Jump to content

Remenission

New Members
  • Posts

    8
  • Joined

  • Last visited

Everything posted by Remenission

  1. Jacques1 I'm going to try and make some major changes to shift out of using global id's and make more tables for different things as you suggested. Thank you!
  2. For the business I work for I have a platform setup that handles everything from messages to photos to blogs etc. I have two tables that show id releations: CREATE TABLE IF NOT EXISTS Relations ( sender int(9), receiver int(9), relation tinyINT NOT NULL DEFAULT 0 /* -1=Delete, 0=[Add]Pending, 1=related, 2=Blocked */ ); CREATE TABLE IF NOT EXISTS Rating ( owner int(9), id int(9), rating tinyint(1) /* - 0 through 9 rating - */ ); With these tables I can relate any ID to any ID: With relations table I can relate a user to any other user, or to any other group ETC... With the rating table I can have a user rate any group, page, blog, message, photo, album etc... Because of this I have globally unique id's. No message will have the same ID as a blog, or a user, or a group, or a page. Currently I manage this in this manner: ID's: (I added commas for readability) (1)00,000,000 - users (2)00,000,000 - groups (3)00,000,000 - albums (4)00,000,000 - photos (5)00,000,000 - blogs (6)00,000,000 - msg As you can see, each object is represented by the leading digit. So currently, to make sure they are all distinct, before anything is inserted I am doing a full join on all of these tables for the column 'id'. If any results come back it generates a new 'id' to test for uniqueness. I feel like the way I have this setup could probably be done a lot cleaner and smoother. I have tried googling solutions, but I haven't had much luck because my scenario is kind of complex: not to say others haven't encountered this issue. Anyways, if anyone has any thoughts or opinions I would greatly appreciate it. Thank you guys ~ Remey
  3. Hi there, I'm trying to rework my framework a bit to make it more solid, and I have been storing encrypted account data as an array in session. However, since that data is being loaded every time a session is opened. I'm curious if perhaps it would be better to just use an sql request to load the data instead. I think both have their pros and cons, but I'm curious what you guys think. Thanks! Also, because I hate feeling like a leech. I am gonna try and help out a few others as well in the meantime.
  4. How awesome! that is good to know about prepared statements. If it is impossible with them should I still use mysql_real_escape_string? Thats particularly why I'm trying to familiarize myself with mysqli, because I have heard it will be obsolete in future php releases. As far as making user input safe yeah that was my main concern.. Sql injections. I don't think it is a huge concern as I just run a couple websites for some local businesses, and most user input is stored by the employees. I'm just hoping to tighten things up with security as I move into using mysqli
  5. Hi guys, I've been around here for a few years, but for some reason my other account doesn't seem to 'exist' anymore which was real annoying. I also noticed the captcha here was kind of buggy has anyone else been getting that? I'd enter it in case sensative 9-10 times before it would finally work. Anyways, I've been looking through a lot of research in upgrading my server from Mysql to Mysqli funtions. What I am curious about though is other peoples opinions and thoughts on how to make user input safer. For the time being I've just been using mysql_real_escape_string and htmlspecialchars. I've done quite a bit of research on this and there really isn't much for any guides on how to keep your data clean and safe. I've seen a lot of posts that anymore these two functions are not enough to secure your data. So I'm curious what people in this community are doing (annonomysly) to keep your user input safe. I'm also looking into prepared statements as well with Mysqli. Anyways any responses are much appreciated, would love to chat with you guys about this! Does anyone know if there was some deal with why I can't access my origional account? I entered in all of the only 5 email addresses I use. It said it sent an email to the one, but it never appeared in junk/inbox.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.