[Help with an email form plz]

To the best of my knowledge you don't have to set up anything. The mail() function should just work in a php environment.

[Obtain new id of new item added to mysql table]

Just after the insert query do a call like this:

$recordid = mysql_insert_id();

Check it out [a href=\"http://pt.php.net/mysql_insert_id\" target=\"_blank\"]here[/a]

[Template and php seperate?]

Check out [a href=\"http://smarty.php.net/\" target=\"_blank\"]smarty [/a]or [a href=\"http://pear.php.net/package/HTML_Template_Flexy\" target=\"_blank\"]flexy [/a] template systems.

[Hash and recover a string]

I was wondering which option would be more efficient:

insert the postcard record (without the hashed key), recover the last_insert_id, use a random password script (like the one posted here) on the time and last_insert_id - this should make sure the key is always unique since the id will always be so, right (if not please say so)? And last update the postcard record with the generated key.

or do a count like described before, and if that key exists generate a new one. And then insert the whole postcard row.

Both options require two connections to the database. But if the database will tend to get big over time isn't a count query more resource intensive than a regular update query?

Thanks

[Hash and recover a string]

Thank you both [img src=\"style_emoticons/[#EMO_DIR#]/laugh.gif\" style=\"vertical-align:middle\" emoid=\":laugh:\" border=\"0\" alt=\"laugh.gif\" /]

Best,

Sofia

[Hash and recover a string]

Hi

I'm building a gallery where users can send postcards.

When the postcard is saved into the database i get the last_insert_id and send a mail with a link that people should click on to see the postcard. The link is something like this: seepostcard.php?id=43 . 43 is in this example the last_insert_id.

Of course doing it this way if people wanna see postcards that weren't sent to them all they have to is change the number in the url. I wanna prevent this.

So i would like to disguise the number. I tried using md5 but then it seems i can't recover the original number in the seepostcard.php file.

I need to disguise the number in the url but still recover the original number to show the postcard.

I know this must be simple but i can't find the solution.

Can anyone point me to the right direction?


Thanks

Sofia

[Removing extensions from directory listings]

You could use the [a href=\"http://pt.php.net/manual/en/function.pathinfo.php\" target=\"_blank\"]pathinfo [/a]function.

From the manual:
[code]
<?php
$path_parts = pathinfo('/www/htdocs/index.html');

echo $path_parts['dirname'], "\n";
echo $path_parts['basename'], "\n";
echo $path_parts['extension'], "\n";
?>
[/code]
Would produce:

/www/htdocs
index.html
html

[SimpleXML - Using XML like SQL for INSERT]

I also have the same question. Is it possible to write in a xml file at the given element i want like mysql, changing only that value or do i have to load the whole xml into a variable and rewrite it whole again with the changes i want?

Thanx

[Just thought of something, security issue]

Well, [a href=\"http://shiflett.org/\" target=\"_blank\"]Chris Shiflet[/a] who specialises in php security has a basic spam prevention technique where he just asks to write his name in an input box.

Your idea is kind of the same thing.

[Dynamic Form Dropdown?]

Viewing the source of your site the option values aren't getting printed which is why you aren't able to use the teams values in the next query you do.

Check your mysql query when you list the the team name and id. Is id really ID?

[code]
while($row=mysql_fetch_assoc($res)) {
                echo "<option value=$row[ID]>$row[name]</a></option>";
                }
[/code]

[Chop off file paths]

You could also use the [a href=\"http://pt.php.net/basename\" target=\"_blank\"]basename [/a]function.

[Is this code secure or could it be made more secure?]

You could use this function for every value that goes in a mysql query:

[code]function prevent_mysql_injection($value){

if (get_magic_quotes_gpc()) { stripslashes($value);}
if (!is_numeric($value)) { mysql_real_escape_string($value);    

}
[/code]
Found it somewhere in php.net.

Sofia

[OOPHP]

[code]
function __construct($thumbdir,$imagedir,$image,$start,$end = $start+$max)
        {
        $this->thumbdir = $thumbdir;
        $this->imagedir = $imagedir;
        $this->image = $image;
        $this->MAX = $end;        
}// end construct

[/code]

I think that in php4 your constructor should be named the same as the class (function Gallery) and not _construct since that's a php5 syntax.

You can check the [a href=\"http://us2.php.net/oop\" target=\"_blank\"]manual [/a]for classes in php4.

[Friendly url trouble]

Help please... some pointers...

Sofia

[!--quoteo(post=367443:date=Apr 22 2006, 08:40 AM:name=yonta)--][div class=\'quotetop\']QUOTE(yonta @ Apr 22 2006, 08:40 AM) [snapback]367443[/snapback][/div][div class=\'quotemain\'][!--quotec--]
Hi

I want to turn this url
www.example.com/blog/index.php?action=Projects or www.example.com/blog/index.php?action=Project&id=1
into
www.example.com/blog/index/Projects or
www.example.com/blog/index/Project/1.

