Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by gizmola

  1. HTTP based API's typically have a design. One popular way of creating an API is to utilize REST. I would encourage you to search for "REST API" and read some articles on it. It is not a cut and dry thing, but there are some important concepts to understand, and the best practice for applying HTTP methods GET/POST/PUT/DELETE as well as understanding the idea of idempotency in relation to resource location. Generally speaking, most api's are REST api's. It's also been a common best practice in most cases to utilize json as the format of data transfer (which is not dictated by REST or RESTfulness). Where OOP comes in, is that you want to think about and abstract the "entities" your application works with. As OOP is great for organizing data, I would highly recommend its use, and to think about the entities present in whatever application you are trying to create. There is a lot of overlap in these areas, with relational database design.
  2. To understand the code, you should debug what the $words array looks like. The reason the code currently works to sort by occurrence, is because the array looks like this: array ( 'red' => 7, 'mailbox' => 2, ) Barand gave you the answer, but you need to understand what the difference is between the two functions and when to use one vs the other.
  3. Your question is lacking in clarity. From what you've written, you have some sort of sale, and you want to offer a "button" that does "something" related to some other person potentially purchasing something on "the site". Who is this other person, and how are they to be identified? It sounds to me like what you are describing is like an affiliate or customer referral code. I'm not sure why they would need to click on a button, or what that button would do, unless it is just taking you to another page that includes a url parameter back to your site. Certainly, you can do something like this, but there isn't any magical code(z) floating around that make this work, unless this is functionality that is part of whatever e-comerce module you are using with your current system.
  4. I suggest using the model that Barand supplied. For the booking table, you create a unique index on screening_id, seat_id, and at that point you are protected from double booking for a screening. You can easily query for tickets sold for a screening, and can also determine what seats are available with a query like this: (Note, you constrain this query, knowing in advance the screen_id (I used 1 here) and the screening_id (used 35). In php these values would be fed into the query as parameters, but this is just an example: SELECT s.id, s.row, s.seat_no FROM seat s LEFT JOIN booking b ON b.seat_id = s.id AND b.screening_id = 35 WHERE s.screen_id = 1 AND b.id IS NULL
  5. I guess you don't understand that phpfreaks is a free site, with expert help provided by volunteers. Given the fact that everyone is donating their time and expertise to try and help people like yourself, the argument that you host a free site with source code you got from somewhere else for free, means you shouldn't ever have to learn anything (which can be learned in a few hours) will not get you much sympathy here.
  6. Make sure that none of your scripts have an end php tag in them. It is not needed and can often result in output being started accidentally. <?php // stuff ?> // <--- remove these from the end of all .php scripts.
  7. I have a note that the reverse engineered underlying code that will work with 8.x is this: SELECT CONCAT('*', UPPER(SHA1(UNHEX(SHA1('password')))));
  8. That is interesting to note. The main reason people used to use MyISAM tables intermixed in a database with InnoDB was to support fulltext indexing. Innodb didn't support fulltext search until version 5.6.4 which was released late in 2011.
  9. I don't know what functionality that is only in the MyISAM engine at this point. That is why Innodb is the default engine. With that said, the engine gets set for each table, and you can even alter the engine of an existing table, so it's possible to intermix them, but things like declarative referential integrity, transactions and row level locking only work with InnoDB tables.
