gizmola

Welcome to phpf.

Ok, I see what you are saying -- yes there is a difference between the Wordpress "service" and the open source php software that Wordpress provides. I guess a lot of people aren't aware of that.

I don't even know what you're trying to say here or how that applies to the original question. Every webhost allows you to have multiple websites. They'd be useless if they didn't.

The basics of getting a grouped result like that is to do a GROUP BY tutor_id or whatever is the column that indicates the tutor. You can then include the summary count(*). SELECT tutor_id, COUNT(*) AS countof WHERE .... GROUP BY tutor_id ORDER BY countof DESC

We don't know what id is, so I'm going to just take a guess that what you mean is that you want to retain the groupings of the 3 seperate queries, even though you are combining them into one result with the union. SELECT *, 1 as grouporder FROM table WHERE city='Jaipur' and subjects LIKE '%All Subjects%' UNION SELECT *, 2 as grouporder FROM table WHERE city='Jaipur' and (subjects LIKE '%All%' or qualifications LIKE '%All%' ) UNION SELECT *, 3 as grouporder FROM talbe WHERE city='Jaipur' and (subjects LIKE '%Subjects%' or qualifications LIKE '%Subjects%' ) ORDER BY grouporder, id DESC

All the blogs and cms systems allow you to create your own templates. In most cases the templates require an understanding both of php programming, and the internals of the package, but the well known ones like Wordpress, Serendipity, Joomla and Drupal, all have lots of free templates you can examine and use as the basis for your own template. Find one that is close in the package that appeals to you, copy it, and modify it.

I would say that loading, rendering and saving rendered output to some sort of image file that reflects what a print view of excel, word and powerpoint documents is what I would consider a "non-trivial" task to say the least. Anything is "possible", but I don't know of any open source libraries you could use other than open office. It is conceptually possible to call java routines using the java bridge, but I have no idea if that's a viable path. Hopefully I've provided you a few ideas to explore.

If you know C very well you can probably develop a php extension. Being on linux, I'd take a look at open office which is written in java, and see if that might not make a good basis for a lot of this system, since open office can load in a lot of the microsoft files.

I think you have a lot of good ideas there. One other thing you can do is -- if this is a software as a service business, you can create a new database and user combination whenever you provision a newcustomer. This allows you to generate a seperate user/pw for each customer so you get separation there, and you can write that out to an individual customer config file. The other thing that is nice about that idea is that you can de-provision an entire customer dataset without causing any issues by mysqldumping/bzipping the database and dropping it, and you still have a way to bring it back to life if the customer wants to come back at some later data. For security of assets, yes all the php file oriented routines work filesystem permissions and don't really know about the webroot unless you're ever employing url wrappers. So this allows you to employ whatever walls you want, although you do of course take the performance hit. For asset storage you probably should take a serious look at a nosql db like membase. Zynga is one example of a company using membase to store assets. http://www.membase.org/

Typically people will use regular expressions to deal with complex pattern matching.

I was just replying to something requinix posted.

Yes if the Private key remained on the workstations then whenever data was saved to mysql the server could use the public key to encrypt it, and even if the server was compromised, someone without the private key would not be able to decrypt it. With a fat client application you have many options including having all the encrypt/decrypt happen on the client and just using the server for storage of data. The question I would ask is this: you allow the client workstations to have these keys. If your entire concern is that you don't want a box sitting on the pubic internet, then why not configure a private server, and use a vpn technology to control access to it, and then you could just concentrate on application functionality?

I'm not sure what you're asking, but there are htmlentities perhaps? http://www.elizabethcastro.com/html/extras/entities.html

There is a function that will return you all the timezones. I personally save the timezone string and there is a seperate timezone object that you can create and then pass to the various date routines to facilitate conversion. Make sure that your server is configured to use GMT and that you are always storing GMT then use the user's timezone to change the time when you need to display it to them. $tzs = DateTimeZone::listIdentifiers();

Well PHP doesn't provide binaries for any linux distros directly, leaving that to the individual package maintainers.

