ajoo

Hi, So I tested a bit and i found that the array is translated into something like this : 4%2C3%2C4%2C3%20%2C4%2C3%2C4%2C3%20%2C2%2C3%2C2%2C3%20%2C3%2C3%2C3%2C3%20%2C3%2C3%2C3%2C3%20 and this is what is received in PHP. I guess this would be a long string that is received by PHP. Now then the question is how to sanitize this and such strings to ensure that they are composed of numbers, spaces and commas and maybe the - sign as well and do not have anything that could pose a security risk. Thank you all.

Hi !! Thanks for that super fast response. Well I will elaborate a bit on the data. Its actually coming from flash and is stored there in an array. trys_per_minute = Array(); . . // trys_per_minute is filled with values lvv.db_trys_per_minute = trys_per_minute; // (1,2,3,4 1,1,1,1 3,2,2,1, 1,2,2,1) etc. lvv.sendAndLoad(path+"trys.php",lvInn,"POST"); // & sent as POST array to PHP Frankly I am not sure how these values will be handled in php whether as an array or as a string. Maybe you can guide me on how I should handle them on the PHP side. What I do know is that I want to add these in the DB so that I may remove them and separate them on the spaces and then use each substring as a a independent string and further explode them at the "," when I need to and extract the digits. So How may I sanitize them before I add them into the DB. I hope I am able to express myself make clearly here. Thanks very much.

Hi all ! I have an array made up of strings of comma separated numbers and these strings are separated from each other by a space like this : "1,2,3,4 1,1,1,1 2,2,2,2 4,4,4,4 1,1,1 2,2,2 3,3,3 " etc. i.e. the array is made up of comma separated strings like 1,2,3,4 separated by a space and then another string 1,1,1,1. I would like to know if I can use the filter_var_array for sanitizing these strings and how? If it is not possible to use the filter_var_array then how can I sanitize the array values before inserting them into a DB. Any help is highly appreciated. Thanks all.

Hi, I liked the interface but did not check it for functionality or any such thing. However I did not see a logout button anywhere when I wanted to logout. Thanks.

Hi QuickOldCar, Thanks once again for the response. I was looking for an affirmation on using the exit and header functions since I read that using die(), exit() and header() was bad form and should be avoided and replaced by none else than an exceptions handler. But I guess to terminate as I mentioned I would need to use either exit or die as suggested by you. Thanks very much.

Hi , Thanks for the response. Kindly also explain how can I get the code to discontinue execution once an exception occurs. In the snippet, once the exception is thrown in the function, the code after that in that block function is not executed but once back in the main it goes on to echo "Hurray". This is what I want to avoid. So once the exception occurs, I want the code terminated totally, a message displayed to the user on a nice page ( through redirection as you suggested.) Further is it possible to ensure that the user cannot return to the previous page through the backspace or browser buttons. Thanks very much !

Hi all, I have a snippet of code below. It connects to a DB and then calls a function findMail() if all is well. Code: <?php $host = 'localhost'; $user = 'root'; $password = ''; $database = 'test'; // connect try { $con = new mysqli($host,$user,$password,$database); if($con->connect_errno > 0) throw new Exception("Server goof up!"); mysqli_set_charset($con, "utf8"); } catch(Exception $e){ $e->getMessage(); } if(findMail($con)) echo "<br> Hurray !!"; function findMail($con) { try { $query = "SELECT name, email from users"; $stmt=$con->prepare($query); throw new exception("Problem in DB"); if($stmt->execute()) { $stmt->bind_result($name, $email); while ($stmt->fetch()) { $email = htmlspecialchars($email); $name = htmlspecialchars($name); echo $name.' ---- '.$email.'<br>'; } } } catch(Exception $e){ $e->getMessage(); } return true; } ?> The function findMail() executes a query and displays the name and email from the DB, returns and prints Hurray. If there is an exception thrown in the handling of the DB within the function, then the names and emails from the DB are not echoed, the function returns and prints only Hurray!. Now if it is critical that findMail() executes successfully for the program to proceed further. ( print hurray on exiting the function) i.e it is important for the call to DataBase not fail, then how should this exception be handled by the program to gracefully exit the program then and there. ( Not print hurray). Kindly explain by extending the snippet above. Would this be an ideal case for making a call to an error page ( such as 404) on exit to inform the cliet to try again later maybe? Also how can we ensure that any attempts to reload the previous page using a back key be foiled. Thanks loads everyone.

Thanks quickold car for the correct answer and requinix for the good advice !!

