Jump to content

Recommended Posts

  • Replies 50
  • Created
  • Last Reply

Top Posters In This Topic

Oh right so its the php.ini file I need to change. Thanks.

 

Change what?

 

How can I get a user to follow another user. I need seperate the ID of the profile against the ID of the person who is logged in.

 

Just work through the logic.  Once you have the logic, it will all make sense.

 

User A wants to follow user B.  User A might also want to follow user C, D, and K.  You will need to create that relationship within the database somehow/where; otherwise, how will you/your system knows who is following who?

Edited by mrMarcus

I know for a fact you've been told to research normalization, and you've also been spoon-fed information on proper normalization. You consistently ask questions about the same thing you've already been told how to handle it. 

 

Dogs have this thing where they are unable to generalize concepts. Are you a dog? Because that might explain why you need to be told every time to normalize your data, and stop pooping everywhere.

The plan is to use 'follow', 'follow1', 'follow2' etc... and when a user clicks the follow button their ID number enters into the next available follow row.

 

Its the only way I can think of doing it.

 

OK, but your query does nothing of the sort.  Anytime somebody hits the 'follow' button, the `follow` column in the `users` table is updated per that ID.  Every single row.  You need to hadd clauses to that query, and/or (preferably OR) change up your table logic.

 

`users` table has the user_id

 

`follow` table has `id`, `user_id`, `follow_user_id`

 

You would then INSERT those values into the `follow` table so that a user can follow an unlimited number of other users.  Keeping that data in the `users` table is not recommended, nor can I see how it would even work/scale.

 

Set a key on (`user_id`, `follow_user_id`)

 

<?php
if (($_GET['do'] == 'follow') && !empty($_GET['id'])) {
   // check if user is logged in
   if (($_SESSION['auth']) && !empty($_SESSION['current_user_id'])) { // whatever your $_SESSION variable is for logged in users

       if ($_SESSION['current_user_id'] == $_GET['current_user_id']) {

           // other checks here to determine various ID's are numeric, etc.

           $sql = "INSERT INTO `follow` (`user_id`, `follow_user_id`) VALUES (". (int)$_SESSION['current_user_id'] .", ". (int)$_GET['id'] .")";
           if (!mysql_query($sql)) {
               if (mysql_errno($link_identifier) == 1062) { //$link_identifier is necessary to avoid conflicting error notices due to multiple openning/closing SQL connections
                   // duplicate attempt to follow
                   // handle accordingly
               }
           }
       }
   }
}

 

Now you can join that table when checking for whether a certain user is following another user.

Edited by mrMarcus

I know for a fact you've been told to research normalization, and you've also been spoon-fed information on proper normalization. You consistently ask questions about the same thing you've already been told how to handle it.

 

Dogs have this thing where they are unable to generalize concepts. Are you a dog? Because that might explain why you need to be told every time to normalize your data, and stop pooping everywhere.

 

As we have discussed a few points can you please be specific in what this related to. This could be a useful exercise to learn this normalization wizardy you speak of.

Just give up, MrMarcus: You're only wasting your time. As Jessica said the OP either cannot learn, or he doesn't want to learn and is just trolling. I'm not quite sure what would be the best, but either way trying to "help" him is a utter and complete waste of time.

Hi MrMarcus,

 

This is looks very good but its getting very complicated. Lets say the first person joins would their ID automatically be added to the table 'follow' or would it be when the first person follows them.

 

Why is it best to have seperate table for followers?

Just give up, MrMarcus: You're only wasting your time. As Jessica said the OP either cannot learn, or he doesn't want to learn and is just trolling. I'm not quite sure what would be the best, but either way trying to "help" him is a utter and complete waste of time.

 

Its not a waste of time. My site is really coming together and Im learning new things all the time. Its improving every time I work on it.

Just give up, MrMarcus: You're only wasting your time. As Jessica said the OP either cannot learn, or he doesn't want to learn and is just trolling. I'm not quite sure what would be the best, but either way trying to "help" him is a utter and complete waste of time.

 

Can't help it.. I'm a teacher at heart.  If he was trolling that would be nothing short of amazing, though.  Such dedication to his craft.

Hi MrMarcus,

 

This is looks very good but its getting very complicated. ...

Sweet Jezus, this is so far from complicated it can't even see it on the horizon.

...This could be a useful exercise to learn this normalization wizardy you speak of.

It's not wizardry, fundimentaly it's common sense taken a step further to be practicaly applicable to RDBS's.

Do you genuinely suffer from encapsulated multiple personality dissorder? You don't recall the numerous previous discussions about normalising your data for other tables?

Muddy Funster, you might want me to trade childish insults with you but Im not going to. It is complicated. Espectially for someone with no coding experience before. Saying someone has learning difficulties is just childish and silly. If you've nothing good to say then its not worth hearing.

 

But like I keep saying my site is improving all the time. I just keep getting stuck thats all.

