Jump to content

JLT

Members
  • Posts

    29
  • Joined

  • Last visited

Everything posted by JLT

  1. Yes, it can and currently does have an ID auto-incrementing column too, but when searching for user_id + post_id combination, that auto-incrementing field isn't utilized unless it was a back and forth situation where the anonymous user is created with a null post_id if one doesn't exist with the post_id, create the post and/or comment with that anonymous user record, update that anonymous user with the appropriate post_id if needed. It's nothing more than bad habits. Seeing an incredibly huge query along with the undesirable desire for premature optimization may be what drives the thought process. I did compare compoships vs grabbing all anonymous names, but it wasn't a fair comparison. After all, I was only checking the query duration without taking into account that the latter then has to filter out names in PHP rather than MySQL. The anonymity is optional, but what they chose will persist with the post. For instance, I chose to be anonymous for the post either when creating the post or making a comment, I cannot then comment with my real username in that post. The optional aspect seems simple enough to me, use the anonymous name if found, otherwise use the users username. If the auto-incrementing ID of the anonymous user is stored with the post / comment, it could check if the ID is present first rather than searching a table for what doesn't exist? Not certain. As for where the names come from, currently I'm just using a faker but the plan is to have a list of adjectives and nouns, and it'll pick one from each. For the sake of adding and removing words on the fly, having them stored in the database would be most ideal. The user is unable to type their own name, two users cannot have the same name in the same post, but can be given the same name in another post. BigFish from one post is completely separate to BigFish in another post. I think that answers your questions?
  2. Hi there. I have posts, post comments and users tables which are all fine in and of themselves, but I'd like users to have a unique name that's specific only to the post to hide their real username. This applies to the post itself, and the comments of the post and must remain consistent. For example, if Bill made a post with the name "BigFish", if they comment on their own post then their comments will also have that same name. Likewise, if another user comments with the name "BowlingBall", their subsequent comments will also have the same name. Now, my first attempt was to have an intermediate table of sorts, containing the post_id, user_id and display_name. This takes the appearance of a composite primary key, which are not supported in Laravel. Laravel relationships of such nature can be achieved with a package called Compoships, which does work and given the nature of the table, their resulting query being a gigantic mess of the following is reasonable at best. (post_id == ? AND user_id == ?) OR (post_id == ? AND user_id == ?) OR ... However, that can quickly scale and definitely hurts. Another way to tackle it is to retrieve all display names for each post ID, but that's then retrieving unnecessary data. It's also possible to scrap the table, store the names in the posts and post_comments tables. That's as simple as checking if the commenter is the post author and use that name, or checking if they've previously commented and use that name. I'm not sure if that's ideal either. This brings me back here, after a decade of inactivity, and I do apologise for the lengthy post. How would I go about achieving what I want to do in the best way possible? What would you do in this scenario? Thanks in advance, looking forward to y'all suggestions.
  3. This should be asked in the JavaScript section. However, why don't you try it out yourself and see what happens. We will not do it for you, we will help you. It is nice to see some effort on your part though
  4. mysql_real_escape_string($username = $_POST["username"]); This is a little funky to me, it should look like the following... $username = mysql_real_escape_string($_POST["username"]); Not only that, you don't need to use MRES, you are using query parameters kind of protects you against SQL Injection for you. Chances are, your query could be failing, you don't really check if it fails. The while statement is relatively pointless too. You are echoing data before your doctype declaration, this is invalid HTML however I believe it'll still output visible data to the browser. On a side note, your password is stored in plain text which is a huge security issue. You should use a hashing algorithm such as hash. You also gave your database connection details, you shouldn't do that especially if it's publicly accessible. I've given you a few things to sort out, perhaps this will give you a step in the right direction. Next time, you don't need to attach a file, you can insert code directly onto the forum. In the editor there is a little icon that looks a bit like using that will open a window for you to paste your code and the syntax etc