  10. What the heck is this code? $customer["id"]; $customer["firstname"]; $customer["lastname"]; $customer["fullname"]; $customer["business_name"]; $customer["email"]; $customer["phone"]; $customer["mobile"]; $customer["address"]; $customer["city"]; $customer["state"]; $customer["zip"]; $customer["business_and_full_name"]; $customer["business_then_name"]; I have no idea why you would think that adding 5ms of sleep would help anything. Your PDO code should be using a prepared statement. Then you simply execute the statement in a loop, passing the data each time. It is well known that MySQL inserts are much faster if you do multiples: INSERT INTO Table (col1, col2) VALUES (?, ?), (?, ?), (?, ?).... This is one place where PDO doesn't have a built in solution, so you have to build your own, as Barand helpfully provided an example. It is possible to have limits on the size of a query, but would require a lot of data. Changing of that limit is dependent on what mysql library you are using, so I leave that to you to research. For example, if you are using mysqlnd, then a PDO runtime parameter changing that size is ignored. A good hybrid option would be to create a batch system where you load an array of the values inside the outer foreach, build the statement from that array, and prepare the statement and pass the array to the bind. However, the first stab I would take, would be to simply do a prepare and execute loop with a single transaction. $query = "INSERT INTO Customer (SyncroID, CompanyName) VALUES (?, ?)"; try { $pdo->beginTransaction(); $stmt = $pdo->prepare($query); foreach ($customers as $customer) { if (!empty($customer['business_name'])) { $stmt->execute([$customer['id'], $customer['business_name']]); } } $pdo->commit(); }catch (\Throwable $e){ $pdo->rollback(); throw $e; } Todo this type of thing effectively you need to make sure that the PDO connection has $conn->setAttribute( PDO::ATTR_EMULATE_PREPARES, false ) and $conn->setAttribute( PDO::ERRMODE_EXCEPTION, true).
  11. I looked at the code, and it's fine. As others said, I'm not sure why it matters, if you are planning to use this as the basis for a project of your own, unless you are planning to try and pass the code off as something you wrote yourself.
  12. You really need to define what "I do have dedicated access to this whole server." If this statement is in anyway true, there is no reason for this to be so hard. I have no idea what you are talking about here, nor why this is a problem. Now, let's assume that you have 2 users you actually can connect to your server with and execute queries with a php program: db1user db2user While this is a needlessly inefficient method, you can do what you are requiring by writing a php program that: Makes 2 connections db1Connection db2Connection Selects data from db1.$g and fetches it all into an array foreach through the db1 result insert a db2.$g row There are many potential issues we can't address because you didn't even begin to describe the actual table structure of the $g table is (and why are you using a $ in the table name?), or how you will figure out what data from db1 you need. For example, if you have an auto increment primary key in the table(s), then you can't just take db1.$g.id = 300 and insert the whole row into db2.$g if for example, there is already a row with that id. What is the purpose of this exercise. If people know what you are trying to accomplish and why, there might be some other solution to solving the actual problem.
  13. The simple answer is that you de-couple the front end and the back end. The typical way to do this is to create an API for your backend code. Most frequently people choose a REST api. This is where the major frameworks (symfony, laravel, api platform) are extremely helpful and productive. There are some people who have a lot of negative things to say about Api platform, but it's purpose built for creating a backend api. From there you build your clients (javascript/native app or mobile framework app) against the api. This is really how large scale applications work.
  14. I'm not entirely sure what you are asking here, but PHP has arrays that are extremely flexible. An array element can contain a nested array, and you can also have multi-dimensional arrays. You can also mix arrays and class objects together, as in having a class, creating an object of that class and assigning it to an array, such that you have an array of objects. Either of these ideas could help you represent the data you have in your table. Arrays can be easily traversed using for loops or foreach.
  15. @Olumide Just a suggestion for you -- using var in javascript is frowned upon now when you have const and let.
  16. I don't see the issue. Can you clarify what you mean? When I look at the calendar on your site, as an example, Dec. 3, 2023 is a Sunday, which is correct.
  17. Using .env files is best practice, but probably not for the reasons you think. The main reason for those, is that previously people had a bad practice of actually putting credentials into files, and then they would get stored in source code repositories. What I would do with your project is to move all the files that can be directly called or referenced from "web space" ie. within or below the "web root" directory for the web server. What I'm going to describe to you is what pretty much all web projects do these days. So what I would do here, is create a public folder in your project. I would then move all the web directories (css, img, js) into it, as well as index.html, leaderboardtable.php and word-comparison.php into that directory. The .htaccess should also be in /public Note that these changes will break the application, and you will need corresponding changes, including regeneration of the autoload file with composer (assuming that is being used). The web configuration should then set the webroot to this projectname/public directory. At that point, you should notice what is no longer in web space: any project files the .env file dot files in the root the /vendor directory Depending on your web stack, there are additional tweaks you can make that might have some additional security benefits, if for example you are using fcgi/php-fpm or nginx with those etc. In those cases, you can utilize separate users for the php code and the web server, but at very least, moving anything out of "web space" means that you no longer have to try and knock down holes in a .htaccess, as users will only be able to directly reference the things you want them to, and there is no way they will be able to explore web space with the web browser, and potentially access a file that is used in your project.
