pontifex

I've inherited a website (www.bonniebakerlaw.com) and have found that the previous web developer had left the contact form in quite a shambles. As you can see it attempts to use a Captcha to validate users, but does not in fact work! I can leave the entire form blank (including the captcha) and still get to the "Thank You" page indicating the form was correctly submitted (This does not, in fact, actually generate an email correctly)! So before I delve into "Head First PHP & MySQL" to debug and correct the error, I was wondering if some kind person(s) would be good enough to point me to the relevant sections / documentation highlighting the fundamentals of building this type of form correctly coupled with the use of a Captcha as noted. Some code has been REDACTED to protect the innocent. I won't post the HTML of the form as it's available from the web site and is a fairly simple HTML construct. Form Code: <?php require_once('recaptchalib.php'); // Get a key from https://www.google.com/recaptcha/admin/create $publickey = "REDACTED PUBLIC KEY"; $privatekey = "REDACTED PRIVATE KEY"; # the response from reCAPTCHA $resp = null; # the error code from reCAPTCHA, if any $error = null; # was there a reCAPTCHA response? if ($_POST["recaptcha_response_field"]) { $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if ($resp->is_valid) { echo "You got it!"; } else { # set the error code so that we can display it $error = $resp->error; } } echo recaptcha_get_html($publickey, $error); ?> "Thank You" page Code: <?php $visitor = $_REQUEST['visitor'] ; $visitormail = $_REQUEST['visitormail'] ; $State = $_REQUEST['State:'] ; $Address = $_REQUEST['StreetAddress'] ; $City = $_REQUEST['City:'] ; $Zip = $_REQUEST['Zip:'] ; $Phone = $_REQUEST['Phone:'] ; $Fax = $_REQUEST['Fax:'] ; $Emailed = $_REQUEST['Emailed'] ; $Phoned = $_REQUEST['Phoned'] ; $Faxed = $_REQUEST['Faxed'] ; $Postaled = $_REQUEST['Postaled'] ; $Description = $_REQUEST['IssueDescription'] ; if ($Emailed == "y") { $req1 = " Email \n" ; } if ($Phoned == "y") { $req2 = " Phone \n"; } if ($Faxed == "y") { $req3 = " Fax \n"; } if ($Postaled == "y") { $req4 = " Postal Mail \n"; } $req = $req1 . $req2 . $req3 . $req4 ; $message = "name: $visitor email: $visitormail Address: $Address City: $City State: $State Zip: $Zip Phone: $Phone Fax: $Fax Requested contact by: $req Description: $Description " ; mail("redacted@somedomain.com", "redacted@somedomain.com: contact page", "$message", "From: $visitormail" ) ; ?>

I've inherited the web site of the law firm (as per the subject). I'm more of a system administration guy, less web design. Still learning how best to bring the web site "up to code". If you have any helpful suggestions, I'd appreciate it: www.bonniebakerlaw.com Also if there are any PHP "best practices" / design patterns I should be aware of as I start my PHP education I'd appreciate links to blogs / definitions / documentation as applicable.

Bump.

I'm trying to make a search widget from this (CAUTION PROCESSOR INTENSIVE) resource. As you can see, it's (apparently) XML - from the tags at the top and the general form - but my test widget code doesn't show any tags being processed by the parser. Output from 'phpinfo()': 'PHP Version 4.3.11' Pretty old, so I'm messing around with fopen() and similar functions. Code: <?php function open_tag_handler ($parser, $name, $attributes) { print 'Opening Tag '.$name."<br />"; } function close_tag_handler ($parser, $name) { print 'Closing tag '.$name."<br />"; } #complete later after initial test <--- function tag_content_handler ($parser, $data) { } #creating parser if (! ($xml_parser = xml_parser_create()) ) { die ("Cannot create parser"); } xml_set_element_handler($xml_parser, 'open_tag_handler', 'close_tag_handler'); xml_set_character_data_handler($xml_parser, 'tag_content_handler'); $wowhead_XML = 'http://armory.worldofwarcraft.com/search.xml?fl%5Bsource%5D=dungeon&fl%5Bdungeon%5D=dungeons&fl%5Bdifficulty%5D=normal&fl%5Btype%5D=armor&fl%5BusbleBy%5D=all&fl%5Bslot%5D=all&fl%5BsubTp%5D=all&fl%5BrqrMin%5D=&fl%5BrqrMax%5D=&fl%5Brrt%5D=all&advOptName=defenseRating&advOptOper=gt&advOptValue=0&advOptName=dodgeRating&advOptOper=gt&advOptValue=0&advOptName=parryRating&advOptOper=gt&advOptValue=0&fl%5Bandor%5D=or&searchType=items&fl%5BadvOpt%5D=defenseRating_gt_0&fl%5BadvOpt%5D=dodgeRating_gt_0&fl%5BadvOpt%5D=parryRating_gt_0'; $file_pointer; $content = ''; if (! ($file_pointer = fopen($wowhead_XML, 'rb'))) { die('Cannot open '.$wowhead_XML.' for reading'."<br />"); } while (!feof($file_pointer)) { $content .= fread($file_pointer, 8192); } fclose($file_pointer); if (!xml_parse ($xml_parser, $content) ) { $reason = xml_error_string(xml_get_error_code($xml_parser)); $reason .= xml_get_current_line_number($xml_parser); die($reason); } xml_parser_free($xml_parser); ?> No errors. It just doesn't print anything. I theorize I might be hitting a hard limit on the source string ($wowhead_XML variable above), which is huge. Any thoughts? --Pontifex

