bubblegum.anarchy
-
Posts
526 -
Joined
-
Last visited
Never
Posts posted by bubblegum.anarchy
-
-
Hi There,
Why does the following PHP code display nothing in a browser?
<?php print "<?php //username:password ?>"; ?>
-
What is the value of $j ? - maybe use sizeof($snowdata) instead, depending on application.
Consider something like this, for the fun factor:
for ($i = 0; $i < sizeof($snowdata); $i++) { $query = "INSERT INTO weather VALUES ("; for ($n = 1; $n <= 14; $n++) $query .= "'{$snowdata[$i][$n]}',"; $db->query($query = substr($query, 0, strlen($query) - 1).")"); } -
Try:
AND orders.OrderID IN (9,10,11)
-
-
It can be done in a single query as well, which may be useful if efficiency is important. IF you want to know how to do that, ask
I would like to know how since afaik an update can not be made based on a subset of the same table.
-
Add quotes to the query string.
-
$_POST[$value1] = isset($_POST[$value1]) && is_numeric($_POST[$value1]) ? "'".$_POST[$value1]."'" : "NULL"; $_POST[$value1] = isset($_POST[$value1]) && is_numeric($_POST[$value1]) ? "'".$_POST[$value1]."'" : "NULL"; settype($_POST[$id], "integer"); query = " UPDATE table SET column1 = {$_POST[$value1]}, column2 = {$_POST[$value2]} WHERE id = {$_POST[$id]}"; -
Probably something like this:
SELECT * FROM tablename WHERE ( hello = '1' OR hello2 = '1' ) AND id >= FLOOR( RAND( ) * ( SELECT MAX( id ) FROM tablename ) ) ORDER BY id ASC LIMIT 1
-
This is what I do:
SELECT * FROM repository ORDER BY sort_column IS NULL, sort_column
-
Might as well just:
SELECT id + 1
-
Step through the max three rows returned from the following:
SELECT tipType, group_concat(concat_ws('<BR />', concat('Tip Number: ', tip_num), concat('Tip Title: ', tip_title), concat('<IMG src="', tip_pic_top, '" />')) SEPARATOR '<BR />') AS tip_info FROM tipsntricks WHERE tipType IN ('exhaust', 'suspension', 'engine')Update the column names.
-
Does the following produce the same results faster?
SELECT sum(inquiries.iduser IS NOT NULL) AS icount, sum(response.iduser IS NOT NULL) AS rcount, ifnull(sum(ratings.total_value) / sum(ratings.total_votes), 0) AS avgscore FROM users LEFT JOIN inquires ON users.id = inquries.iduser LEFT JOIN responses ON users.id = responses.iduser LEFT JOIN ratings ON responses.idresponse = ratings.id WHERE users.id = '{$id}'Speed is probably more important when dealing with the dynamics of the Internet. Storage size is less dynamic and easier to control than bandwidth traffic.
-
Also consider switching:
if (array_key_exists('userid',$_SESSION)) {to:
if (isset($_SESSION['userid'])) { -
A primary key identifies a record and indexing increases search times; primary keys are indexed.
-
Pretty much just switch the double and single quotes.
settype($isOn, "integer"); mysql_query($query = " REPLACE INTO info_comments (Id, Text, isOn) VALUES (1, '".mysql_escape_string($aboutus)."', {$isOn})") or trigger_error(mysql_error()."<PRE>".$query."</PRE>", E_USER_ERROR); -
If there is only every going to be one comment per user than add a field to the profile table named comment otherwise create a separate table something like:
comment.user_id
comment.date_created
comment.comment
-
Define a column based on the outlined conditions and sort accordingly.
The column definition could include an IF ( order_details.date > CURRENT_DATE - INTERVAL 90 DAY, count(productid), 0 ) so that the value is 0 if the date is older than 90 days.
-
Grab both job and company information with a join, also use group_concat if you want a single job record with a column that contains all the associated company records instead of duplicate rows of job records along side respective company record.
-
An INT
A normal-size integer. The signed range is -2147483648 to 2147483647. The unsigned range is 0 to 4294967295.
Try a BIGINT instead
A large integer. The signed range is -9223372036854775808 to 9223372036854775807. The unsigned range is 0 to 18446744073709551615.
-
$srippicid = stripslashes(strip_tags($_POST['picid'])); //not workig
$escapepicid = mysql_real_escape_string($strippicid); //not working
$srippicid is missing a t
-
All the joins need to be LEFT JOINS
-
Try applying the mysql_real_escape_string() function to $newtext before the query string instantiation.
-
Consider this:
$query = sprintf(" INSERT INTO {$table_name} (name, address1, address2, address3, address4, postcode, fitting) VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s')" , mysql_real_escape_string($_POST['name']) , mysql_real_escape_string($_POST['address1']) , mysql_real_escape_string($_POST['address2']) , mysql_real_escape_string($_POST['address3']) , mysql_real_escape_string($_POST['address4']) , mysql_real_escape_string($_POST['postcode']) , mysql_real_escape_string($_POST['fitting'])); -
SELECT * FROM pictures a , attributes b , pic2att c WHERE a.id = c.picid AND c.addi = b.id AND ( b.id = 10 OR b.id = 12 )
Basic PHP Question
in PHP Coding Help
Posted
Hi premiso,
Then shouldn't the string content in quotes appear in the HTML source as a tag?
I actually do not want the username and password to appear in the source or be displayed in the browser so the code does what is required, i'm just trying to understand why for security reasons... <?php //username:password ?> makes more sense but does not work on the remote server (but works locally for some strange reason) in the particular API (AS3's URLRequest and URLLoader classes) used.
premiso, would you agree that the username and password values are inaccessible and secure?
Thank you for responding.