 

For example I've just trying to finish a password reset script. It to literally 2 minutes to set it up to enter a plain text password but when I apply MD5 it says:

 

An error occurred Unknown column 'd41d8cd98f00b204e9800998ecf8427e' in 'field list'

 

To me it looks logical enough. I am saying that the input from the field is resetpassword which I want to be converted to MD5. Im then saying that I want it to be string $newpassword which I want to insert into password.

 

Like I said it took literally two minutes to set it up to accept plain text but when I try to add MD5 I get stuck.

 

 

 


<?php

 $errors = array();
$success = array();

function mysql_real_escape_array($t)
{
return array_map("mysql_real_escape_string",$t);
}
function trim_array($ar)
{
return array_map("trim",$ar);
}
if(isset($_POST['form_id']))
{
$_POST = mysql_real_escape_array($_POST);
$_POST = trim_array($_POST);



if($error == "")
{
$newpassword = md5('resetpassword');
 $sql = "
 UPDATE
	 users
 SET
	 password = $newpassword";

 $result = mysql_query($sql) or die("An error occurred ".mysql_error());
}
}
?>
<div class="registerinfopagecell">
<div class="registerpageheaderorganiser">
Choose a New Password
</div>
<div class="registerform">

<form class="form_id" class="appnitro" method="post" action="">


<ul >




<div class="forminputcell">
<div class="datainput">
<li class="li_1" >
<div class="forminputleft">
Your New Password:
</div>
<div class="forminputright">
<input name="resetpassword" type="text" class="field" width="600" />
</div>
</li>
</div>
</div>

</li>
</div>
</div>


Edited by justlukeyou

It's not childish or silly to point out when somone is being blatantly obtuse with the resources given. You have taken time and effort from many people on this site only to time and again thrown it to the wayside on each occasion. What you are being told to do is not in the slightest complicated, if you are finding it to be such then you really need to get some proper educational material on the subject and work through it fully.

 

To address your password issue:

You shouldn't touch a password hash with mysql_real_escape_string() at any point - there is absoloutly no need. Your actual problem is, once again, your table. You have a field name that is actualy a mysql reserved word - password. Put backticks around it in the query and you should get on a lot better. You would have found the same problem in using a plain text password as you are finding here with the hash. Not that this is even remotely related to your initial question.

You have a field name that is actualy a mysql reserved word - password. Put backticks around it in the query and you should get on a lot better. You would have found the same problem in using a plain text password as you are finding here with the hash. Not that this is even remotely related to your initial question.

 

Actually, 'password' is not a MySQL reserved word.

Why are you hashing 'resetpassword'? Now, anybody who wants to reset their password is going to be given an identical password to the next.

 

$newpassword = md5('resetpassword');

 

The issue with your query is you are missing single-quotes around $newpassword.

 

$sql = "UPDATE users SET password = '". $newpassword ."'";
$result = mysql_query($sql) or die("An error occurred ".mysql_error());

Edited by mrMarcus

Actually, 'password' is not a MySQL reserved word.

And neither it is, a glaring example of what happens when one assumes rather than researches. I has taken the assumption that mysql would have reserved the use of password as it is an internal function call. So yeah, hand's up I'm a mug.

Thanks mrMarcus,

 

But I'm not sure what you mean by "Why are you hashing 'resetpassword'?"

 

What I currently have...someone can register with a password, if they reset their password a random password is emailed to them which they can continue to use if they wish. If they want to change it to their own password they can.

 

I thought this piece of code allows someone to add their own password in the 'resetpassword' field which then inserts it into the database in a hashed MD5 format. Is that not the case? Im not sure where the identical password issue comes into it?

Edited by justlukeyou

Thanks mrMarcus,

 

But I'm not sure what you mean by "Why are you hashing 'resetpassword'?"

 

What I currently have...someone can register with a password, if they reset their password a random password is emailed to them which they can continue to use if they wish. If they want to change it to their own password they can.

 

I thought this piece of code allows someone to add their own password in the 'resetpassword' field which then inserts it into the database in a hashed MD5 format. Is that not the case? Im not sure where the identical password issue comes into it?

 

In the code you provided, you are not creating a random password. You are simply hashing the string 'resetpassword'.

 

$newpassword = md5('resetpassword');

 

There is nothing random about that. Nor is that remotely close to how you would handle a form field.

 

If you are using a password from a form field (<input type="text" name="resetpassword"/>) you will need to update your code to accommodate that. You know how to collect field values from a form using $_POST, correct?

Hi,

 

I am issuing a random password in the previous script. The purpose of this script is to allow someone to change their password from the random password. I can log in using the random password.

 

$random_password=md5(uniqid(rand()));

Thanks everyone. Got there.

 

function trim_array($ar)
{
   return array_map("trim",$ar);
}
if(isset($_POST['form_id']))
{
   $_POST = mysql_real_escape_array($_POST);
   $_POST = trim_array($_POST);

   if($error == "")
   {
$newpassword = trim($_POST['resetpassword']);
$md5password = md5($newpassword);
    $sql = "
    UPDATE
	    users
    SET
	    password = '$md5password'";

    $result = mysql_query($sql) or die("An error occurred ".mysql_error());
   }
}

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.