s0c0

I'm not sure what you mean by NVP table, but I am familiar with the wordpress tables you posted. Is there no way for you to make this INNER JOINs rather than LEFT JOINS? For instance when I have written querries against this postmeta table I did the following: INNER JOIN wp_postmeta ON (wp_postmeta.post_id = wp_posts.ID AND wp_postmeta.meta_key = 'views') INNER JOIN wp_postmeta meta2 ON (meta2.post_id = wp_posts.ID and meta2.meta_key = '_aioseop_description') Try just putting multiple parameters on your JOINS and use INNER instead ala http://blog.cnizz.com/2010/08/19/mysql-inner-join-on-multiple-parameters-and-condtions/ Looking more at this, the following should work: SELECT t.transaction_id, f.meta_value, l.meta_value FROM `wp_purchase` AS t INNER JOIN `wp_usermeta` AS f ON (t.user_id = f.user_id AND f.meta_key='first_name') INNER JOIN `wp_usermeta` AS l ON (t.user_id = l.user_id AND l.meta_key='last_name') WHERE f.user_id = '1'

Thanks for the response fenway. By rebuild do you just mean mysqldump the table, drop the table, then rebuild the table from the dump file? Or are you referring to something a bit more elegant?

ps wrote my own: http://www.phpclasses.org/package/6256-PHP-Retrieve-messages-from-an-IMAP-server.html

After migrating data centers we've been experiencing a number of table crashes on our new server (supposedly better server). This is affecting two tables. sessions ----------------------------- sesskey varchar(32) primary expiry int(11) unsigned value text This table is just used for temporary storage of customer sessions and typically has anywhere from a few hundred to just over a 1,000 records in it. I know the varchar primary key is bad, but its old code and a b*tch to rewrite at this point. Here are errors: 100909 9:10:08 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ereplace/sessions.MYI'; try to repair it 100909 9:10:08 [ERROR] Got error 127 when reading table './ereplace/sessions' 100909 9:10:11 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ereplace/sessions.MYI'; try to repair it 100913 14:50:48 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ereplace/sessions.MYI'; try to repair it 100913 14:50:48 [ERROR] /usr/libexec/mysqld: Table './ereplace/sessions' is marked as crashed and should be repaired product_popularity -------------------------------- popularity_id int(11) primary categories_id int(11) index timestamp datetime index ip_address varchar(15) parent_id int(11) This one is designed a bit better byt the index on the timestamp is useless and should really be split into an indexed date column and an unindexed time column. This table is a bit larger with 35,649 records but by no means big. Here are errors: 100910 5:30:58 [ERROR] Got error 134 when reading table './ereplace/tool_popularity' 100910 9:04:13 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ereplace/tool_popularity.MYI'; try to repair it 100910 9:04:15 [ERROR] /usr/libexec/mysqld: Table './ereplace/tool_popularity' is marked as crashed and should be repaired Finally here is our my.cnf file. Our key_buffer_size still looks to low, but I am slowly adjusting it up to measure impact. Our system actually has 12 GB RAM on hand. [mysqld] datadir=/var/lib/mysql socket=/var/lib/mysql/mysql.sock user=mysql # Default to using old password format for compatibility with mysql 3.x # clients (those using the mysqlclient10 compatibility package). old_passwords=1 max_connections=600 #key_buffer_size=512M key_buffer_size=1024M # changed by chris, buffer to low thread_cache_size=200 max_allowed_packet = 8MB # Disabling symbolic-links is recommended to prevent assorted security risks; # to do so, uncomment this line: # symbolic-links=0 # added by chris log-slow-queries = /var/log/mysql-slow.log long_query_time = 5 # end chris edits [mysqld_safe] log-error=/var/log/mysqld.log pid-file=/var/run/mysqld/mysqld.pid Here is output from mysqladmin -debug: Key caches: default Buffer_size: 536870912 Block_size: 1024 Division_limit: 100 Age_limit: 300 blocks used: 42392 not flushed: 0 w_requests: 32626 writes: 18197 r_requests: 73205023 reads: 1022745 handler status: read_key: 34806965 read_next: 99528256 read_rnd 9035676 read_first: 42954 write: 12774959 delete 3320 update: 10343520 Table status: Opened tables: 38651 Open tables: 64 Open files: 119 Open streams: 0 Alarm status: Active alarms: 70 Max used alarms: 88 Next alarm time: 28531 and from mysqladmin -status: Uptime: 3178 Threads: 44 Questions: 13720774 Slow queries: 6 Opens: 134342 Flush tables: 1 Open tables: 64 Queries per second avg: 4317.424 Ideas I've been playing around with to improve performance and end table crash: - enabled slow query log today to log everything over 5 seconds (will slowly adjust down over days) - adjusted key buffer size up as mentioned above - THINKING about dropping and recreating the tables mentioned above as there could be a problem with the table files, but thats just a guess. Any help or suggestions would be much appreciated.