I think I understand what you're getting at. Still, I'm not strong on my database theory, so you'll have to bear with me as you explain seemingly obvious things. I got some help from someone who does much more database interaction than I and he gave me this general plan of attack: location table (denotes characteristics of the location and vital statistics) person table (denotes people and their information) event table (denotes an activity that a person wants to do, contains an ID a date / time, a person_id and location_id) event_person_association table (links together event_id's and person_id's) Thus you can search the event_person_association table for people that have common events. This seems like a good idea, though a bit verbose. *shrug* Intellectually I assume that the event table and the event_person_association table have 'foreign keys' into the other tables to link them together. But I want to be sure I have the right idea conceptually. This wasn't terribly helpful as it's explanation assumes some knowledge of databases. But I think I have the right idea that the foreign keys would link the tables together and provide indexes into other tables as well as cross referencing. This is all well and good, but I'm unable to formulate any successful SQL with the idea in mind. I've been using MySQL administrator to do most of my table creation work and it's been a nice interface; But it doesn't always work correctly. I don't know if the SQL database I'm using is configured correctly (I'm using a remote one not configured by me), but the MySQL tools I'm using don't actually generate valid SQL sometimes. When trying to generate code for the event table: CREATE TABLE `RadRob_sacredweb`.`events` ( `event_id` INTEGER UNSIGNED NOT NULL AUTO_INCREMENT, `date_time` VARCHAR(45) NOT NULL, PRIMARY KEY (`event_id`), CONSTRAINT `fk_instance_id` FOREIGN KEY `fk_instance_id` () REFERENCES `Instances` () ON DELETE RESTRICT ON UPDATE RESTRICT, CONSTRAINT `fk_player_id` FOREIGN KEY `fk_player_id` () REFERENCES `Players` () ON DELETE RESTRICT ON UPDATE RESTRICT ) ENGINE = InnoDB; I get this, which is not valid SQL. No errors are reported until an actual commit to the database, which is less than helpful for debugging. I found this, which implies that the syntax should be: CREATE TABLE `RadRob_sacredweb`.`events` ( `event_id` INTEGER UNSIGNED NOT NULL AUTO_INCREMENT, `date_time` VARCHAR(45) NOT NULL, PRIMARY KEY (`event_id`), CONSTRAINT `fk_instance_id` FOREIGN KEY `fk_instance_id` () REFERENCES `Instances` ('instance_id') ON DELETE RESTRICT ON UPDATE RESTRICT, CONSTRAINT `fk_player_id` FOREIGN KEY `fk_player_id` () REFERENCES `Players` ('player_id') ON DELETE RESTRICT ON UPDATE RESTRICT ) ENGINE = InnoDB; Where 'instance_id' and 'player_id' are columns in 'Instances' and 'Players' tables respectively. Though the examples in the above link have 'indexes' and seem to have different syntax than the things I'm trying to form here. By the way the creation of invalid SQL by the MySQL Administrator is not limited to these sorts of operations, I have observed several times that the simple creation of normal tables will fail without some tuning by hand. Usually these sorts of errors are extra parenthesis, but it is enough to convince me that the SQL generation on these products is substandard at best. I no longer trust it to do the SQL generation for me, except in the simplest of forms. Which is why I'm trying to puzzle out the syntax here. --Pontifex

I'm not very up on my database theory, so I don't know exactly what you're talking about, but a quick google search came up with this: http://www.tonymarston.net/php-mysql/many-to-many.html Which I think is what you're talking about. The problem is that the author is being so obtuse that I can't quite grasp the solution to the problem. Some of his example code: CREATE TABLE `a` ( `a_id` varchar(6) NOT NULL default '', `a_desc` varchar(40) NOT NULL default '', PRIMARY KEY (`a_id`) ) CREATE TABLE `b` ( `b_id` varchar(6) NOT NULL default '', `b_desc` varchar(40) NOT NULL default '', PRIMARY KEY (`b_id`) ) Creating two tables to hold our 'many to many' data. I assume these would be the 'times of day', I mentioned above. Next the "index" table, contains two foreign keys to the other tables: CREATE TABLE `x` ( `a_id` varchar(6) NOT NULL default '', `b_id` varchar(6) NOT NULL default '', PRIMARY KEY (`a_id`,`b_id`) ) A sample select: SELECT x.a_id, x.b_id, b.b_desc FROM x, b WHERE (x.a_id = 'whatever') AND (b.b_id = x.b_id) I think what he's doing here is matching the ID's of A and B together and retrieving all the information where they intersect. I think I'll have to do some testing, to see how this works. But is this solution you were outlining? Since I'm going to have quite a few tables to link together, would I need one of these X tables to link each pair or could I get away with a massive index or tiered index? --Pontifex

