X51

The only one I can remember right off the top of my head was for my site key on the log in page. It worked fine on the server, but in localhost I had to put quotation marks around the key for it to clear the error.

Thank you for that information, I'll look into that.

What are some examples of the kind of stuff you're having to change? Well I think most things I am having to change result from going from one version of php/mysql to another the WAMPserver has older versions that the server I am used to dealing with so I keep getting a lot of undefined function errors that require some code tweaks to eliminate. After dealing with this for a day and a half now I think it isn't as bad as I first thought it was going to be. Well until I upload it and go back to a different version of php/mysql that is. I suppose I could upgrade the environment on the WAMPserver.

Hmmm, you must know something I don't because I have to do things like this: $serverName = $_SERVER['SERVER_NAME']; $serverNameParts = explode('.', $serverName); if(count($serverNameParts) == 1) { $change_site = "localhost/website"; } else { $change_site = "website.com"; } $domain = "." . $serverName; session_set_cookie_params(120 * 60, '/', $domain); session_start(); and then for links that is where the $change_site variable comes into play: if(!isset($_SESSION['userInfo'])){ echo "<script language='JavaScript'>window.location='http://" . $change_site . "/log_in.php?return_link=" . $return_link . "';</script>"; }

For the last couple of years I ask very few questions but I always end up answering them myself, and this is no exception. I am using: $serverName = $_SERVER['SERVER_NAME']; and then checking the result to see whether the page is running local or in a domain and then writing the values of the variables accordingly so the page will work local and also when uploaded.

I have an up and running website that I want to completely revamp so I figured I would work on it locally then upload the new site when it is finished. Since I have never done this before it brings up questions on how exactly to do that. I downloaded and installed WAMPserver 2.2 and everything is working fine. I copied the site into the www folder and now the problems start yay! I am already having to change many things in my code for the working site to get it to run as localhost. How does a person go about writing code that works both as localhost and in the domain when uploaded? It seems to me that when the site is configured to work as one or the other there will be a lot of little things that won't work such as links, or sessions and such. I figured out how to make links work properly by using variables in the link so all I have to do is change the variable value from (for example) mysite.com to localhost/mysite My fear is that after I spend a month doing this that it will be a nightmare converting it over to work in the domain on a different server. I'm sure there are secrets and things that make this easier and I could use some help finding out how to best go about this. Thanks!

I did it! One of the problems was searches where a keyword is only 3 letters long that causes an exact match to be displayed with a low relevance since it omits the keyword in that case. But even so some searches with longer keywords were still being displayed after exact matches, such as a search for "hunger strike" might display as: hunger (some words) strike a pose followed by the workers formed a hunger strike both results have the keywords but I wanted the second one first. So it occurred to me to do an exact search followed by a loose search and after a LOT of trial and error I came up with the following query that does what I wanted, display exact matches first even if a keyword is 3 letters long. $exact_word = '"' . $word . '"'; $query_row = "SELECT *, CASE WHEN MATCH(text) AGAINST('$exact_word' IN BOOLEAN MODE) THEN 1 ELSE 0 END AS exact, MATCH (text) AGAINST('$word') AS close FROM book WHERE MATCH (text) AGAINST('$word' IN BOOLEAN MODE) order by exact DESC, close DESC";

