otuatail

Hi I am trying to get as much code out of my PHP pages mainly for security but also to make the website easier to manage. I have lots of functions in a functions page which is in a folder protected by htaccess. I am making calls to a database in the php pages for example $sql = “SELECT DOB FROM Children WHERE Surname = ‘Robinson’”; ConnectDB(5); $query = mysql_query ($sql) or die ("E010A"); $rs = mysql_fetch_array($query) or die ("E110A"); $Surname = $rs[‘Surname’]; Admitedly this is not a good example for only retrieving one value but it is an example. I could move all the code out and create a function in the functions.php file $Surname = GetSurname(‘Robinson’); Now I am keeping most of my database query and table names secret. My problem is I might want to return a recordset not just one value. If I wanted the surname of all the children in Class ‘B’ could I do the same like $Class = GetChildrenInClass(‘B’); This is returning a record set now. I want to get all this code out also in the case that I want to use a different database. If I wanted to to use database 4, I would have to go through tons of web pages changing ConnectDB(5).

Yes Apachie is instolled on E:\Apachie2.2 Config file has DocumentRoot "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/htdocs" <Directory "C:/Program Files (x86)/Apache Software Foundation/Apache2.2/htdocs"> and I have an index.html at that location http://local host is pointing to a totaly difrent location. Thats the problem

Hi I found the config file in apachi. The problem is Windows 7 is ignoring it and looking somwhere wlse. I need windows to look at the folder apach server created.

Hi I have installed apachi server 2.2 on windows 7 64 bit. I got as far as http://localhost and I get a blank page with It works! Dammed if I can find the file. it is supposed to be index.html but I have searched everywhere. Can the location of localhost be changed and if so should I not be able to query the location in apachie? Desmond.

Thanks for that. It appears to have done the trick.

Hi This subject doesn't really have a category but is driving me mad. I use the mail() function to send out emails to a news group forum that I have created. This forum does the same. I am getting the emails placed in a spam folder. Is there any way around this. I have been told that it has something to do with no reverse DNS. I get emails like DoNotReply@bt.com. This email address doesn't exist. How does the email system know this, and is there a way around it. TIA Desmond.

Hi Thanks for this. It's fine now. I never used === before. Not sure I understand it. I suppose that we should use === by default in any if statment or is that wrong? TIA Desmond. THANKS.

Sorry I will show you the code that is used and explain. $user = ValidateKey($_SESSION["Name"] , $_SESSION["PWD1"] , $_SESSION["PWD2"]); // User if($Error == 1 || $user == 0 || $user == -1) { header('Location: index.php'); //echo $Error . " " . $user; exit; } This is the code that checks if the user is valid. ValidateKey() returns: 0 , -1 , md5 value which is the Users md5 key a unique field in the users table. ValidateKey() calls KeyValid() for extra checking. function ValidateKey($name , $pwd1 , $pwd2) { connectDB(1); $Pwd1 = md5($pwd1); $Pwd2 = md5($pwd2); $Ukey = KeyValid($Pwd1,1); // return KeyType ,0=Not found , -1=Key not unique $Ckey = KeyValid($Pwd2,2); // return KeyType ,0=Not found , -1=Key not unique if($Ukey == 0) { // $ErrorLevel = CheckRepository($Pwd1 , 1); return 0; exit; } if($Ckey == 0) { // $ErrorLevel = CheckRepository($Pwd2 , 2); return 0; exit; } if($Ukey == -1)// UserKey not unique { // return 0; exit; } if($Ckey == -1)// Company Key not unique { // return 0; exit; } if($Ukey == 1 && $Ckey == 1) // Everything is OK get the unique md5() { $sql = "SELECT User FROM usersX WHERE UserKey = '$Pwd1'"; $query = mysql_query ($sql) or die ("E0104"); $rs = mysql_fetch_array($query) or die ("E1104"); $ret = $rs["User"]; return $ret; exit; } return -1; // Becase I have not checked for -1 yet. } function KeyValid($val,$type) { $sql = "SELECT K_Type FROM usersX WHERE UserKey = '$val' AND K_Type = $type"; $query = mysql_query ($sql) or die ("E0105"); $total = mysql_num_rows($query); // or die ("E1105"); if($total == 0) $ret = 0; if($total > 1) $ret = -1; if($total == 1) $ret = 1; return $ret; } The possible return values for a succesfull log in are '49dd9bbf77ad7fa4de3befac6306fb52' '3758b32a4832c2ec4cd595c5552a04d2' 'caf9eba77c55ab5ae81a01c25d1987d3' 'afce84ff226407a47c9782a742ba02f7' The last two fail. They don't start with a number. Has it got anything to do with number checking against string checking?

