xyph

You should check out the examples in the manual. For one, you've only defined 2 parameters, but attempt to use 3 in the execute method. Another, you are trying to SELECT from... a table with an empty name? Finally, you aren't supposed to have column/table names as parameters. It won't work properly. You shouldn't be defining those from insecure sources anyways.

Literal strings must be quoted in a query. Column names should not be quoted.

Yeah, I completely skimmed over that requirement of the query.

I think a better solution to this would be to NOT store multiple votes per user. Make a single unique index on the (userid,submissionid) columns. INSERT INTO submission_votes SET userid = $userid, submissionid = $submissionid, content = $likeOrNot ON DUPLICATE KEY UPDATE content = $likeOrNot

if($device_set) { echo "error"; } elseif( mysql_num_rows($device_set) < 1 ) { echo "no devices"; } else { ...

Are you sure this is what you want to do? if($device_set) { echo "error"; }

I'm not sure what you're asking for. The concept is pretty straightforward. Use sessions to track a user between requests. If the session has no record of a successful login stored within it, redirect users to a login page. For information on how to properly handle passwords with PHP and store/recall them with a database, check out the article in my signature.

You can always use sub-queries to filter your results. Step 1 - Straightforward SELECT entryid FROM votes WHERE userid = 1 AND value = 1 Step 2 - The JOIN is the query above. The main query selects DISTINCT userids that have a matching entryid to the ones within the JOIN SELECT DISTINCT userid FROM votes JOIN ( SELECT entryid FROM votes WHERE userid = 1 AND value = 1 ) as sub USING(entryid) WHERE userid <> 1 Step 3-4 - Take our previous query, and use it as another join. The innermost JOIN grabs the entries that match the given userid, the other one uses that list to get a list of userids that also have the entryids, and the final, outer query uses that list to grab entryids by those userids, grouping, counting and ordering them. SELECT entryid, COUNT(entryid) as total FROM votes JOIN ( SELECT DISTINCT userid FROM votes JOIN ( SELECT entryid FROM votes WHERE userid = 1 AND value = 1 ) as sub1 USING(entryid) WHERE userid <> 1 ) as sub2 USING(userid) GROUP BY entryid ORDER BY total DESC I'm using the following structure/data. CREATE TABLE IF NOT EXISTS `entries` ( `id` int(11) NOT NULL AUTO_INCREMENT, `userid` int(11) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=18 ; INSERT INTO `entries` (`id`, `userid`) VALUES (1, 1), (2, 1), (3, 2), (4, 2), (5, 3), (6, 4), (7, 4), (8, 4), (9, 5), (10, 5), (11, 6), (12, 7), (13, 7), (14, 7), (15, 7), (16, 7), (17, ; CREATE TABLE IF NOT EXISTS `users` ( `id` int(11) NOT NULL AUTO_INCREMENT, `name` varchar(10) NOT NULL, PRIMARY KEY (`id`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=9 ; INSERT INTO `users` (`id`, `name`) VALUES (1, 'matt'), (2, 'bob'), (3, 'joe'), (4, 'tim'), (5, 'carl'), (6, 'john'), (7, 'foo'), (8, 'bar'); CREATE TABLE IF NOT EXISTS `votes` ( `userid` int(11) NOT NULL, `entryid` int(11) NOT NULL, `value` tinyint(1) NOT NULL DEFAULT '1', UNIQUE KEY `userid` (`userid`,`entryid`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8; INSERT INTO `votes` (`userid`, `entryid`, `value`) VALUES (1, 3, 1), (1, 7, 1), (1, 10, 1), (1, 14, 1), (1, 16, 1), (2, 5, 1), (2, 7, 1), (2, 9, 1), (2, 14, 1), (2, 15, 1), (3, 13, 1), (4, 2, 1), (4, 3, 1), (4, 9, 1), (4, 10, 1), (4, 13, 1), (4, 14, 1), (5, 3, 1), (5, 4, 1), (5, 5, 1), (5, 7, 1), (5, 11, 1), (6, 9, 1), (7, 1, 1), (7, 2, 1), (7, 5, 1), (7, 7, 1), (7, 9, 1), (7, 10, 1), (8, 1, 1), (8, 4, 1), (8, 16, 1);

How it displays could vary from system to system, because it relies on client-side rendering to be visible. If you don't have Lucida Console, Terminal or Courier fonts installed, it will flat out break. Using <pre> tags might help with this, but it still depends on the font the browser decides to use for that tag.

SimpleXML allows you to deal with an XML file as if it were an array. What you're doing is redundant. $xml['node']['subnode'] = 'value' isn't much different than $xml->node->subnode = 'value'

I doubt any OCR software would have issues with that CAPTCHA. Neat idea though.

