NotionCommotion

I have several "sites" located in my html directory, and each has a "general" access point and an "administrator" access point: /var/www/html/site1/index.php /var/www/html/site1/administrator/index.php /var/www/html/site2/index.php /var/www/html/site2/administrator/index.php /var/www/html/site3/index.php /var/www/html/site3/administrator/index.php All sites are similar except that data will be specific to site1, site2, or site3, etc. Users who log onto /var/www/html/siteX/index.php are totally unrelated to those who logon to /var/www/html/siteX/administrator/index.php, will have different logon credentials, are stored in different DB tables, and each should have their own session. If a user logs off of either the general or administrator site, it should not effect the other site even if they were previously logged on to both on the same PC (and of course not effect other sites). When a user logs off, I would like to destroy their previous cookie and associated session. Users for either will only use https. I am using Apache to rewrite https://www.mysite.com/ to https://mysite.com/. While I named the administrator site "administrator" above, the administrator user has the ability to change the directory name. I am thinking I need to use session_set_cookie_params to specify where I wish the session cookie to be stored since /var/www/html/siteX/administrator/index.php is a sub-directory to /var/www/html/siteX/index.php, but am not really sure. Sorry for the cryptic post, but I am not very well versed in this subject. How would you recommend setting up cookies/sessions for this scenario? Thank you

Don't understand your tables, the the general approach is to JOIN your tables, and then use the LIKE keyword.

Try running these lines all by themselves. What does the error say? Always try to make your code easy to read. Given all those quotes, I would tend to use "hello '{$name}'" format (and I never put ticks around table/column names, but maybe I should?). Also, offtopic, but look into PDO. <?php $aa = "author"; $bb = "publisher"; $cc = "yearpublished"; $dd = "genre"; $strSQL = "SELECT * FROM `books` WHERE author = '".$aa."' AND publisher = '".$bb."' AND yearpublished = '".$cc."' AND genre ='".$dd."'" "; ?>

Thanks _Alex and mac_gyver, I've since changed to passing an array, and am very happy I did so.

Would I be correct in that you don't believe the controller should be responsible to take "formatted" content and bring it back to the format desired by the model (i.e. my original question). If not, where? Below represents one of my typical controllers. Seem reasonable? Don't worry, I won't get upset if you say it isn't class someController { public function saveRecord() { header('Content-Type: application/json'); $validate=new validate($someStuff); $data=$validate->sanitize($_POST); $errors=$validate->validate($data); if(empty($errors)) { $model=$this->getModel(); $id=is_null($data['id'])?$model->addRecord($data):$model->updateRecord($data); if($id===false) {$errors[]='Unexpected error saving data.';} } else {$id=false;} echo json_encode(array ('errors'=>$errors,'id'=>$id)); } public function display($record_status='active') { $model=$this->getModel(); if($data=$model->getData($_GET['id'],$record_status)) { $data=$this->addExtraTwigVariables(array( 'data'=>$data, 'contacts'=>$model->getContacts($data['id']), 'menu_main'=>array('menu'=>$model->getMenu('b_main'),'active'=>ID_com_accounts) ) ); $this->displayPage($data,dirname(__DIR__).'/templates'); } else {$this->missingPage();} } }

Thanks tryingtolearn, I agree one could make it overly complicated and in turn overwhelming, however, believe a simple MVC pattern makes life less complicated. The controller you say... Is the controller also where validation occurs as they are very similar functions, or is the model also responsible to protect itself before inserting data? Also, what do you mean by "the admin side"? Thanks _Alex. What do you mean by Frontend and Backend? Is this like client and server? Are collections, services, entities, and mappers MVC terms or something else?

Using MVC, the controller does some logic, gets data from the model, and the view presents the content. Where should the reverse be performed? For instance, I have an edit page which is pre-populated with values from the model, and the view changes 1000 to $1,000, 0.4 to 40%, and 2014-10-09 09:31:41 to 10/09/2014 09:31:41 AM. Now I need to save the values, and must convert them back to their original format before doing so. Should this functionality be performed in the controller, model, or view? Thanks

I have some function or method. Is there a better design patter to implement this? function myFunction($a=null,$b=null,$c=null,$d=null,$e=null,$f=null,$g=null,$h=null) { //Do a bunch of stuff } Maybe the second function? function myNewFunction($data=array()) { $data=array_merge(array('a'=>null,'b'=>null,'c'=>null,'d'=>null,'e'=>null,'f'=>null,'g'=>null,'h'=>null),$array); //Do a bunch of stuff } Please provide decision making factors why you would use one approach over the other.

Hello mstevens, Have you attempted to execute your code? Did it give you any descriptive error descriptions? If not, turn error reporting on! When you do, it will tell you that you can't have back to back else statements and must close your first if-do code.

