roopurt18

Something is funny then. I show, validate, and process my forms all in one script and part of my processing is to redirect with a call to header(). I have zero problems with duplicate submissions. Is it possible the page that generates the form is itself the result of a post operation?

Do you mean, "How do I implement a 'Remember me' feature?"

How are you redirecting? If you redirect as soon as you process the request using header('Location: ...') then they should not get the warning from going back. If you're using a meta tag or Javascript then you will keep getting it.

Little tip for these items in the future. If you're on the str_replace page in the manual and ctrl + f and search for 'insensitive' it leads right to it. I use the find feature in my web browser all the time (especially highlight all in FF) and it always amazes me how many people overlook it.

I don't have time to read the whole thing right now, but thanks for that thorpe. I did glance at it and noticed this in their consequences section: That seems to a be a big PITA that I deal with constantly in the web world and probably my main struggle with the MVC pattern.

Ok. That's a start. Basically the way I see this is as a replacement for that list of utility functions we almost all currently have that accomplish the same thing. I agree with you on storing the user's data intact into the database. But you still have to pass it through mysql_real_escape_string() and enclose it in single quotes, all of which I consider a transformation. Likewise if you received it from $_GET or $_POST you need to undo the effects of Magic Quotes. As for something like wrapping a piece of data within certain tags, such as a span for changing to uppercase, that too is a transformation. I sat down to do some actual coding with this idea over the weekend and the idea I struggled with is it's too open-ended. The original concept is to take data in one representation and transform it to another. This could be something very simple (wrap a string in single quotes) or something very complicated (serialize any object to XML). And on a much larger scale data transformation is what every program is all about. We take one set of data (user input) and convert it to program actions. Thinking about it like that, an entire program can be composed of objects that inherit from the DataTransformer class. That's taking it a bit too far IMO though.

40 views and no replies? C'mon! Is this a good idea? Or am I totally off my rocker? Or maybe I was incoherent

I follow a fairly strict diet. I usually eat two pieces of fresh fruit by 10AM and another 1 or 2 pieces by 11AM. Then I eat a moderately sized frozen dinner for lunch; by moderately sized I mean I don't chow down one of those 4 pound hungry man things. It's either a lean cuisine or smart ones and most of the time they're under 400 calories and only a few grams of fat. Dinner is usually baked chicken or fish with no butter and very little seasoning, steamed rice, and steamed vegetables. Most of the day I drink water but I do have two small cups of coffee in the morning at work and occasionally a glass of juice. Outside of my regular diet I rarely snack on anything. I think most people use snacking as a mechanism for keeping themselves awake during otherwise mundane activities. Studying for a class or programming for work can get quite dull so by keeping our bodies constantly moving (hand to snack bag to mouth and back) we're able to stay awake. Instead of using snacking to keep myself awake every hour or so I actually get up and wander around. I drink tons of water so bathroom visits are necessary. If I'm feeling especially tired I get up and do a few minutes of light stretching and something physical, like jumping jacks, push ups, sit ups, squats, leg lifts, or karate. I find that by the time I sit back down my mind is rested and I have more energy.

I find that once you reach a certain level of competency the questions you post are unanswerable by almost everyone.

Around 80 WPM with the occasional dip to 50 because some of those words are just screwy.

I spent a bit of time trying to come up with a flexible method of dealing with data transformation in my applications and thought others might be interested. Essentially we're always dealing with data transformation. We have to convert incoming data so that it's safe to use in the database. We have to convert data before displaying it to the user to remove markup or malicious scripts. Or we might have to apply a bad language filter, a language translator, etc. None of this is hard to do in and of itself. Where it gets tricky is when you have a lot of existing code that depends on a particular implementation and then a client or your boss comes along and says, "Hey, can you convert all data to upper case before inserting it into the database? But I don't want to do this for everybody, I want it to be an option they can turn on in their preferences." Go ahead and think about how hard that might be to accomplish in your current projects. So without further ado I link you to my blog, where I've already typed this whole thing out. http://rbredlau.com/drupal/node/11 If you don't want to do a lot of reading, here is a (probably incorrect) UML diagram that might explain things:

Me fail English? That's unpossible!

You just answered your own question.

I consistently hit ~100 WPM on every test I take and that's with fixing my mistakes. Although I don't have to do it often, I can telegraph (correct word?) text from a book onto the computer and remain that fast for several pages before I need a small break. The 117 I received earlier was on my laptop, I'd probably hit around the same on my desktop keyboard though. On a related note my grandmother worked for the local school district as a secretary; I can't remember the exact figure but I think she typed around 120 to 140 WPM. Then she'd turn around and tell you she couldn't butter her toast.

