Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Phi11W

  1. Your problem is this line: A private function is accessible only within the class in which it is defined (your class, "C"). A final function is one that is known to subclasses (of "C"), but those subclasses are not permitted to override that function. Since a private function is not known to subclasses, it cannot be meaningfully marked as final, hence the Warning. Either remove the final modifier or change the "private" modifier to "protected". Protected functions are known to subclasses and, by default, can be overridden by those subclasses. Neither private nor protected functions are available to any other class. See also Visibility in the Documentation. Regards, Phill W.
  2. I would guess that you're building your SQL in a string variable, complete with values entered by the user, and then trying to execute that string against the database. If that's the case, you're falling foul of a classic SQL Injection Attack. $sql = "select * from table1 where username = '$uName'" But here the User is entering something like O'Brien, so your SQL string looks like this ... $sql = "select * from table1 where username = 'O'Brien'" ^ Boom! ... and blows up! Read up about prepared statements (a.k.a. Parameterised Queries). Obligatory XKCD Reference: Little Bobby Tables. Regards, Phill W.
  3. DO NOT use the root user for Applications. ALWAYS create a dedicated account for each Application and grant that account the correct privileges in the database. Why? You should always keep the biggest and best tools in the toolbox for yourself, because it will be you cleaning up the mess made by other people and processes. Regards, Phill W.
  4. The former is an implementation of the Singleton Pattern. Every time you call the instance() function, you get the same instance of the object returned. The latter simply creates a new instance of the class each and every time. Regards, Phill W.
  5. Think about how PHP works. The echo statement displays the result of an Expression. Expressions can be nested inside one another, so ... echo 1 + ( 2 + ( 3 * 4 ) ); ... returns 15 (3 times 4, plus the 2, plus the 1). In your case, you have the same sort of nesting. echo $_SESSION[ $_GET["animal"] ]; First, PHP works out the value of $_GET[ "animal"], and then uses that to index into $_SESSION, and then echo's out the result of that. PHP expressions can be nested to almost any level, limited only by PHP's internal constraints and, more importantly, your own Sanity, when you come to try and read what you've created, even just a few days later! You probably want to do some validation on the QueryString value (of "animal") being submitted, because it could be absolutely anything! (Trust nothing that comes from the Client.) Regards, Phill W.
  6. I would suggest taking another look (or two) at this query. "select distinct" - This is big Red Flag for me. I usually see this used as a "sticking plaster" over a bad query that is "somehow" getting "duplicate" records, but "distinct" makes them go away. It can be a hugely expensive operation for the database to go through all the values to be returned and prune out those "duplicates", which are most often caused by incorrect table joins. "select a, b, c group by a" - Most DBMSs will simply throw an error at this. Exactly which value of b and c would you expect the query to return for each "grouped by" value of a? You haven't told the database how to work out those values (using Aggregate Functions, like max() & min()). MySQL will hand you any old value it happens to find and that could change every time you run the query. Other, more sensible, DBMSs can tell that they can't work this out for themselves and throw an error instead. You can (and, I would suggest, probably should) configure MySQL to work in the same, definitive fashion. I'd expect to see something more like: select participationid , group_concat( usernames ) unames , sum( totaldonated ) ttl group by participationid order by 3 desc ; Regards, Phill W.
  7. I suspect there might be a typo - most unexpected - in Barand's answer. Perhaps this makes it a little clearer: $stmt->execute( [ $enteredCity, $enteredZipcode ] ); Personally, I'd choose to build the query dynamically, based on which search criteria were entered, then bind the entered values into that, but that may be a bit overkill in this case. Regards, Phill W.
  8. You probably face more problems if you do explicitly close PHP blocks. Unless those "?>" characters are the very last in the file - and they almost certainly won't be, because we naturally hit [Enter] after typing anything on a line - then the whitespace after them will be sent as part of the HTTP response. If, somewhere later on in your code, you try to alter one of the HTTP Headers - BOOM! The web server will complain that it's already sent some "content" - you can't see anything, but the server insist it's there. Omit the closing tags completely and all that whitespace will just be sitting between PHP tokens, where it matters not a jot! Some coding standards actually enforce this. Regards, Phill W.
  9. [Begin Architectural Sanity Check] Are you are doing this in a Web Application, accessed by remote Users, via a URL? If so, you cannot do this (not with PHP). PHP runs on your Application server and can, therefore, only print to a printer connected to your server. That's not much use to a User potentially on the other side of the planet and who has no physical access to your DataCentre, which is where the printed piece of paper would wind up! Nor can you access any printer connected to the User's computer. PHP has no knowledge of this. In short, if the User wants to print a document, then that's entirely up to them. (These days, who's to say they even have a printer!?) [End Architectural Sanity Check] Of course, if this is a "local" PHP [console] application that only needs to talk to your own printer, that's a whole other ball game - forget everything I said above. Regards, Phill W.