You can't do so with static classes. See http://php.net/manual/en/language.types.string.php#language.types.string.parsing

It looks like your file upload dialog is some sort of JavaScript plugin, right? If so, your problem revolves around your configuration of the plugin and not the server-side PHP which processes the file. Also, I am sure you already did so, the dialog seems to validate that only files of specific extensions could be uploaded. You did try to upload these file types, right?

$_POST is empty, so you are not correctly posting data from the client to the server. As such, it has nothing to do with your script that handles the POST data, and only your script which creates the initial HTML. To troubleshoot, the first thing you should do is verify that the rendered HTML is valid. Often, a site requires authentication and sessions, and the validation site cannot handle. As such, the best approach is direct input of HTML using http://validator.w3.org/#validate_by_input. To obtain the HTML, don't use the PHP script directly, but use your browser to display the HTML. Only once you know you are posting the correct data, start working on the script that validates/saves the data.

Have you validated your HTML? http://validator.w3.org/ Do you have a form around your inputs? What is $pb1 and $pb2 all about?

Thanks Kicken, I've never used Moment.js, but was considering it. Or as you suggest, maybe I should just format it server-side and be done with it.

I asked a similar question on http://forums.phpfreaks.com/topic/291982-where-should-dates-be-formatted/, but never received an answer to the question I really needed help with. Server can provide some JSON such as the following. I wish the date to be displayed like "10/09/2014 09:31:41 AM". I "could" use the server to format the date, but I understand that this is bad practice as it is not the view. Note that I might be using handlebars to render the JSON to HTML, however, I don't think this is relevant. Please provide recommendations on where and how the date should be formatted. Thank you [ {"id":123,"filename":"someFile1.pptx","datetime":"2014-10-09 09:31:41","size":"6299 KB"}, {"id":321,"filename":"someFile2.pptx","datetime":"2014-10-29 04:35:42","size":"4629 KB"}, {"id":444,"filename":"someFile3.pptx","datetime":"2014-10-19 02:33:43","size":"6599 KB"} ]

I typically just have one or maybe a couple of entry points: index.php //error settings, date settings, etc... session_start(); //based on $_GET['page'], figure out which part of script to run...

No, it is perfect as is assuming you want it to do exactly what it does. If you want it to do something different, please let us know what that is.

What is the value of $_POST['quantity']? Is it an array? To check, use print_r() or var_dump().

Start using PDO for your database interface. Also, try to separate your HTML generation and your database and logic. OOP makes it a little more straight forward, but isn't necessary.

What about the following? Also, you might wish to consider a template engine like Twig. echo "<td>" . ($row['quantity']?'In Stock':'Out of Stock') . "</td>";

The JSON document is a list of data which is used to add content to the current page where the dates should be formatted like "10/09/2014 09:31:41 AM". Yes, it "could" be parsed client side, however, JavaScript doesn't seem to have a clean way of doing so. [ {"id":123,"filename":"someFile1.pptx","datetime":"2014-10-09 09:31:41","size":"6299 KB"}, {"id":321,"filename":"someFile2.pptx","datetime":"2014-10-29 04:35:42","size":"4629 KB"}, {"id":444,"filename":"someFile3.pptx","datetime":"2014-10-19 02:33:43","size":"6599 KB"} ]

Thanks Jacques, What if the server is generating JSON instead of HTML?

When just generating HTML, where should dates be formatted? What about when generating JSON (I've found that date formatting is not so straight forward using JavaScript)? Are there factors which may make one approach better than the other (i.e. querying one record versus a list of records)? How important is consistency of an approach? Any other factors I should consider? Please provide rational for your decision. Thank you At the database? DATE_FORMAT(my_date, "%m/%d/%Y %r") AS my_date In the controller? $date = new DateTime($my_date); $my_date=$date->format('m/d/Y'); In a twig or smarty template? {{ mydate|date("m/d/Y g:i A") }} At the client using handlebars and the Moment library? UI.registerHelper("formatDate", function(datetime, format) { if (moment) { f = DateFormats[format]; return moment(datetime).format(f); } else { return datetime; } }); ... {{formatDate MyISOString "short"}}

$temp is set to an array containing the filename and file extension, and then $extension is set to the last element of that array. The code is not complete, and you should add something like if(isset($allowedExts[$extention] {... to ensure only valid files are uploaded. In regards to $newfilename, it changes the name from "myimage.gif" to "123myimage.gif" where 123 is the user's PK. Why, I have no idea. In then sets $newfilename to "123myimage.gif.gif". Again, why, I have no idea.

Thanks again Jacques1, I will stay away from JS template engines until I have a better need. In regards to my original question, is this safe? Note that I didn't use attr but used href. $(function(){ $.getJSON('getJSON.php', function(list) { var $MyElem = $("#MyElem"); for (var i in list) { $('<a/>', {href: 'index.php?id=' + encodeURIComponent(list[i]['id']),text: list[i]['firstname']}) .wrap("<li>").parent().appendTo('#MyElem'); }; }); });