OAFC_Rob
-
Posts
118 -
Joined
-
Last visited
Everything posted by OAFC_Rob
-
I've dabbed in a few languages at uni, but we never got enough time to learn it all properly, JavaScript, Java, C#, PHP I sent more time on PHP though and that's the direction I want to go towards, now I'm unemployed with no experience in the industry. The uni spent about 2 lectures teaching OOP which is like it barely covered what a class and object was let alone how to use them. I have just got PHP Objects Patterns and Practice by Matt Zandstra, as an e-book would you say thats a good place to start?
-
yep I get it now thanks for the help
-
Thanks for explaining that, I have used urlencode before and thought rawurlencode was for all of it, but I get it now, it is more for something like http://localhost/duff3/new page/ and stuff like that unusual characters and for only bits of it, correct?
-
Okay, I think i'm going to have to sit down and read, which I hate doing much prefer videos or audio books.
-
So something a bit more like this, with config.php holding the connection data as defined constants, this would allow security such as htaccess correct? <?php require_once ("config/config.php"); class DBConnect { # VARIABLE DATA COMES FROM CONSTANTS DEFINED IN "config.php" var $user = dbUsername; var $pass = dbPassword; var $db = dbName; var $server = dbHostname; Private Function setServer($server) { $this->server = $server; } Function setUser($user) { $this->user = $user; } Function setPass($pass) { $this->pass = $pass; } Function setDb($db) { $this->db = $db; } Function openCon() { mysql_pconnect($this->server,$this->user,$this->pass); mysql_selectdb($this->db); } } ?>
-
I was following this tutorial when doing the database connection class. http://blog.bluewebtechniques.com/2010/03/10/creating-a-php-oop-database-connection-class/ Since then I have sacked that off because I even noticed it was overly complicated for what it was, and start from scratch on php basics via lynda.com tutorials. vicodin with the class example you posted, would it be better practice to have the variables defined in another file and then include it? Also just to clarify if I wanted to call it then all I could have to do is; 1. create object instance from the class 2. and then call the openCon function, as the rest of the data is gathered in the class. # create object instance from the class $con = new DBConnect(); # and then call the openCon function, as the rest of the data is gathered in the class. $con->openCon(); I guess I'm going to have to wait until I watch these tutorials to until I fully understand it, as it seems ive got a bit confused along the lines. But would this be the best course of action for a sql query in OO; 1. Create a connection to the database. 2. Have another class that has that takes the SQL and does clean it for use. 3. returns the cleaned sql from hacks etc... to the page for use.
-
Which bits are wrong? :'(
-
Okay, ive been trying to get my head around OO PHP and I thought I was getting somewhere, but now I'm stuck. I firstly created a database connection class, which works fine and then I wanted to create a login script, but in the process of doing that I had a brain wave to create a generalised SQL query script that basiclaly strips out all junk to help add some extra security to my site, but Ive got myself all confused now. HELP PLEASE! What I thought should be happening is the following; 1. The user input username etc... this posted onto itself, if it is create a new object of login class and make the loginAction function variables equal that of what has been posted across. 2. Now we are in login class and within the function loginAction where we call an object of SQL Query class and then call the function called sql. 3. This should now strip out any hacks, sql injections I believe and jsut give back some clean data to be used in the sql query, correct? 