thehippy

You're going to have to explain your design more, tell us what you're using, generally give more details and/or give us some code.

I assume given the new topic in this subforum titled 'Cakephp using a foreach loop in a controller function', that these are related issues and that your problem in this topic is a Cake problem which you neglected to mention. Do not double post, simply update/reply to the topic with what you have tried that has not worked for you, it is helpful and courteous to those who wish to help you solve your problem. If you are getting an infinite redirect loop, look at your code where you are redirecting. Under what condition will you redirect? What happens when you redirect? If for instance the conditions that trigger a redirect are met again by your redirect, weeeeee happy infinite loop time.

Haven't touched java in awhile but can you use method overloading to do what you want? public class Calculator { public double sum(double first, double second){ return first + second; } public int sum(int first, int second){ return first + second; } }

User clicks 'Upload' to add file(s) to upload queue json controller gets queue object and pushes message(s) to queue In the background.... Write a scheduler (cron'd php) to check every n-minutes if there is a upload in progress else pop the next message (file to upload) in queue upload file (initiate bash script or w/e) The actual queue can be a simple database table or something more specialized like an AMQP server. Seems simple enough to me, am I missing something?

As a comical tangent, I saw this on twitter a few days ago...

Design wise, its fine, its a simple place to start off from. Couple things though. Will options be shared across entire application? For instance the genres will they be supplied by the user? If so, do you show all users everyone elses' genres? Its a simple thing to make private. Users like choices, having a single choice for Project.Genre for example, I foresee you getting a request down the line to add the ability to have multiple genres. Project Crew.crew_status, users will probably want to setup presets for different status levels. More business minded users will also want to track history of things like status changes. Consulting your client about user needs and expectations comes in handy with what you do and do not need. Naming, yours is inconsistent. Its very common to have repetitive column names, but a DBA will only yell at you if they're nice. Format.format_title should just be Format.title, saves typing time, if similar attributes in JOINs are your concern use better aliases. Most DBs will not allow spaces in names, choose single word table names when possible. Consult your DB docs about table naming, some just UPPER() table and attribute names, you can save a few CPU cycles if that's the case by having it done to begin with, thought not truly necessary. No indexes indicated, fix that before I get a shovel out. Do you intend your application to be multilingual? Small things really, better than a lot of the things I've had to deal with.

When it comes to performance, there is never just one reason. Some decent resources, start reading... Pro PHP Application Performance (Book) mysql.com/performance High Performance MySQL (Book) google resources on website performance High Performance Web Sites (Book)

Is there a question? Here's some reading about asking questions.

Check out the websites in question to see if they have a web API to retrieve data from. For example if you were wanting to collate the results from Google, Yahoo and Bing, each of those websites have an API. Though, not all are free. The alternative, if the websites in question do not have an API is to retrieve the raw web document (HTML, XML) and search it for the data you want, called scraping. Be sure to read the website' terms of service, as they might have limitations on that type of activity (such as requests per minute), also have your scraper read and follow robots.txt After retrieving the data from the websites in question, its a simple matter of storage and display.

I'd say whatever gets the job done. That said having an understanding of how the components work is essential to debugging UI components, good design, etc. I used to use the JFormDesigner before JetBrains made its Swing Designer in IntelliJ IDEA less sucky. Its great for rapid prototyping, like Delphi/C++Builder was. But at the same time you'll find yourself diving into code to tweak everything and sometimes verify correctness (container hierarchy is fun!).

MySQL has nearly always targeted the enterprise market, so there are lots of 'why choose'... type articles/white papers up on their website. PHP is much more community run, so try the companies that have embraced and supported it. For example Zend comes to mind, IBM have partnered with Zend, might want to try their archives of white papers and so forth. If that is indeed what you're looking for.

IIRC ttl_height = $(( $height + 80 ))

If you knowingly do not put any protections in place to verify the threat of the files, it would make your site a distributor of viruses and depending on your location and the location of your users can be a criminal offence, be sure to consult your lawyer to come up with a licence agreement to mitigate your liability and warn your users of the risk.

Invoke external command line AV scanner, clamav for instance or one of the many out there, commercial or not they usually have a command line interface. There are a couple of bindings I know for PHP but those are maintained poorly/not updated, so its best just to hand it off to the CLI.

The 'name' and 'type' attributes from $_FILES are provided from the client, so you'll need to treat those as user input and filter/validate them. I would say that common/safe practice would be to ignore them both and use your own naming and do some detection on the type. The 'name' attribute can be a bit nefarious, the client could provide '../../etc/passwd' as the name for instance and that's definitely not a file you want to write to. And of course using some kind of antivirus on the server to scan incoming files is common sense. Microsoft in particular has had some buffer overflow issues with their image libraries and an AV scanner should detect those, not something you want to be redistributing from your site.

The PDF file format is not a plain text markup, so opening the file raw and searching it isn't going to yield you reliable results. You'll need to interpret the file with something that understands the format. I needed to do something similar and found how sphider made use of xpdf and catdoc for pdf's and doc's respectively. xpdf has a couple utility programs, pdfinfo and pdftotext which you use to extract the metadata and text which you can in turn search.