About what I expected: 93 wpm first time though with a few mistakes, the single spaces threw me off as well. The second time through with the same test: 117 wpm.

I see that IE8 has an Emulate IE7 button; I wish they had an Emulate IE6 button as well.

Sometimes IE will automatically reject cookies when its security settings are set at certain levels. Check your security settings for IE if you haven't already as fixing that is the easiest solution. Also, if the cookie is a third party cookie the security settings have to be set even lower unless you provide a P3P (peer privacy policy I think). Other than that I can not help you much.

if(!get_magic_quotes_gpc()) { $login=mysql_real_escape_string($_POST['login']); } else { $login=$_POST['login']; } You have to call mysql_real_escape_string() no matter what, whether Magic Quotes is on or off. The difference is if Magic Quotes is on you have to call stripslashes() first. $login = $_POST['login']; if(MAGIC_QUOTES_IS_ON){ // <-- Replace that with your own test (use the PHP manual) $login = stripslashes($login); } $login = mysql_real_escape_string($login); // Now $login is safe to use in a query

To be on the safe side, any time you enclose a variable inside of a double-quoted string you should wrap it inside curly braces, like so: $query="SELECT * FROM members WHERE login ='{$_SESSION['Login']}'"; Notice that also allows me to place the single quotes around the array key. Your use of $_SESSION[Login] inside of your query is technically incorrect because you are missing the single quotes around the key, so PHP defaults to a set behavior that you may not be able to count on in future releases. To answer your actual question, while $_SESSION['Login'] is a string as far as PHP is concerned, it's not a string in MySQL until you wrap it with single quotes. All strings in MySQL must be enclosed in single quotes. Additionally, you should always call mysql_real_escape_string() on any data you insert into a query. It doesn't really matter where this data comes from, you should do it anyways. A convention I like to use is to define a $Clean array and assign cleaned values to its keys. Then in my queries I only use data that comes out of the $Clean array. It is a little extra coding, but it is a constraint that forces me to clean all of my data. $Clean = Array(); $Clean['login'] = "'" . mysql_real_escape_string($_SESSION['Login']) . "'"; $sql = "SELECT * FROM `users` WHERE `login`={$Clean['login']}"; Note also that in my queries I enclose table and field names in back ticks (the un-shifted tilde key). This prevents errors in MySQL where a table or column name happens to match a MySQL reserved word. And just because your column and table names don't match MySQL reserved words now doesn't mean they won't on the next release of MySQL.

We have a forum post on bitwise operators that may be of help: http://www.phpfreaks.com/forums/index.php/topic,113143.0.html

Most people would just write: while(1){ } // OR while(true){ }

echo date("jS \of F, Y.",$finalisedpage['date']); Suggestion: Look at the documentation for MySQL's DATE_FORMAT function.

Modify your query so that it follows this format: SELECT m.`fname` FROM `d_media` m INNER JOIN `library_docs` d ON d.`file_id`=m.`id` WHERE d.`id`={$docid} Do you see how the query has INNER JOIN written in it, i.e. I am explicitly telling MySQL that this is an INNER JOIN. This is different from the implicit method in which you comma-delimit the tables in the FROM clause: /* DO NOT DO THIS - THIS IS IMPLICIT */ FROM table1, table2, table3, table4 You can if you use the proper query. Change: while($row = mysql_fetch_array($result)) { $attachment = dirname(__FILE__)."/../../uploads/documents/".$row['fname']; } to: while($row = mysql_fetch_array($result)) { echo '<pre style="text-align: left;">' . print_r($row, true) . '</pre>'; $attachment = dirname(__FILE__)."/../../uploads/documents/".$row['fname']; } This should dump out all of the data received. Copy and paste that data here and then tell me which record you are interested in retrieving.

I'm not sure what you mean. The WHERE clause is supposed to be built so that the DB only returns records you plan to use. If you're having to loop through additional unneeded records, then modify your WHERE clause to return only those you need. And you still haven't fixed your JOIN syntax!

That looks like it should work. Try echo'ing the query and check it for syntax errors. Or echo it and run it directly in phpMyAdmin. In your OP you have a die(mysql_error()); does that print anything? Also, a word of caution. I went out of my way for good reason to bring up the difference between (what I called) implicit and explicit INNER JOIN syntax. Use the explicit version.