manwhoeatsrats

So far when it comes to debugging my script, I am dependent upon parsing errors to give me the line of code that is messed up. of course that is not entirely accurate, for like the case where you leave out a } in an if statement as it says the problem is at the end of the document. Another common tool I use is the echo statement. this helps to see if values are being set, and if they are being set correctly. I also like notepad++ because if you select a begging bracket it will highlight the ending bracket..... These are the most common methods I use in trouble shooting.... my question is this. Are there any programs out there, that really help in debugging scripts? I am talking purchased and open source. Are there any other debugging tips that you guys recommend.

I just miss read what you posted. to do the query is simple once you have it built. it would be something like. $your_connection = mysql_connect("*****","*****","*****"); $foo = mysql_query($the_query, $your_connection) or die(mysql_error()); $get_your_info_into_an_array = mysql_fetch_assoc($foo);

Here is an example of what I am talking about. this is currently a work in progress, and is made for updating a mysql table. $user_update_query = "UPDATE users SET "; if (isset($_POST[update_user])) { if ($_POST['access_level'] != $row_get_user_info['access']) { $access_level = $_POST[access_level]; $user_update_query = $user_update_query . " access = '" . $_POST['access_level'] . "', "; } else { $user_update_query = $user_update_query . " access = '" . $row_get_user_info['access'] . "', "; } if ($_POST['reset_account'] != $row_get_user_info['account_status']) { if ("Locked" == $_POST['reset_account']) { $user_update_query = $user_update_query . " account_status = 'Locked' " . ", "; } else { $user_update_query = $user_update_query . " account_status = '" . $row_get_user_info[account_status] . "', "; } if ("Yes" == $_POST['reset_account']) { $new_password = createRandomPassword(); } } } if ("Yes" == $_POST['reset_password']) { $reset_password = "Yes"; }

I don't know much about the stored procedures, but seeing as how no reply has been made. have you chekced the new mysql manual? here is an article that might help http://www.mysql.com/news-and-events/newsletter/2004-01/a0000000297.html

pretty much it was a quick code I wrote that would preform the function you need, based off of the post variables it takes $the_query and adds to it dependent upon if the post variables are empty. This will work, I have acually done it before; however, I do have a recommendation. Do not try doing the query right away. instead when you get directed to this page, just echo $the_query and check the syntax. I am sure you will need some minor tweaking, like placing a coma here, a single quote there... I have found that echoing values to be a very helpful trouble shooting tool.

well, your next page is going to have a number of post variables.... so something like this for each of the fields... <?php $the_query = "SELECT * table_name WHERE "; if (!empty($_POST['asearch']) { $the_query = $the_query . "active_player = " . $_POST['asearch']; } if (!empty($_POST['clubno']) { $the_query = $the_query . " clubno = " . $_POST['clubno']; } ?> I am sure there is a much better way to do it, but I know not what that is. hope this is helpful.

if (isset($_GET["cmd"]) =="edit" || (isset($_POST["cmd"]) =="edit")) wait a sec. reading this I am assuming that you are wanting to: check and see if $_GET['cmd'] is set, then you are wanting to see if it set to edit. then you are going or if the $_POST['cmd'] is set, then you are wanting to see if it is set to edit. this should not work, as written, and I am surprised if you are not getting a parsing error. This seems a but over kill to be honest, but the way you would write that statement is if ((isset($_GET['cmd']) && $_GET['cmd'] == 'edit') || (isset($_POST['cmd']) && $_POST['cmd'] == 'edit')) now does it really matter if the value is set? It seems to me all you want to do is see if it is set to "edit" in which case this code would work. if ($_GET['cmd'] == 'edit' || $_POST['cmd'] == 'edit')

I still don't quite understand what you are trying to do; however, looking at the code you provided. try changing the if (!$_SESSION['auth'] == true){ to if ($_SESSION['auth'] != true){

Need a bit more detail.... just a guess... if someone is not logged in and they try to go directly to a page, then they would not have a session started. so possibly something like this at the top of your page <?php if (!isset($_SESSION['auth'])) { header("Location: notallowed.php"); } ?>

well not all of them. I am talking the the IP address, hashed password, time of login, and username.

thanks for the advice. I had never thought of giving an ambiguous error messege. that makes logical sense. As for the IP address, once again a good idea. I could acually create a row in a transaction table that stores the same values as the session variables I set, and each page compares the session variables to what is in the database.... oh and the password, I had not thought about putting it in a session variable I was just going to do the session checks based off of the user id...but if I am going to go through the the trouble of passing an ip address as well, I might as well pass the md5 hash as well. Thanks a lot for the help. you guys got the old noggen grinding now. lol

xampp installs an apache server, along with mySQL, and php..... I mean if you just want apache by itself, that is fine, but keep in mind that php is NOT built into apache. so if you are storing php scripts they will not work with apache alone. also, I do not understand.... it is to easy? are you wanting it to be difficult? I mean for a learning purpose or something?

