greenace92

I created this interface which will someday evolve into a full fledged-project management system, I am aware that others exist. I'm building this as a I see fit, I have many projects myself and in the future would like to have others use it in collaboration. Anyway, let's say I have a row and there is a link such as http://www.somesite.com and I wanted that to be echoed as a clickable link eg. place it in a <a href="(place here)"></a> . What kind of risks would I encounter? I bind_param everything that a person enters or queries in url. People save text (var type text) in a row. I'm not sure if I should "clean" these first. I'm not sure which to use escape or "shorten?" From a brief article that I skimmed over I wasn't sure if the links would be kept in the same place they were saved in with regard to the database entry or if they are positioned elsewhere. http://stackoverflow.com/questions/1188129/replace-urls-in-text-with-html-links I'd appreciate any thoughts. Thank you.

Is there a way to measure the bandwith? Bandwith used per query, like store in a log or alert it after the response, etc... it's the return that uses the data most right, not the input? That would make sense, a few characters versus many rows from the database... I mean... how bad could it be? (sounds like a prelude to a catastrophic event haha) Okay I will look at implementing a timer / char count For now it is only myself using the application

Hello fastsol, That's a good point about the three char limit till send... Thanks for the tip about the % wow... that was so simple. I am somewhat concerned on bandwith usage about constant ajax query search... for now this application is intended just for myself but... something to think about.

Alright so this is my current working setup I took the majority of the javascript script directly from W3Schools' tutorial here: www.w3schools.com/php/php_ajax_livesearch.asp I have not implemented the JSON part yet, do I need to? Notice I commented it out. I was wondering about the combination of % and _, also curious about the IN operator, I can read up on that. So far I am accomplishing what I wanted but I was thinking about for example typing in a vowel which would happen in many words, the words would be listed... but this doesn't seem to be the case, % seems to be from left to right, the initial character and so on. I wonder if there is some logic in that when they designed/created SQL because that would be a headache right? To display that many entries that have the single letter 'e' for example. I'm also concerned about using GET, my aim is to pull the rows as I am doing now, but then individually modify them for example incrementing something in a specific row out of the rows pulled by the GET method... I imagine the increment part would be a separate script with its own POST method... This is the script aspect: (literally from W3Schools) <script> function search(str) { if (str.length==0) { document.getElementById("livesearch").innerHTML=""; document.getElementById("livesearch").style.border="0px"; return; } if (window.XMLHttpRequest) { // code for IE7+, Firefox, Chrome, Opera, Safari xmlhttp=new XMLHttpRequest(); } else { // code for IE6, IE5 xmlhttp=new ActiveXObject("Microsoft.XMLHTTP"); } xmlhttp.onreadystatechange=function() { if (xmlhttp.readyState==4 && xmlhttp.status==200) { document.getElementById("livesearch").innerHTML=xmlhttp.responseText; document.getElementById("livesearch").style.border="1px solid #A5ACB2"; } } xmlhttp.open("GET","partial_search.php?q="+str,true); xmlhttp.send(); } </script> PHP <?php echo "working".'<br>'.'<br>'; session_start(); $user = $_SESSION['company']; if(empty($user)){ header("Location: example.domain.com"); } mysqli_report(MYSQLI_REPORT_ALL); error_reporting(E_ALL); error_reporting(-1); ini_set('display_errors',true); require_once(dirname(__FILE__) . DIRECTORY_SEPARATOR.'database_connection.php'); $link = new mysqli("$servername", "$username", "$password", "$dbname"); $url = "http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"; $parts = parse_url($url); parse_str($parts['query'], $query); $input = $query['q'].'%'; // if($_SERVER['REQUEST_METHOD']=='POST'){ $query = "SELECT id,keyphrasee,numtimes FROM keyphrase WHERE user=? AND id > 0 AND keyphrasee LIKE ? ORDER by keyphrasee asc"; if($stmt = $link->prepare($query)){ $stmt->bind_param('ss',$user,$input); $stmt->execute(); $stmt->bind_result($id_db,$keyphrase_db,$numtimes_db); echo "query ran".'<br>'.'<br>'; while ($row = $stmt->fetch()) { echo $keyphrase_db.'<br>'.'<br>'; // $arr = array('id' => $id_db, 'keyphrase' => $keyphrase_db, 'numtimes' => $numtimes_db); // echo json_encode($arr); } } // } ?> Thanks for the help

Sorry that the photo which I attempted to attach did not show up. I'm trying to use something similar to search suggestions where, as a person types for example if the word "apple" exists and a person types "a", then the sql database entry apple should appear in the display while also filling in the first suggesion by alphabetical order the word "apple", but instead of that, the search suggestion populates a div with entries. The interface currently looks like this, which current runs on post via non-ajax (refreshes page on post/search) This is just a mock of what I want to accomplish, currently when a result is displayed, the input shows "keyphrase" which is in the placeholder eg. this was not trickered by onkeyup rather by post with an exact match eg. apples not the letter a which is what I would like. Anyway, the part that I haven't been able to bridge is the sql/php to ajax... I have seen % used in SQL for a partial call to get matching results by parts like a in apples... I have read through some articles about this... but anyway I'm going to look at the second response. Thanks for your responses.

