gizmola

So again, you can check the referer at the top of the script you do not want them to arrive at and just not render the page or do your header('Location: ...) function. You need to figure out why you are getting the headers already sent message! Also once they determine that your only security is the referer check, they can easily spoof the referer using any number of tools and open the page directly. "But Gizmola, how can I stop this?" Use a php session variable! You set the session variable when they visit the required page, and then check for this variable at the top of the "secured" script. Regardless of how you approach this (and I can tell you that using the referer is not the right solution) you will need to sort out your "headers already sent" problem. One hint I can provide you ... include files do not need to have the ending "?>" tag. If you remove it from files you include, you may find this fixes the problem with stray newlines causing output to start inadvertantly. Otherwise, check your files for extra newlines at the bottom and top and remove any you find until the error goes away.

Sorry but that is not possible using the built-in confirm() dialogue. Your only options are the default. You can of course construct your own modal dialogue. For example, a popular way to do this these days is to use jqueryui: http://jqueryui.com/demos/dialog/#modal-confirmation

I'm not sure I want to know why you plan to do this, but I feel that it needs to be pointed out that referer is sent in the http header by the browser. In other words, it is entirely up to the client whether or not it sends a referer, and by the same token it can be spoofed. As to your issue with header already sent, that happens if there has been output prior to the header() call. If you have not sent output, there is probably another reason you are getting this error -- typically some whitespace at the top of your script or some newlines in an include file. The only way you can achieve behavior clientside is to utilize javascript. If you already know that you don't want to send a page to someone, I'm mystified as to why you would send it to them in the first place.

I think I finally understand your question. For one of these "multiple category" postings, how do you know that it is part of multiple categories? I need to know how this is handled in the database, and what column that data is represented in.

What is the primary key of the players table? I'm going to assume it might be something like "id" or "player_id". Here's the table structure: CREATE TABLE list ( list_id SMALLINT UNSIGNED NOT NULL, name VARCHAR(40) NOT NULL, PRIMARY KEY (list_id) ); CREATE TABLE listPlayer ( list_id SMALLINT UNSIGNED NOT NULL, player_id INTEGER UNSIGNED NOT NULL, PRIMARY KEY (list_id, player_id) ); So you add a row in list: insert into list (list_id, name) values (1, 'Franchise Players - 2010/2011'); Hopefully it's obvious that you designate a player as a "franchise player" by having a row in the listPlayer table with the list_id of 1, and the player_id for the franchise player. I'm not sure if I entirely follow you in regards to your structure. When you stated that you have a seperate table for teams, I hope you didn't literally mean that you have a table for every team! A similar type of design where you relate players to teams would be the right approach. That table would also need to have "FromDate" and "ToDate" and then the columns for the statistics. If you had that structure, it might make sense to just have a franchise player column in it.

What is the query you are using and what does the result set look like?

"The Charlie Murphy true hollywood story" from Chapelle is truly one of the funniest things I've ever seen. That story about the couch is classic. I will definitely remember you in the future, purely from that handle. Welcome to the site.

You might try: Says they have over 1500 members.

Hey Keith. That is cool... we don't get many people who admit to lurking for a long time. I've always wondered about this. Took a look at your game site, and it looked pretty nice. I tried to register for a look around but had an issue: The requested URL /explore/register.php was not found on this server. Anyways, welcome to phpf.

hey uroojs, You are off to a bad start here. Nobody here cares whether your need is urgent. This is a free help site... with the important word being "free". It seems you have a lot of different programs you need to write. But the obvious point is.. you need to start somewhere. I would suggest you pick one. I have not read the book you refer to but I did glance at the author's site, and it appears to cover the topics you are asking about. He includes libraries of code, and the book appears to cover important libraries like CURL. As for how to start -- do you have an internet connected server or workstation setup with php? Do you have a text editor? These are the things you absolutely need to get started writing these bots with php. I don't know what else to say at this point... I don't know what you mean when you say you don't know how to start. The book you say you read tells you exactly how to write a variety of bots. Did you try out any of his code?

