mika

My issue: this is a simplified piece of code to demonstrate what I'm trying to do. I need some kind of interaction, a way to instruct the controller what to do when a model parameter is not valid. I'd like to have an automatic validation(before query execution) that the controller is not aware about, a method like $myModel->validate(); inside the controller seems redundant. class Controller_User extends Controller { public function __construct() { parent::__construct(); } public function msg($text) { parent::display(array('message'=>$text)); } . . . } class Model_User extends User { protected $_controller; public function __construct($controller) { $this->_controller = $controller; } public function onParameterNotValid($name) { /* here you can have a call to user redirect, a retype of the wrong value, ... */ $this->_controller->msg('Parameter "' . $name . '" is not valid'); } . . . . }

Hi I'm trying to implement MVC design in my personal framework and I was wondering if it is a good idea to pass the controller object to the model... M, V and C are supposed to be independent but I'd like to be able to call the controller when something unexpected happens inside the model. For example, when validating query parameters the model should be able to notify the controller what went wrong and a controller action should be triggered. What is the best way to accomplish that? thanks

Please provide more information. 1. are there any errors: first SQL, second SQL; is $pacientID non empty? 2. are records from 'internari' deleted or not 3. are there any other foreign keys associated to "pacienti" 4. other messages, notices,...

Try with this: $host="localhost"; $username="root"; $password="administrator"; $db_name="model_healthcare"; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $pacientID=$_GET['pacientID']; $tbl_name = 'internari'; $sql="DELETE FROM $tbl_name WHERE pacientID='$pacientID'"; $result=mysql_query($sql); $tbl_name="pacienti"; $sql2="DELETE FROM $tbl_name WHERE pacientID='$pacientID'"; $result=mysql_query($sql2);

$tbl_name = 'BIGGER TABLE'; $sql="DELETE FROM $tbl_name WHERE pacientID='$pacientID'"; $result=mysql_query($sql); Replace BIGGER TABLE with exact table name. I hope this is what you would like to do.

The record you are attempting to delete is used in some other table(s). You should delete these record(s) first.

I assume $rows should be replaced with $row_Recordset1... Again do Input Sanitization

Echo your $sql statement and check what is the pacientID value. Also check the link, if pacientID= is not empty.

Another thing. You are allowing SQL injection. Sanitize your input data or at least do this $pacientID=(int)$_GET['pacientID']; assuming pacientID is an integer.

You are missing the <?php tag, short tags are not enabled on your server: Change: <td width="192"><a href="delete_inregistrare.php?pacientID=<? echo $rows['pacientID']; ?>">Elimiare Pacient</a></td> to <td width="192"><a href="delete_inregistrare.php?pacientID=<?php echo $rows['pacientID']; ?>">Elimiare Pacient</a></td>

For debugging purposes, you should echo the exact error, not a general message, replace: echo "ERROR"; with echo mysql_error(); and see what it says.

ALTER TABLE tablename AUTO_INCREMENT = 1

Are PHP sessions safe? Session ID is automatically sent to the server via session cookies. Is there any safer and at the same time efficent method? Is sending session IDs via url more secure? I believe it is not very practical.

Can you be more specific, any examples?

Can someone please help to find the most important login precautions in terms of security. For example, I'think the most important is: 1. string escaping, prevent SQL injections 2. 3. ... I know It's hard to find and consider all of them, that's why I'd like to have a list of the most important.

Please, look at my post on omnimint.com http://www.omnimint.com/A4/PHP/PHP-Calculate-the-date-of-the-last-day-of-the-previous-month.html

It means you'll have to pass the initial seed to every page where it is needed, the example uses $_GET, include the initial seed in your URLs: <a href="somepage.php?paginationRandSeed=<?php echo $paginationRandSeed;?>">My link</a>

http://phpexcel.codeplex.com/ is a neat library for manipulating Excel files

You can make an additional PHP script directory outside the web server's document root. Make sure the directory is writable by the web server. This way the files are always accessed by the web server but not by the web browser directly.

Thank you very much, it's working now!

The thing is I need the information from which class the object was instantiated or which class the method was called from ; in other words I need as a result of my sample ABCABC. I think a static method will always return AAAAAA, am I right? Can you post me some code for your solution. Thanks.

I'd like to figure out the name of a class that is not instantiated yet, here is an example: <?php class A { public function myClassName(){ if(is_object($this)) { return get_class($this); } else { // __CLASS__ and get_class() return always A return " ? "; } } } class B extends A {} class C extends B {} // here is what I expect to be $a=new A(); echo $a->myClassName(); $b=new B(); echo $b->myClassName(); $c=new C(); echo $c->myClassName(); // but here ... echo A::myClassName(); // want A echo B::myClassName(); // want B echo C::myClassName(); // want C ?> Maybe there is no straight solution and I'm doing all wrong here.

Just tag your PHP code <? ... your code ... ?> and put it in your .htm/.html file. If PHP is well configured it should work. I thin this is what you meant.

phpBB3 but never tried a commercial one