Jump to content

kmaid

Members
  • Posts

    56
  • Joined

  • Last visited

    Never

Everything posted by kmaid

  1. Thanks....... :'( way too much time debugging that query instead of checking the data.
  2. Still stuck on this one ://. Should I be doing this as two separate queries? I really don't want to use multiple queries unless I absolutely need to. Goes against the grain to have to manipulate data like this after using a query.
  3. Most backups are simply SQL dumps to recreate all the tables. Decompress it if required using 7zip if your archiver doesn't support the format. Once you have a .sql files or whatever open it up the file in your favorite text editor and cut out the insert portions. If you just run the queries in order it won't put the duplicate fields in twice so use the latest one first. Hope that helps Edited for *better* clarity
  4. Hi all I could use some help with this query i am working on. I have a transaction table with the following structure. TransactionID - int(11), Primary Date - datetime ClientID - int(11) PaymentType - varchar(50) Reference - varchar(200) AmountUSD - decimal(8,2) AmountGBP - decimal(8,2) Amount - decimal(10,2) Currency - varchar(4) I am trying to get a monthly total of all transactions not marked as an expense or target and then attach that month's target to the result which is marked with 'Target' in the PaymentType. aka Month, Sum(`GBPAmount`), `Target` Here is my query so far. I think i am nearly there but its doing my head in. SELECT date( T1.Date ) AS Date, sum( T1.AmountGBP ) AS Sales FROM transactions AS T1 INNER JOIN transactions AS T2 ON month( T1.Date ) = month( T2.Date ) WHERE T1.PaymentType NOT IN ('Target', 'Expense') AND T2.PaymentType = 'Target' GROUP BY month( T1.Date ) its valid but doesnt return any results. If i remove the "AND T2.PaymentType = 'Target'" part i get a huge sum from joining every record to each other. I think i may need a subquery rather than a join but it seeemed overkill initially. Any help even if its just a pointer would be most appreciated Edit: MySQL client version: 5.1.41
  5. Hi, How can you store a variable name inside another variable and then refer to it? EG <? $Var1 = "Var2"; $Var2 = "WantedInfomation"; echo $Var1; //Somehow outputs "WantedInfomation" ?>
  6. Hi I am making a validation function which will strip any dangerus code from an array or string. The problem is when i create a 2D array it screws up function cleanInput($Data) { $Data = mysql_real_escape_string(stripslashes($Data)); $search = array( '@<script[^>]*?>.*?</script>@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags '@<style[^>]*?>.*?</style>@siU', // Strip style tags properly '@<![\s\S]*?--[ \t\n\r]*>@'); // Strip multi-line comments return preg_replace($search, '', $Data); } function libStripInputSlashes($Data) { if (is_array($Data)) { foreach($Data as $var=>$val) { $output[$var] = cleanInput($val); } } else { return cleanInput($Data); } return $output; } $Data = libStripInputSlashes(array(array('<HTML> \' REALINPUT', '<HTML> \' REALINPUT', '<HTML> \' REALINPUT', '<HTML> \' REALINPUT', '<HTML> \' REALINPUT','<HTML> \' REALINPUT'),array('<HTML> \' REALINPUT', '<HTML> \' REALINPUT', '<HTML> \' REALINPUT', '<HTML> \' REALINPUT', '<HTML> \' REALINPUT','<HTML> \' REALINPUT'))); Echo $Data; Any ideas how I could fix this? Thanks Kmaid
  7. I had this issue with my old webhost and getting the stats of a counter strike server. It turned out that they had a firewall on and even though allow_url_fopen was enabled the firewall was blocking the requests. I am afraid this is defiantly a question for your host. Hopefully your host will be like mine and just add a rule in for you!
  8. I find the best way to learn is to read code from open source applications and understand how it works not that i know if rapidleach is open source! I am sorry i have not done something like this before however it has interested me so take what i say with a pinch of salt ! If you need to simulate logging in by a user try using CURL. That will allow you to post username and password and then can print the response while it receives it. When i first used the Curl libary it was a learning process but turns out it is quite easy to use! I would take a look at rapidleach anyway to see how they do it. Even if you don't understand everything it should at least point you in the right direction. Good luck!
  9. Hi all, My current PHP project requires me to cache data for 5 minuets after which IF the data is requested again the data needs to be requested from another server. I store the DateTime when the data was last requested and what I would like to do is make an SQL query which returns true/false depending on if 5 minuets have passed since the stored DateTime. Is this possible and are there any examples of this or should I just convert the DateTime into a php date time and do it in PHP? Thanks Kmaid **EDIT** My bad didnt read sticky mysql version 5.0.51b-community-nt
