => ))
-
For those returning to phpfreaks, Welcome Back!!!
-
Try starting to learn at php.net , is a lot of bad or outdated code around on the internet.
-
I've done work for non-profit organizations...but that doesn't really matter much. I think you have the right idea going with a premade cms like drupal and add any modules you need, possibly minor additional coding. In the past have set up many wordpress ones and the amount of plugins and themes for free usually gets the job done. Simple for them, usually is a read me or tutorials they can learn from their own free time.
-
How do I pull data from another website?
QuickOldCar replied to HawaiiThad's topic in PHP Coding Help
As for the scraping data aspect: curl (to me is the best method to connect and can also follow redirects) file_get_contents (fast and easy, can create a stream context but still limited in what you can do, it will fail a lot) preg_match or preg_match_all simplehtmldom dom simplexml -
How do I pull data from another website?
QuickOldCar replied to HawaiiThad's topic in PHP Coding Help
Using curl is better, you can also use a stream context for more control file_get_contents. Check for exactly false for failure. $chart_URL = file_get_contents("http://thad.com"); if($chart_URL === FALSE){ echo "Error4"; } else { echo $chart_URL; } -
Stop wordpress plugin to publish on his own site
QuickOldCar replied to alapimba's topic in Applications
The yumprint server is still up it seems. Possibly something on your end unable to connect such as curl or your servers ip being blocked by them. -
Sticky form help; PHP code is showing in HTML form
QuickOldCar replied to ctapp's topic in PHP Coding Help
Is piles of ways can go about it, that's what is great about programming. I don't see a reason to halt when sees any errors, it's just not doing anything with the data yet. Values saved in the form and user can edit or fill in and resubmit the form. I set the variables so can be inserted into the form, only if are set and not blank it changes, otherwise is still blank and adds to error array. -
Sticky form help; PHP code is showing in HTML form
QuickOldCar replied to ctapp's topic in PHP Coding Help
I didn't spent a great deal of time but may be something can use. <?php ini_set('display_errors', 1); error_reporting(E_ALL); include_once 'header.html'; $errors = array(); $firstname = ''; $lastname = ''; $email = ''; $when = ''; $length = ''; $seen = ''; $look = ''; $do = ''; $seenfluffy = 'no'; $fluffymessage = ''; $comments = ''; $confirm = false; if (isset($_POST['submit'])) { if (isset($_POST['fname']) && trim($_POST['fname']) != '') { $firstname = $_POST['fname']; } else { $errors[] = "<p>Sorry, you must give your First Name!</p>"; } if (isset($_POST['lname']) && trim($_POST['lname']) != '') { $lastname = $_POST['lname']; } else { $errors[] = "<p>Sorry, you must give your Last Name!</p>"; } if (isset($_POST['email']) && filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) { $email = $_POST['email']; } else { $errors[] = "<p>Sorry, you must provide an email address!</p>"; } if (isset($_POST['when']) && trim($_POST['when']) != '') { $when = $_POST['when']; } else { $errors[] = "<p>Sorry, you must tell when it happened!</p>"; } if (isset($_POST['length']) && trim($_POST['length']) != '') { $length = $_POST['length']; } else { $errors[] = "<p>Sorry, you must tell how long were gone!</p>"; } if (isset($_POST['seen']) && ctype_digit($_POST['seen']) && $_POST['seen'] >= 0) { $seen = $_POST['seen']; } else { $errors[] = "<p>How many saw must be zero or positive number</p>"; } if (isset($_POST['look']) && trim($_POST['look']) != '') { $look = $_POST['look']; } else { //optional error //$errors[] = "<p>Did you see them?</p>"; } if (isset($_POST['do']) && trim($_POST['do']) != '') { $do = $_POST['do']; } else { //optional error //$errors[] = "<p>Did they do anything to you or not?