4. Now back in login class if there are results we should be dying out a message to see if it has worked. But this just doesn't happen. Do I have to inlcude the sql query class within the login class page? Am I calling it all correctly? Any help would be GREATLY APPRECIATED, I look forward to you replies. Database connection class <?php class databaseConnectionClass { public $databaseHostname; public $databaseUsername; public $databasePassword; public $databaseName; # MAIN CONNECTION TO THE DATABASE, PASSING THE public function databaseConnection() { $this->connectionLink = mysql_pconnect($this->databaseHostname, $this->databaseUsername, $this->databasePassword) or trigger_error(mysql_error(),E_USER_ERROR); return $this->connectionLink; } # SELECTS THE DATABASE WE WANT public function databaseConnectionSelect() { $this->selectDatabase = mysql_select_db($this->databaseName, $this->connectionLink); return $this->selectDatabase; } # CALL ALL THE DATABASE CONNECTION OBJECTS public function databaseConnectionProcess($objDatabaseConnect) { $objDatabaseConnect->databaseConnection($objDatabaseConnect); $objDatabaseConnect->databaseConnectionSelect($objDatabaseConnect); } # BUILDS A OBJECT METHOD public function databaseConnectionMain($objDatabaseConnect) { $objDatabaseConnect->databaseConnectionProcess($objDatabaseConnect); } # CLOSES THE MYSQL CONNECTION ADDED ON 04/05/2011 public function databaseConnectionClose ($objDatabaseConnect) { mysql_close($objDatabaseConnect); } } ?> SQL Query class <?php #THIS CLASS CREATES AND OBJECT, WHICHS SETS THE OBJECT TO EQUAL THE INFO FROM "dbConnectClass.php" require_once ("config/config.php"); require_once ("dbConnectClass.php"); $objDatabaseConnect = new databaseConnectionClass(); $objDatabaseConnect->databaseHostname = $databaseHostname; $objDatabaseConnect->databaseUsername = $databaseUsername; $objDatabaseConnect->databasePassword = $databasePassword; $objDatabaseConnect->databaseName = $databaseName; $objDatabaseConnect->databaseConnectionMain($objDatabaseConnect); #A CLASS TO RUN EACH QUERY, TO HELP TO SQL INJECTIONS class databaseQuery { #FUNCTION TO PREVENT SQL INJECTION function sql($sql) { $args = func_get_args(); $sql = array_shift($args); $sql = str_replace("?", "%s", $sql); $args = array_map('mysql_real_escape_string', $args); array_unshift($args,$sql); $sql = call_user_func('printf',$args); $result = msql_query($sql) OR trigger_error(mysql_error($sql),E_USER_ERROR); if($result) { return $result; } else { $error = "Error"; return $result; } } } ?> Login Class <?php #DO I HAVE TO INCLUDE EACH CLASS I'M CALLING #include("C:/xampp/htdocs/duff3/commonResources/dbConnection/dbQueryClass.php"); class login { #ENCRYPT VARIABLE var $encrypt = FALSE; function loginAction ($username,$password,$active) { if($this->$encrypt == TRUE) { $password = md5($password); } #MAKING AN OBJECT OF "dbQueryClass.php" $result = new databaseQuery (); $result->sql = " SELECT userName, password, active FROM tbl_user_accounts WHERE username = '$username' AND password = '$password' AND active = '$active' "; #BELIEVE THAT THIS IS NOW GETTIGN RUN BY THE "sql" FUNCTION # $result = mysql_query($sql) OR trigger_error(mysql_error(),E_USER_ERROR); if(mysql_num_rows($result) > 0) { die("Yes it is working"); } else { die("damn it!"); } } function logoutAction () { } function timeoutAction () { } } ?> Finally login.php page <?php require_once("../commonResources/includes/headerArea.php"); require_once("../commonResources/includes/navigationArea.php"); include("../commonResources/php.lib/loginClass.php"); if(isset($_POST)) { #BELIEVE THIS IS DOING: #1. CREATING AN OBJECT OF THE LOGIN CLASS #2. SETTING THE OBJECT FUNCTION "loginAction" TO POST USERNAME #3. SETTING THE OBJECT FUNCTION "loginAction" TO POST PASSWORD $login = new login(); $login->loginAction = $_POST["username"]; $login->loginAction = $_POST["password"]; $login->loginAction = 1; } ?> <div class="paraBlock"><!--OPEN DIV FOR PARA BLOCK --> <form action="" method="post"> <table> <tr> <td> <label>Username:</label> </td> <td> <input type="text" name="username" /> </td> </tr> <tr> <td> <label>Password:</label> </td> <td> <input type="password" name="password" /> </td> </tr> <tr> <td> </td> <td> <input type="reset" value="Clear"/> <input type="submit" value="Log in"/> </td> </tr> </table> </form> </div><!--CLOSE DIV FOR PARA BLOCK--> <?php require_once ("../commonResources/includes/footerArea.php"); ?>
-
Okay I think I get you know, when / where would be the best place to use rawurlencode?