  10. Actually i *belive* that MD5 is nolonger secure as the previosly mentioned website solved an MD5 hash of two MD5ed strings. *EDIT* I take it back must have been lucky. Joshuaceo You are missing the point of storing your password in MD5. The reason is that should someone know the hash they dont know the phrase to make the hash. Either store the password in plaintext in your database or save the password in their session when they login and use that.
  11. I haven't used Cpanel but i suggest you use Curl. With this you should be able to authenticate yourself and then parse the XML. Personally i wouldn't bother updating all of the records rather when a user logs update your table and a timestamp and only get new data after 5mins or something.
  12. I personally recommend Cerberus Helpdesk. You can get a 3 person licences completely free and access to the source so you can integrate it really easily into pretty much any system.
  13. I thought that would be the case in which case that function isnt really an option. Oh well i guess i will have to live with it.
  14. I read that having magic quotes on could actually be the issue. How is this normally worked around? Its really lame but i may have found another solution though. In the comments of the PHP manual i found a function that will only add the backslashes once. Does mysql_real_escape_string do anything other than add back slashes to 's? Here is the code anyways function addslashes_once($input) { //These characters are single quote ('), double quote ("), backslash (\) and NUL (the NULL byte). $pattern = array("\\'", "\\\"", "\\\\", "\\0"); $replace = array("", "", "", ""); if(preg_match("/[\\\\'\"\\0]/", str_replace($pattern, $replace, $input))) { return addslashes($input); } else return $input; }
  15. The data is validated in a save function so each time the data is saved it updates the table with the additional slashes. This means if one of my user's added a ' into their first name every time they saved changes to their profile with ' or \ it would add more slashes as it would need to be re-validated. I guess i could remove the slashes before i display the data but for that i would still need stripslashes
  16. Hi, I am trying to sanatize single variables or arrays of variables from SQL injection and CSS. I have been working on this for a while and seem unable to get the StripSlashes function to work. Here is my code function cleanInput($input) { $search = array( '@<script[^>]*?>.*?</script>@si', // Strip out javascript '@<[\/\!]*?[^<>]*?>@si', // Strip out HTML tags '@<style[^>]*?>.*?</style>@siU', // Strip style tags properly '@<![\s\S]*?--[ \t\n\r]*>@'); // Strip multi-line comments return preg_replace($search, '', $input); } function libStripInputSlashes($Data) { if (is_array($Data)) { foreach($Data as $var=>$val) { $output[$var] = libStripInputSlashes($val); } } else { $Data = stripslashes($Data); $Data = cleanInput($Data); $output = mysql_real_escape_string($Data); } return $output; } The problem is if i put "Test's" into the script the first time it runs the output is correct with "Test\'s" but each additional run on "Test\'s" adds more unrequired slashes. I have tried using pregreplace but it doesnt seem to like backslahses either. Any suggestions?
  17. Have you seen rapidleach? If you are looking to achive the same thing i suggest you alter the header and then print out the contents of the file which will "stream" the file through your server. This could use allot of bandwidth and may be restricted on shared hosts. http://www.webmasterworld.com/forum88/3765.htm If memory serves me correctly you should just be able to fopen the file using the full address *shrugs*
  18. I understand i could just post a job there but this is my first comercial application and as such i am unsure of what is the "normal practice".
  19. I have just about completed a substantial project which will be for profit and I am looking to get my code checked for security issues or obvious bugs. I have heard from a friend that there are freelancers which will look over your code as well as check for security issues and I was wondering where you would find one of those or what members of this forum have done in similar situations for their own projects. Thanks Kmaid
  20. That is most of the function however i cut off the top :x function libStripInputSlashes($Data) { $input_arr = array(); foreach ($Data as $key => $input_arr) { $Data[$key] = stripslashes($Data[$key]); $Data[$key] = htmlentities($Data[$key]); $Data[$key] = mysql_real_escape_string($Data[$key]); } return $Data; } I am afraid i dont remember why i put that in i wrote this code a while ago only to deal with $_POST and $_GET but have since needed more from it. I worked from http://uk3.php.net/foreach and have been playing with it for a bit my original idea was to temporarily store the variables in $input_arr and then save them back into the original array. However I have been staring at this code for a bit and it seems to make less and less sense
  21. You normaly escape special chars with \
  22. I am afraid i don't know how to answer your original question however you may find this library of use even if it is just looking at how they dealt with it. Its pretty sweet it turns Associateive arrays into XML and back again. It even works with 2D arrays http://www.phpclasses.org/browse/file/9370.html
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.