DavidAM

You say you are using a LEFT JOIN, but your example is using JOIN. There is a difference. If you are using a LEFT JOIN, then there may be rows coming from the outer table that have a NULL UserID. Since you are not ALIASing the selected columns, I guess the last column named UserID in the SELECT list (probabaly coming from the outer table) is overwriting the column named UserID that comes earlier in the select list. I would have expected mySql to automatically qualify the column names with the table names, but I don't see that happening in my tests and it does not appear to be the case from your (partial) var_dumps(). I don't know if there is any way to exclude repeated columns. I really doubt that there is. You have explicitly asked for all columns and that is what you get. A couple of rules I follow when selecting data from the database [*]Never use * unless you absolutely need every column defined for the table; [*]Never use * even if you think you need every column defined for the table; [*]Never select multiple columns with the same name and data (i.e. UserID from more than one table); [*]Always alias any columns with duplicate names Why? If you use SELECT *, you don't really know what column names (array keys) are in the returned row. If you have some code that depends on only certain keys being present, and you later modify the table (add or remove columns) you will break your code. Using SELECT * causes all data from the selected rows to be transferred to your application. If you are not using every column, you are wasting resources. Especially when JOINing multiple tables, the amount of data retrieved and returned can be significant. Furthermore, if you select only the data you need, and all of the data you need is "covered" by an index, the server may not have to read the data rows which can save time during the query. Oh yeah, and you don't run into problems with outer join tables overwriting data from the inner tables. One other thing I'll note. What is the effect of using GROUP_CONCAT() without a GROUP BY phrase? I have never tried this so I don't know if it would cause problems or not.

Since you are getting a resource from mysql_query(), the query is execting successfully -- there are no syntax errors. Since mysql_fetch_array() is returning false on the first call, the query returned zero rows. Are you sure that $blobId contains what you think it does? Try echoing out $dbQuery before you execute it. Then copy and paste into your mySql command prompt. It could be that $blobId has trailing spaces or newlines or something else that you did not type at the command prompt. You might try using trim() on the $blobId before putting it in the query.

I think what joel24 was saying is to build up the date string and run it through strtotime() to get the unix time. Something like this: for ($ind = 1; $ind <= 8; $ind++) { $dateStr = sprintf('%d/%d/%d %d:%d %s', $_POST['dateMonth'][$ind], $_POST['dateDay'][$ind], $_POST['dateYear'][$ind], $_POST['dateHour'][$ind], $_POST['dateMinute'][$ind], $_POST['AMPM'][$ind]); $userTime[$ind] = strtotime($dateStr); } print_r($userTime); I like sprintf(). You could choose to use concatenation (did I spell that right?) or even mktime() (with special handling for the HOUR and AMPM values). There are probably other ways as well. * This code is: not tested; does not sanitize the input; and assumes all POSTed values are valid. The user is responsible for cleaning it up as necessary.

@objNoob The 4100 is a numeric LITERAL. You most certainly CAN use literal values in a SELECT statement as well as an INSERT ... SELECT ... statement. You can also use string literals as long as you quote them. I've been doing it for 20 years. @sean04 The most efficient way - especially if the new values are constant for all rows - is to use the INSERT ... SELECT ... statement. One trip to the database to create ALL the rows.

The basic query would be something like this: INSERT INTO tbl_packages (PackageID, OfficeID, NumUsers) SELECT PackageID, 4100, NumUsers FROM tbl_packages WHERE OfficeID = 2333 That would do the insert all at once. You can add any other columns you see fit.

See the PHP manual (if you are running 5.2 or later) filter_var() You can search this site or Google. I have seen that question answered many times.

Collect the messages to be output in an array, and output them at the end. // Array to collect messages $messages = array(); //Display errors. if($FirstName=="") {$messages[] = $error1; } if($LastName=="") {$messages[] = $error2; } if($PhoneNumber=="") {$messages[] = $error3; } if($State=="") {$messages[] = $error4; } if($EmailAddress=="") {$messages[] = $error5; } // Don't do this part unless we have no errors if (empty($messages)) { //Display correct contact date. if($State == "NY") { $messages[] = "Hello $FirstName $LastName! Thank you for contacting me. I will get back to you within 2 days, before " .date("d M Y", $day2); } if($State == "NJ") { $messages[] = "$Hello FirstName $LastName! Thank you for contacting me. I will get back to you within 3 days, before " .date("d M Y", $day3); } if($State == "Other") { $messages[] = "$Hello FirstName $LastName! Thank you for contacting me. I will get back to you within 1 week, before " .date("d M Y", $day7); } } // END if empty($messages echo implode('<BR>', $messages); ?> <p><a href="index.htm"><span class="style1">Return Home</span></a></p> </body> </html>

//Display errors. if($FirstName=="") {echo $error1; exit;} if($LastName=="") {echo $error2; exit;} The exit call, exits the script. Lights out, close the door, goodbye! NOTHING after the exit is executed. (This means the link at the bottom of the script file is never sent to the browser.) If you have to have the exits, move your link up to the top of the page.

