Psycho

You should take some time to learn how to use a database - specifically JOINs. You should avoid running queries in loops like that guy that hangs around the elementary school. Also, if you are going to give a table an alias, use something that is descriptive rather than "A1" & "B1". The DISTINCT isn't really doing what it could because you are running separate queries. Run ONE query. After analyzing the two queries, I think this should work $query = "SELECT DISTINCT cfmux.ProfileCustomValue FROM " . table_agency_customfield_mux ." cfmux JOIN " . table_agency_castingcart ." ccart ON cfmux.ProfileID = ccart.CastingCartTalentID JOIN " . table_agency_customfields ." cfields ON cfields.ProfileCustomID = cfmux.ProfileCustomID WHERE cfmux.ProfileID = '{$myID}' AND ccart.CastingJobID = '{$mycustomID}' AND cfields.ProfileCustomTitle = 'Category'"; $results = $wpdb->get_results($query); foreach ($results as $obj) { $myCat = $obj->ProfileCustomValue; echo "<td><button class=\"filter\" data-filter=\".category-{$myCat}\">{$myCat}</button></td>\n"; }

Not enough information on what you are trying to accomplish to provide a response. What do you consider "common everyday" words? How are you planning to create that list? Some words can be used as more than one grammar type: Did you feed the dog? Did you buy the feed for the horses? We need a post for that sign? The bank will post that transaction tomorrow? etc., etc.

Do you need ALL the data from the tables? Just determine what fields you need and line up the ones that are of the same type and create dummy fields for the ones that don't line up. You sure as heck shouldn't be using SELECT * anywhere

I guess I don't understand the question. There is no one size fits all "Contacts" database. The fields/values needed are dependent upon the application they are supporting. The application I work on has Client records with some of the data properties modeled after outlook. But, we have much more data available based on what products they license. Ad, that is only the data we have specific uses for in the various applications. We also allow firms to add custom fields to be available to all Client records. This includes text fields, select, radio, lookup, etc. As far as the "language" issue, I have to assume you live in the US and have never really traveled abroad. Speaking multiple languages is the norm in many countries. Even in the user, there is a large segment of the population that may speak little or no English. If you were a company that provides services to the public there is a good chance knowing what language the customer speaks would be very important. As for the mileage field, I believe that is so a person can record the mileage when visiting the client for billing purposes.

There are a few problems with trying to do this. I assume if you find a value that is not already in use, you plan to create a new record with that value. Well, there is something called "race conditions". There is the possibility that between the time you check if the value is used and the time you try to INSERT the value another user has trigger the same process and used that value. In your particular scenario it would seem very unlikely if you have a sufficiently large enough pool of values to choose from. But, depending on how "random" the value really is, it can actually be possible. If you were to search this forum you would find answers to this problem, but they don't scale well. How are you planning to use this value such that it has to be a unique random value? For example, if you were going to use it in a link sent in an email to reset a password, you would want to make sure two users never get the same value. But, you could just create a 'random' string and then append the ID of the user onto the random string. Then it would be impossible for two users to ever have the same value. Not knowing your exact use case, I don't know if there would be a better alternative solution or not. https://www.google.com/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=php%20freaks%20random%20value%20database

Gaming is the primary reason I started coding in PHP. I built modules to show real-time data from TeamSpeak and gaming servers.

I guess I am more confused. You state "There is no intrinsic connection between any of the entity tables." yet, you provide a hierarchy such as and talk about the Demolition team within the SW Division. So, am I correct in thinking that each "person" that responds to the survey belongs to a Division, a Team and a Store? If so, then each response can be associated with each of those three entities. I have a feeling that is not the case, though. And, I'm sure I could help if I wanted to invest the time and energy, but this looks like I'd have to invest a good deal of time to even understand the problem.

Based upon the error message, specifically this Your variables for the $start variable is being calculated as a negative five (i.e. -5). But, something doesn't make sense, because $limit is apparently 5, but you have it hard-coded in the snippet above at 10. So, I'm guessing that is not the entire code or you copy/pasted some 'example' code, but not the actual code. You should create your queries as string variables so you can echo them to the page to validate what they contain when you have variable values. $sql = "SELECT * FROM comments WHERE post_id = '$id' ORDER BY date DESC LIMIT $start, $limit"; echo $sql; //Debug line $query = $database->query($sql); But, why are you using the numerical value of the id passed on the query string to determine the start index? That is not a proper way to do that. Yes, the indexes may seem to start at 1 and increment up at 1, but you can never guarantee that in your database.