First if I affected anyone negatively in my previous posts, I apologize, I sometimes have problems. I do not use a framework, I haven't/rarely use AJAX. I have "designed" this basic interface that I was using for a while, it's a simple entry and keyphrase storage / recall application that I use to take notes while I research various subjects online. The inteface looks like the photo below, which may not be relevant. It is pretty simple as you can see, I was able to use it using POST but the problem is that I don't want the page to refresh everytime. I have used AJAX briefly for a project involving a widget-position-auto-update where a widget's coordinates when changed would be automatically updated on a database that kept track of the widget(s) position. The general code looks like this: $.post( "update_coordinate.php", { 'id':$id, 'name':$name, 'wname':$wname, 'xcor':$xcor, 'ycor':$ycor, 'xwid':$xwid, 'yhei':$yhei, 'photo':$photo, 'targeturl':$targeturl }).done(function( data ) { //alert( "Server Response: " + data ); }); } So what I'm after here is to submit the written content and then retrieve without refreshing the page. I have tried to do this without success. For the display, I am after that search-hint layout where I start typing and suggestions come up, hence no submit button on the search/display interface. I have been reading on this and tried to use the link below which I'm not sure if that is overkill / not what I'm after. http://www.tonymarston.net/php-mysql/dom.html I have been told not to follow/use W3Schools, I was looking at their AJAX search suggestion/hint entry and it makes sense using the onkeyup to trigger the function, I followed the link to their php code which was not formated eg. indexed , it was compressed and thus hard to follow. Anyway I'd appreciate any input, at this time I am going back to the old post method as I need to start using this again, unfortunately I lost 5 months of work (arrghhh) hence I'm investing into an almost life long server, although on second thought, I think onedrive gives you free storage but I'm not sure about their TOS as in "Whatever you upload legally belongs to us" or whatever. So there are two databases: Key with columns id,key,count Entry with columns, id,user,key,entry,date Firs problem is a simple post of textarea, keyphrase, along with the id, user and date. Second problem is the recall part, display is no problem, encase it in a CSS to make it pretty/jquery for dropdown functionality. But pulling the data back, the link above was using associated array. I can't tell if the AJAX is going through. Thanks for any help and happy 4th of July. I am thankful to live in this country.

Yeah it is wonderful to have a passion. For me it was building and flying model airplanes, I learned that when I was young that happiness for me wasn't money, it was green grass, a clear blue sky, the sun, warmth and a model airplane. I hope to return to that someday. Sorry to get so off topic lol. <- this will come off some day, as well as haha and "man". I don't know why I choose to append/ prepend these words, lol just looks childish... I don't know... I think exhaustion brings out the worst in me... that feeling of despair. I'm almost to the point where I can look at this again. I don't know if I can accomplish what I'm after. A php-based autoparser that has a built in community with an imbedded market. I need to look into embedding an IDE of some sort so people can write code directly at the website, to be sold under their name ( a percentage on my end of course hehe) Additionally backgrounds could be sold as well as icons / associated code like accessing cameras, etc...

Hey thanks for your post I can't think clearly right now... I'm contemplating on completely removing my presence from the internet aside from work that I publish. Be a pedestrian/bystander if you will rather than a participator. I'm going to start working on this project, I've pretty much finished the other one thanks to your help and NotionCommotion. It's dumb how I get hung up on problems like that and I am literally stuck, as I say, like smashing my head into a brick wall over and over again Sleep helps though, after 24 hours or more, you start to get irritated, sleep paralysis sucks too I just can't handle it, I will not accept being doomed to be a laborer when there are people who make money from the internet while they sleep, more than any laborer can make and that person doesn't even lift a finger... only manages once it is built Life will be better... Anyway thanks for your input I'm sure once I actually know what I want, the answers will present themselves, after all, the answer is just a click away...or a lot

Well... it doesn't work Please ignore my useless post hahaha <?php echo '<script type="text/javascript" src="http://code.jquery.com/jquery-latest.js"></script> <script language="JavaScript" type="text/javascript"> <script> function redirect() { window.location.replace("http://www.something.com/"); } } </script>'.'<button onclick="redirect()">Redirect</button>'; ?>