  10. The period is the String concatenation operator and PHP isn't fussy about having whitespace around its operators so it should work with either. Personally, I like the spaces. Other people I work with detest them. Go with whichever fits your Coding Standards. 😉 Personally, I would also question the use of ".." in your paths. To me, it suggests that you should be "anchoring" your paths "further up" the directory tree. As it is, you're making assumptions about what's "outside" the directory your script lives in and, if you refactored and moved things around, you could end up breaking things. (That said, this might just be a hang-over from my spending too many years writing ASP running under IIS). Regards, Phill W.
  11. It's not a question of not wanting to help. We do. "Helping" means guiding you, clarifying what confuses you and generally working with you to complete a piece of work. It absolutely does not mean us doing it [all] for you. You've shown us nothing in terms of what you've tried so far, so we can only assume you want us to do for you. We're not going to do your work for you. We're all volunteers around here. We're absolutely not going to do your homework for you. It would be dishonest (both to you and to your fellow students) and you would learn nothing from it. The most effective Learning involves doing - Trying, sometimes failing, learning from those failures and, ultimately, succeeding. So make a start, trying some things out, see what works and what doesn't and come back with specific questions - then we might be able to help. Regards, Phill W.
  12. What creates the IFRAME? Show us your modified code. I'd hope it looks something like this: while( $row = $result->fetch_assoc() ) { printf( '<iframe width="420" height="315" src="%s"></iframe>', $row['url'] ); } Regards, Phill W.
  13. For starters, do you actually care about the individual referrers' names or just the [total] number of them? Your code currently retrieves each and every referrer and "manually" counts them. It's far, far more efficient to get your database to do that for you: $find_referrals = $db->prepare("SELECT count( user_id ) tally FROM user_referrals WHERE sponsor = :sponsor"); This will return you the number of referrers directly. Now, at first glance, you might think that your second level referrers query needs those user_ids in order to find their referrers. Doing this in code is a really Bad Idea - it's called the "1+N Query" Model and it's a nightmare for Application performance. As the number of "secondary" queries ("N") grows, your Application slows to Run like a Slug(TM). It's unscalable and untunable; there's nothing that can be done at the database end of things to improve matters. Instead, you can get your database to retrieve the second level referrers based on the original sponsor and their referrers, something like this: SELECT count( lvl2.user_id ) tally FROM user_referrals lvl1 LEFT JOIN user_referrals lvl2 ON lvl2.sponsor = lvl1.user_id WHERE lvl1.sponsor = :sponsor ; Regards, Phill W.
  14. "in phpmysql I have a table ..." Google Chrome is an Application that lets you work with Web Pages (that run inside a Web Server process like Apache). PHPMyAdmin is an Application that lets you work with Databases (that run inside the MySQL DBMS process). "... a table with one of the columns... I want to show a live price in ... At the moment I the column is set as varchar(30) do not know if this is correct." In short - It's not. Always store your data values in columns of the correct Data Type. You will want to do numerical things with these values (like adding them up) so you want then in a numerical column type. If you don't do this then: your queries will run more slowly because the database has to convert the character value into a number each and every time you use it, and You run the risk of losing numerical accuracy (e.g. rounding errors) during those "implicit" Type Conversions. "In my html table I want to add 3 or more if/else in, so when I update my html it must show 0.03234523 (depending on the price) I do not want all the rows to show this information" If you only want to hold values in your table for particular rows, then you need to consider making the column NULLable so that you can "leave out" that particular field in any given row. If you only want to suppress the value visually in the HTML (which, if I'm honest, seems a bit odd to me, given that this is the price of something) then you'll need to keep track of (or go and find) the price value from the previous row and, only output the current value if it is different from that previous one. Regards, Phill W.
  15. Something like this? for ( var i = 0 ; i < length ; ++i ) { if ( ( 0 = ( i % 5 ) ) && ( 0 != i ) ) result .= '-' ; result .= characters.charAt(Math.floor(Math.random() * charactersLength)); } Regards, Phill W.
  16. Barand's point is that you don't need the enabled field at all. Your application should allow submissions when the current date/time is between entrytime and closetime. At any other time, it should not allow submissions. Showing which items are available is a problem for the client web page - Javascript's much better at that sort of thing. (Of course, your server-side Application still needs to check those date/times!) Having databases try to update themselves in near-real time is a pretty difficult undertaking and assumes that your database is always, always available and working and properly. Take it from a 30+ year professional ... 100% Availability is a Myth. Regards, Phill W.
  17. Could it be as simple as json_decode( JSON_data_In_a_String_variable )? Regards, Phill W.
  18. But if you validate and then redirect, then the page at the end of that redirection must repeat the validation, otherwise someone could send data to it directly, bypassing the validation. The basic pattern for my pages is something like this: if ( form data submitted ) { Validate form data - populate variables and error messages ; if ( form data valid ) perform any required Action ; } Display Form, with values and/or error messages and/or results from the Action. Any "validation" that you do in Javascript on the client is for the Users' convenience only - you must not rely upon it because nothing that comes from the client can be trusted. (For example, do you validate the form value submitted from the HTML "select" list that you sent? You probably should ...) Regards, Phill W.