Hi I have got a database table for logging in. One user will not log in even though the data is valid $user = ValidateKey($_SESSION["Name"] , $_SESSION["PWD1"] , $_SESSION["PWD2"]); // User if($Error == 1 || $user == 0 || $user == -1) { // header('Location: index.php'); echo $Error . " , " . $user; // result is 0, caf9eba77c55ab5ae81a01c25d1987d3 exit; } All other user are OK! Strange Desmond.

Forgot to say. In IE, you can't log on. Sorry.

Hi If any one has any spare time or is intrigued in any way. I am constructing a website forum like the one you use. This one requires a log on. It works in FF 6.0, Opera Safari and Chrome but not in IE 8.0. I have filled in the passwords(s) extra security. http://www.des-otoole.co.uk/streetangels/ Many thanks if you can work it out. You just need to push the button (login)

Hi I have a query that returns 1 but in a direct DB query but 0 on the web page. The query is select Count(*) As val FROM Replies WHERE Submitted = '$UID' AND thread = '$Thread'; On the page I get a return value of 0. when I echoed the query and pasted it directly into db it confirmed zero. On closer inspection the query has been spliced. select Count(*) As val FROM Replies WHERE Submitted = '8d90afbc4c3fa30e81eff74460c2b42e ' AND thread = 'd1bc454d4050cb37f0f9bab21d3c0062'; the closing apostraphy is on the next line. putting it back into place and direct into the DB it is back to 1. Is there a reason for this unusual break as I can't understand why the query could ever fail.

The table is not indexed. I was wondering how the internal query would be on count(*) as against count(field)

Ok thanks for this. I need to do this query within another query. Not ideal situation but for speed of sql query is there any difference between $sql = "select Count(*) As val FROM Replies WHERE Submitted = '$Paul' AND thread = '$Thread'" $sql = "select Count(id) As val FROM Replies WHERE Submitted = '$Paul' AND thread = '$Thread'" As * would imply returning all fields in the table?

The only way around it seems is $sql = "select Count(*) As val FROM Replies WHERE Submitted = '$Paul' AND thread = '$Thread';"; $query = mysql_query ($sql) or die ("E0105"); $rs = mysql_fetch_array($query) or die ("E1104"); echo $rs['val']; is this the best way?

Put this directly into an MSsql database and it came back with 0 select Count(*) FROM Replies WHERE Submitted = 'MickeyMouse' AND thread = 'DonnaldDuck';

Then how do I check if I have 1 ,2 or 3 records? I need to check for this somehow.

Hi have a query that returns one even if you through crap at it. Copy the query into a database directly and it gives the correct result. $Paul = '8d90afbc4c3fa30e81eff74460c2b42e'; $Thread = 'd1bc454d4050cb37f0f9bab21d3c0062'; // crap data $Paul = 'MickeyMouse'; $Thread = 'DonnaldDuck'; $sql = "select Count(*) FROM Replies WHERE Submitted = '$Paul' AND thread = '$Thread';"; $query = mysql_query ($sql) or die ("E0105"); $total = mysql_num_rows($query); // or die ("E1105"); echo $sql . "<br>"; echo $total; Strange! Desmond.

You said That is nothing to be too concerned about. Just add a SERVERNAME directive within your httpd.conf file (or ignore the error). I said that when Apache is installed. opening a browser and typing in http://localhost/ Dosn't work. I should get a default (index.php) page.

