benanamen
-
Posts
2,134 -
Joined
-
Last visited
-
Days Won
42
Posts posted by benanamen
-
-
I love the way you use the function to encapsulate a whole bunch of html,
LOL! I didnt even look at the code in the function. OP, a simple include of clean html is a much better option than a function with all that ridiculous Php echoing Html. If your still going to do it with a function, escape the Php of the function and do straight Html.
I aso suggest you start using Html5
function footerInfo() { ?> <footer> <div id="contactInfo"> Bixler Insurance <br/> 1043 South 13th St. <br /> Decatur, IN 46733<br /> Phone: (260)-724-3438 </div> <div id="eocialMedia"> social media icons </div> <div id="servicesList"> list of services </div> </footer> <?php } -
Where is functions.php located?
if this is the path:
/web/html/mediaservicesunlimited.com/bixler/functions.php
Then do:
require_once('./functions.php');
If this is the path:
/web/html/mediaservicesunlimited.com/functions.php
Then do:
require_once('../functions.php');
-
I have read several of your posts. For some reason you are trying to go way, way beyond anywhere you are currently at in knowledge or need.
It's like worrying about how to do brain surgery when you don't even know how to put a band aid on a scratch all the while not even in Med school. Get down on the basics. It is clear you have not. This is a very rare instance where I think you are just wasting peoples time.
-
@ginerjm, since it wasn't given to you, Thank you very much for taking the time to provide FREE and correct expert advice to the OP.
-
Not insisting. Just learning the ins and outs of all the options. I have never dealt with a binary column or hex or UUID. I am aware of random_bytes, but that is Php 7 only. (I also know of its equivalent replacement).
I did spend several hours yesterday researching UUID and all its pros & cons. This is one function I was not educated on before that, but was aware of it. When I learn about something, I always want to Master the knowledge about it. (Same reason behind my questions to you in other thread on htmlspecialchars)
I actually have two different use cases for the current project. One, "obfuscate" the id in the url by whatever method, and Two, merge about 374 user records with conflicting auto increment id's.
The first one, any number of ways to go about it.
The second, I will probably just temporarily use UUID to merge the records, update related table id's for those users to their new auto increment number and then delete the UUID. The client has not made any requirements to how things work under the hood.
-
After testing I see the where example should be
//Select Where SELECT user FROM users WHERE id = unhex('A14CDAF7127511E696BE3085A9AE86BC')// Hexed value -
So this is what I have come up with. Good? Not sure about the WHERE example. Feels kinda scary having an id column that I cant read without HEX. Yikes!
CREATE TABLE `users` ( id BINARY(16) NOT NULL, user VARCHAR(15) NOT NULL , PRIMARY KEY (id) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; // Insert INSERT INTO users (id) VALUES ( UNHEX(REPLACE(UUID(), '-', '')) ) //Select SELECT hex(id) FROM users //Select Where SELECT user FROM users WHERE id = hex(id)
-
I see the problem.
And we dont want to lose people like @Psycho either....
-
At this point for the current project the main thing is not displaying an obviously sequential number that is easily +-'d in the Url.
Since it is now clear I am going to need UUID's anyways for a data merge, would the following be OK:
1. Keep existing auto increment and use for foreign keys and joins (current setup)
2. Use the UUID for the Url when needed to pass the id by GET
Regarding the UUID column, does it/should it still be a unique index? At the least it should still be an index right?
Do you think using a CSPRNG is overkill?
-
Thanks. After briefly looking into UUID it is going to solve an up coming problem I didn't have an answer for yet. The clients original app had a members login table for members and a users table for staff. The new app will have one users table for all users with ACL. The obvious issue was that the current auto increment id's would crash into each other. UUID is the answer to merge the two tables without an ID collision.
Would you still want to set a unique index on the UUID field?
* When I get to the ACL part I would like this forums input in a new thread on the ACL implementation. Client wants fine grade permissions on actions/access to certain areas and data by person, not roles.
-
You are correct. In this case user is logged in before he even sees the id in the URL. At the least I dont want them to be able to change the id #. It is also a giveaway of how many potential records there are which you may not want particular users to know.
-
I would like feed back on best practice for encoding/encrypting a Url Id number to prevent tampering among other security concerns.
Example: page.php?id=SFNqaUluZVN1ZjFvRDZXb1Baa2l3UT09
I realize their are a number of ways to do this. Just how secure does this really need to be from being able to get the actual Id number? Of the various methods, I am thinking I would rather not create an extra DB field for storing a unique Id but I am interested in feedback on it.
The simplest approach would be to just encrypt/decrypt the string with AES or something similar which brings me back to just how secure does the id conversion really need to be?
-
Glad to see you made it back to the forum!
I have no idea why ENT_COMPAT is the default.
Funny you mentioned that. As I was reading the docs, that stood out to me as an odd choice for the default.
-
@Jacques1,
What do you say about htmlspecialchars VS htmlentities? What is the deciding factors of using vs not using the ENT_COMPAT instead of ENT_QUOTES?
Since >=5.4 defaults to UTF-8 isn't it redundant to set the char encoding?
(Assumes you are on >=5.4. Since you used ENT_SUBSTITUTE which is only available as of 5.4 that implies you would be on >=5.4.) -
Admins, is it possible to send out an email to the members to let them know the site is back up? I just emailed Barand and he didn't even know the site was back up. And we dont want to lose people like @Jaques1 either among other talented people.
-
Glad to have the site back. This sites experts are the most knowledgeable out of any forum I visit.
-
Missed the site. So glad its back up.
-
You really need to start with the basics of coding. There is too much wrong going on here.
-
You should probably post your code or this thread is going to get very long. I will understand the code much better than you trying to talk about it.
-
I dont see a thing about a subscribed value or a sub field or any function. I have no idea what your doing.
-
What exactly are you trying to accomplish, and I don't mean how you think you need to do something. What is the overall task at hand?
-
You can toss all that code. You are using obsolete code that has been completely removed from PHP. Go to this PDO tutorial and start from there.
-
How about that. I thought the date/time functions only worked on a datetime column. Learned something new today. I would like to know if there is some instance where having the date in that format in varchar will not work with some functions. Must be some reason for the date column type.
-
If you are adding email addresses to multiple tables you're database design is wrong.
If you don't specify a length for a data type/column, does that affect performance?
in MySQL Help
Posted · Edited by benanamen
We don't mind helping. That's why we are here. I have no issue with you wanting to learn and asking questions when you have made some effort on the matter.
It just seems to me the things you are asking about is far ahead of what you need to learn before that. I will give you a real life example. My Uncle started going to flight school to learn how to fly a plane. The airplanes they use at the school are those little Cessna prop planes. He told me, at the airport, the guys who fly jets don't even talk to "Prop" guys (Propeller Pilots).
The point I am getting at with that is you are talking to Jet Pilots about how to you fly a jet when you haven't learned to fly the Cessna's. I have been at this a long time and know quite a bit about a lot and even I have not had to concern myself with the things you ask about.
Feel free to post, but everyone's time, including yours will be better served on subjects closer to your current knowledge level or what you actually need to know to solve a problem you have.