  19. Remember that you're building a PHP String that just happens to contain some text (SQL) that means something to your database. You have to build tat string according to PHP rules: $query=$bdd->prepare('SELECT t2.ui_company, t1.* FROM a2billing.nwc_refill_users t1 LEFT JOIN a2billing.nwc_anagrafica t2 ON t1.refag_richiedente = t2.ui_login WHERE t1.refag_paga_a=\'\' AND t1.refag_importo > 0 AND t1.refag_dataora_validazione<>\'\' AND (DATE(t1.refag_dataora)>=\'2022-01-01\' AND DATE(t1.refag_dataora)<=\'2022-05-15\')'); You might also consider using Parameters in place of the literals. A tiny bit more code but you'll avoid headaches like this. Regards, Phill W.
  20. Well, yes it does, because that's what's in your data! What you're missing is the action that caused each row to appear in your results. Include the action column and your data should make a little more sense. What are you trying to achieve? Calculation of total stock levels based on actions against each item? For that you'd want something like this: select id , sum( case action when 'Added Qty' then poqty when 'Stock Received' then received_qty when 'Outgoing Record Recorded' then - outgoing_qty /* negate value to deduct from total */ end ) qty from table1 group by id order by action ; Bear in mind that ordering by a text field (whose values might change over time) could give you headaches. It might be better to codify these values (into a "Lookup" Table) so that you can sequence them reliably. Regards, Phill W.
  21. In almost every DBMS by default, and MySQL if you configure it properly, this query will be flatly rejected as an error. What values of ponum and status would you expect to be returned when you are only grouping by itemname? The fields that you select either must be included in the "group by" clause or must be used in aggregate functions, like SUM. Suppose you had a number of purchase orders - what output would you expect to see for these "extra" fields? +-------+------------+------------+-----+ | ponum | status | itemname | qty | +-------+------------+------------+-----+ | 111 | Complete | Keyboard | 1 | | 222 | Complete | Keyboard | 2 | | 222 | Complete | Mouse | 1 | | 333 | InProgress | Keyboard | 1 | | 333 | InProgress | Mouse | 1 | | 333 | InProgress | Chair | 1 | +-------+------------+------------+-----+ select itemname, ponum, status, sum(qty) from ... group by itemname ; +----------+-------+------------+----------+ | itemname | ponum | status | sum(qty) | +----------+-------+------------+----------+ | Chair | 333 | InProgress | 1 | | Keyboard | ??? | ??? | ??? | | Mouse | ??? | ??? | ??? | +----------+-------+------------+----------+ If you can't tell the query which value you want within the grouping, the query should give up and throw an error. MySQL is one of the few DBMS that does not do this by default. Regards, Phill W.
  22. I'm guessing your problem is with this query: You can't "invent" SQL syntax. You have to use what your DBMS supplies to you. The keyword to group two conditions logically and require both to be TRUE is "AND". Whilst the "&&" operator does the same thing in PHP, C# and other languages, MySQL only understands "AND". This bit might cause you problems as well: IIRC, the MySQL Now() function returns the time as well as the date. If you're only storing the date, then the two will never match, as in: '2017-05-28' != '2017-05-28 00:00:00' You'll probably have to do some truncation on the returned value (say, using the DATE() function). Also, read up about Prepared Statements, to protect yourself against SQL Injection Attacks. Obligatory XKCD Reference - Little Bobby Tables. Regards, Phill W.
  23. Obligatory XKCD Reference: Standards Simply, you want to arithmetic on the values. Addition, subtraction, multiplication of numeric values that represent monetary amounts in different currencies. If those values are "buried" inside String values inside a single database field, then you have to waste processing time pulling those values apart so that you can "get at" the numeric part and then do your arithmetic on that. Databases are really, really good a finding bits of data and putting them together. They are [all] generally rubbish at finding big chunks of data and pulling them apart again. This is a case where the storage representation of these values (two fields, one numeric value, one character currency code) is different from the way that you or I might choose to think about them. That representation - the one that we would use - should be delivered by the Application, interpreting what's stored in the database into what we are used to seeing (and reinterpreting values going the other way, from what we use into the database). Regards, Phill W.
  24. (Being a Character Representations of their actual Data Type) Datetime literals must be enclosed in single quotes, in exactly the same way as you do for Character literals. The error message is definitive. Error: INSERT INTO weather_data ... VALUES ( 2022-01-24T15:40:00.000Z, 47.7, 47.7, 30.048, 29.224, 45.49, 92, 314, 1.3, 2.2, 8.1, 0, 0.161, 0.161, 0.681, 49.024, 2022-01-24T15:34:00.000Z, 29.48, 1 ) \_________/ You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':40:00.000Z, 47.7, 47.7, 30.048, 29.224, 45.49, 92, 314, ' at line 6 That said, you should not be embedding variables directly into SQL - you are leaving yourself wide open to SQL Injection Attacked. Use a Parameterised Query (Prepared Statement) instead. Obligatory XKCD Reference - Little Bobby Tables. Regards. Phill W.
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.