-
As in a pathway that you would use on your computer ie C:/programs/
-
So basically it is the direct pathway then? Rather than a pointing to the link
-
Hey people just been watching a php tutorial that mentions using rawurlencode for the links, ive pretty much followed th tutorial to the later bar using different pages, see coding below. However, it just doesnt work bringing back that object was not found Any ideas whats going wrong or why it isn't working? <?php #retrive from database and do a foreach loop maybe. $urlPage = "loginArea/login.php"; $param1 = "robert"; $url = "http://localhost/duff3/"; $url .= rawurlencode($urlPage); $url .= "?userId=" . urlencode($param1); ?> <ul class="menu"> <li><a href="<?php $_SERVER["DOCUMENT_ROOT"] ?>/duff3/index.php" class="nav_selected"> home </a></li> <li><a href="test.php?id=1" class="nav"> bio</a></li> <li><a href="<?php echo htmlspecialchars($url); ?>" class="nav"> publicity</a></li> <li><a href="" class="nav"> recordings</a></li> <li><a href="" class="nav"> contact </a></li> </ul>
-
Hey thanks for the help, I read it but forgot to close it
-
Here is the previous coding, nothing else has changed on the other pages. <?php require_once ("config/config.php"); class databaseConnectionClass { public $databaseHostname; public $databaseUsername; public $databasePassword; public $databaseName; # MAIN CONNECTION TO THE DATABASE, PASSING THE public function databaseConnection($objDatabaseConnect) { #not to sure what is happening here at the moment $this->databaseConnection = mysql_pconnect($this->databaseHostname, $this->databaseUsername, $this->databasePassword) or trigger_error(mysql_error(),E_USER_ERROR); return $this->databaseConnection; } # SELECTS THE DATABASE WE WANT public function databaseConnectionSelect() { $this->databaseConnectionSelect = mysql_select_db($this->databaseName, $this->_database_connection); return $this->databaseConnectionSelect; } # CALL ALL THE DATABASE CONNECTION OBJECTS public function databaseConnectionProcess($objDatabaseConnect) { $objDatabaseConnect->databaseConnection($objDatabaseConnect); $objDatabaseConnect->databaseConnectionSelect($objDatabaseConnect); } # BUILDS A OBJECT METHOD public function databaseConnectionMain($objDatabaseConnect) { $objDatabaseConnect->databaseConnectionProcess($objDatabaseConnect); } } ?> I actually I think i ve foudn the problem, it i'm calling a $this->_database_connection which doesn't exist. I've just reuploaded it and try it, working fine now So am I do the following, 1. Defining some properties / variables. 2. creating a function called databaseConnection, which is getting info from an object of the class called $objDatabaseConnect. 3. I'm then going this temp thing called $this->databaseConnection or when i fist posted $this->_database_conection is equal to a mysql persistant connection. 4. The values for the connection are $this->databaseUsername, which are temp variables that are being set by the object on the other page. $objDatabaseConnect->databaseHostname = $databaseHostname; (Object set databaseHostname to the public property/variable $databaseHostname) 5. The rest of the functions are pretty much useless apart from the select one correct and are there to make things a little eaiser on the coders brain. Is that how it is working? Also how would be best to do a statement that says if local database then do this or it will be live. How do you define which is local and which is live? Cheers people
-
Hey, I'm finally getting around to teaching myself OO PHP, I been working on a database connetcion class and based it on a tutorial I found on the net. However, it doesn't explain it too well can anyone help me please. I know what is going on right up until " $this->_database_connection" and "$this->_database_connection_select", at first I had the coding as "$this->databaseConnection = mysql_pconnect($this->databaseHostname, $this->databaseUsername, $this->databasePassword) or trigger_error(mysql_error(),E_USER_ERROR);" because I thought it was saysing the this function database connection should connect to the mysql database using these variables. But it didn't seem to working, got it fixed now using after looking at the tutorial but there is no explaination to why this works and mine didn't. I understand that databaseHostname for example is being defined by the object, on the third bit of coding. Actually thinking about it, have I also defined in the first bit of coding. I haven't included the SQL statement that retrives data, just so you know. If anyone can help I will greatly appericate it <?php # CONNECTION DETAILS THAT ARE THEN PASSED THROUGH TO "dbConnecxt" $databaseHostname = "localhost"; $databaseUsername = "username"; $databasePassword = "password"; $databaseName = "databasename"; ?