Take a look at this page of the manual: http://php.net/manual/en/language.types.string.php#language.types.string.parsing Specifically, look at the complex method.

Look at the code in my response above. PHP Freaks colors the code to show different types of content in the code. If you look at that code you will see something different on one line. The reason is due to a missing quote mark at the beginning of the string.

You're not writing valid HTML code. E.g. echo “/td>”; Aside from that, the code is very clunky. <?php $dog = $_POST['breed']; $servername = "localhost"; $username = "myusername"; $password = "**************"; $dbname = "mydatabase"; // Create connection $conn = new mysqli($servername, $username, $password, $dbname); // Check connection if ($conn->connect_error) { die("Connection failed: " . $conn->connect_error); } $sql = "SELECT * FROM doginfo WHERE breed='$dog'"; $result = $conn->query($sql); if (!$result->num_rows) { $output = "<tr><td>0 results</td></tr>\n"; else { // output data of each row $output = ''; while($row = $result->fetch_assoc()) { $output .= "<tr>\n"; $output .= "<td colspan='2'>\n"; $output .= nl2br($detail); $output .= "</td>\n"; $output .= "<td>\n"; $output .= "Breed : {$row['breed']}<br>\n"; $output .= "Size : {$row['size']}<br>\n"; $output .= "Height : {$row['height']}<br>\n"; $output .= "Weight : {$row['weight']}<br>\n"; $output .= "Life : {$row['life']}<br><td>\n"; $output .= "</td>\n"; $output .= "<td>\n"; $output .= "Based on a scale of 1 to 5<br>\n"; $output .= "Affection : {$row['affection']}<br>\n"; $output .= "Playfull : {$row['playfull']}<br>\n"; $output .= "Friendly with other dogs : {$row['friendly_dogs']}<br>\n"; $output .= "Friendly with strangers : {$row['friendly_stranger']}<br>\n"; $output .= "Ease of training : {$row['training']}\n"; $output .= ($row['health'] != "n/a") ? "<br>Health : {$row['health']}" : ""; $output .= "</td>\n"; $output .= "</tr>\n"; } } $conn->close(); ?> <center> <table width="600" cellpadding="6"> <?php echo $output; ?> </table> </center>

Characters like < get encoded to something like '%3C'. So, they wouldn't be caught in a preg_match check. You need to be sure to not convert them back to their native characters. But, this should work for what you described: $fullURL = $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . ''; echo "Full URL: {$fullURL}<br>"; if(preg_match("#[^\w\/\?\&\.\=]#", $fullURL)) { echo "Security error"; } else { echo "URL OK"; } That regex covers: \w = a-z, A-Z, 0-9 & _ (underscore) / (forwardslash) ? (question mark) & (ampersand) . (period) = (equals sign)

So, what are you considering malicious code? I.e. what code are you wanting to allow vs code you don't want to allow?

To safely store any value int he database you just need to ensure the value is properly escaped. Prepared statements is the best way to do that. However, you also need to make sure that outputting those values to the page is done safely. Normally, you would escape the content for output to an HTML page so none of it is interpreted as HTML. E.g. convert "<b>" to "<b>". That can be done with htmlspecialchars () and htmlentities (). But, if you want these to be actual hyperlinks, that won't work. You will want some way to escape HTML code, but then to convert any hyperlinks in the code to actual hyperlink int he output. This should be done by parsing the links in the raw data and dynamically creating hyperlinke. This way you can add some filtering to the process to prevent potentially dangerous content in the hyperlink. But, you can't prevent someone from adding a hyperlink to a malicious site.

OK, looking at your query and your description, I am confused. 1. I don't see why you are using Distinct. You are using a GROUP BY which would make it impossible for any of the results not to be distinct 2. You put all the table definitions within parenthesis. Unless you were doing a sub-query, which you are not, I've never seen that format. 3. You say the relatives table is used to link divisions and teams using the "RelationID", but looking at the logic you are using in the query, the way you are using it is overly complicated. The relation table should probably be constructed like this: ID, DivisionID, TeamID Then have a single record for each Division to Team association. That makes this much, much simpler Then, your query might look something like this: SELECT divisions.Division, teams.Team, AVG(scores.Score) AS Score FROM divisions INNER JOIN relatives ON divisions.ID = relatives.DivisionID INNER JOIN teams ON teams.ID = relatives.TeamID INNER JOIN scores ON scores.RelationID = relatives.ID GROUP BY Division, Team ORDER BY Division, Team

Can you export those tables with sample data and attach here? It makes it so much easier to create queries when we can "see" the data and test them. Also, one trick is to start with one table and verify you get the data you expect. Then add one JOIN at a time and verify the results.