Sure sounds simple lol. I have read about 20 different web sites explaining how to do this and have tried... oh I've lost count how many different ways to write the same query and I still can't get an exact match to display first. Could someone please point out what I am doing wrong. please I have a table that is a book. It has a field in it called 'text' that holds each sentence in a separate row and I want to search that text for matches contained in a cleaned variable ($word) entered by the user in a search box. The search gets me the correct information, but the order of the displayed sentences is not ordered properly. An exact match may be anywhere in the results. I have used the following queries (among others): $query_row = "SELECT *, MATCH(text) AGAINST ('$word' IN BOOLEAN MODE) AS relevance FROM book WHERE MATCH(text) AGAINST ('$word' IN BOOLEAN MODE) HAVING relevance > 0.2 ORDER BY relevance DESC"; $query_row = "SELECT *, MATCH(text) AGAINST ('$word') as relevance FROM book WHERE MATCH (text) AGAINST('+$word' IN BOOLEAN MODE) HAVING relevance > 0.2 ORDER BY relevance DESC"; $query_row = "SELECT *, ((MATCH(text) AGAINST ('" . $word . "' IN BOOLEAN MODE) * 10) + (MATCH(text) AGAINST ('$word' IN BOOLEAN MODE) * 1.5)) AS relevance FROM book WHERE (MATCH (text) AGAINST ('" . $word . "' IN BOOLEAN MODE) > 0 OR MATCH (text) AGAINST ('$word' IN BOOLEAN MODE) > 0) ORDER BY relevance DESC"; The middle one is the one I currently using, the other two display the relevance for EVERY row as 1 (or 11.5 for the last) . The middle one displays the relevance between 6.8 and 2.1 But the thing that drives me crazy is that in that range an exact match of the search terms are buried in the middle with a lower relevance than non-exact matches. The last query was an attempt to assign a higher relevance to an exact match but it isn't working as all results have 11.5 as the relevance. I sure could use some help in this matter.

That's pretty much what I thought, but wasn't sure about. I will stick to my non-delete policy I am going to consider this closed and work on another solution to this problem that doesn't include deleted rows. Thanks again for the valuable information!

Thanks for the reply. As I have been sitting here thinking about this I realized that my thinking is flawed. First, I have the invoice_number column set to 'unique' so I wont have duplicates (easily fixed by removing it). Second, since that record will always be inactive that number will always come up as the next invoice number unless there is also a check to see if it has been previously re-used. I normally don't delete info from a table, but I'm starting to think that my best bet would be to delete the record rather than make it inactive then there would be no problem in that area and my original query would work fine. The reason why I don't like to delete is that the table always creates overhead and needs to be optimized and I don't know what problems are created by that.

I have a table that contains invoice numbers and I want to find any numbers that are not used. So I borrowed and modified the following query to do just that and it works fine. SELECT start, stop FROM (SELECT m.invoice_number + 1 AS start, (SELECT MIN(invoice_number) - 1 FROM payments AS x WHERE x.invoice_number > m.invoice_number) AS stop FROM payments AS m LEFT OUTER JOIN payments AS r ON m.invoice_number = r.invoice_number - 1 WHERE r.invoice_number is null) AS x WHERE stop is not null The problem is that I have a column named 'active' in the table that is either a 1 (actively used number) or a 0 (inactive) I want this query to consider an inactive record as a missing number and reuse that invoice number, but am unable to figure out exactly how to do that. Every time I introduce 'WHERE active = 1' into the query it either says unknown column or that active is ambiguous. I was hoping someone could point me in the right direction to make this happen. My version is 5.1

Finally figured out how to get around this, only took a week Had to abandon this method completely and add another column to the scheduling table with a unique business name based on the schedule (rather than try to concatenate the business name with the week of service). Then use a left join to combine the tables with select distinct so only businesses with more than one variation of the schedule would show up twice in the drop down menu. So the string comparison no longer uses the account number (which would always be the same number if two variations exist) it now compares the unique business names so I can have the selected one be the one that was picked. The only real drawback I can see is that if I change a business name in one table I will have to remember to change this unique name also, but I don't see that as too big a problem.