  5. A little delayed, only just got around to doing it. I've tested it locally and it gives out the same result... you could of posted your attempt at converting and I could of corrected you but oh well. <?php $mysqli = new mysqli("localhost", "***", "***", "***"); if ($mysqli->connect_errno) { echo "Failed to connect to MySQL: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error; } $account = 567892; $sql = "SELECT type, amount, reason, repayplan, repaid, transid, date FROM bom_transaction WHERE account = ? ORDER BY id"; if ($stmt = $mysqli->prepare($sql)) { $stmt->bind_param('i', $account); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($type, $amount, $reason, $repayplan, $repaid, $transid, $date); if ($stmt->num_rows == 0) { echo "<i>No transactions were found.</i><br />"; } while ($stmt->fetch()) { switch ($type) { case 0: $type = $color = ""; break; case 1: $type = "Added"; $color = "green"; break; case 2: $type = "Removed"; $color = "red"; break; case 3: $type = "Repaid"; $color = ""; break; } $repayplan = $repayplan == 0 ? "No" : "Yes"; $repaid = $repaid == 0 ? "No" : "Yes"; $sql = "SELECT money, timeframe, startdate FROM bom_terms WHERE account = ? ORDER BY startdate DESC"; $money = $timeframe = "none"; if ($stmt2 = $mysqli->prepare($sql)) { $stmt2->bind_param('i', $account); $stmt2->execute(); $stmt2->store_result(); $stmt2->bind_result($m, $t, $startdate); while ($stmt2->fetch()) { if ($date >= $startdate) { $money = $m; $timeframe = $t; break; } } } $date2 = date("M d, Y", strtotime($date)); echo "<font color=\"$color\">$type $$amount</font> $money/$timeframe $reason $repayplan $repaid $date2 <a href=\"../transactions/edit.php?transid=$transid\">Edit</a><br>"; } } echo "<br />"; Let me know if it's what you want.
  6. The reason you got the above, is because in the snippet you were given previously by ScottBaxter, on line 2 at the end is a php close tag (?>) and thus everything placed after it is treated as regular HTML. You need to remove that close tag as it is inappropriately placed. Having a good code editor would of easily pointed this out to you. I suggest Notepad++ and specify the document "Language" as PHP.
  7. I could give it my best shot - is it urgently needed or can I get some sleep for 8 to 10 hours first?
  8. I took a wild guess, depending on the transaction date depends on what term is chosen. Based on the transactions you have given me, I came up with this result: Added $10.00 20.00/Every Week No No Jan 25, 2013 Edit Added $10.00 20.00/Every Week No No Feb 01, 2013 Edit Added $90.00 20.00/Every Week No No Feb 06, 2013 Edit Added $20.00 40.00/Every 2 Weeks No No Feb 20, 2013 Edit Removed $46.00 40.00/Every 2 Weeks Vengenz Birthday Party/T-Shirts Yes No Feb 23, 2013 Edit Added $100.00 40.00/Every 2 Weeks No No Mar 06, 2013 Edit The code I used for this is... <?php try { $db = new PDO("mysql:dbname=testing;host=localhost", 'root', 'mypassword'); $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); } catch (PDOException $e) { die($e->getMessage()); } $account = 567892; try { $query = $db->prepare("SELECT type, amount, reason, repayplan, repaid, transid, date FROM bom_transaction WHERE account = ? ORDER BY id"); $query->bindParam(1, $account, PDO::PARAM_INT); $query->execute(); } catch (PDOException $e) { die($e->getMessage()); } if ($query->rowCount() == 0) { echo "<i>No transactions were found.</i><br>"; die; } while ($row = $query->fetch(PDO::FETCH_ASSOC)) { $type = $row['type']; $amount = $row['amount']; $reason = $row['reason']; $repayplan = $row['repayplan']; $repaid = $row['repaid']; $transid = $row['transid']; $date = $row['date']; switch ($type) { case 0: $type = $color = ""; break; case 1: $type = "Added"; $color = "green"; break; case 2: $type = "Removed"; $color = "red"; break; case 3: $type = "Repaid"; $color = ""; break; } $repayplan = $repayplan == 0 ? "No" : "Yes"; $repaid = $repaid == 0 ? "No" : "Yes"; try { $query2 = $db->prepare("SELECT money, timeframe, startdate FROM bom_terms WHERE account = ? ORDER BY startdate DESC"); $query2->bindParam(1, $account, PDO::PARAM_INT); $query2->execute(); } catch (PDOException $e) { die($e->getMessage()); } $money = $timeframe = "none"; while ($row2 = $query2->fetch(PDO::FETCH_ASSOC)) { if ($date >= $row2['startdate']) { $money = $row2['money']; $timeframe = $row2['timeframe']; break; } } $date2 = date("M d, Y", strtotime($date)); echo "<font color=\"$color\">$type $$amount</font> $money/$timeframe $reason $repayplan $repaid $date2 <a href=\"../transactions/edit.php?transid=$transid\">Edit</a><br>"; } echo "<br />"; Basically I ignore the enddate as you should be able to work with this yourself if I am close to what you are wanting. I loop through the terms in descending order, if it was in ascending order then $date which should be fortnightly is bigger than the weekly date, thus it'll always display as weekly. Descending order would basically mean if $date is bigger than fortnightly then it's fortnightly else... try the next row which in this situation will be weekly... do I make sense? Note that I did convert it all to PDO because I'm more comfortable in that environment, but providing you did a similar technique it would work in mysqli. I also tidied it up a little because I'm a bit of a tidy freak. I didn't like the if statements, switches are faster and as for the YES/NO a simple if/else would suffice instead of what you had. I did an if/else in a ternary style because it is neater. Let me know the desired result is not what you wanted, I didn't have much to go on - I took a wild guess and came up with some results. If it is the desired result, I would probably be able to simplify it and use only one query
  9. Ok thanks. Is there any relationship between bom_transactions and bom_terms? All I see is that you're grabbing a single row from bom_terms and that's the end of it - from what I see on your original post, some transactions are done on a fortnightly basis and others on a weekly basis. I see nothing in the database that would distinguish the two types of transactions unless I'm overlooking it? I have set up the database tables and I ran the query in the original post and it returned 0 rows, but if I reversed the bigger/less than signs so that it looked like follows: startdate >= '2013-01-03 21:00:00' AND enddate <= '2013-02-20 21:00:00' I would get both rows. This is because the startdate for the fortnightly option is greater than that in the query, and the enddate which is 0000-00-00 00:00:00 is less than that in the query. So why in the original query you posted, you are getting the fortnightly option I am not sure at all, I cannot seem to duplicate that. Not to mention, if you did get two rows returned - partly as what I first mentioned in this post, you are doing a single fetch, there is no while - so of course it's only going to be the same all the time.
  10. Ah yes, sorry I did not notice $money is different. The first 3 adds are pretty much a division of two, whilst the 4th is kept fortnightly, what is puzzling me is how would you distinguish the two? Is it possible you can dump the SQL for your tables and rows? My mind is stumped, I'm probably concentrating too hard just to figure out what you're doing but perhaps seeing your table structure and rows may give me a better idea - just make sure you do not display any sensitive data I'll run it by localhost and see what's what.
  11. I'm not understanding what you're trying to do, but rather it is clear what you want it to be like. If I'm correct in saying, the only difference I see between what it is doing and what you want it to do is $timeframe, the timeframe column in the database for the rows you are displaying, must have a value of 2. So basically, why is it 2 if you really want it to be 1? That is what I'm not understanding.
  12. You have got it muddled up, the first if statement contains everything else. I tidied up your code, here is what it looks like. <?php //simple captcha if (isset($_POST['answer']) && $_POST['answer'] != '14') { echo "<script>alert('You provided a wrong answer for the Security Question')</script>"; echo "<a href='contact.php'>Please return to the Form and try again.</a><br /><br />\n"; //simple captcha $field_name = $_POST['name']; $field_email = $_POST['email']; $field_phone = $_POST['phone']; $field_preferred = $_POST['preferred']; $field_datepicker = $_POST['datepicker']; $field_passengers = $_POST['passengers']; $field_pickup = $_POST['pickup']; $field_drop = $_POST['drop']; $field_message = $_POST['message']; if (!ereg("^[a-zA-Z0-9_]+@[a-zA-Z0-9\-]+\.[a-zA-Z0-9\-\.]+$", $field_email)) { echo "That is not a valid <b>email</b> address. Please return to the" . " <a href='contact.php'>previous page and try again.</a>"; exit; } if (empty($_POST['name']) || strlen(trim($_POST['name'])) == 0) { echo "Your <b>name</b> was not entered into the field. Please return to the" . " <a href='contact.php'>previous page and try again.