This is a two parter... mostly a discussion as I am currently not employing the purpose of these "things" I am creating an autoparsing webapp that has unlimited use... whatever a person can think of It accesses camera, microphone, gyro/accelerometer, flash etc... mostly it takes in data and does something to it according to the parsing tool I'm not saying this is new, in fact I spent a while using Touch Develop which is a scripting "thing" by Microsoft, the problem was lag That is another thing that concerns me, without web access the web-app is useless right? So I'm wondering if it is possible to copy your current setup and either translate it to the mobile languages like Java, C#/XML, Objective C or somehow a platform independent alternative Anyway... I'm not sure if I can access front end code, like <div class="whatever"> safely using injection Well injection you just bind parameters but what if the incoming string is literally malicious ? Also as far as autoparsing optimization goes, what I mean by that is I intended to create a character by character comparison, obviously or at least to me, starting with easier stuff first like for example a link is entered http://www.something.com then the autoparser compares each character one at a time from left to right |1|2|3|4|5|6|7|8|9|10| |h|t|t|p|:|/|/|w|w|w|...etc... But I would check for existing formats starting with the shortest first and also checking from right and left, eg. .mp4 is obvious as a file type I'll have more once I actually know what I need just looking to discuss I suppose... sorry if that is not appropriate feel free to delete this thread In the future the users who have modified their personal accounts would benefit from an "AI" thing that is specific to their personalities based on what they have enabled

Oh my GOD!!! WOOOOOOOOOOOOO He hath risen! Thank you guys, very much. Glad I overcame my ego... The solution was to declare $errors as a global variable at the top, then using $errors['name']="something"; I could echo them in the right location using <?php echo $errors['name'] ;?> Also this is redundant if(!empty($errors)){ foreach($errors as $error){ echo '<span style="color: red">'.htmlspecialchars($error).'</span>'.'</br>'.'</br>'; } } Boom! Case closed... bring the cows home

I don't know... I have this thought that GoDaddy's services are designed to make most people need their extra $80 to $150 dollars of "fully managed support" where they fix the problems they initially caused Although again, this could just be excuse on my short coming Why isnt' MySqli initially loaded? I don't know... Why do they not tell you that you can't use dynamic IP addresses when accessing cPanel/WHM otherwise you are kicked out... Solution? Whitelist your outgoing IP address in WHM OpenSSL doesn't work either I don't know... but the 24/7 service is nice and refunds happen in some occasions like the 48 hour window I'm pretty happy with their services at the moment, ideally in the future when I am not in my current situation / have succeeded, I'd like to build my own server farm

Yeah I too went with a VPS, it's nice... the local hosting it was like "Oh wow, my server has been down the entire day?" haha Anyway thanks for your response

Alright so the problem has been solved thanks to both of your suggestions however it does not work properly When I declare the $errors[]=""; so that they are not undefined, these take up space, pushing down my fields, what is up with that? Also when I purposely leave the fields blank, there are double errors displayed... Where would I put the empty variables? So that they aren't shown eg. take up space but also are not executed until post? See the actual image of this example This is great, it's so frustrating to go nowhere you know? Like smashing your head into a brick wall over and over... the difference seems insignificant like "oh look at that, it actually worked" but it is a great feeling Thanks for the help

Sorry for the confusion, that image is not for the code above, I was just trying to clarify what I was looking to achieve. The form is always there, if you hit submit without filling in the fields, the errors should appear. I have these lines <?php echo $errors['hour'];?> next to an hour field for example, now I get error messages that say "undefined variable $errors" wherever I try to echo the error I don't understand how I would identify an error without specifying it That's what I don't get about the first response by NotionCommotion $nameErr = "The form of the name entered is not acceptable"; along with all your other errors needs to be changed to $errors[]= "The form of the name entered is not acceptable"; I need to tell a person what part is incorrect and excuse me if that is what NotionCommotion just showed me

Can't you put non-php code in single quotes within the <?php ?> tags? I have used that method to alter php output, eg. color, font size, etc... is javascript different? Example : <?php echo '<span class="notification">'.'<font color="red">*</font>'.'&nbsp'."Sentence"."<br>".'<br>'; ?>

I don't understand what you mean? How would the errors be identified individually? Oh wait... nevermind I understand, I wonder why that is? I followed w3schools, which funny enough another website calls them "W3Fools" eg. don't use that site This is pulled from their example here $nameErr = $emailErr = $genderErr = $websiteErr = ""; $name = $email = $gender = $comment = $website = ""; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["name"])) { $nameErr = "Name is required"; } else { $name = test_input($_POST["name"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$name)) { $nameErr = "Only letters and white space allowed"; } } I need to show individual errors Also thank you for the fast responses See it works here (attached image) but again it doesn't post, just refreshes the page p.s. Hello QuickOldCar happy to hear from you