MySQL Natural Language Search http://www.mysqltutorial.org/mysql-natural-language-search.aspx

Or, you can just set the target of the form (on Domain1) to point to the receiving page on Domain2. Of course, if you are doing this to POST data to a site you don't control, they may have safefuards in place to prevent such POSTs. If so, curl() woudl be the answer.

That can be done very easily, but it is a bad idea. If you just automatically create variables based on what is sent via POST/GET you are opening your application up to huge vulnerabilities. If you don't know what data is being sent and you create variables for it, how do you know how to use those variables? Perhaps you can give an explanation of what the situation is and what you are trying to accomplish. Because, what you are asking, doesn't seem realistic.

For just rewiring a basic lamp, plug, switch? No. It is an exceeding simple task of just keeping positive and negative strait. Assuming they don't electrocute themselves, they're at least capable of simple tasks. But, if they've dome a little more complicated wiring that requires some thinking, it may show some analytical skills - if not skills with direct transferability. For example, a two-way switch, or putting in new wiring, etc. Those things take at least some planning and forethought.

Yes. You want that if() statement to do something different every 1,000 iterations, right. So, from 1 to 999 don't do anything and on 1,000 send the data. Then do the same at 2,000, 3,000 etc. When you do an if() statement and the value in that condition is a number (which is what modulus returns), the condition will be TRUE for any value that is not 0. So, you want to create the condition so it will only be TRUE at 1,000, 2,000, etc. To do that you need $i to be 1 on the first iteration and you want to get the modulus of ($i+1) divided by 1,000

One thing I see a lot of, is people creating deeply nested logic for error checking in this fashion: if(notErrorCondition1) { if(notErrorCondition2) { if(notErrorCondition3) { if(notErrorCondition4) { //Perform actions for success scenario } else { echo "Error condition 4"; } } else { echo "Error condition 3"; } } else { echo "Error condition 2"; } } else { echo "Error condition 1"; } This irritates the hell out of me because it makes it nearly impossible to "view" the logic. The nested if/else statements are bad enough. But, the worst part is the separation of the condition check and the associated error. The first error check is associated with the last error result. 99% of the time, that logic can (and should) be rewritten to make it so you can "see" the logic. I always write my error condition to check for the presence of the error (not the lack of an error) so I can associate the error logic with the check. Using the above, here is one way it could be rewritten if(errorCondition1) { echo "Error condition 1"; } elseif (errorCondition2) { echo "Error condition 2"; } elseif (errorCondition3) { echo "Error condition 3"; } elseif (errorCondition4) { echo "Error condition 4"; } else { //Perform actions for success scenario }

Wow, that's going to be a challenge. Heck, even hiring a "developer" who supposedly has those skills can be a challenge. Resumes and interviews only provide so much. Using an assessment or review of their code is usually the best indicator of their aptitude. So, if you're dealing with people with no prior experience, those aren't really an option. I would start with anyone who has "some" experience - even if it is just doing a personal web page. I would also look for anyone who has a degree in a STEM field. If they do have such a degree, get details on their GPA - at least with respect to their core classes. If they have a tech degree and are not in a tech position, there is a good chance they don't really have the skills needed to be successful in that type of role. Aside from that, look for people that are at least "technical". Do they like to use new technology and find new uses for it? Ask what apps they use on their phone and how they use them. Hopefully they aren't using a flip-phone! Lastly, you could consider a basic logic test.

A textarea is a completely separate type of field from the <input> field: <textarea class="form-control" id="Message" placeholder="Message"></textarea>

To add to Barand's response. As you review the queries make sure you understand the logic needed to run that branch/section of the code. Analyze the queries to build the tables based on the code. Then run the code to execute those sections of code to see if they work. You're bound to have some typos and such along the way. Much better to do a little at a time, find/fix the issues and then continue to expand. Be sure to analyze the code that submits the data to the database or how the data returned form the database is used. This will be valuable in determining field types and other properties.