SQL has naming conventions and style standards, and conventions dictate that table names be singular of the entity that they store attributes of. A single entity of user data would have that table name be called user and and attribute in the user table be accessed as user.name and so forth. Also it makes your code look cleaner and that's always nice. Take another coder's perspective into account with regards to your naming, if they're looking at it for the first time. For example password really isn't descriptive enough password_md5 and password_salt or password_sha1 would be better and wouldn't have the coder looking through code to make proper use of the data. Do your integer values need to be signed (positive/negative)? Try not to use SQL extensions when you don't have to, such as MEDIUMINT, TINYINT, where INT(5) and INT(1) provides the same functionality. If you ever switch RDMS it can be a headache. users.id and users.user_id is confusing, you should clarify it. tinyint(1) is a bit/boolean field, users_logins.failed_logins, users,_users_roles_id, users_statuses_id doesn't make sense to me, unless there are only two of each. users.users_roles_id and users.users_statuses_id, this seems limiting, a user can only have one role and one status. If I understand what you're trying to do with the users_logins table, I'm unsure that it provides that purpose. Do failed login attempts really belong to the user they were attempting to login as? A more generalized login attempt logging mechanism may be more robust. Standardize your 'id' fields across tables by using the same sized column data type, makes life easier. The User-Agent header has no limit specified in any of the RFCs, 150 characters will not contain many you'll find in the wild, 255 isn't enough, 500 will catch nearly all but the odd exception. I know its not strict convention but I like to have 'FK' in the name of foriegn key columns. So users_logins_sessions.user_id becomes users_logins_sessions.user_id_fk. You didn't mention the table types or indexes you would be using so I didn't assume or comment. I'm too tired, sorry if I didn't make much sense. I'll check back after I've had some sleep.

Quick and dirty answer: You're wishing to store hierarchical data, google can point to many tutorials on the subject.

thank you for the recommendation, isn't Bjarne the creator of C++? can't really get a more reliable resource than that. As much as anyone can be the creator of C++, he was the first to create an implementation of it. C++ of course grew quite rapidly, has been standardized and has many extensions added which Bjarne participated with as part of the standards committee.

Is it only local network clients that are having the problem? It may be that the router may not be setting up a loopback address. Lots of these SOHO routers separate logically the external IP and the internal network. Meaning when a client on the local network requests the DNS or IP of the external address the router just passes the request on without asking itself if the router knows that IP and you get a problematic response. If that sounds like what's happening, you're going to need to look into documentation if the router supports a loopback address. I know some Linksys/Cisco and Netgear SOHO products do and some that don't, its kind of hit or miss.

http://www.phpfreaks.com/tutorial/php-security http://php.net/manual/en/security.php

If you want to move on beyond basic programming in C++ and get to using the features I would suggest The C++ Programming Language by Bjarne Stroustrup. I always had trouble with the concepts of the core C++ abstractions and Bjarne's explanations I found the best. The only critique I have about the book is that the writing is a bit dry and academic. If you take the authors involvement with the language though he presents insights that you rarely get with other programming books.

My advice is to not throw away the tools you're using already, at least not right away, transitioning to a framework will take time. A CMS provides a package of existing tools where with a framework you may have to build your own tools. I was previously using thatware, php-nuke and postnuke a long time ago in what now seems like a past life. I was used to the block layout plugin system that those previously mentioned CMSs used, when I started writing sites from scratch I found myself writing such a system, and an article system, and a caching system and an ad management/tracking system and so forth. Even using a framework, you may find yourself in need of a few or even a great many tools you had relied upon without much consideration. Take the time to learn the framework, figure out what tools you may be missing so you can efficiently make a website and be sure to properly build and test your toolset, its money after all. This may seem like common sense, but once you have all the things you need to make a website / web application, create a skeleton or boilerplate project and as you take on projects refactor it to continually improve it. If you have it in revision control it'll make life easier and if you ever need to update older projects you worked on it'll make that transition easier as well.

The 'bots' that are doing the scanning are usually compromised peoples computers organized into larger botnets which are usually made up of hundreds of thousands of hosts. Maintaining an up to date blacklist would be a nightmare and counter productive. DNS blacklists (dnsbl) are maintained of email spammers but I don't know any reliable ones that maintain one for botnets/scanners/probers. What you can do is setup an intrusion detection system/intrusion prevention system IDS/IPS and you'll quickly learn the amount of probing that goes on, its not just on your http port that's scanned and it certainly is not solely you, everyone is scanned and its been going on for so long its common place to net admins. The IDS can detect potential threats and adjust your firewall, Snort is a popular FOSS tool for this. ACID or BASE can provide a web interface and analysis from the Snort logs as well, you'll definitely get an education in popular exploits botnets scan for with those. As thorpe said this is happening all the time and is largely nothing to be overly concerned about as long as you're vigilant with keeping software up to date. I often tail the snort alert log for shits and giggles, its like a geeky matrix screen saver with all the text scrolling by.

There has been a great deal of news lately about 'Can a Programming Language be Copyrighted?' because of the SAS case in the EU courts. The result was that they cannot be as it would be akin to copyrighting an idea, which would stagnate innovation and create oppressive monopolies. The Java programming language is not proprietary, the Java programming is a standard as with nearly all programming languages. Sun was and has been the primary authority for the Java standard, every since the release of the Java source the Java community has taken more of a role in the standard. Another thing to note, is that there are many implementations of the Java programming language, obviously Sun, now Oracle is the most widely used implementation, but Microsoft, IBM, GNU, Apache and many other lesser known alternative implementations exist. The parts of Java that can be proprietary is what is contained in the implementation of the programming language, the compiler, jvm, libraries and so forth.