Not to blatantly advertise my site, but I've found this is fastest way http://blog.cnizz.com/2010/05/31/faster-mass-sql-inserts-with-mysql-and-php/ to perform mass mysql inserts via PHP . Your other option (and the fastest option that I know of) is to use a mysql dump file and import directly from the MySQL command line or via PHPMyAdmin import tab. If from the MySQL shell your would just use the syntax below. Make sure you have first selected the database you want. mysql > use my_database; mysql > source /absolute-path/to/file.sql;

On complete just echo out the following: echo '<script type="text/javascript">alert("Upload Completed!")</script>'; That will need to be echoed out somewhere in the DOM (between your body tags). Its a very ugly solution, but will work.

You will need to SELECT all names in the table and store them into an array. Then do a cURL and store the content returned in a string. Loop through your array and do a string search for each element in the array. Regex might be the faster string search in this case. Not sure waht you're really asking for, but that should do the trick.

Have you tried adding the user to your MySQL server? You will need to do this if not. You will have to give the user the right privileges as well including (most likely, but read the documentation) SELECT, UPDATE, DELETE, INSERT, and possible CREATE.

Our MySQL server shows a running process at 48 hours using Linux Top. Is this normal? Is this bad? Does MySQL not supporting threading, if so is there a way to enable threading. It just seems bad to me to have a process with that much CPU time on its hands.

The junk I've found on phpclasses is well junk and not to mention really old. I started writing my own, but I frankly don't like the plumbing involved. Anyone have a great IMAP class? Something that just does the work for you?

You need to establish a mysql connection first. It may be helpful for you to get a book from the library on php mysql. I learned from this book many years ago and it did wonders for my career: http://www.amazon.com/gp/product/0672329166/ref=pd_lpo_k2_dp_sr_1/190-7625085-1967410?pf_rd_m=ATVPDKIKX0DER&pf_rd_s=lpo-top-stripe-1&pf_rd_r=17DBYJW757PXX0S7B2V3&pf_rd_t=201&pf_rd_p=486539851&pf_rd_i=0672317842 its called PHP and MySQL Web Development. For information on mysql connections: http://php.net/manual/en/function.mysql-connect.php

Yuo might not find a lot of help on here, but I'll try and help you. For one, who knows how MS implemented SHA1. You can see that piece of code is using a class called HashAlgorithm, who knows if that's built into the .NET framework or if it was code by some third-party programmer. With that said, the only glaring thing I can see missing from your code is the UTF-8 encoding. Another thing to look at is another implementation of encryption that PHP offers which is mcrypt. I believe you can implement SHA1 through mcrypt as well. Here are some links which may be of use: http://php.net/manual/en/function.utf8-encode.php http://php.net/manual/en/book.mcrypt.php

What database engine are you using (for instance MySQL). Can we see a query? Can we see code you've written? Do you know SQL so you can get that data out? More information is helpful here. To give you an idea though. // database connection here $sql = "SELECT cell FROM table WHERE id='$id'"; $r = mysql_fetch_assoc(mysql_query($sql)); // reference data through the $r['cell'] variable

I am looking for an SVN solution that will work with Zend 5.5 which has native support for SVN, but I have a unique situation. I have a shared host account with Host Gator, but they do not support SVN. I do my development on my windows XP desktop and interact with the host account (save,add,edit files) through FTP. Is there anyway I can use an SVN service, that would house the files, but as I checked-in files, would automatically push them over to my dev server? In case I am not being clear the process would work like this. 1. Move dev files to SVN host 2. Using Zend, I checkout a file 3. Once done making changes, I check the file back in. 4. The SVN host moves the file to my dev server via FTP Is this possible? I prefer a free solution, but I am fine paying a small monthly fee. If not, are there any hosts designed specifically for this purpose?

I should have mentioned that converting to an object to an array (in this instance) fails as I had already tried that with a method I wrote. This method also fails. However the xml2array function seems to work just fine, though it will require some modifications. I am worried about its scalability however. Thanks.

