daiwa

Not to be the security police but i think its important that when giving out advice we take the habbit to include the nessesary security precautions one must take while doing this: in this case we need to use htmlspecialchars() to make sure we protect ourselves against XSS attacks. (of course if your browser id comes from a user input you'd need to do the same) [code] <?php $page = $_GET['page']; /* Or $_SESSION['page']? Whatever you are using... */ ?> [color=red]$page = htmlspecialchars($page);[/color] <form name="eachrow" action="visitors.php?listing=id-desc&page=<?php echo $page; ?>" method="POST">   <input type="hidden" value="<?php echo $visitors['browser_id']; ?>" name="DeleteOneRow">   <td class="VisitorTableContent" align="center" valign="top">   <input type="submit" value="delete"> </form>[/code]

just a friendly reminder to always escape anything you send you the db so your $user should be mysql_real_escape_string($user) same for email.

i think you might want something like the business case for php at yahoo. its a popular talk at most php conference but i can't seem to find the slides online. you can always look thru talks.php.net to see interesting things that may apply

Agreed if its there its because there can be a use for it. Just do keep in mind that you should try to exhaust all possibilities before jumping to it.

Just a quick note on the dangers of Eval. its not something you really want to be doing evaluating code that's in a database. As Rasmus Lerdof (creator of PHP) put it "If eval is the answer your asking the wrong question".

what you probably want to look at first is the API from the place you are linking to, odds are they have something that makes sense. if not you can fopen a connection to the site and push the data you want along. Read the manual on Fopen, also of use if the XML librairies if you don't know what your creating. he're a litle example of what you'll want to do in pseudo code. 1.create your XML file 2.fopen the url u want ( u can use HTTPost to make this easier but you might not like the arrays and stuff http://www.phpclasses.org/browse/package/375.html ) 3. "write" the data to the fopen (just like you'd write a file)

if you use a cach optimizer like APC this will be beyond negligeable. but Already odds are it is completely negligeable for your purpose.

[!--quoteo(post=353276:date=Mar 9 2006, 10:35 AM:name=lessthanthree)--][div class=\'quotetop\']QUOTE(lessthanthree @ Mar 9 2006, 10:35 AM) [snapback]353276[/snapback][/div][div class=\'quotemain\'][!--quotec--] I guess you will need to select the values prior to the LIKE query, and use values instead of field references. [/quote] is this even possible in pure sql(or mysql sql)? to go around assigning pseudo variables and the like?

[!--quoteo(post=342587:date=Feb 4 2006, 01:11 AM:name=gizmola)--][div class=\'quotetop\']QUOTE(gizmola @ Feb 4 2006, 01:11 AM) [snapback]342587[/snapback][/div][div class=\'quotemain\'][!--quotec--] Although Daiwa offers an interesting facility, I think it's pretty clear that using a switch() isn't a substitute for function overloading. In function overloading you could simply have a parameter with the same name, only a different datatype as a parameter, and that would be enough to differentiate an overloaded function. Since PHP really doesn't care about what type of parameter you pass to a function, it's just not a good platform for function overloading I"m afraid. [/quote] yes i was mentioning on the different numbers of parameters. what could be done to check the type of something is convert it to the type you want and then check the string representations to see if they are the same. meaning if i'm looking for ints. doing is_int() won't get you anywhere but if you convert it to int lets say with settype or just casting depending on the situation and then compare the string representation of the old one with the new one if they do match then it was the type you were looking for. if not well then it wasn't (not this only works for ints really cause string well an int is a string but thats beyond the point here :P you can get around it but you shouldn't)

anyone?

I tried googling this but the search terms give off some very erratic results since it is very general. What i am looking to do is something like this: SELECT * FROM table WHERE `field1` LIKE %`field2` this meaning that i want the rows where field 1 contains field2 at the end. (hence the %) these being text fields. Mysql 4.1

yes well i'll weight in and ZDE Pro version 5.1 is great if your doing web application the profiller will help you optimize with ease and the code completion and objects handling and the like is above anything else i ever tried.

the submenu on the mouse is a real pain; also it looks somewhat dull

I can't recomment the ZDE (Zend Development) environement enough the profiling will save you so much time of trying to figure out wtf is slowing down. and all the coding is so beautiful but ya it does take a bit of ressources and i also use wamp to get things up and running quickly

I know thats one of the things i really miss from other languages. but yes you can implement it but its not that pretty. basically u need to use a factory class test { private $id; public function __construct() { $args = func_num_args(); switch($args){ case(1).... anyways you get the point call construct from ID function break case (2) and so on } } }

[!--quoteo(post=341134:date=Jan 30 2006, 07:53 AM:name=jcombs_31)--][div class=\'quotetop\']QUOTE(jcombs_31 @ Jan 30 2006, 07:53 AM) [snapback]341134[/snapback][/div][div class=\'quotemain\'][!--quotec--] This answer didn't exactly help in any way other than telling me to protect my forms, which is what my topic was about. [/quote] make them confirm what they are sending out. then you can add constraints like form tokens and time validations and the like. ie if they confirm too quickly etc,

go to the source read the manual. you can't go wrong with the manual. yes you can do $Query = "SELECT `$Variable` FROM `SomeTable` WHERE 1"; OR for arrays you can do this $Query = "SELECT `$Array[key]` FROM `SomeTable` WHERE 1"; (no ' inside of a " enclosed string) OR $Query = 'SELECT `'.$Array['key'].'` FROM `SomeTable` WHERE 1'; OR $Query = "SELECT `".$Array['key']."` FROM `SomeTable` WHERE 1"; OR lots of other stuff i'm sure the key points being here that you don't put ' inside of [] if you are inside of a string (with " obviously, because ' doesn't parse the string). another key point that most people don't say to newb while helping them is VERIFY YOUR INPUT!! you can't go around sticking variable inside SQL queries if those strings are not sanitized. do something like $SanitizedVAR = mysql_real_escape_string($var); then use the sanitized var in your queries. then again your colum name shouldn't be set by the user but u never know

I have a strange feeling that your not using Database normalisazion correctly if you have a site with 15 000 new entries daily with an auto num and don't know how it works. odds are you could be doing Updates or things of the like. look into it

You might not want to state that your Acess is free...... also its not virtually everything to certain people mysql 4.0 does not support referencial integrity and stored procedures and the like. do a bit of googling you'll find lots of stuff about this. the new Mysql post on /. had alot of "informative" things about the difference from the Zealots on both side of the fence

Well i think first your answer is yes mysql is a relational database if you want it to be. but does not enforce foreign key constraits or support the term foreign key but you can do anything you'd want with it including being relational