First, I'd like to apologize for my behavior, I didn't really "do anything wrong per se" I just get impulsive sometimes haha bad start I am so close to finishing this website, which I will use to sell myself as a person who fixes computers I am stuck on this problem, for all the pages Either I can error check but data is not recorded in the tables Or the error checking works but data is not recorded The problem seems to be "triggered" by removing $errors[]=""; Also I'd like to say hello to QuickOldCar Anyway here is the php parts of a single web page, this problem is shared on all of them except the index page which has successful error checking, session data retrieval and redirecting / updating data I've spent days trying to fix this amongst other things (pretty sad right) this is literally one of the final problems to be solved before I'm ready to get his website indexed / advertise it Thanks for any help <?php ob_start(); session_start(); global $nameErr,$emailErr,$commentsErr,$hourErr,$minuteErr; global $name,$comments,$email,$hour,$minute; mysqli_report(MYSQLI_REPORT_ALL); error_reporting(E_ALL); error_reporting(-1); function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } $servername = "localhost"; $username = " "; $password = " "; $dbname = " "; global $link; $link = new mysqli("$servername", "$username", "$password", "$dbname"); if($_SERVER['REQUEST_METHOD']=='POST'){ $errors = array(); if (empty($_POST["name"])) { $nameErr = "Name is required"; } else { $name = test_input($_POST["name"]); // check if name only contains letters and whitespace if (!preg_match("/^[a-zA-Z ]*$/",$name)) { $nameErr = "The form of the name entered is not acceptable"; } } if (empty($_POST["email"])) { $emailErr = "An email is required"; } else { $email = test_input($_POST["email"]); } if (empty($_POST["comments"])) { $commentsErr = "A comment is required."; } else { $comments = test_input($_POST["comments"]); // check if name only contains letters and whitespace } $test = $_POST['hour']; $test1 = '$test'; if (empty($_POST['hour'])) { $hourErr = "Please specify an hour between 12 and 8"; } else { if (ctype_digit($_POST['hour'])) { $hour = test_input($_POST['hour']); }else { $hourErr = "Only numbers are allowed"; } } if (empty($_POST['minute'])) { $minuteErr = "Please specify a minute between 1 and 60"; } else { if (ctype_digit($_POST['minute'])) { $minute = test_input($_POST['minute']); } else { $minuteErr = "Only numbers are allowed"; } } if(empty($errors)){ $link = new mysqli("$servername", "$username", "$password", "$dbname"); $name = test_input($_POST['name']); $email = test_input($_POST['email']); $comments = test_input($_POST['comments']); $hour = test_input($_POST['hour']); $minute = test_input($_POST['minute']); // use the submitted data here... insert into database, send email, ... $stmt = mysqli_prepare($link, "INSERT INTO Dropoff VALUES (?,?,?,?,?)"); $stmt->bind_param('sssii',$name,$email,$comments,$hour,$minute); $stmt->execute(); $to = ' '; $subject = 'Dropoff scheduled'; $message = "Check the database"; $message = wordwrap($message,70,"\r\n"); $headers = 'From: service@jakes-bytes.us'."\r\n\r\n"; mail($to,$subject,$message,$headers); $to = $email; $subject = 'Jakes Bytes Your Dropoff Has Been Scheduled'; $message = "Thank you for choosing Jakes Bytes computer repair shop.\r\n\r\nAttached is the information you have sent.\r\n\r\n \r\n\r\nBelow is our address. Look for the Greek letters on our building.\r\n\r\nJake's Bytes is a private business. Please call upon arrival.\r\n\r\nThank you.\r\n\r\n169 Highgate Ave. Buffalo, NY 14215\r\n\r\nJake's Bytes is a property of Normalbus"; $message = wordwrap($message,70,"\r\n"); $headers = 'From: '."\r\n\r\n"; mail($to,$subject,$message,$headers); // set up a status message to be displayed one time $_SESSION['status_message'] = "Drop off scheduled successfully"; // after successfully processing any post form data, redirect to the same exact url of this page to clear the post data $host = $_SERVER['HTTP_HOST']; $uri = $_SERVER['REQUEST_URI']; // the path/file?query string of the page header("Location: http://$host$uri"); exit; $link->close(); } } ?> <HTML> <html break> <?php if(!empty($errors)){ foreach($errors as $error){ echo '<span style="color: red">'.htmlspecialchars($error).'</span>'.'</br>'.'</br>'; } } if(isset($_SESSION['status_message'])){ echo '<span style="color: #ccfb5d">'.htmlspecialchars($_SESSION['status_message']).'</span>'.'</br>'.'</br>'; unset($_SESSION['status_message']); // clear the message } ?> <html resume> </html> Awe it's too bad the code paste box doesn't have highlighting, I've been spending time at other PHP forums and codingforums uses highlighting which is very helpful