Yes, correct. So how to suppress the php Warning ? I do not wish to use the @ operator for this. Is there any other way ? Thanks

Hi all ! I have been using this snippet below to study exceptions: <?php mysqli_report(MYSQLI_REPORT_STRICT); try { $connection = new mysqli('localhos', 'root', '', 'test') ; } catch (Exception $e ) { echo "Server Error"; } ?> If, as in the snippet, I misspell the localhost, I am unable to override the php's own message. If, on the other hand I just misspell say the database name with the host spelt correctly, it overrides the php's default message. ( Default messages in both examples above being different). with the host name misspelt I receive the following warning: With the host name correct but a wrong database name I get the message defined in the snippet. Namely "Server Error". Kindly help resolve this. Thanks very much.

Hi Zane, Thanks for the information !! Will check him out there.

Hi dc909, Stumbled on this old mail by chance. try this: in default.php add the line define('GOPASS',true); in index.php add the following line: if(!defined('GOPASS')) die('cannot execute this file directly'); hope it helps.

Hi to all ! Thanks Josh ! I checked that side ---> but could not find him !! lol ! I meant like another forum maybe. /\ Still searching for Jacques1. <--- | ----> \/

Hi all, It's been a long time since I saw Jacques1 active i.e. reply to any questions on this forum. I just want to ask if anyone knows if he is still on phpfreaks. Any other place where he can be contacted or maybe his email ID if anyone has it. Thanks all.

Hi Ch0cu3r, Thanks for the reply. I made the mistake of commenting out the return(false) instead of the alert. However what I am trying to achieve is still elusive. What I am trying to achieve is that when the link(s) are clicked, they should be disabled / become invisible but I am trying not to use jquery or javascript for the same. I am trying to pass a variable thru ajax (dataval) and based on its value display or bypass the div that holds the links. The value of the dataval should be changed by the including pages ( Page1.php, Page2.php) to re-enable the display of the links in the div if and when required. I thought that this should be not difficult but now it is making me wonder. Kindly help me figure this out if it can be achieved. Thanks !

Hi ! Still awaiting for someone to enlighten me on this one. Thanks all.

Hi all ! Here's a small piece of code that seems to work fine and returned data via ajax seems to be fine. However the include that's supposed to load the file based on the returned data value is not showing up in its own div. The loaded page displaces the Links and heading making them disappear from the page altogether. So the included file is showing up as its own page which is not what is intended. Here's the code for testLink3.php <DOCTYPE html> <head> <style> #controls{ width: 200px; min-height: 35px; color: #333; text-align: left; background: #c1c1c1; } .pages{ width: 200px; min-height: 60px; color: #fff; text-align: left; background: #fff000; } </style> </head> <body> <div id="myLink"><h2>GIG</h2></div> <div id="controls"> <a href="Page1.php" class="testClick">Link 1</a> <a href="Page2.php" class="testClick">Link 2</a> <a href="Page3.php" class="testClick">Link 3</a> </div> <div class = "pages"> <?php if(isset($_GET['dataval'])) { switch($_GET['dataval']) { case Page1: include_once("Page1.php"); break; case Page2: include_once("Page2.php"); break; case Page3: include_once("Page3.php"); break; } } ?> </div> <script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js"></script> <script type="text/javascript"> $(".testClick").click(function () { var dataval = $(this).attr("href"); var myhttp; if(window.XMLHttpRequest) { myhttp = new XMLHttpRequest(); } else { myhttp = new ActiveXObject("Microsoft.XMLHTTP"); } myhttp.onreadystatechange = function() { if(myhttp.readyState==4 && myhttp.status==200) { document.getElementById("myLink").innerHTML = myhttp.responseText; } } myhttp.open("GET",dataval,true); myhttp.send(); alert(dataval); // return(false); }); </script> </body> </html> Page1.php <?php echo "Hi! This is Page 1"; ?> Page2.php (same) <?php echo "Hello! This is Page 2"; ?> In this particular example I feel there is no need for the line document.getElementById("myLink").innerHTML = myhttp.responseText in my code. I came across it in a tutorial where the DIV contents needed to be changed / replaced by the myHttp.ResponseText. What I would like to know is that in this case (example above ) where I just need to return a value would the following code be the correct usage: myhttp.onreadystatechange = function() { if(myhttp.readyState==4 && myhttp.status==200) { myhttp.open("GET",dataval,true); myhttp.send(); alert(dataval); } } The alert, ofcourse, can be done away with. Thanks all !

Thank you Guru Barand for looking into this. I have written in my reply how the table is processing information. Namely the information is updated in 9 groups of about 10 scores each. Scores are recorded every day. They are then retrieved to be displayed as a graph. So a user can just see his or her progress for the number of days elapsed since the current day. What more information would you like me to provide about the processing of the tables data that could help you answer this in some more detail? I would be glad to provide. Thanks very much.

Hi Guru Barand, Thanks very much ! Please may I request you to kindly take a look at another of my earlier questions with the heading : 100+ Columns in a table. Good or Bad? Would be much obliged. Thanks again !

Thanks Guru Barand, One last thing, how to read this JS variable from within PHP to retrieve and use it's value ? Thanks again!