most of my work has been on a company intranet, so while security is an issue, it was not an extremely major one because of a series of fire walls. I am now designing a program that will be used on the internet, and now security is a major concern. the log in page I have setup does the following. 1. asks for a username, if the username is not in the database, it gives a warning stating such. 2. if the password is in the database then it compares the password typed to a md5 hash that is stored in the user table. 3. if the password is accepted it sets a session variable of the username and access level user, admin ect.... 4 if the password is rejected then 3 tries are given to try again. after that the account is locked, and the hash of a random 32 digit number is put in the password place. each time someone tries that log in it changes again. after 6 attempts the IP is banned from the site..... my question is, what else can I do to make the site more secure, besides checking for session variables being set. and am I going to far with the log in page?

use something like this <?php $totalrows = mysql_num_rows($the_results_of_your_query); //gets the total number of rows with this information if ($totalrows == '0') { echo "Date is not in database"; } else { echo "date is found in database woot!"; ?> as for the nearest date...I am not sure. see I have always stored a unix time stamp in the database instead. if it is in a unix time stamp, then you can easily preform another query with something like. if it is not there, then is there one within the next 3600 seconds?

you would likely be able to do it with javaScript. unforunetly, javascript is one of my weak points. If you have control of the server however, you can easily install apache, mysql and PHP. in fact you can have it up and running in under 20 minutes. I recommend Xampp it is available for windows with a self installer, and is available for linux and even macs. http://www.apachefriends.org/en/xampp.html I wish I could be of more help, but once again I am not good with javascript. cheers

I have always used php on the next page to populate fields from a previous form. here is an example. first a simple form <form name="form1" action="foo.php" method="POST"> <input type="text" name="value1" value="this is a test" /> <input type="submit" value="submit" /> </form> then the script which is called by the form action. <form name="whatever" action="" method="POST"> Input type="text" name="whatever" value = "<?php echo $_POST[value1]; ?>" /> </form> Notice in the form the beginning and end of PHP. This is how you pull the post value into the field on the next page. keep in mind you can also put hidden fields on the form of the first page. hope this helps

Well the <!-- is the start of an HTML comment and the --> is the end of an html comment. so I would guess that it is just a comment; however, HTML comments have been used to hide javaScripts from old web browsers. something like this. <script language="JavaScript"> <!-- Here you put your JS code. Old browsers will treat it as an HTML comment. //--> </script> so the real question is this. do you see a script tag before the comment?

Just an observation. you do not have a value for your submit button. how can you have a post variable if it has no value.....I suppose it is possible it could be NULL or empty...... I would try to do this. <input class="send" type="image" src="images/submit.gif" name="submit" value="submit" /> Not sure if that will fix your issue....it might not

if you want to store the time of each hit, then I don't see any other way besides doing another table. if your majorly concerned about the table getting to large then, you can always setup a script that will clear out the oldest records. To be honest though, I don't think it is really a major concern. you are talking about a table that stores very little information. Last I checked myISAM had a limit of 4gigs of info per table. I have a database with over 10,000 records in one table, with 40 different fields, and it is only using 20MB..... If you are using InnoDB it is much higher.... oh and on that 10,0000 records, I can search a blob and still get the results back in under a second. So really this should not be a major issue.

just an idea. create another table that is a transaction history. each time an item is clicked, it injects into this table creating a new transaction with the date. now for the display. you will likely only want to display the top hits do a sum query something like $query = "SELECT type, SUM(hits) FROM products ORDER BY hits ASC" I hope this is a workable idea

I have seen a div placed over a table before. Here is an example of it <div align="center"> <table> <tr> <td> blah </td> </tr> </table> </div> or are we talking about something else?

well if you have a something that begins with a " you have to have the same ending for that statement. just like a ' has to have an ending. this is really very useful for something like a SQL query $query = "UPDATE table_name SET colum1 = '10' WHERE colum2 = 'pie' "; as you can see at the beginning of the query I have double quotes then I have another double quotes at the end. any values in the query have single. quotes. Basically this allows you to have quotes inside of quotes. I hope this makes sense...

just an idea here, because it looks like your acually calling this script from a form on another page. have you thought about using header("Location: " . $theurl); after the action is preformed?

Hey guys, I joined quite a ways back, but because of work have not been on that much. I am decent at dealing with PHP and mySQL, but am by far not an expert. So far my experience on this site has been pretty good, and the response time is pretty quick as well. I have answered a few questions, and look forward to continuing in this community.

I highly recommend mysql and php. Phpmyadmin is a great utility. I use it quite a bit. if you are willing to spend a bit of money though for your SQL I like "SQL Maestro for MYSQL" it is roughly 200 bucks. though there are numerous other free programs out there that will do the same thing. if you are wanting a simple install of mysql, php, and phpmyadmin. try googling Xammpp