  18. Consider the name of the feature. "Auto Loading" is a long standing feature of php that "automatically loads" a class simply by using it in your code. <?php $newObj = new MyClass(); By default, PHP has had a feature going all the way back to early versions, that would search particular directories you specified in the php.ini configuration file, looking to find a file that contains the definition for the file MyClass. Of course this had problems, including the fact that you could only have one "MyClass" defined. Any sophisticated PHP project, whether that be a forum, framework, cms etc., would need to keep its classes separate and distinct, and the potential for naming conflicts was significant. This is one of the reasons PHP added namespace support, so that a component library was free to name and structure its classes in whichever way was best for the developer, and still allow its classes to be used by other developers without conflict. Some of the leading framework and library project developers got together and formed FIG, in order to create standards documents, which they did for autoloaders in PSR-0 and then PSR-4. You should read those PSR's, or at least PSR-4 which is the current standard for how an autoloader should work, and how classes should be namespaced. At this point, because people should be using composer to manage the libraries and dependencies of their projects, and composer will generate the autoloading code, to include. If you follow the chain of code that is generated by composer, you'll see where it calls spl_autoload to register the custom autoloader code.
  19. Most discussion is in the PHP coding help, and at times the Client Side sub forums.
  20. This is not a panacea, but you could change the all_setting function to this: public function all_setting() { $query = $this->db->query("SELECT * from tbl_settings WHERE id=1 ORDER BY id"); if ($query) { return $query->first_row('array'); } else { return array(); } } Then your modification would work.
  21. 100% what Mac advised. $firstname = mysqli_real_escape_string($con, $_POST['firstname']); $lastname = mysqli_real_escape_string($con, $_POST['lastname']); $datereg = mysqli_real_escape_string($con, $_POST['datereg']); This is like something from an antiquated tutorial. Nobody does this now. PDO is much better -- so much so, that I don't think there's a staff member or veteran/pro developer on this site that uses mysqli unless they are working on a project that was already using it. With that said, if changing to PDO is too much of an issue for you now (although it probably could be converted in less time than you think). then here's a good tutorial to look at. It's also painful to look at code that uses the procedural interface, when the oop interface is cleaner and easier to understand. Since you used it, I provide the procedural interface example below. Your code will be something like this: $query = "INSERT INTO persondetails (firstname, lastname, datereg, address, phone, email) VALUES (?, ?, ?, ?, ?, ?)"; $stmt = mysqli_prepare($con, $query); mysqli_stmt_bind_param($stmt, 'ssssss', $_POST['firstname'], $_POST['lastname'], $_POST['datereg'], $_POST['address'], $_POST['phone'],$_POST['email']); mysqli_stmt_execute($stmt); if (mysqli_stmt_affected_rows($stmt) === 1) { $_SESSION['message'] = "Info Added"; } else { $_SESSION['message'] = "Failed to Add"; } header("Location: personcreate.php"); exit(0); One other comment: use the proper database types and your application will be better. $_POST['datereg'] Should be a DATE/DATETIME/TIMESTAMP value. Using any of these is better than storing a CHAR/VARCHAR in the database, from a data integrity/storage size and usability standpoint. Using a string to store a date is just bad/lazy design.
  22. The best way to debug ajax calls like this is to use your browser developer tools. I typically use Chrome. You should open the network tab, and look at the request and response data, in order to figure out where your problems might be.
  23. Yes he literally told you that it is wrong. It's the query in get_student_details.php. WHERE sc.semesterid = :semesterId Should be WHERE s.id = :studentId And your bind parameter needs to be changed. This is wrong. // Bind parameters $stmt->bindParam(':semesterId', $studentId, PDO::PARAM_INT); Should be: // Bind parameters $stmt->bindParam(':studentId', $studentId, PDO::PARAM_INT);
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.