Like Joel, I would question why you would want to do that. From a functional standpoint, you either need to do that type of activity through application code, or on the backend via a trigger. Triggers are the typical answer. With that said, why is it that you have a seperate table B? If it's simply that there is more information, then you can handle that using a subtype table that has just the additional columns. You would then add a row to this table only in the cases where you need it, but would not be duplicating or moving the data from table a. Additionally you can relationally solve the problem of having "lists" of players, by adding 2 tables that make a many to many relationship between the "listtype" and "player" table that would let you put players in any number of arbitrary lists you desire them to be in.

bindiya, First a comment about your code. I highly suggest that you utilize mysql_fetch_assoc() and use the column names in your code rather than the array positions. That code is unreadable for anyone who doesn't have your database schema, and will be very hard to maintain. if ($row[6] == 'News") will read a lot better if the code is: if ($row['category'] == 'News') I am sorry but in order to help you, I need to understand your question. "But I am not able to give this link to the categories" is not a phrase that makes any sense in english. I could not intuit what you are trying to do purely from your code, so perhaps you can try and re-phrase things.

We will need more information from you on what you are trying to do (and why) as well as any code you have tried so far.

Try this expression. It will even match tables that have the `tablename` characters. (?:from|join)\s[`]?(\w+)[`]? There are some syntax variations where this will not work, but I'm assuming this is a tool for your use and not a generic filter for all valid mysql syntax. For example, there are variations where you can have a list of tables like (table1, table2, table3, etc) . This also won't work right for something like select * from tablea, tableb WHERE

This is the part of the regex that is capturing the pattern after the value=.... ([^\" >]*) Notice that is a character class start with the "^" so it's matching any characters that are "not" in the character class. See the problem?

The preferred answer is to do a count(*) query, using an in-memory cache like memcache to store the cache. You can then decide how you want to invalidate the cache. You could invalidate based on a period of time or invalidate every time there's an addition or deletion from the media_in_folders table for a particular media_folders id. If this is an extremely high-traffic high change velocity site, it is probably better to invalidate based on a time period. In other words, you only want to spend the time to invalidate once every half an hour or whatever makes sense for your site. If you want more accuracy, then your routines that add or delete from media_in_folders should invalidate the cache, which will cause it to be repopulate with a new count(*) query.

Hmmm... That spawns a bunch of questions and comments! 1.) Yes, if the articles were HTML files, then they would be useful in and of themselves, which is a good thing. 2.) Really newbie question... But can I "include" an HTML file and have it work the same way as I have things currently set up using PHP files? (i.e. Can I include and HTML file and insert/mesh it with a larger PHP file so it become one file to the user?) Yes, because PHP and html can be intermingled. PHP drops out of "php parsing mode" whenever it includes a file, until it sees the start of a php block (the <?php). It just depends on what you have in the files. The advantage of .html files is that they will still be parsed by the web server if they are in web space, and of course, because you can use a wysiwyg editor to check that the look of the articles is what you want it to be. One other thing about using include() is that the files in question do not have to be in web space. You can pick a location for the directory that is not under the webroot and it will still work, so you can have a special directory for the articles so that they are not accessible via a url. The pros are that this would be a reasonably high performance solution that requires very little in the way of infrastructure or moving parts. The cons are that you have to upload the files in order to publish them, and you really have no intrinsic way to test them before publishing. There's also a question of navigation, although even that could be built into your system using routines like opendir() & readdir() to build a list of articles. You become highly dependent on the operating system and things like the file creation time, if for example, you want to have a list of articles show in the order in which they were added. Yes those are the benefits, as well as supporting additional related data like user comments. As data piles up, the ability of the database to have indexed searching give you efficiency when you want to do things like paginate articles using different criteria, or provide a list of all the articles by a particular author. There are file based solutions for any of these problems, as well, but you have to add your own procedural code to get the same features. For an article oriented site, it's a good idea to look at the various "no-sql" systems that have become popular in recent years, as a number of them are document oriented. CouchDB and MongoDb would be 2 of particular interest. A relational database isn't very good at dealing with text, and since you brought up meta data, you might find that a document oriented db is a better fit if you're primarily dealing with documents. Probably a larger benefit is that using a database tends to be a better platform for facilitating a web based authoring system based on forms. You can still deal with documents, but there are a lot of permissions issues that come into play.