I'm doing a project to create a sort of scheduler widget for a group of friends of mine and I have no idea how to structure the tables for optimal queries and joins. Here's a contrived example of the kind of data I'm going to be dealing with: Say user Alice wants to get together with user Bob. Alice has a set of things she wants to go to, call them the 'restaurant', 'movies', 'shopping' and 'park'. Bob has a similar set of items that overlap in a few places, but not all; Say 'arcade', 'park', 'restaurant', 'batting cages' and 'the back seat'. The two want to get together to do something, so this obviously involves a join on the database holding their places they want to go. We're going to get an intersection at 'park' and 'restaurant'. But, I have many more things which my users want to get together for, numbering in the 20s-30s. So obviously some segmentation is in order, but I'm not sure where to segment. I struck on the idea to segmenting these items into the time of day that they take place. For example: Night Time -> 'restaurant', 'movies', 'the back seat' Morning -> 'park' Any Time -> 'arcade', 'batting cages', 'shopping' Where 'Night Time', 'Morning', and 'Any Time' are tables. Then I can do joins on the tables to find intersections. I'm just concerned about the overhead of: a) making the tables and putting all rows in (e.g. storage on the server) b) efficiency, Will a multi-join on something like 10 tables with all that data be efficient? c) server maintenance, with all those tables doing an update throughout all the tables, even with PHP is going to be significant. Also I'd like for the users to be able to rate their activities so that groups can be formed based upon how much someone wants to go do an activity. Also I'd like to be able to have users form lists of people they absolutely don't want do to anything with and form groups based upon their exclusions. Is there an optimal table configuration for my idea here?

Well like I said above its been working pretty solidly. Data base queries of both the 'set' and 'get' nature (reading and writing to the database) have been working perfectly with no errors or warnings from PHP. Is there a module I can include, like Perl, that would enforce stricter adherence to the syntax of the language? Because I've been using the '$this->$var' syntax all throughout my code and I have yet to see one syntax error because of it. Here's my constructor: function MySQL_DB() { #instance connection to the database $this->$connection = mysql_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD) or die (mysql_error()); #these are set only in their functions to avoid excess load #set to defaults for now $active_users = -1; $guests = -1; $members = -1; } The $connection is also non-false when I test it. Which is not to say that it's not undefined, but I have been doing some pretty complex data base interactions without errors and success reported every time except this latest error. You suggestion to modify '$this->$connection' to '$this->connection' seems to have worked to resolve my problem. But what was going on before!? --Pontifex

I've been working on a little project to learn PHP, building something nice for my friends and help me get a job. I ran into snag at about 3am (now ) and I found a workaround, but I don't quite understand what's going on. I've spent most of the day building a database interaction class to use with my script. Every thing's been going well, until I started to test multiple functions together. Code: function calc_active_users() { $query = 'SELECT * FROM '.ACTIVE_USER_TABLE; #select the schema to query from mysql_select_db(DB_NAME, $this->$connection) or die(mysql_error()); #do the query and error reporting $result = mysql_query($query, $this->$connection) or die(mysql_error()); $this->$active_users = mysql_numrows($result); mysql_free_result($result); } function calc_guests() { $query = 'SELECT * FROM '.GUEST_TABLE; #select the schema to query from mysql_select_db(DB_NAME, $this->$connection) or die(mysql_error()); #do the query and error reporting $result = mysql_query($query, $this->$connection) or die(mysql_error()); $this->$guests = mysql_numrows($result); mysql_free_result($result); } Pretty simple. I'm going to be keeping track of the users visiting my site and those that are logged in at the moment. I'm going to store this information in the database and these functions retrieve some information about these tables. I've successfully setup the tables and each function works alone. But when executed together... It doesn't matter the order I execute them in, the second one executed doesn't have a handle to the database connection. I've declared the $connection globally to the class and have no problems accessing it. I've read that the mysql_connect() function closes the connection after the script is completed, but here the connection seems to be closing right in the middle. The work-around I've found that works is simply a reconnect function appended to the beginning of these two functions. The reconnect function just refreshes the already open (?) database connection and everything works as I expect. function db_connect() { $this->$connection = mysql_connect(DB_SERVER, DB_USERNAME, DB_PASSWORD) or die (mysql_error()); } So I'd like to know. Is this really necessary to call multiple functions via the object or am I doing something wrong? --Pontifex