I don't know, I can't seem to not be insecure / care about what people think of me I don't want to conform I understand, respect the rules, "be a better person" This problem I'm facing is dumb (I'm dumb), sometimes I can login, sometimes I can't, I ask the customer rep why that is, they don't know... "Everything is working fine on our end, must be you." great that's helpful Okay I am done posting here

Yeah I get that but the boys at the forum can thank me for the views I generate = more money towards them this sucks I pay for something, can't get a refund, can't access it, what is that? Capitalism? I could also get get blocked, I realize that as well I have been banned from asking questions on Stackoverflow (gee I wonder why?) anyway... there are always reasons for something not to work... what is that entropy? I don't really know what I'm going to do right now, it is a pain to set things up on linux, but I may just host it myself but that sounds like a bad idea, for one that I don't have static IP address(es) They can't seem to solve my problem (they've stated that they can't) third password reset... I know this is not related... oh well

Yeah so I somewhat take back what I said about the GoDaddy customer service reps I mean they didn't really fix my problem but they said that it is not their fault / in their control and they were willing to stick around Some interesting stuff, did a traceroute ~ $ traceroute 166.62.45.208 traceroute to 166.62.45.208 (166.62.45.208), 64 hops max 1 192.168.1.1 2.492ms 2.542ms 1.826ms 2 96.243.34.1 5.705ms * * 3 130.81.216.14 9.360ms 9.027ms 18.727ms 4 * * * 5 140.222.227.197 18.394ms * * 6 * * * 7 * * * 8 63.232.81.254 81.494ms 100.651ms 80.790ms 9 184.168.0.69 84.853ms 77.559ms 78.751ms 10 184.168.0.69 91.410ms 79.325ms 86.044ms 11 208.109.112.121 77.687ms 80.241ms 88.649ms 12 166.62.45.208 83.075ms 78.355ms 81.863ms Also I'm going to reset my password and upon login, I'm going to learn how to iterate literally a thousand different IP variations of my own IP address to be allowed to access by server

This is so annoying, I'm not trying to vent here I'm just pointing out how unbelievable it is, the support from GoDaddy I've talked to 5 guys, and none of them have actually solved my problem Apparently my IP address may be blacklisted, I tested it and it seems that indeed it is to some degree I keep not being able to log into WHM which is what manages the server with Apache and all that They white-listed my IP but it's dynamic so that only works when I get that IP I don't know why these people aren't able to solve my problem, they just bounce me around and not try to help me by referring me to someone who can actually help me.... Anyway, I think I'm going to get a refund on my hosting and try somewhere else, their php and sql stuff is probably much better managed and not purposely set up to fail so you need to pay for a "fully managed" server... but whatever Who am I? I'm a customer, those who feed money into these companies.

I don't get it, most websites their account creation process consists of at least two steps. So in between those two steps, during the transition, how do they keep track of your info? Why have I never been displayed someone else's account number? IP address doesn't seem like a bad solution, since that's available... I mean I can go on Google and search "What is my IP address" and mine is displayed but as I stated before, I don't know if the last octet is varied between multiple users on the same network. They are varied according to the router... on ours it's like #.#.#.0 then incrementing by 1 like this #.#.#.1, #.#.#.2, #.#.#.3, etc... I'll tackle this problem soon enough, once I get at least one row entered Thank you all very much for your responses

People are unbelievable do you know that? I'm selling my Nokia Lumia 920 for $100.00 locally and people are like "Can you go lower?" urrrrrrr Like they have no concept of the value of what I am selling them ahhhhhhh Like I sold a quadcore laptop Windows 8.1 touch screen for $140.00 and people were asking me to sell it for cheaper my god It's not the first of the month but jesus As far as your concern of Mysqli I don't know phpinfo() is right here http://dn2d8.com/test.php it outputs the php pages on the one page Doesn't look like it from a brief Ctrl+F search My mind is just spent right now, over exhausted, I'm living the life of a bum and days and nights are blending together I didn't even know what day it was today until my friend mentioned it was the weekend I love it though, learning to code, building the project one piece at a time

That works, I used it to determine where the php.ini file is