</a>"; } else if (empty($_POST['email']) || strlen(trim($_POST['email'])) == 0) { echo "Your <b>email</b> was not entered into the field. Please return to the" . " <a href='contact.php'>previous page and try again.</a>"; } else if (empty($_POST['message']) || strlen(trim($_POST['message'])) == 0) { echo "You <b>message</b> was not entered into the field. Please return to the" . " <a href='contact.php'>previous page and try again.</a>"; } else if (empty($_POST['pickup']) || strlen(trim($_POST['pickup'])) == 0) { echo "Your <b>pickup</b> location was not entered into the field. Please return to the" . " <a href='contact.php'>previous page and try again.</a>"; } else if (empty($_POST['drop']) || strlen(trim($_POST['drop'])) == 0) { echo "Your <b>drop off</b> location was not entered into the field. Please return to the" . " <a href='contact.php'>previous page and try again.</a>"; } else { $mail_to = 'test@test.com'; $subject = 'New Message from ' . $field_name; $body_message = 'From: ' . $field_name . "\n"; $body_message .= 'E-mail: ' . $field_email . "\n"; $body_message .= 'Phone: ' . $field_phone . "\n"; $body_message .= 'Preferred Method: ' . $field_preferred . "\n"; $body_message .= 'Appointment Date: ' . $field_datepicker . "\n"; $body_message .= 'Number of Passengers: ' . $field_passengers . "\n"; $body_message .= 'Pick Up Location: ' . $field_pickup . "\n"; $body_message .= 'Drop Off Location: ' . $field_drop . "\n"; $body_message .= 'Message: ' . $field_message . "\n"; $headers = 'From: ' . $field_email . "\r\n"; $headers .= 'Reply-To: ' . $field_email . "\r\n"; $mail_status = mail($mail_to, $subject, $body_message, $headers); if ($mail_status) { ?> <script language="javascript" type="text/javascript"> alert('Thank you for the message. We will contact you shortly.'); window.location = 'index.htm'; </script> <?php } else { ?> <script language="javascript" type="text/javascript"> alert('Message failed. Please, send an email to techsuppor'); window.location = 'index.htm'; </script> <?php } } } ?> If your captcha answer is incorrect, the rest of the form will validate. Your logic there is a little bit off. Now that I've given you something to think about, you should be able to fix it. Also, ereg functions are deprecated. It is advised to use preg_match and other similar functions. If you are still stuck, perhaps try placing the following block of code after your opening <?php at the top of the page just incase. error_reporting(E_ALL); ini_set("display_errors", "On"); Otherwise, paste your updated code and we can have another look.
  13. I see that you have your if(!$good_url) after the foreach, however the string can contain more than one URL. I'm guessing there should be an error per url, rather than for the whole string however I'll leave that up to you. You have $image[$i], this will almost indefinitely return [ at all times. $image contains a string, for instance it may contain . I previously told you to use $match[1] but you did not. So not only is there that, you should be using $image on it's own. I also believe your preg_quote is adding unnecessary slashes.
  14. preg_match() doesn't return what you think it does. Here is what $match contains for you - I did a print_r($match); Array ( [0] => Array ( [0] => [img=tinypic.com] [1] => [img=imageshack.us] ) [1] => Array ( [0] => tinypic.com [1] => imageshack.us ) ) So your loop should use $match[1] rather than $match alone.
  15. On the link given, I also notice that there are random <br />'s in the code snippets when they are intended to be an actual new line. <?php<br />echo "Hello World!"; ?> should be... <?php echo "Hello World!"; ?>
  16. I'm guessing that because you directly takes the data from $_POST['buyh'] (and r) that there is only one lot of data coming through to the script, but from the code you've shown, we wont know if that's true or not. Other than that, as Christian F. said, a loop would be necessary.
  17. From what you have posted, the variable $WHERE is never defined. There is a tutorial on PHP Freaks itself about pagination http://www.phpfreaks.com/tutorial/basic-pagination I've used this before and it works a charm. A small change I would do is add "or die(mysql_error());" on the end of your queries. Like below... $result = mysql_query($query) or die(mysql_error()); This would mean if an error occurred with the query, it'll show you what the error is. I'll also say now... "but it is not working properly" does not tell us what the problem is. You must specify what happens and what outputs (if any) and what you want it to do, this will give us a leg to stand on whilst helping you fix your issues.
