drewbee

The variable $title should be coming from the $_GET parameter. There is, however, the variable $newTitle. Did you mean to put echo "$newTitle"; ?

Ok. After doing some tests and reading up on some benchmarking... mysqli_multi_query actually ran slower then looping through and updating each row individually. Seems kinda pointless? I havn't got to test this out yet, but how do transactions usually operate? {start transaction} {for loop 0 > 24; index = x} {update foo = bar, seed = hash where id = loop{x}} {/for loop} {end transaction; commit} Does this end up running as 25 seperate queries, or is it grouped and sent to mysql all at once?

^^^^^ Beautiful What is mysqli ? It can be used in conjunction with the old stuff, right? mysql_query etc.

Its from a script that will be running that is based launched off of user actions. At any time, this very script could be running 100's of times. Obviously there is some scability issues with that current setup. While I have faith that it will not have any hicups with 10 users running it, the amount that it potentially could be running at is the current user base that I have. This is why I am seeing an issue with this

Hello all, to summarize this i basically have a table that gets selected upon, then for each row that is returned needs to be updated. IE $query = mysql_query("SELECT id FROM tablename WHERE foo = bar"); while ($row = mysql_fetch_assoc($query)) { $update = mysql_query("UPDATE tablename SET column = 'blah' WHERE id = $row['id']"); } This is for batch processing so the records are actually pulled in earlier, and then updated later on. (ID and new information is saved in an array though) The batches will generally run between 25-50 records at atime, and obviously making 25-50 update statements in a few seconds is not deseriable. What is the best way to optimize this? Perhaps using transactions and do 1 final commit at the end?

Thanks Barand. I have the hardest time remembering that name for some reason!

jonsjava Yes --- what are they called? php, thoes are html comments :x

Everyone, I have been trying to explain to someone how to use the >>> code, but I have not used it in a long time and my syntax is off slightly. What are these called? I have been looking around for the name of it... but obviously searching google for ">>>" doesn't really help to much. These are called ........ blocks... ? echo BLAH>>> my text BLAH;

A proxy is used to spoof ones ip address by redirecting requests through it. A person with the IP address of 111 will use a proxy changing his ip address to 222. You will never know where the original request came from, only that it came from the proxy. Some of the more advanced proxies have rotating ip's, meaning one page load might show the user from the USA, and the next page load may show them from China, depending on the random IP pull from the proxy. IP Banning is really never a safe bet, because as stated above, the ones who you actually need to worry about will not be able to be blocked by there IP address due to proxies / spoofing.

There are different types of constraints and relationships, but I am not sure I understand why you would want to use a non-pk in one table as a fk in another? A relationship can be between anything; but it just makes sense to use the primary key.

The constraint will not add to the table if your current data violates the constraint.

hi MabiSm, I did have this set as well. While all I did was updated the PHP.ini with the same values that were already set, it seems to be taking effect now. Strange.

From what I am reading as well, in firefox you can get a plugin that changes your user-agent. If you set this user-agent to GoogleBot, you can see all the answers without scrolling all the way down. SEO SPAM anyone?

roopurt, OMG. You are correct. I can't believe I never seen that before. You have to scroll all the way down to the bottom ,but everything is re-repeated with the answer-unblocked. This includes the accepted solution. Wow... amazing... how in the world was this never noticed before (atleast by me?). I guess the assumption that the values were blocked out at the top kept me from looking below.

Everyone, I can't get error reporting to work on some of my files, yet it works on others. I cannot see what the consistency or the changes are in between, but at the top of every php file (class and class host file) I have the following: error_reporting(E_ALL); ini_set('display_errors', '1'); IN the php.ini I also have set error_reporting = E_ALL; When a fatal error occurs (sometimes), all I get is a white screen; and this is terriblely difficult to debug as you can imagine. Does anyone have any clues or insight as to what might be going on here?

I would think storing the salt in the db once again defeats the purpose of the salt. here is an example of a salt that is specific to a user (this is under the assumption the hacker doesn't have access to the source code files, preventing them from seeing the hash (or how it is generated for each user). You could do something like this: Lets say we have our accounts table account_id, username, email the salt could be an md5() of account id (always consistent and specific to that individual user $salt = md5($row['account_Id']); $userPassword = md5($salt . $_POST['password']); Is this reasonable?

Yes; but my point is lets say the user creates a password 'password'. Programtically we salt 123_ onto the beginning of it and we get 123_password, then encrypt it, and end up with our 32 bit password that we store in the database. If someone tries to brute force it and they enter 'password' into the box when trying to log on as a user, we have to progmatically attach '123_' to the beginning of what they entered so that the encryption will match up. The only place i see a salt being useful is if the database has already been compromised, and the breacher can see the encrypted password.

Hmm. I dont think i've ever used the <?php syntax before. I think it looks ugly :x

Hi Glenn. You need to learn to normalize your data. You should not be storing the specialties in the main table, but creating a child table for this. ie specialty_id, job_id, specialty_name. That way if you wanted to get the specialtyies of a job... select specialty_name from specialties where job_id = 'job_id'

Javascript cannot interpret PHP code. That is a ludicris statement. Yes, javascript can pass information to the PHP script. The PHP can output code that javascript can understand, but to say javascript can interpret PHP is a little on the wild side.

It seems that you are new to PHP. Please, PLEASE as a very basic security concern use the function htmlspecialchars() on any variable that is collected from user input and displayed on any page. Doing this helps prevent XSS injection attacks.

Yeah the random string attached is rather pointless, as it would have to be consistent. if there password is asdf, and we make it 123123_asdf. The next time a hacker tries to access the system it is required of you to use the same salt it would still have to be using 123123_$password. It is a rather moot use. I'm not to sure the double md5 helps either. If someone is trying to brute the password, in order for your system to find a match you need it to double md5 the input. the same word md5'ed twice still has the same outcome. This would however help prevent lookup attacks if the user already compromised the database and can see the encrypted password. This is when double md5'ing would be useful.

Right. I understand the importance of require_once. Currently I just do it through the normal require, and at worse if I call it twice I know it right away due to the class re-declaration error message. I also code with E_ALL error reporting level, so it is safe regardless. My scripts scream bloody murder at the littlest of things

Right ~ What was the point of that comment? How did it help him? Do you have any 'equisite' examples that you can show off? We are here to help and improve, not to criticize and put down.

Nice idea. Where do you usually house this autoload function? From what I can see, I would want to place this in my Page class.