Pr0t0n

Aaah like that, got it working like a charm now. but mac_gyver if I may ask which way of configuration files you use or would use in your php app? Still trying to figure out the best way or atleast a good way to work with configuration files.

True but it doesnt take alot of lines of code to ensure the proper file permissions which I was aware of, but if that's a reason to not use it I dont see why not use it hehe. For the lines of code perceeding the error: class DB { private $_parse; private static $_instance = null; private $_config = _BASE_DIR . "config_odin.ini"; private $_parse = parse_ini_file($_config, true); private $_pdo; // Instance for re-use private $_query; // Last executed query; private $_error = false; private $_results; // Output; private $_count= 0; private function __construct() { try { $this->_pdo = new PDO('mysql:host='.Config::get('mysql/host').';dbname='.Config::get('mysql/db'), Config::get('mysql/user'), Config::get('mysql/passw')); echo 'Verbonden met: '.$_parse['host']; } catch (PDOException $e) { die($e->getMessage()); } } public static function getInstance() { if(!isset(self::$_instance)) { self::$_instance = new DB(); } return self::$_instance; } public function insert($table,$values = array()) { $_query = 'INSERT INTO `'.$table.'` (`'; foreach($values as $key => $value) { return $_query .= $key.', '; } $_query .= ') VALUES('; foreach($values as $key => $value) { return $_query .= $value.', '; } $_query .= '`)'; } } Well as the code is not yet complete here is everything I got at this moment. at the top you will see the two lines I mentioned. Please forget the Config::get(); its a way of using a php file as config file, which I want to remove as its not my own code.

Hi I got a small issue so I wont have to post all code, but as soon as I use the 2 lines below INSIDE a class I get a fatal syntax error. $_config = _BASE_DIR . "config_odin.ini"; $_parse = parse_ini_file($_config, true); He seems to say that between _BASE_DIR and "config_odin.ini"; the problem lays so must be that "."(dot). Also since php has theire own function to implement config files with ease, I dont see alot of people using it, even some serious guys just use a php file with theire own function to roll out the values. I would like to know anyones opinion about configuration files, which do you choose and why?

Aha... well I think I understand what you mean. However I havent been able to find a good guide on the subject outside php.net I want to completely understand those prepared statements before I adapt the code. Maybe someone has a guide that covers alot?

Ok I read enough to say I was wrong, but how long does this function exists lol I only remember the time were u had to code something like that. But still this is only useful when u got the queries and my class handles that and only at the end I could implement it for further use. Only this I dont completely get its from php.net "If an application exclusively uses prepared statements, the developer can be sure that no SQL injection will occur (however, if other portions of the query are being built up with unescaped input, SQL injection is still possible)." The bold part is what I dont understand maybe someone can give me an example?

Ok ok I get that, I do not completely agree that its not possible or taking massive amounts of time, also I never coded for production appz, trying to go in that direction right now but thats for another topic. Both of you thanks, for the replys, mogosselin I am gonna look into prepared statements. Also: http://www.tero.co.uk/scripts/superdatabase.php Not that I am gonna use it. And about 10 years ago when I started with perl I learned to code everything myself. So I rather stop coding at all then using and editing others code. BUT... purely for security risks I understand that certain parts might need other code. I can write on and on about this, I understand both comments I am gonna look it up and if its better then the idea I got about the class I will implement it.

Hi guys, I am trying to build a mysql function that handles building up querys for the dbase, it all works so far. I started at a function inside that class that handles cleaning up the arrays so it can be sent to the dbase without having to worry about injections, I wanted to write it myself but I thought if you guys have lines to add please leave it in a comment and I will update the code, I will also make it open source. function QueryCleaner($query12) { trim($query12); if (preg_match ('/\bUNION\b|\bJOIN\b|1=1/i', $query12)) return null; //Checking for SQL injections, so deny them if (substr_count ($query12, "'") % 2 == 1) return null; //something with an uneven number of quotes, could be SQL injection $query =(get_magic_quotes_gpc()) ? stripslashes($query) : $query; return mysqli_real_escape_string($query); } If you got ideas for this let me know!

Yeah I know last week I had all these questions but I wasnt able to put it all down in one story. As for version control I am gonna check articles I wanna know everything about it. Well let me explain how I got into Smarty, I was coding in Perl like 6 years ago then I noticed my interest in webdevelopment, so I went into PHP and from the start a friend of me explained me it was possible to keep my code and templates seperate from eachother, which is very useful when I do the coding and a collegaeu(or however you write it) does the designs. And to be honest lately I want to code every piece myself so no wp and phpbb, and I think I am more afraid to use those frameworks to make my web applications, and then at the end I only manipulated the code from a third party to have it work and look to the expectations of the project. So to hear you say that smarty is just a templating framework/component is actually the most useful thing to use in my case or check if phalcon or another company offers a faster template component. I am gonna mark this as "solved" but if you dont mind I would like to hear more input from you to get me back on track, so far you give very interesting answers. Greetings,

nvm see that its alot like smarty so far.

I just found http://vimeo.com/phalconphp and they say its a C extension with high performance while I came from Smarty framework. Could you help me get started quick with Phalcon? Appreciate it. Have a nice weekend btw!

Hey sorry for my late response, I said svn but I meant git, the only thing I dont see is how it could be useful when developing projects, I know its used for open source projects which u can manage with multiple dev's but is it only useful in alpha stage when the project is ready for release? Yeah local webserver has always been useful, well good to know things didnt change alot .

Hello, I haven't been coding alot for a few years and now I am "upgrading" my tools, and looking for a good svn or other site to have a lab were I can add projects and have a webserver for it for testing, I know svn falls off in that case but for updates its useful for me. I am open to any site, would be cool if it supported zend.

Solved it, it seems the variable for the credentials wasnt passed to the __construct()

I know why you're saying that but I came from four credentials and kept adding to be sure hes not using a wrong setting. See this: http://nl3.php.net/manual/en/mysqli.construct.php and scroll to "Parameters" u will see all the parameters u can add to it.

Hey guys, I am having problems when I started a class for mysql queries, and I am trying to connect in the __construct() but it doesnt matter how many diffrent servers I try it won't freaking connect PLEASE HELP lol. Code is below: function __construct() { $db = new mysqli($db_login_cred); // $db_conn = mysqli_connect() or die(mysqli_error($db)); if (mysqli_connect_error()) { die('Connect Error (' . mysqli_connect_errno() . ') ' . mysqli_connect_error()); } echo 'Success... ' . $db->host_info . "\n"; /* if(isset($db_conn)) { echo "Verbinding met de MySQL backend tot stand gebracht."; } else { echo "Kan de MySQL-backend niet bereiken.<br /><br /> Foutmelding:<br />" .$error = $db_conn->mysqli_connect_error() .$error; } */ There's some of my own code which is commented out in a try to use standard code from php.net to see if I made a typo or whatever. I will keep this page open so if u need additional info I can supply it fast hopefully. if u also want to see the output: http://odins.co.nf/