  18. Well said, kicken. You always know when to make everyone else feel a little less intelligent
  19. The above example won't work if your array is dynamically generated, which by looking at your previous code, it is. Luckily, not all of the array is dynamic which makes this process a little easier, try the following: $urlByHost = array ( ); foreach ( explode ( "\n", $_POST [ 'url' ] ) as $value ) { $parse = parse_url ( $value ); $urlByHost [ $parse [ 'host' ] ] [ ] = array ( 'url' => $value, 'parse' => $parse, 'md5' => md5 ($value ), ); } asort ( $urlByHost ); foreach ( $urlByHost as $key => $value ) { foreach ( $value as $v ) { echo $v [ 'parse' ] [ 'host' ] . '<br />' . $v [ 'md5' ]; } }
  20. Seems plausible, Christian F. Just for my knowledge, for form validation would you go for a non-exception method over exceptions?
  21. I am not familiar with most Linux commands, however I would say that to command you have used will only get the MAC address of your server rather than the client and as you use the clients IP ... that could be where you are going wrong. Maybe see what the following outputs... $ip = $_SERVER [ 'REMOTE_ADDR' ]; $mac = shell_exec ( "sudo /usr/sbin/arp -an $ip" ); var_dump ( $mac ); If no output is received, chances are ... what you are trying to do will not be possible.
  22. I tend to use try-catch a lot, it's very sexy but I mostly use them for when I'm working with PDO. Returning true/false can be very handy too but it depends on what for, I mean for something like empty() it is beneficial and it makes a lot of sense. Where as seeing that same function throwing an Exception, that would just raise a WTF in my mind. Some functions throw specific errors, especially when it comes to libraries. For instance, coming back to PDO - if a query failed then it would be nice to know what went wrong other than receiving false so an PDOException can be thrown and you then have the actual error message. It really comes down to personal preference as to if you use Exceptions or not. Take a look at the following example, would be used for like a form validation. // This function will check if the username is in correct format // Then it will check if it exists. function isValidUsername ( $uname ) { if ( preg_match ( "/^[a-zA-Z0-9]+$/" ) ) { return 1; } $query = mysql_query ( "SELECT COUNT(*) as num FROM users WHERE username = '$uname'" ); $row = mysql_fetch_assoc ( $query ); if ( $row [ 'num' ] > 0 ) { return 2; } return 0; } if ( isset ( $_POST [ 'submit' ] ) ) { $res = isValidUsername ( $_POST [ 'username' ] ); switch ( $res ) { case 1: echo 'The entered username contains invalid characters.'; break; case 2: echo 'The entered username is already taken.'; break; default: echo 'The entered username is valid.'; break; } } You can see that the above is lengthy, and to me looks ugly. Now lets take a look at it with Exceptions. // This function will check if the username is in correct format // Then it will check if it exists. function isValidUsername ( $uname ) { if ( ! preg_match ( "/^[a-zA-Z0-9]+$/" ) ) { throw new Exception ( "The entered username contains invalid characters." ); } $query = mysql_query ( "SELECT COUNT(*) as num FROM users WHERE username = '$uname'" ); $row = mysql_fetch_assoc ( $query ); if ( $row [ 'num' ] > 0 ) { throw new Exception ( "The entered username is already taken." ); } } if ( isset ( $_POST [ 'submit' ] ) ) { try { $res = isValidUsername ( $_POST [ 'username' ] ); echo 'The entered username is valid.'; } catch ( Exception $e ) { echo $e -> getMessage ( ); } } I personally think the Exception example is a much better alternative. You will find libraries that would do a similar thing, where the library itself contains the errors (such as PDO for example). Some people may think Form Validation with Exceptions a little over the top, but I personally like it. However, I would say that whether you use them or not is all down to personal preference however if the library you are using does throw Exceptions, then I would take advantage of the try-catch.
  23. Hi. First of all I do not recommend doing ... error_reporting(0); simply because if any errors were to occur, you wouldn't know. Also, what I recommend you to look at is http://php.net/mail, this is a function that allows you to send emails. You could start off with something like the following... if ( $smpl_typ == "pps" && $smpl_cmnts == "Approved" ) { $mail = mail ( . . . ); // Here you would create/send your email using the function I linked you to before. if ( $mail ) echo 'An email was sent to your address.'; else echo 'An error occurred whilst sending the email.'; } Hopefully this will send you in the right direction. In future when you paste code, please make sure you use code or php bbcode tags.
  24. Well, when you send the first email, you can log this in the database. You could also have a daily Cron Job that runs at 12:01am, which would check all the emails sent and if they are 7 days ago, send the follow up. I'm not sure if there is any other automated way to do this... but hope what I've suggested gives you some tips.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.