The query i provided gives you the category and the count in a single result set. Fetch that and format it, and you have your result. However itt will not display any category that has no postlistings. You can remedy that by LEFT OUTER JOINing the category table to the postlisting table. I am of course, assuming you have a category table, although it's not clear to me what the structure is. In your sample query it implies that in the "postlisting" table category is a varchar() that has the actual name of the category in it rather than the category table having a key, and postlisting storing that as a foreign key. Using the GROUP BY query I provided, you would simply fetch the results. You can get them in category name order by tacking on an ORDER BY category at the end, as well. Using a while ($row = mysql_fetch_assoc()) loop is all you really need here. However, in regards to dmoz and other catalogs like that, there is an entire level of complexity involved in the fact that they are hierarchical trees.

To your first point - yes forcing the files to all be in a particular directory would solve the problem I brought up, and is what I'd suggest as well. The regex is correct from the looks of it. Regular expressions can be tricky, but that one is fairly straightforward. It's using a "character class" as denoted by the '[]'. The first character of "^" inside a character class is "not" so from there on you are saying .. match any characters that are "not" the ones in this character class. And from there you have the a-z and 0-9 ranges and the underscore. Because the '-' character is special inside a character class, you can't use it without escaping it, so that is why there is a '\-' at the end. Since I'm on a PC I use http://weitz.de/regex-coach/ for testing of regex routines. While not as fully featured, if you're on a mac you can use: http://sourceforge.net/projects/quregexmm/. They give you a way to interactively test out a regex so you have a better idea of whether or not it's going to work for you. For the case statement - I agree. For a group of url's that will not change, a switch statement would be a good solution. For articles, where the assumption is that you will be adding to them, you want something that will not require you to recode your site every time you want to add a new article. The only question you should seriously consider is whether or not you really want to have your articles be php files, especially if you don't really need or want them to have actual php code inside of them. You can include text files of any type, so this approach would work just as well for .html files and that might even be preferable, depending on your workflow and the tools you will be using to author your articles.

Yes conversion is a detail that requires you to add a temporary column and then update the column using FROM_UNIXTIME().

To get all the counts by category: SELECT category, COUNT(*) as countof FROM postlisting GROUP BY category. This will still require a tablescan of the entire postlisting table. The problem of counts is a common one. For any site with sufficient size of database and user traffic, caching of things like statistics is typically cached for a period of time. Take a look at youtube as an example, and notice that when you watch a video it doesn't immediately show you "views+1".

Also a switch statement is really an alternative to a large "if then elseif " construct, and not applicable to this particular approach.

The concern from a security standpoint is that someone will use this routine to attempt to get the webserver to include a file you wouldn't want them to. There are 2 security provisions here: preg_replace('#[^A-z0-9_\-]#'... is using a regex to match any characters that aren't either alphanumeric or the '_" or '-'. The other provision is that it's adding the .php at the end, so only php files (which will be parsed as php code) will be looked at. The only issue I see is that a person could probably crash your server by causing it to include this script by getting it to include itself, which would recurse until the process ran out of memory or exceeded execution time. This is because the code will include any php file in the same directory as this script, including any of the scripts that are part of your site.

$roll = rand(1, 10);

This might help you as well: http://www.gizmola.com/blog/archives/51-Exploring-Mysql-CURDATE-and-NOW.-The-same-but-different..html