So in summary, it seems the problem here is that you don't understand how mod_rewrite works. I don't mean to be flippant, but this is a common question. In a nutshell, mod_rewrite is near impossible to understand if you don't understand the basics of regular expressions. It looks like you have cut and pasted someone elses rewrite rules but they don't correlate to your system. Let's go back to something you had earlier. Let's assume your script is named "thescript.php". It takes a single get parameter of "page=". You want your rewrite rule to work like this: yourdomain/portfolio/1 -> becomes yourdomain/thescript.php=1 You have been close to the right answer, but it looks like you have not been able to keep straight the difference between php and php variables (with the $ in the name) and things in mod_rewrite which have nothing to do with php and don't know anything about php variables, but that is just a guess. My best guess for you is: RewriteRule ^portfolio/([0-9]+) thescript.php?page=$1 [L]

Oh now it's ONNNN!!! Flyers. After tommorrow I may be despondent but I feel like after posting 54 shots, we are due for a win. Concentrating tomorrow will be difficult though. *adjusts Bruins hat*

I think we've explored this as much as possible. I'll stick by my two comments which are that this is a very odd design, and employs pk crypto incorrectly. The other issue with this thread is that it's misleading in that it has almost nothing to do with the OpenSSL library. Although the problems being solved were never articulated in the thread, I assumed based on statements made by the OP that one of the main goals was having some rows in the database that are encrypted differently from others, but as it turns out, everyone who accesses the system has the same key. I've pointed out repeatedly, that when users are accessing the application, the application passes the key to the data, and so to his point, there is some additional level of security in that the private key is not being stored on the server, however, if I compromise the server all I need to do is intercept the key being passed, which is exceedingly simple, since it's coming in a cookie, since i can easily get apache to log the cookies. Overall, it seems that the OP is happy with his design, and I feel I'm just repeating objections. I'm appreciative that he he shared his encrypt/decrypt code, but I feel it important to note that you can only safely encrypt from 50-100 characters of data using these routines. There's no difference really between using this method or using mcrypt with an encryption key.

It's not the character codes, but I'm not understanding why you are using them all over the place. Why not just this (errors fixed either way): echo "View all Partners\n"; One other thing --- it's best not to use $_SERVER['PHP_SELF']. Instead use basename($_SERVER['SCRIPT_FILENAME']). There are numerous blogposts you can find about why PHP_SELF should not be trusted.

Give this a try: /\

Well Search is a javascript class which has been declared previously someplace with function Search() { } That code is using the "prototype" keyword to add a getSearch() method to the Search class, as well as any objects of Search that might have been instantiated. Javascript lets you do that. At some point I you could have code like this someplace: asearch = new Search(); asearch.getSearch('http://www......');

Flyers. After tommorrow I may be despondent but I feel like after posting 54 shots, we are due for a win. Concentrating tomorrow will be difficult though.

In your WHERE clause, if there is some combination of columns that can be used to uniquely identify one row from another, then you should use that, omitting the 'AND quantityHand='$data[2]' from the SELECT since it seems that is not what you want. With that said, it seems like this question is morphing, and that we've solved your initial issues. If you're now onto some new problem, please make a new thread with a new title that better reflects what your struggling with, and mark this one solved.

So if I understand you correctly you used just the crypto portion which is the exact same libraries as those used by mcrypt. requinix pointed out already a major issue with what you're doing, and it's really no different than passing some ciphertext with every connection. -If i can get access to any of the workstations I have access to the data -Even with this system in place, if I get access to the server, I can put capturing in place that gets the decrypted data. -I'm assuming you are backing up all these key pairs someplace, since the most likely thing to happen is that the harddrive will die in one of the workstations or the server. If one of the workstations die, and you lose the key, that data can't be decrypted. If all of this convolution has been designed because this application is in service of an industry that has some form of regulation in place, then I guess it's understandable, but what would make more sense is that there would be a client application that was configured with a private key and had a corresponding public key on the server. The save routine for a row would use the corresponding client public key to encrypt the data before storing it in the database. The Private key would never be sent. Encrypted data in the database can not be decrypted by anyone except for the client that sent it. The client application would then use the private key to decrypt the data whenever it would need to be viewed. And of course the danger of losing the private key is the same -- it is catastrophic total loss of all encrypted/stored data for that client.

Have the links look the way they need to be so that if someone typed one in, it would work correctly. It seems like you want to make this more complicated than it is.