Since file_exists() is a PHP function, it needs the real path to the file; not the path relative to your document root. If that uploads directory is in your document root, you can change that to: $path = $_SERVER['DOCUMENT_ROOT'] . "/uploads/"; $sheet = $path.$url; if (file_exists($sheet)){

the file_exists() function will check to see if a file exists.

The name of your textarea is not "file_contents" it is "content. So the page code would be: if ( isset ($_POST ['content']) ) { file_put_contents ('notes.txt', $_POST ['content'] ); }

Content-Type: text/plain;charset=iso-8859-1 I'm getting a Content Type of plain text. You might need to have your cgi send an html Content-Type header. Content-Type: text/html;charset=iso-8859-1

^M is a carriage return. You need to use an editor that will save the file in "unix" format - line feeds only - no carriage returns.

Sorry, I did not mean to offend you. I guess I need to make more use of the smileies But what I was saying was that if you make the image clear enough so YOU can OCR it, then it is not going to protect much since the bad guys can OCR it, too. If you look at line 71 of the code you posted, the answer to the CAPTHA is placed in the session $_SESSION['security_number'] = $session_var; so your second page can just compare the user's answer with the value in the session. It will be much easier to do, more secure, and will use less system resources.

If you are developing a CAPTCHA system for your site, I would suggest passing the numbers and operator - or even simpler, just the answer - in a session rather than trying to OCR the image. If you can OCR your image, then someone else can OCR your image and the CAPTCHA becomes usless. If you are trying to OCR a CAPTCHA so you can spam some other site ... well, shame on you.

To send an image from PHP to a browser, you have to first send a content-type header to tell the browser that you are sending an image (and the type of image). This cannot be done in the same script that is sending an HTML page. You can NOT mix HTML and binary data. You also cannot send more than one image at a time. If the FTP folder is in the public area of your website, then the <IMG ...> tag (you have commented out) will work IF you specify the SRC attribute relative to your website's root directory. If the FTP folder is NOT in the public area then you have to specify another PHP script as the IMG SRC attribute with a parameter. For instance: <IMG src="/getFtpImage.php?file=filename.ext"> Then write the getFtpImage.php script to send the content-type header, read the file and send it (the binary data) to the browser.

do you have any articles detailing this? i'd like to know what kind of overhead there is. Because really if you have a form with a lot of fields, some of which are allowed be empty, are you really going to add code to check all these fields for empty then assign a value to them before you assign them to a variable? Aside from any overhead that may or may not exist and may or may not be "significant", ignoring notices is a BAD idea. Retrieving a value from a variable that does not exist is, in my book, an ERROR. Taking your example: "if you have a form with a lot of fields, some of which are allowed be empty, are you really going to add code to check all these fields for empty": YES, I am going to check every field. If you do not check every field and you ignore notices, what happens when you misspell or mis-capitalize one of the field (or array element) names. You have notices turned off so the script goes on its merry way, and you do NOT get the correct results. Then you spend hours searching though the logic looking for a flaw when the problem would have been easily spotted if you had displayed AND read the errors (notices). As to assigning a value to the fields that are allowed to be empty, I don't recommend that. I use the ternary operator: $wholesale = (isset($_POST['wholesale']) ? $_POST['wholesale'] : '');

Yes it is. You should NOT be relying upon javascript calculated values anyway. A malicious user can hijack your form and make the total whatever they want it to be. You need to be recacluating on the server-side. If you do want the user to be able to edit those fields, then by all means make the fields editable. But, I don't think that is what you are wanting. If you don't want the user to be able to edit those values but you think you can safely rely upon JS calculated values that the user could potentially modify, then you could always create a second set of fields for those values and make them hidden fields. It is still a security risk though. I agree with everything mjdamato said except for adding hidden fields. If you want fields to be visible and be posted, but don't want the user to modify them, I believe you can use READONLY instead of DISABLED. However, as mjdamato said, it is a simple matter for a malicious user to change the form (or use CURL) to post values that are completely different from what should be in the field. You MUST do the calculations on the SERVER after the form is posted.

Are you sure that you are specifying the directory name correctly? That error message indicates you are trying to access /proc/uptime which is owned by root.

That's why databases were invented: to handle large amounts of data. They are designed to do queries on tables holding "tons" of data. as premiso said: "index the columns that the database is queried on". An index provides a pointer to the rows that contain the indexed data, this way the database server can go directly to the indexed data instead of having to read thousands of rows. as juddster said: "You don't need to keep re-indexing tables" You create the index ONCE then whenever data is added to (or removed from) the table, the database server updates the indexes. The database servers have tools to evaluate a query so you can see where indexes need to be created. See EXPLAIN PLAN