> <?php require_once ("config/config.php"); class databaseConnectionClass { public $databaseHostname; public $databaseUsername; public $databasePassword; public $databaseName; # MAIN CONNECTION TO THE DATABASE, PASSING THE public function databaseConnection($objDatabaseConnect) { $this->_database_connection = mysql_pconnect($this->databaseHostname, $this->databaseUsername, $this->databasePassword) or trigger_error(mysql_error(),E_USER_ERROR); return $this->_database_connection; } # SELECTS THE DATABASE WE WANT public function databaseConnectionSelect() { $this->_database_connection_select = mysql_select_db($this->databaseName, $this->_database_connection); return $this->_database_connection_select; } # CALL ALL THE DATABASE CONNECTION OBJECTS public function databaseConnectionProcess($objDatabaseConnect) { $objDatabaseConnect->databaseConnection($objDatabaseConnect); $objDatabaseConnect->databaseConnectionSelect($objDatabaseConnect); } # BUILDS A OBJECT METHOD public function databaseConnectionMain($objDatabaseConnect) { $objDatabaseConnect->databaseConnectionProcess($objDatabaseConnect); } } ?> <?php #THIS CLASS CREATES AND OBJECT, WHICHS SETS THE OBJECT TO EQUAL THE INFO FROM "dbConnectClass.php" require_once ("dbConnectClass.php"); $objDatabaseConnect = new databaseConnectionClass(); $objDatabaseConnect->databaseHostname = $databaseHostname; $objDatabaseConnect->databaseUsername = $databaseUsername; $objDatabaseConnect->databasePassword = $databasePassword; $objDatabaseConnect->databaseName = $databaseName; $objDatabaseConnect->databaseConnectionMain($objDatabaseConnect); ?>
-
I completely forgot about that, i'm gonna have to write that down and stick it to my monitor! Ive fallen into that trap before Thanks for the help it works fine now
-
Hey, I'm having a bit of trouble with some coding it's coming up with the following error message; Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/innova11/public_html/allsorts/productInfo.php:1) in /home/innova11/public_html/allsorts/productInfo.php on line 2 I cannot see any previously defined sessions on this coding, can anybody help me please. I am hosting this section as a sub domain on a host that has anopther site, but the files are in a seperate folder so I don't think thats affect it. Any ideas?? <?php session_start(); //Function to display the contact_errors in line function fieldError($fieldName, $errorArray) { if (isset($errorArray[$fieldName])) { echo "<font color=RED>$errorArray[$fieldName]</font><br>"; } } ?> <?php include "sections/headerArea.php"; ?> <?php include "sections/leftArea.php"; ?> <div class="rightContent"><!--OPEN DIV FOR RIGHT CONTENT --> <?php $id = $_GET['id']; $product = $_GET['product']; $query = "SELECT * FROM tbl_products WHERE id = '$id'"; $result = mysql_query($query) or die ("Error in query: $query. ".mysql_error()); if (mysql_num_rows($result) > 0) { $row = mysql_fetch_array($result); print " <h1>$product >> " . $row["product_name"] . "</h1> <table class='details'> <tr> <td> <img src=\"". $row["product_img"] ."\" alt='" . $row["product_name"] . "' /> </td> <td> ". $row["product_description"] ." </td> </tr> </table> <table> "; } else { echo "Sorry, but we cannot seem to find that products information."; } ?> <form method="post" action="response.php" enctype="multipart/form-data"> <?php //See if there are any erros in the Session Error Array if (count($_SESSION['errors'])) echo " Please amend your details below as required. Sections shown in <font color=\"red\">RED</font> are mandatory "; else echo " Enquiry Form "; ?> <table> <tr> <td> <label for="name">Name</label> </td> <td> <? echo fieldError("name", $_SESSION['errors']); ?> <input type="text" name="name" id="name" size="15" value="<? echo $_SESSION['form_vars']["name"]; ?>" /> </td> </tr> <tr> <td> <label for="email">E–Mail</label> </td> <td> <? echo fieldError("email", $_SESSION['errors']); ?> <input type="text" name="email" id="email" size="15" value="<? echo $_SESSION['form_vars']["email"]; ?>" /> </td> </tr> <tr> <td> <label for="tphone">Telephone</label> </td> <td> <? echo fieldError("tphone", $_SESSION['errors']); ?> <input type="text" name="tphone" id="tphone" size="15" value="<? echo $_SESSION['form_vars']["tphone"]; ?>" /> </td> </tr> <tr> <td> <input type="hidden" name="subject" value="<? echo $row["product_name"]; ?>" /> </td> <td> </td> </tr> <tr> <td> <input name="reset" type="reset" value="Clear" /> </td> <td> <input type="submit" name="submit" id="submit" value="Submit" /> </td> </tr> </table> </form> </div><!-- CLOSE DIV FOR RIGHT CONTENT --> <?php include "sections/footerArea.php"; ?>
