Jump to content

bubblegum.anarchy

Members
  • Posts

    526
  • Joined

  • Last visited

    Never

Posts posted by bubblegum.anarchy

  1. Hi premiso,

     

    Then shouldn't the string content in quotes appear in the HTML source as a tag?

     

    I actually do not want the username and password to appear in the source or be displayed in the browser so the code does what is required, i'm just trying to understand why for security reasons... <?php //username:password ?> makes more sense but does not work on the remote server (but works locally for some strange reason) in the particular API (AS3's URLRequest and URLLoader classes) used.

     

    premiso, would you agree that the username and password values are inaccessible and secure?

     

    Thank you for responding.

  2. What is the value of $j ? - maybe use sizeof($snowdata) instead, depending on application.

     

    Consider something like this, for the fun factor:

     

    for ($i = 0; $i < sizeof($snowdata); $i++)
    {
         $query = "INSERT INTO weather VALUES (";
    
         for ($n = 1; $n <= 14; $n++) $query .= "'{$snowdata[$i][$n]}',";
    
         $db->query($query = substr($query, 0, strlen($query) - 1).")");
    }
    

  3. It can be done in a single query as well, which may be useful if efficiency is important.  IF you want to know how to do that, ask :)

     

    I would like to know how since afaik an update can not be made based on a subset of the same table.

  4. $_POST[$value1] = isset($_POST[$value1]) && is_numeric($_POST[$value1]) ? "'".$_POST[$value1]."'" : "NULL";
    $_POST[$value1] = isset($_POST[$value1]) && is_numeric($_POST[$value1]) ? "'".$_POST[$value1]."'" : "NULL";
    
    settype($_POST[$id], "integer");
    
    query = "
          UPDATE table 
          SET column1 = {$_POST[$value1]}, 
                column2 = {$_POST[$value2]}
          WHERE id = {$_POST[$id]}";
    

  5. Step through the max three rows returned from the following:

     

    SELECT tipType,
       group_concat(concat_ws('<BR />',
           concat('Tip Number: ', tip_num), 
           concat('Tip Title: ', tip_title), 
           concat('<IMG src="', tip_pic_top, '" />')) SEPARATOR '<BR />') AS tip_info
    FROM tipsntricks 
    WHERE tipType IN ('exhaust', 'suspension', 'engine')
    

     

    Update the column names.

  6. Does the following produce the same results faster?

     

    SELECT 
        sum(inquiries.iduser IS NOT NULL) AS icount,
        sum(response.iduser IS NOT NULL) AS rcount,
        ifnull(sum(ratings.total_value) / sum(ratings.total_votes), 0) AS avgscore
    FROM users
        LEFT JOIN inquires ON users.id = inquries.iduser
        LEFT JOIN responses ON users.id = responses.iduser
        LEFT JOIN ratings ON responses.idresponse = ratings.id
    WHERE users.id = '{$id}'
    

     

    Speed is probably more important when dealing with the dynamics of the Internet.  Storage size is less dynamic and easier to control than bandwidth traffic.

  7. Pretty much just switch the double and single quotes.

     

    settype($isOn, "integer");
    
    mysql_query($query = "
        REPLACE INTO info_comments (Id, Text, isOn) 
        VALUES (1, '".mysql_escape_string($aboutus)."', {$isOn})") or trigger_error(mysql_error()."<PRE>".$query."</PRE>", E_USER_ERROR);
    

  8. If there is only every going to be one comment per user than add a field to the profile table named comment otherwise create a separate table something like:

     

    comment.user_id

    comment.date_created

    comment.comment

     

  9. Grab both job and company information with a join, also use group_concat if you want a single job record with a column that contains all the associated company records instead of duplicate rows of job records along side respective company record.

  10. Consider this:

     

    $query = sprintf("
        INSERT INTO {$table_name} (name, address1, address2, address3, address4, postcode, fitting)
        VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s')"
            , mysql_real_escape_string($_POST['name'])
            , mysql_real_escape_string($_POST['address1'])
            , mysql_real_escape_string($_POST['address2'])
            , mysql_real_escape_string($_POST['address3'])
            , mysql_real_escape_string($_POST['address4'])
            , mysql_real_escape_string($_POST['postcode'])
            , mysql_real_escape_string($_POST['fitting']));
    

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.