Ok but http://localhost/ can't find this I followed a book using mydomain.com www.mydomain.com admin@mydomain.com Also I changed the instalation from c:\program files to C:/Apache2.2" I have also in the config file THIS means nothing to me minus the comments ServerRoot "C:/Apache2.2" Listen 80 LoadModule actions_module modules/mod_actions.so LoadModule alias_module modules/mod_alias.so LoadModule asis_module modules/mod_asis.so LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule authn_default_module modules/mod_authn_default.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authz_default_module modules/mod_authz_default.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule autoindex_module modules/mod_autoindex.so LoadModule cgi_module modules/mod_cgi.so LoadModule dir_module modules/mod_dir.so LoadModule env_module modules/mod_env.so LoadModule include_module modules/mod_include.so LoadModule isapi_module modules/mod_isapi.so LoadModule log_config_module modules/mod_log_config.so LoadModule mime_module modules/mod_mime.so LoadModule negotiation_module modules/mod_negotiation.so LoadModule setenvif_module modules/mod_setenvif.so <IfModule !mpm_netware_module> <IfModule !mpm_winnt_module> User daemon Group daemon </IfModule> </IfModule> ServerAdmin admin@mydomain.com DocumentRoot "C:/Apache2.2/htdocs" <Directory /> Options FollowSymLinks AllowOverride None Order deny,allow Deny from all </Directory> <Directory "C:/Apache2.2/htdocs"> Options Indexes FollowSymLinks AllowOverride None Order allow,deny Allow from all </Directory> <IfModule dir_module> DirectoryIndex index.html </IfModule> <FilesMatch "^\.ht"> Order allow,deny Deny from all Satisfy All </FilesMatch> ErrorLog "logs/error.log" LogLevel warn <IfModule log_config_module> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common <IfModule logio_module> # You need to enable mod_logio.c to use %I and %O LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio </IfModule> CustomLog "logs/access.log" common </IfModule> <IfModule alias_module> ScriptAlias /cgi-bin/ "C:/Apache2.2/cgi-bin/" </IfModule> <IfModule cgid_module> </IfModule> <Directory "C:/Apache2.2/cgi-bin"> AllowOverride None Options None Order allow,deny Allow from all </Directory> DefaultType text/plain <IfModule mime_module> TypesConfig conf/mime.types AddType application/x-compress .Z AddType application/x-gzip .gz .tgz </IfModule> <IfModule ssl_module> SSLRandomSeed startup builtin SSLRandomSeed connect builtin </IfModule>

Hi this should work. Have downloaded httpd-2.2.19-win32-x86-no_ssl.msi and installed on Windows 7(64). It goes through fine then I get httpd.exe could not reliably determine the servers fully qualified domain name, using 192.168.1.100 for servername. Any help on this TIA Desmond.

Ok Problem solved Thanks to http://www.dbforums.com r937 SQL Consultant It just needed an extra field created using a case statment. SELECT Threads.owner_id , Threads.Subject , Threads.CreateDate , CASE WHEN Replies.Submitted IS NULL THEN 0 ELSE 1 END AS zero_or_one FROM Threads LEFT OUTER JOIN Replies ON Replies.thread = Threads.Thread AND Replies.Submitted = $ME

Is there any help with this query or is it impossible.

What I want is if Jimmy logs on and sees all the current threads, all threads that Jimmy has replied to will be indicated by an icon or symbol against that thread. That's a job for EXISTS If this is the case how do I use it because it is only You EXISTS against this thread id.

Hi Guys. I need your DBA skills with a query. I have created a news group similar to the one you are using. It is quite advanced now. The users table even stores the last two time a user logs on so it can hi-light any threads (this is what I have called them) since the last time the user visited. In addition to adding a reply to the replies table I also duplicate the user Id an date in the threads table to make the main news group query easier. Ok so it is a small duplication. My problem is has a user participated in a thread. I’ll explain with a cut down of the two tables. CREATE TABLE IF NOT EXISTS `Threads` ( `id` int(11) NOT NULL auto_increment, `Thread` varchar(32) default NULL, -- for anti-hacking this is an md5() `owner_id` varchar(32) default NULL, -- Owner is also an md5() value `CreateDate` datetime default NULL, `UpdateDate` datetime default NULL, `Subject` varchar(80) default NULL, `Content` text, CREATE TABLE IF NOT EXISTS `Replies` ( `id` int(11) NOT NULL auto_increment, `thread` varchar(32) default NULL, `Submitted` varchar(32) default NULL, -- this is the owner id `SubmitDate` datetime default NULL, `content` text, PRIMARY KEY (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 PACK_KEYS=0 AUTO_INCREMENT=1; Ok so if I now say SELECT Threads. owner_id, Threads.Subject, Threads.CreateDate From Threads,Replies WHERE Threads.Thread = Replies.thread and Replies. Submitted = $ME This would only show threads that you the user have participated in. This NOT what I want I want all the threads, but If I could only check the replies table to see if you participated in this subject/thread, I could put a symbol against the thread to indicate that you have participated in this. I would for my simplicity like a true/false or better for me a 0/1 field in the returned query. Any ideas on this TIA Desmond.