Your array contains the same data as your object. What was the point of turning it into an array? If you want to access individual values <?php $xml = new SimpleXMLElement('http://www.amecim.com/metronashvillewater/metronashvilleraingaugeservice.asmx/getAllGaugesAllIntervals', 0, true); header('content-type: text/plain'); echo $xml->BntCrk->FifteenMinute->SampleDate; echo "\n"; if( isset($xml->BntCrk->TwoHour->SampleValueAccumulation) ) echo $xml->BntCrk->TwoHour->SampleValueAccumulation; else echo 'value does not exist'; ?> Turning that into an array will not make anything easier, you'll just have the same data in memory twice.

The concept is still the same. <?php $xml = new SimpleXMLElement('http://www.amecim.com/metronashvillewater/metronashvilleraingaugeservice.asmx/getAllGaugesAllIntervals', 0, true); header('content-type: text/plain'); foreach( $xml as $location => $data ) { echo "$location\n"; foreach( $data as $time => $subdata ) { echo "\t$time\n"; foreach( $subdata as $key => $value ) { echo "\t\t$key -> $value\n"; } } } ?>

Much easier that way

SimpleXML provides iteration through the class. There's no reason to convert it to an array only to iterate through it. Unknown values can be looped through. <?php $xml = new SimpleXMLElement('http://www.amecim.com/metronashvillewater/metronashvilleraingaugeservice.asmx/getAllGauges15m', 0, true); header('content-type: text/plain'); foreach( $xml as $location => $data ) { echo "$location\n"; foreach( $data->clsRainGaugeReading as $subdata ) { foreach( $subdata as $key => $value ) { echo "\t$key -> $value\n"; } } } ?>

Using an alternate DNS server could possibly help, couldn't it? OpenDNS works well, assuming you turn off their guide/block pages.

Do it separately. You're not accomplishing anything by grabbing them all in a single query. It can be done on a single page as well, simply use a GET variable. getData.php?letter=a If you must get them all in a single query, use ORDER BY instead. Parse the resulting data with PHP, keeping track of the first letter in the previous row. When the current first letter differs from the last, you know you need to make a new 'group' If you want to run a query to find out if any values exist that start with a given letter (so you aren't linking to empty lists) use something like SELECT DISTINCT IF( LOWER(SUBSTR(yourColumn FROM 1 FOR 1)) REGEXP '[^a-z]', '#', LOWER(SUBSTR(yourColumn FROM 1 FOR 1)) ) as letter FROM yourTable ORDER BY letter

Sessions aren't meant to hold mutable data, and if it must, you have to be very careful to isolate them to the current line of requests using some sort of unique token passed in the form itself. If a user browses to the same form in multiple tabs, your session has no way to differentiate between the two otherwise. It's a stateless protocol, so trying to enforce state that could possibly change in a per-request manner should be done so with care. The correct way to do this is use a different form for each submit button. It's more mark-up, but it won't harm your page visibly at all, and with PHP behind it, there's not much extra effort involved. Avoid using hacky solutions for the sole purpose of saving your website from a little bit of extra mark-up. You'll find your application will play better universally if you stick to the spec.

I don't see how it couldn't be regulated any differently than drinking. The big issue is 'proving' you're stoned while driving, since your body doesn't flush out THC like it does alcohol (naturally occurring chemical vs a poison). Roadside sobriety tests would be the ideal solution I suppose. It's an awkward argument though, as the cannabinoids don't affect motor skills like booze. The bigger issue is those who suffer minor visuals, paranoia, and the lowering of reaction time as potential and fairly common side-effects. I'm not trying to support smoking and driving - I'm very much against it, but it's something that would be hard to enforce.

I still gave him a full point because you can't argue with the basic statement: The error condition is also valid output. The fact that the programmer should know better doesn't change the validity of his statement. Well, json_decode can also return FALSE on a successful parse, so beyond throwing an error/exception, what can it do? The behaviour is documented, and since NULL is the least likely 'correct' return value, I think it makes sense on failure.

No. You have to program that functionality in manually. I thought I was very straightforward in my first response

You have to watch out. From what I Remember some browsers won't send the submit button along if the 'return' key is used to submit the form. It'd be worth testing, at least

Remove them from the array. Could you please be more specific? You could always shuffle, and then loop until a value that isn't one of the 'bad' elements is found.

Hard to say. Use something like wireshark to check your network traffic when that happens, see if the request is leaving your machine when it gets held up.

I think if I ever ran into a system that disabled active, working, safe core functionality I would suggest that the owners fire their admins. I can understand why they included that ability through the INI though, though black-listing is generally much more difficult than white.