Jenk
-
Posts
778 -
Joined
-
Last visited
Never
Posts posted by Jenk
-
-
A Modular system doesn't 'need' anything :)
Before you even begin - I highly suggest you read up on Design Patterns, Test Driven Design and that you start completely from scratch with any project. Get some Use Cases together, then schematics, interface designs, then class diagrams, etc. etc.
When developing a system, very little time is actually spent coding. The bulk is designing. -
In a word - no. You cannot do that.
Just think of the security implications if web-devs could force the user to download whatever they want.. -
[quote author=mainewoods link=topic=107671.msg432412#msg432412 date=1158018398]
-To make the system more secure, create an extra field to transmit to the second website from curl on the first website. Make that field equal to the md5 hash of the sql statement you are going to transmit plus a 'secret word', like this:
[code]<?php
$security = md5($sqlstatement . 'php rules');
?>[/code]
-on the other side you would make sure it passes security:
[code]<?php
if ($_POST['security'] != md5($_POST['sqlstatement'] . 'php rules')) {
//doesn't pass security!
exit; //or return a 'forbidden' header
}
?>[/code]
--using a security strategy like that you could even avoid sending the db username and password every call and just hard code them on the page on the second server. It's probably a little more secure that way.
[/quote]That is so vulnerable you may as well not even bother :) -
[code]<?php
function magic_strip($str)
{
if (get_magic_quotes_gpc()) $str = stripslashes($str);
return $str;
}
$file = fopen('/path/to/file.txt', 'w');
frwite($file, magic_strip($_POST['text']));
fclose($file);
?>[/code] -
[code]<?php
header('Content-disposition: attachment');
readfile('/path/to/file.txt');
?>[/code][/code] -
It's invalid syntax, so it needs fixing. I never said it was anything to do with the problem.
Don't argue with me about it, argue with PHP ;) Turn E_NOTICE on and wait for the "Notice: Use of undefined constant username - assumed 'username'" error ;) -
urlencode() the filename before adding it to the url, then use htmlentities() when echoing to output:
[code]<?php
$filename = 'number one.jpg';
$url = 'http://www.example.com/folder/' . urlencode($filename);
echo '<a href="' . htmlentities($url) . '">Link..</a>';
?>[/code] -
echo your query to see that it is executing what you want it to.
Then change your mysql_connect/query/select_db function calls to suffix 'or die(mysql_error());' on the end, like so:
[code]<?php
$result = mysql_query($query) or die(mysql_error());
?>[/code] -
[code]$user = $_SESSION[username];[/code]
should be[code]$user = $_SESSION['username'];[/code]for a start.
as for the error message.. please, it's not hard to fix those.. -
If your code is developed properly you'll not have any problems porting to a new server :p
Seriously though, ditch them at your first opportunity. I really fail to see why they are so popular, they have a near ancient version of php and crap support. Other places are cheaper too. -
you have encoding mismatches.
btw - you don't need to specify every column when you do updates..
[code]INSERT INTO products (cat_id,product,settings) VALUES ("64","® ™ reg\'d","31")[/code] -
you can view the privileges in mysql with:
[code]SHOW GRANTS FOR USER 'user'[/code] -
Just cancel your sub with GoDaddy. They suck.
-
You want to call session_name() before you call session_start() by the way.
[code]<?php
session_name('IndieThreads');
session_start();
$old_sess = $_SESSION;
if (isset($_COOKIE[session_name()])) setcookie(session_name(), '', time()-999, '/');
session_destroy();
session_start();
$_SESSION = $old_sess;
?>[/code] -
[quote author=roopurt18 link=topic=107396.msg430949#msg430949 date=1157754396]
Why not do something like:
[code]
$cols = Array('foo', 'bar', 'qwerty', 'wysiwyg');
foreach($cols as $col){
$tmp_col = addslashes($col);
$sql = "SELECT * FROM table WHERE col='{$tmp_col}'";
$q = mysql_query($sql);
while($record = mysql_fetch_assoc($q)){
$Results[$col] = ProcessRow($Results[$col], $record);
}
}
[/code]
From my experience, it's best to offload as much logic into SQL as possible. If it provides the functionality, why not take advantage of it?
[/quote]That is only true if you can execute as much of the query as possible within a single query.
What Barand suggested is best, or perhaps:
[code]<?php
foreach ($data as $row) {
if (!isset(${$row[2]})) ${$row[2]} = array();
${$row[2]}[] = $row;
}
?>[/code]
If() is to avoid errors. -
what is in the db and what is the final result you are looking for?
Please post exacting examples, not descriptions :)
e.g.: In the column 'column', the value is:[code]xyz[/code]
I would like to output:
[code]abc[/code] -
for christ sake man! Assign the variable to the session array, then use isset() or empty() to verify if there is a value, if there is echo checked="checked" to pre-select the radio button.
Really, we are prepared to provide you with food, put it on your plate, hell even feed it to you, but YOU must be the one to chew! -
var_dump() won't return nothing, it always returns something even if it is just NULL.
var_dump($order->delivery['city']); to see what that returns.. -
In a technical sense, no. Asynchronous requests are not possible with php. JavaScript's XMLHttpRequest offers a work around, but even that technically is not Asynchronous, despite it having that buzzword associated with it.
-
your password might be wrong, or you have incorrect privileges for that userid. :)
-
you haven't established a connection to your mysql server.
-
var_dump($city); and show us the output.
-
[code]<?php
echo '<input type="radio" name="radio1" value="radio1_value" '
if (!empty($_SESSION['radio1'])) echo 'checked="checked" ';
echo '/>';
?>[/code] -
reading user notes on php.net helps..
[code]<?php
session_start();
$old_sess = $_SESSION;
if (isset($_COOKIE[session_name()])) setcookie(session_name(), '', time()-999, '/');
session_destroy();
session_start();
$_SESSION = $old_sess;
?>[/code]
messaging system
in PHP Coding Help
Posted
[code]<?php
$array['var']; // correct
$array[var]; // incorrect
?>[/code]