OK so I'm having a pull my hair out moment. I have spent all day trying to figure this out. I have a select box for a list of customers where one customer is unique and I want that account to appear twice in the list. That part was easy and when selected the appropriate info populates the page. The problem I am having is that no matter which one of those two options I click it only selects the second option . So in other words if these are the two options in the list: Some Business Week 1 Some Business Week 2 when I click either, Some Business Week 2 is always the one selected even though the page populates correctly. Any thoughts on what I need to change? <?php do { mysql_select_db($database_customers, $customers); $query_multiple = "SELECT accnt, week, alt FROM schedule WHERE accnt = " . $customer['accnt']; $multiple_sel = mysql_query($query_multiple, $customers) or die(mysql_error()); $multiple = mysql_fetch_assoc($multiple_sel); $multiple_run = $multiple['alt']; if($multiple_run > 1) { for ($i = 1; $i <= $multiple_run; $i++) { mysql_select_db($database_customers, $customers); $query_get_week = "SELECT week, alt FROM schedule WHERE accnt = " . $customer['accnt'] . " AND alt = " . $i; $get_week_sel = mysql_query($query_get_week, $customers) or die(mysql_error()); $get_week = mysql_fetch_assoc($get_week_sel); $version1 = $inv_title . " Week " . $get_week['week']; $version2 = $customer['name'] . " Week " . $get_week['week']; ?> <option value="report.php?accnt=<?php echo $customer['accnt']; ?>&alt=<?php echo $get_week['alt'];?>"<?php if (!(strcmp($version1, $version2))) {echo "selected=\"selected\"";} ?>><?php echo $version2; ?></option> <?php } } else { $version1 = $inv_title; $version2 = $customer['name']; ?> <option value="report.php?accnt=<?php echo $customer['accnt']; ?>&alt=<?php echo $multiple['alt'];?>"<?php if (!(strcmp($version1, $version2))) {echo "selected=\"selected\"";} ?>><?php echo $version2; ?></option> <?php } ?> <?php } while ($customer = mysql_fetch_assoc($customer_sel)); ?>

Never mind I found it. As usual it was a brain fart!

Well I have tried many variations of that script I posted and none seem to work. Not sure why. I echo'd back the $site_key and it is there I checked the DB and the code inserts a 128 char string for the password. I checked all my spelling and such, but no luck.

Sweet I figured it was time to do some updating, well that and I just like tinkering with php. For me it is more of a rewarding hobby than anything else, but a hobby that comes in handy from time to time. Thanks for the reply.

OK that makes sense. So if this is used to concatenate the password: $hash = hash_hmac('sha512', $password . $salt, $site_key); Would this be correct to read it when logging in to the site? $hash = hash_hmac('sha512', $password . $member['salt'], $site_key); if ($hash == $member['password']) { $id = $member['userid']; $_SESSION['userinfo'] = $id; session_write_close(); header("location: somepage.php"); exit(); } else { $errorMessage = 'Sorry Your Information is Not Recognized'; } and where is a good place to store the $site_key?

First off I just want to say thank you for the valuable information I have been reading in this topic (for a few days) and I have updated my pages accordingly. My passwords are now salted with a random encrypted string and I am using sha1 but would like to switch to sha512. So I am playing around with some code to learn more about how it works and have noticed that: sha1(test) returns a94a8fe5ccb19ba61c4c0873d391e987982fbbd3 but sha512(test) just crashes the page. Can anyone help me understand why this is?

I see, thanks for the responses

I was under the impression that magic_quotes were being eliminated so I was searching for other ways to do the same thing.

So I am trying to find a good alternative to this code: function clean($str) { $str = @trim($str); if(get_magic_quotes_gpc()) { $str = stripslashes($str); } return mysql_real_escape_string($str); } I did a few searches here and just keep coming up with instances of its use rather than a solution as I was hoping for. I was also checking the php manual and found user comments on it, but am not sure what is best to use rather than the magic_quotes. Any suggestions?

So this is the fix I used. Does it look correct for a 2 hour session? session_set_cookie_params(120 * 60, '/', '.domain.com'); session_start();

It was as simple as that. Thanks for the help

I have a login page that after logging in it sets a session $_SESSION['user_info'] = $_POST['username']; and takes me to a start page (and checks for the session) which all works wonderfully. The problem is that no matter what link is clicked on that page it takes me to the login page again after checking to see if that same session is set session_start(); if(!isset($_SESSION['user_info'])){ header("Location: http://website.com/folder/log_in.php"); } After logging in a second time every link on that same start page works wonderfully. If it works the second time why not the first?

Thanks for the answer. Basically McAfee says passwords being sent over the internet in plain text leaving me open to a man in the middle attack when they do a scan. For now I have just removed the login since it isn't anything important to keep them happy.