Jump to content


  • Posts

  • Joined

  • Last visited


Posts posted by bubblegum.anarchy

  1. use SET to store the insert id between queries.


    SET @question_id = last_insert_id();
    INSERT INTO question_option (question_id, question_option_id, creation_date, last_updated_date, question_option_text, question_option_correct) VALUES   
    ( @question_id, 1, NOW(), NOW(), '', 1),
    ( @question_id, 2, NOW(), NOW(), '', 0),	
    ( @question_id, 3, NOW(), NOW(), '',0),
    ( @question_id, 4, NOW(), NOW(), '', 0);

  2. have 2 salts and 1 hash..

    when they login use

    md5($_POST['pass']+salts1) = user login password

    to decrypt data use

    md5($_POST['pass']+salts2)  = data password (store in session)

    i would use 2 salts to make it a little more secure


    does that make sense ?


    No... but then again I do not really need to understand.


    What I initially understood was that the encrypted password would be used as the key string in des_encrypt thusly:


    SELECT @key_string := md5('secure_password');
    UPDATE the_table SET the_field = des_encrypt('Some sensitive information stored in the database', @key_string);
    SELECT des_decrypt(the_field, @key_string) FROM the_table

  3. probably got some holes in that idea but still, its a thought

    Yeah - the salt would have to be the encrypted password which is stored in plain text for a hacker to use as a salt against the encrypted information, the only thing stopping a hacker would be the lack of knowledge that the information is salted with the encrypted password.

  4. how didn't it work? - did you get a mysql error? or no records removed?


    Use a LEFT JOIN so that the album record is removed regardless of whether or not there is a connecting song record.


    EDIT: also be sure that $albumid contains a value or a current record id.

  5. I do not understand these two seperate calls to the file() function.


    // Load file and add it to the array $lines
    echo "Loading File...";
    $lines = file('http://www.tylerbiscoe.com/phptest/datafeeds/products.txt');
    echo "Done. <br /> <br />";
    // Insert the data into the database
    echo "Inserting Data...";
    $lines = file('http://www.tylerbiscoe.com/phptest/datafeeds/products.txt');


    Place a count straight after the above code to see how many lines are returned:

    exit("<PRE>\n\nThe number of lines: ".sizeof(lines)."\n\n</PRE>");


    consider changing this:


    foreach ($lines as $line_num => $line) {
    $element[$line_num] = explode("|", $lines[$line_num]);
    $vendor = $element[$line_num][3];
    $itemName = $element[$line_num][1];
    $itemNumber = $element[$line_num][0];
    $catergory = $element[$line_num][21];
    $spicture_url = $element[$line_num][5];
    $lpicture_url = $element[$line_num][6];
    $description = $element[$line_num][11];
    $price = $element[$line_num][14];
    $status = $element[$line_num][18];
    $link = $element[$line_num][4];


    to this:


    foreach ($lines as $line) {
    $element = explode("|", $line);
    $vendor = $element[3];
    $itemName = $element[1];
    $itemNumber = $element[0];
    $catergory = $element[21];
    $spicture_url = $element[5];
    $lpicture_url = $element[6];
    $description = $element[11];
    $price = $element[14];
    $status = $element[18];
    $link = $element[4];


    and finally - print out each insert to the screen to be sure that each insert is there and not failing at the mysql level.

  6. According to the PHP manual mysql_let_fields is deprecated - use mysql_query("SHOW COLUMNS FROM table"); instead, or simply DESC table, something like this:


    print "</PRE>";
    $result = mysql_query("DESC table");
    while ($record = mysql_fetch_assoc($result)) 
         print $record['Field]."\n"; // prints a column name
    print "<PRE>";

  7. Strictly speaking, that's not very robust, since that substring could appear anywhere in the products_image string (although unlikely) -- hence my suggestion of a regex.


    Yes, off coarse fenway - I recently developed a habit of naming images with dot seperators like btn.edit.gif so an image named btn.giffer.gif would end up being named btn.jpgfer.jpg - but as you suggest, unlikely.


    MySQL really should apply full regular expressions so something like UPDATE table SET value = REGEXP '/(.+)\.gif$/\1.jpg/i' could be performed.

  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.