</p>"; } if (isset($_POST['seenfluffy']) && trim($_POST['seenfluffy']) != '') { $seenfluffy = $_POST['seenfluffy']; if ($seenfluffy == "yes") { $fluffymessage = "<p>Wow, you saw Fluffy!</p>"; } elseif ($seenfluffy == "no") { $fluffymessage = "<p>Darn, we really miss him!</p>"; } else { $seenfluffy = 'no'; } } if ($seenfluffy == '') { //$errors[] = "<p>Sorry, you did not tell us if you saw Fluffy or not!</p>"; } if (isset($_POST['comments']) && trim($_POST['comments']) != '') { $comments = $_POST['comments']; } else { //optional error //$errors[] = "<p>Any comments?</p>"; } if (!empty($errors)) { foreach ($errors as $error) { echo $error; } } if (empty($errors)) { $confirm = true; echo "<p>Thanks for submitting the form <emp><b>$firstname $lastname</b></emp>!</p> <p>This is what we got: <br> You were abducted: <b> $when</b> for <b>$length</b></p> <p>You saw <b>$seen</b> aliens that appeared <b>$look</b></p> <p>You answered: <b>$seenfluffy</b> in regards to seeing Fluffy.</p> <p> Here are your additional comments: <br> $comments</p> <hr> \n"; } } //end post submit if($confirm == false){ ?> <form method="POST" action="" name="abductreport"> <label for="fname">First Name:<b>*</b></label> <input type="text" name="fname" id="fname" placeholder="First Name" value="<?php echo $firstname; ?>"><br> <label for="lname">Last Name:<b>*</b></label> <input type="text" name="lname" id="lname" placeholder="Last Name" value="<?php echo $lastname; ?>"><br> <label for="email">What is your Email address?<b>*</b></label> <input type="email" name="email" id="email" placeholder="Email" value="<?php echo $email; ?>"><br> <label for="when">When did it happen?</label> <input type="date" name="when" id="when" value="<?php echo $when; ?>"><br> <label for="length">How long were you gone?</label> <input type="text" name="length" id="length" placeholder="days, months, years?" value="<?php echo $length; ?>"><br> <label for="see">How many did you see?</label> <input type="number" name="seen" id="seen" placeholder="Enter a Number" value="<?php echo $seen; ?>"><br> <label for="look">Describe them:</label> <input type="text" name="look" id="look" placeholder="What was their appearance?" value="<?php echo $look; ?>"><br> <label for="do">What did they do you to?</label> <input type="text" name="do" id="do" placeholder="Describe what they did" value="<?php echo $do; ?>"><br> <label for="seenfluffy">Have you seen my dog fluffy?<b>*</b></label> <input type="radio" name="seenfluffy" <?php if ($seenfluffy == "yes") echo " checked "; ?> value="yes">Yes <input type="radio" name="seenfluffy" <?php if ($seenfluffy == "no") echo " checked "; ?> value="no">No <br /><img src="fluffy.jpg" alt="Have you seen Fluffy?"><br /> <?php if ($fluffymessage != '') { echo $fluffymessage; } ?> <label for="comments">Anything else you want to Add?</label> <textarea rows="3" cols="50" name="comments" id="comments" placeholder="Anything else you would like to add"> <?php echo htmlspecialchars($comments, ENT_QUOTES); ; ?> </textarea><br><br> <input type="submit" name="submit" value="Report Abduction"> </form> <?php }?> -
I'll agree with you. If have many records should have an index and would be using that. Since you mentioned Facebook I'll tell you what I discovered. Is many big sites like Facebook using big tables and NoSQL like cassandra. Facebook created that and open sourced it, I read they stopped using it in 2014 and not sure what are using now. They use a combination of methods to get data. Structured important data such as users info, wall posts, timeline and so on are with mysql and replicated across various data centers. Memcached is used to cache a lot of data and objects into ram. Haystack to handle a http based photo server. Info from facebook. Scribe to handle logging. Varnish http accelerator that acts like a load balancer and cache. Hiphop php transpiler but I believe using virtual machines...HHVM.
-
How would I randomly get both values from this array?
