greenace92

Wow that full calendar is nice. I realize I could have just used say Google's calendar which I use Gmail a lot, have Google+ account, YouTube, etc... but I built it because I thought I could. I was taking a Java course once in university and I couldn't get for loops, we were building a connect-four game, and I was making every single grid position by hand rather than using two forloops. So when I made this calendar with for loops to fill in the tiles, it was kind of cool. Today I just noticed that the dates are off by 1, particularly compared to my local server and that of the public server. Must be using the timezone of the hosting provider... dang. Another thing to fix. ha Thanks for the links.

That's kind of cool, seems malicious in intent unless you intend to be a proxy, but cool non the less. Thanks.

Thanks for this tip and the bit about checking username existence. I'll write these down and use it for future implementations.

Thanks for the explanation. Regarding preventing the same username being used. What if I were to "pretend" a username someone typed in was not able say while it's in the username text input field and if the person decided against that name (backspaced) that name is removed from the "being considered" table. Sounds nuts. If this is again, "GO READ THE F------ MANUAL" then please don't respond I'll find out eventually. I keep track of these responses and look stuff up/put into a future research log when I start to implement what I'm asking about.

Hey thanks for the links, I'll give them a read. Out of curiousity that little calendar you have on your site, did you build that or use some library/drop in code?

I understand. Sorry that took so long. I didn't mean to imply that I cared about people seeing other people's posts. This is a demo with fixed input and also if I was to have users, the calendar would be governed by session id/user name. But my concern which you guys have addressed was the concern of I think "race-condition", well somebody's post get's skipped or ignored. Thanks for the clarification.

That right there. What am I supposed to do there? That doesn't seem acceptable to me, like "Too bad person B". I want to implement something that monitors the inputs and makes sure that no-one's post is lost. I am seeing the value in dealing with the most urget/necessary matters first before other hypothetical what-if scenarios. Thanks for the help, everyone.

Okay, thanks for elaborating.

@benanamen, you're right in what you said. Today's one of those days where I slept briefly, feel really productive, but man I can't handle criticism even if it's constructive or someone just pointing out something minor. I feel this like uhh... I don't know. Gotta work on that on my part. Zen haha. I will try and post less/read more though. I get that.

This is not a response in spite, which "basics" in particular are you referring to? I'm trying to get positioining down, understanding block/flow of websites, I've been looking at the W3C visual formatting model. I guess I haven't had the time to read the entire manual of PHP/MySQL but I get the point of "researching before you ask". And as far as worrying about things beyond my scope at this time, why not? I know that there's a lot of things I don't know, and don't need yet. But I'd like to get an idea ahead of time, and start learning about it. What is this bit about "This is a very rare instance where I think you are just wasting peoples time." ? I always wonder/ask what is the incentive why people hang around forums and answer questions. Why don't they charge money? A friend answered me and said "They were in that position(not knowing) so they try to help others." I would like to do the same but right now I'm at the instance or position in my web development journey of scrapping together material and trying to build things. I accept and acknowledge that I am in the wrong about asking help before really having tried to search/find out for myself. I realize it's easy to say things too without owning up to it, so I suppose change/time is the proof. This is the fastest method I've found to learn, is to ask directly, but on every forum/site I see the rules/stickies "Research first before you ask." Alright, I need to read more, speak less, I guess I get excited sometimes(sounds weird). Oh man there goes that ego... ahhh.

Dang. Well said again. The form part I figured a script that requested a submit/post request over and over again with the same data. But the captcha kills the argument. So I guess I will just come up with an overlay-pop up then where the form can be of sufficient size to have the re-captcha. I'll probably implement the time thing else where. Not sure for what.

Thanks for this information, I'm going to have to look into this more and decide. I'd probably go with the method that avoids nonsensical hostnames if it doesn't prevent any functionality/access on my websites. Vulnerabilities, yeah, that's always a concern. What did I miss.

That's a great response. I have looked at the documentation in the past. In this particular instance, I did not look. I looked at some stack overflow posts first then came here. Barand Thanks for the link and the quote. That's great to see actual numbers (bytes) I can begin to compute things, expected load, number of connetions etc. Yeah I apologize, I'll mark this question as solved with requinix's response. Thanks to Barand as well. I need to go do some reading.

I don't want to compare it to a DDOS attack. In this particular instance, a public form submission without registering an account or captcha seems like a vulnerability to me. I also implemented the fixed-input so that I don't get any "funny guys" typing dumb things over and over again for others to see. I'm supposed to look like I know what I'm doing instead of being spoon fed knowledge. So the limiter which limits a person from posting too many times in a row is a server load safety net I guess, I don't know. As I said I haven't really had any users before. I have to try that load test to bench mark what my server can handle as far as traffic goes and concurrent submissions and whatever. I've seen things in I think both the Apache config and PHP.ini that specify things like "max connections" and "keep alive" I'll have to look into those further.

Sorry what does "...default host pointing to your application..." mean? When you mention probes, is that like crawling? I've logged a few Baidu spiders before.