Hi Guru Barand, Thank you very much for the help. Very silly of me to overlook the js library. I would like to ask that If we cannot use <?php $_SESSION['hide'] = true; ?> inside JS to notify php that the buttons are now hidden, then where should this information be inserted so that on a page refresh or reload this information may be looked up, even if only to check the state of the buttons. Thanks loads !

Hi all ! The following piece of code, I believe , is supposed to hide the links when any of them is clicked. The links should reappear when the window is refreshed or reloaded. This however is not happening. Can someone please see the code and get it working. Also kindly explain the code action since I don't have much knowledge about JS or Jquery. The code: <?php //start the session session_start(); //set the attribute $_SESSION['hide'] = false; ?> <!DOCTYPE html> <html> <head> <script> //function to hide all class='test' elements function hide(h){ if(h){ $('.test').hide(); } else { $('.test').show(); } } /*do this always when page loads * verify with the value stored in session to hide or not the links */ window.onload = hide(<?php echo $_SESSION['hide']; ?>); //onready $(function() { //when link class='test' is clicked $('.test').click(function(){ //fadeOut or just $(this).hide(); $(this).hide(); //set the session to hide = true <?php $_SESSION['hide'] = true; ?> }); }); </script> </head> <body> <div class = "button"> <ul> <li> <a href="#" title="Link" class="test">I am link 1</a> </li> <li> <a href="#" title="Link" class="test">I am link 2</a> </li> <li> <a href="#" title="Link" class="test">I am link 3</a> </li> <li> <a href="#" title="Link" class="test">I am link 4</a> </li> </ul> </div> </body> </html> Thanks loads !

Hi gizmola ! Thanks for the reply. Well here are a few more details. 1. It is a big table indeed, but I don;t think it's lacking DB design since only related data is scored in it. Most of this data is scores (floats)-about 90, a few ( 3 ) dates, a session ID field and a few ( 3 more) logical (int) fields. This is not the only table. Other tables score the personal details and details related to the games being played etc. There is no repetition of data and relational DB rules are being followed. The Table is of the type InnoDB 2. During each session, the last row is accessed from the table and a new row (using INSERT and UPDATE ) is created during the game. The scores are read to display the data in a tabular form. So each user in his or her own session can read from the table using a specific ID which insures that there is no conflict in reading the rows by users. Same for updation. When a user logs into a new session and there is no record (row) for the new day, it is requested on first Insert of the data.(1st set of data is inserted and the inserted row ID obtained using $InsertedrowID = $stmt->insert_id; Subsequent sets of columns for the day use this ID for inserting the rest of the columns (the remaining 80). Hopefully there are no conflicts. Simultaneous testing on 4 users works great. ( I know its too low compared to what would be in actual terms ). I think there would be no read or write conflicts. 3. Simultaneous users can run into thousands. 4. I used the wrong word maybe crash. What I meant was what you said about the server being too occupied for some time. Would that be enough information to guide me a bit more on this. Thanks again for the information. Looking forward to some more !!

Hi all ! I was told by someone today that it's a bad idea to have more than 7 columns in a table in a MySql database ???! Is that true? I am using tables which have about a 130 columns and I was told that that was a bad idea and would cause the application to crash once the number of simultaneous users exceed a certain number , namely about a 100. I request the Guru's to kindly clarify on this. Thanks all !

Hi Guru Barand, Thanks for the reply. Somehow it fails to display the graph. I have used your files almost as is. I am appending my code below. I do not get any errors either. index1.php: ( same as yours) <?php $data_1 = array(1,2,3,4,5,6,7); $data_2 = array(5,6,7,7,7,6,5); $g1_data = json_encode($data_1); // convert to a string $g2_data = json_encode($data_2); // convert to a string echo "<img src='graph1.php?caption=chart_1&data=$g1_data' />"; // echo "<img src='testGraph1.php?caption=chart_2&data=$g2_data' />"; ?> Graph1.php: <?php include('../phpgraphlib-master/phpgraphlib.php'); $mysqli_driver = new mysqli_driver(); $mysqli_driver->report_mode = MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT; // For error handling as pointed by guru barand try { $data_array = json_decode($_GET['data'], 1); // reconstruct data array print_r($data_array); $caption = $_GET['caption']; } catch (Exception $e) { echo 'Caught exception: ', $e->getMessage(), "\n"; } $graph = new PHPGraphLib(650,350); $graph->addData($data_array); $graph->setLineColor("#ff0000"); $graph->setGradient('Red', 'maroon'); $graph->setTitle('caption'); $graph->setBars(true); $graph->setLine(true); $graph->setDataValues(true); $graph->setDataValueColor('maroon'); $graph->createGraph(); ?> I cannot spot the error. Please help. phpgraphlib was downloaded from : http://www.ebrueggeman.com/phpgraphlib/download Thanks loads !