I don't really see why you would get a blank page; but here are a couple of points to help discover the problem. 1) When you get a blank page, use the 'View Source' feature of the browser to see if there is anything being sent that is not visible. This might help isolate the problem. 2) Put the following lines at the top of your script - immediately after the openning PHP tag: <?php error_reporting(E_ALL); ini_set('display_errors', 1); this should show any errors that occur which might be preventing the script from working. 3) Change all of your short tags to full tags. Using short tags is a bad habit and can lead to problems - not all servers support short tags. For instance: // THIS LINE OF CODE ... <?elseif(isset($_POST['send'])):?> // ... SHOULD ACTUALLY BE ... <?php elseif(isset($_POST['send'])):?> 4) That big IF statement looks hinky: <?if(isset($_POST['send'])&amp;amp;amp;amp;amp;amp;amp;amp;&amp;amp;amp;amp;amp;amp;amp;amp;(!validateModel($_POST['model']) || !validatePrice($_POST['price']) || !validateDescription($_POST['description']) ) ):?> What are all those amp;'s in there? that should probably be: <?php if(isset($_POST['send']) AND (!validateModel($_POST['model']) || !validatePrice($_POST['price']) || !validateDescription($_POST['description']) ) ):?> I'm guessing that line originally was if ( ... && ...) but has been run through htmlspecialchars() (or something) about 9 times. Which makes me wonder about the integrity of the script. At any rate, I use AND instead of && and I use OR instead of ||. I just think it is easier to read. Mixing them may not be a good idea though, they do have different levels of precedence.

Putting .sql on a filename does not make it an SQL file. This is a data file. The example you show does not give enough detail for a definitive answer. However, with the example as shown, you could use a PHP script to process the data: // Retrieve the entire data file into an array $data = file('name of file'); // Process each element of the array - i.e. each line of the file foreach ($data as $line) { // Breakup the line on the space character $cols = explode(' ', $line); // Build the INSERT statement $sql = sprintf("INSERT INTO table_name (col1, col2) VALUES ('%s', '%s')", $cols[0], $cols[1]); // Execute the query mysql_query($sql); } This code is not tested, just written off the cuf. There are other ways to do it: If the file is too big to load into memory, you can use fopen(), and fgets() to read and process one line at a time. The INSERTs could (and probably, should) be consolidated into batch insert statements for better performance If there are other columns in the file, you will need to determine the best way to split it (i.e. is the file delimited by spaces, commas or what? or are all columns a fixed length) mySql has a LoadFile (or something like that) command that might be used on a file of this nature, so a PHP script would not be necessary As I said, this is not an SQL file, so look at the other import options of phpmyadmin. I'm not sure what is available, but it might have a means of importing data if you define the structure.

The description of your problem sounds familiar. For instance: function getTitle() { echo 'Title of Page'; } echo '<TITLE>' . getTitle() . '</TITLE>'; That code will exhibit the symptoms you described. The function is outputting the text during the call, which happens before the TITLE tag is output. The correct way to write that is: function getTitle() { return 'Title of Page'; } echo '<TITLE>' . getTitle() . '</TITLE>'; Here the function is returning the value, so it ends up in the string between the TITLE tags. I think if you check your functions you will probably find this scenario.

It is very difficult to design a database based on a few (incomplete) potential entries. It is also very difficult to design a database without knowing how the data is to be used. However, I'm going to tell you the absolute perfect way to design this database ... Looking at the image, I would convert that sheet to 3 tables (of course, I tend to over complicate things, so someone else may have a different idea). I would not even consider creating a single table with all of those columns. That would not be "normalized" and would not really be relational (there's nothing to relate to), it would just be a spreadsheet. Table 1: Products ID INT UNSIGNED AUTO Primary Key PartNo VARCHAR MFR Style VARCHAR Brand Style VARCHAR Description VARCHAR Even though you already have ID's assigned, I would make the column AUTO INCREMENT -- to support new products being added. You should be able to insert the data with the existing ID values - and I would if the customer is used to using these values currently. PartNo should be a unique index as well I don't see any uniqueness (except id and part number) in the data you provided, but I have included a description field and you may have other data elements that apply only to the product itself, as well Table 2: Options ID INT UNSIGNED AUTO Primary Key OptName VARCHAR These are the options across the top, just the names: i.e. Brass Locks, etc This table is just for the relationship to the third table Other data specific to the option itself could be included here Table 3: ProductOptions ProductID INT UNSIGNED Foreign Key to Products OptionID INT UNSIGNED Foreign Key to Options Price DECIMAL An entry in this table means the option is available for the product and gives the price Note: IF the price is always the same regardless of the product, the price could be moved to the Options table. This design does not address potential issues. Such as, 1) Does the product support both the 3x5 Card Holder and the 4x6 Card Holder at the same time (i.e. are some options mutually exclusive) In this case, I might add an OptionGroups table to define group names. Then include the GroupID in the Options table. Then the application can ensure that the user picks only 1 item from each option group. Or something along those lines. 2) What about the flip side of that, do some options require the presence of another option (i.e. do I have to select some style of Rims in order to put some style of Tires on my Car?) This would require some deeper analysis.

This line is incorrect: $data = str_replace("$old","$new","$string"); By enclosing $old and $new in quotes, you are forcing PHP to convert the arrays to strings, which will be the word "array". It is not necessary, and in fact sometimes hurtful, to enclose a variable in quotes when assigning it or passing it to a function. Change the line to: $data = str_replace($old, $new, $string);