I am attempting to load a string of xml as an object using simplexml_load_string. However, the creator of this XML has made this difficult by having hyphens in the name. Here is an example: <?xml version="1.0"?> <thexml> <result>OK</result> <xml-log-in> <accounts> <account> <account-id>1111111111111</account-id> </account> </accounts> </xml-log-in> </thexml> So when I try to reference account-id: $xml = @simplexml_load_string($response); echo $xml->xml-log-in->accounts->account->account-id; It fails miserably. Really I think its moronic that PHP decided to have simple_xml_load_string return an object in the first place. It should have been an array. Is there an easy way to convert XML to an array. The XML I am returning is very very deep in some places, so it could be a 3 to 5 dimensional array. Any ideas?

For starters did you change the FTP password?

I do use mysqli and innodb, however I am not using it in much of an object oriented manner. $this->LINK = mysqli_connect('localhost','user','pass',$db_name); $this->CONNECTION = mysqli_select_db($this->LINK,$db_name); when i run a query i then: $result = mysqli_query($this->LINK,$sql);

killah, thanks get some rest. neil, should i use both mysql_real_escape_string() and addslashes or just mysql_real_escape_string(). I believe they do the same thing, correct?

You could try using PHPs header functions http://us.php.net/header to disable cache of the site. The other thing you can do is give the text field a random name each time its loaded, this would trick the browser into not "remembering" the text.

If the POST variable is not set, then set it to 0 as the box was not checked. This should do it. if(!isset($_POST['mailinglist'])){ $_POST['mailinglist']=0; }

They are performing some sort of XSS attach on you most likely. I would first change your FTP password, verify that write and execute permissions on the directory are disabled for the public group (leave them enabled for owner). Next do you have some sort of uploader on your site? If thats how they are posting the files, then disallow any .js file from being uploaded. Also do some searching for free classes that protect your site from XSS attacks and validate all your input through that filter. More details would be nice.

Can someone please validate for me that this method will successfully prevent SQL injection attempts. I would just like a second set of eyes before implementing this. public function returnSafeSQL($data,$strict=true) { // strict mode - removes: virtually all non-alphanumeric characters,adds slashes,DROP TABLE,DELETE FROM,ALTER TABLE,INSERT INTO if($strict===true) { $evilSQLArr = array('/DROP TABLE/','/DELETE FROM/','/ALTER TABLE/','/INSERT INTO/','/SELECT/','/=/','/--/','/;/'); if(is_array($data)) // one dimensional { foreach($data as $array_index=>$variable) { if(is_array($variable)) // two dimensional { foreach($variable as $index=>$var) { if(is_array($var)) // three dimensional { foreach($var as $i=>$v) { $var[$i]=strip_tags($v); $var[$i]=preg_replace($evilSQLArr,'',$v); $var[$i]=ereg_replace("[^[:space:]a-zA-Z0-9_.,@!$:~']", "", $v); $var[$i]=addslashes($v); } } else { $variable[$index]=strip_tags($var); $variable[$index]=preg_replace($evilSQLArr,'',$var); $variable[$index]=ereg_replace("[^[:space:]a-zA-Z0-9_.,@!$:~']", "", $var); $variable[$index]=addslashes($var); } } } else // single dimensional { $data[$array_index]=strip_tags($variable); $data[$array_index]=preg_replace($evilSQLArr,'',$variable); $data[$array_index]=ereg_replace("[^[:space:]a-zA-Z0-9_.,@!$:~']", "", $variable); $data[$array_index]=addslashes($variable); } } } else // non-array, just a string { $data = strip_tags($data); $data = preg_replace($evilSQLArr,'',$data); $data = ereg_replace("[^[:space:]a-zA-Z0-9_.,@!$:~']", "", $data); $data = addslashes($data); } } else // just adds slashes for non-strict mode { if(is_array($data)) // one dimensional { foreach($data as $array_index=>$variable) { if(is_array($variable)) // two dimensional { foreach($variable as $index=>$var) { if(is_array($var)) // three dimensional { foreach($var as $i=>$v) { $var[$i]=addslashes($v); } } else { $variable[$index]=addslashes($var); } } } else { $data[$array_index]=addslashes($variable); } } } else // non-array, just a string { $data = addslashes($data); } } return $data; }

Actually I think you are incorrect. I ran this test and it did not work. $sql = "SELECT * FROM office; SELECT * FROM office"; $result = mysqli_query($db->LINK,$sql); $row=mysqli_fetch_assoc($result); print_r($row);

Glad I asked. I was unable to duplicate using mysql_query, but now at least I know mysqli_query is vulnerable.