QuickOldCar replied to cloudll's topic in PHP Coding Help
shuffle() -
Not enough of your code to tell exact. You do that within your loop. while($row=...................){ if($row('id') == $post_id){ echo "trending"; //$trending = true; } }
-
MYSQL Crash on building Full Text Search Index
QuickOldCar replied to natasha_sharma's topic in MySQL Help
Something crashed or server closed while was changing records mysql, need to do a repair on the table. http://dev.mysql.com/doc/refman/5.7/en/repair-table.html In phpmyadmin can checkmark the table and below is a dropdown that can select repair. If fails try the commandline and repair option, in some cases USE_FRM works better. -
Adding a second conditional statement
QuickOldCar replied to TheTasteofAussie's topic in PHP Coding Help
You ever notice popups and ads always seem to work though? -
MySQL Full Text Search - So many Indexes
QuickOldCar replied to natasha_sharma's topic in MySQL Help
Possibly the other indexes created via the script you posted in past. To drop indexes...In phpmyadmin click the structure tab and scroll below, click the x on any no longer want. -
View ALL of a specific users posts
QuickOldCar replied to benanamen's topic in PHPFreaks.com Website Feedback
Change the users mid in the following url. Can get the mid from hovering a users name, is in the url for profile page. Me: http://forums.phpfreaks.com/index.php?app=core&module=search&do=user_activity&search_app=forums&mid=101319&sid=3713a05141dd04fe9e415b769bccc6c6&search_app_filters[forums][searchInKey]=&userMode=content You: http://forums.phpfreaks.com/index.php?app=core&module=search&do=user_activity&search_app=forums&mid=179806&sid=3713a05141dd04fe9e415b769bccc6c6&search_app_filters[forums][searchInKey]=&userMode=content Jacques: http://forums.phpfreaks.com/index.php?app=core&module=search&do=user_activity&search_app=forums&mid=167590&sid=3713a05141dd04fe9e415b769bccc6c6&search_app_filters[forums][searchInKey]=&userMode=content EDIT: The "find content" is easier -
If have to create and remove tables and indexes should look into database normalization Create the index once and it keeps updating to the current data.
-
Not able to export more than ~50K records
QuickOldCar replied to natasha_sharma's topic in PHP Coding Help
Furthermore with your script mysql_* functions are deprecated, suggest using pdo with prepared statements. Using unescaped values directly into a query could lead you to an sql attack. Check if post names are actually set and not merely the form was submitted. Those post values are not blank, data type you expect before using them. EDIT: At a minimum use the mysql_real_escape_string() function $from = mysql_real_escape_string($_POST['from']); $to = mysql_real_escape_string($_POST['to']); -
Not able to export more than ~50K records
QuickOldCar replied to natasha_sharma's topic in PHP Coding Help
Could be php script is timing out. Can set the timeout limit in php.ini: max_execution_time = 600 .htaccess: php_value max_execution_time 600 top of the script: ini_set('max_execution_time',600);//in seconds,10 minutes Can set to 0 for unlimited if want to see if completes or a special circumstance you want to ensure continues. I suggest not setting to 0 entire server. This doesn't make much sense.... You don't create an array but then add to it in the loop with [], The $rows array will always have data you hard coded. Lower you are checking for a variable is not blank. Try this. <?php ini_set('max_execution_time',600); //in seconds function getbetween($string, $from, $to) { $content = explode($from, $string); //print_r($content); $seccontent = explode($to, $content[1]); return $seccontent[0]; } if (isset($_POST['submit'])) { $rows = array(); //define empty array $from = $_POST['from']; $to = $_POST['to']; $query = "select ticker, date_dt, open, high, low, close, wap, os_shares, ttq, total_trades, del_qty, sales, profit, op_assets from `stock_history` where date_t<='$to' and date_t>='$from'"; $sql = mysql_query($query); if (mysql_num_rows($sql) > 0) { //first array record created only if data returned from query $rows = array( "ticker", "date_dt", "open", "high", "low", "close", "wap", "os_shares", "ttq", "total_trades", "del_qty", "sales", "profit", "op_assets" ); while ($list = mysql_fetch_assoc($sql)) { $rows[] = $list; //add additional records to array } } if (!empty($rows)) { //check not empty array, now should only do if is actual data from query $file = fopen("stock_history.csv", "w"); foreach ($rows as $row) { fputcsv($file, $row); } fclose($file); echo '<a href="stock_history.csv" download>download</a>'; } } ?>