So far reading some tutorials i've got this (based on the tutorial at phpfreaks on mod_rewrite)

RewriteEngine On
RewriteRule ^index/(.*).php /index.php?action=$1
RewriteRule ^index/(.*)/(.*).php /index.php?action=$1&id=$2

but it isn't working. I also tried this, thinking maybe it was because the site's inside the blog folder

RewriteEngine On
RewriteRule blog/^index/(.*).php /index.php?action=$1
RewriteRule blog/^index/(.*)/(.*).php /index.php?action=$1&id=$2

but it didn't work either. I put the .htaccess file inside the blog folder.

Can anybody help? Please?

Thanx :)

Sofia
[/quote]

[Friendly url trouble]

Hi

I want to turn this url
www.example.com/blog/index.php?action=Projects or www.example.com/blog/index.php?action=Project&id=1
into
www.example.com/blog/index/Projects or
www.example.com/blog/index/Project/1.

So far reading some tutorials i've got this (based on the tutorial at phpfreaks on mod_rewrite)

RewriteEngine On
RewriteRule ^index/(.*).php /index.php?action=$1
RewriteRule ^index/(.*)/(.*).php /index.php?action=$1&id=$2

but it isn't working. I also tried this, thinking maybe it was because the site's inside the blog folder

RewriteEngine On
RewriteRule blog/^index/(.*).php /index.php?action=$1
RewriteRule blog/^index/(.*)/(.*).php /index.php?action=$1&id=$2

but it didn't work either. I put the .htaccess file inside the blog folder.

Can anybody help? Please?

Thanx :)

Sofia

[Creating a password checker like on this website]

hi

think it's the javascript onBlur event - it fires when the user clicks outside the form control. google it ;)

[Secure user-input SQL queries]

[a href=\"http://securephp.damonkohler.com/index.php/Email_Injection\" target=\"_blank\"]Here's[/a] a good article about mail injection with some solutions.

I also use this function to prevent mysql injection (found it in php.net):

function quote_smart($value)
//must be called inside every data function just after opening the connection to the db
{
// Stripslashes
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
// Quote if not integer
if (!is_numeric($value)) {
$value = "'".mysql_real_escape_string($value)."'";
}
return $value;
}

Sofia

[CMS for site in several language versions - best approach]

Thanks :)

Was a bit stuck.

Really appreciate it.

Sofia

[Can't Pass NULL Date from form]

Well, maybe you could vary your query so

if (DateRcvd == "")
query = ...
elseif(DateEff == "")
query=..
else
query =..

Probably not the best approach but the only one i could think of now reading your post.

Sofia

[CMS for site in several language versions - best approach]

Hi

I have a tricky problem - at least for me.

I'm building a cms for a site in several languages, english, french, etc - the same content is delivered in all languages. In the site that's open to the public (not the admin one) each page will have flags for that same content, eg. an event, in another language. So if i'm seing event number 112 in english, and i click the portuguese flag i should see the same event (112) in portuguese.

The problem is how to best set up the mysql db.

The solution i have now is for each table i have several fields fo each language, eg. events table, i have the eventid, eventimg, en_eventtitle, en_eventtext, fr_eventtitle, fr_eventtext, etc, etc. This makes sure that the same event has the same eventid in all languages, but the table gets huge (5 languages in total, makes 12 fields more or less in each table). Each text (be it en_text, fr_text can have about 1000 characters). To go around this problem i do a different select query depending on the language, selecting only the fields i need (eg. in the english version of site, i select only eventid, eventimg, en_eventtitle and en_eventtext). When i do an insert i insert fields in all languages even if only one has been filled out (too complex to vary the select statement based on the various possibilities).

I have about 10 sections: events, banners, galleries, discounts, press, client's opinions etc.

Another approach would be to split each table/section in two. Taking the same table events as an example, i could have a 'main' events table with 2 fields: eventid, eventimg (the picture). Then i could have a 'child' table, events_languages with the fields: id, eventid (to relate to the main events table), title, text, language (eg. 1 for english, 2 for french, etc). The tables wouldn't be so huge but this would lead to 2 tables per section, considering i have 10 sections, 20 tables. The drawback here is that the administration of the site would be more complex (select fields from two tables to show all events, for example), and the number of tables in total would be big. The advantage is that adding another language would be easier and dynamic, and each table would 'weigh' less making the select statements possibly lighter.

If i wasn't clear please say so. English isn't my mother language ;) I'm portuguese.

Any hints/suggestions?

Thank you for any, really any, help :)

Sofia