_giles_

Hi - (I'm not 100% sure this is the right place to post this question ... apologies if it's not) I would like to add a simple Gantt chart to my development, was wondering if you could recommend any that seem good to you. I don’t need anything really flash (I’m not trying to reproduce MS Project) just need to plot a number of projects over a 24/7 timeframe. Would appreciate your comments thanks Giles

Hi I'm working on a query where I'd like to be able to search one OR two attributes. I've come accross a few postings that lead me to the code below. It works fine if I put something in both attributes but fails if I leave the second blanc. Can you help? SELECT * FROM books WHERE title LIKE '%$title%' AND title_sub LIKE '%$title_sub%' ORDER_BY print_id (I would ideally like to make the first attribute optional. I may also want to add a few more attributes later)

Hi there, I’ve written a simple mailout script. If appears to work fine for some people, appears to fail with others. The fails are with clients inside Uni’s and Corps ... so I’m wondering if I’m getting spam filtered or something alike. I include my code below. I would greatly appreciate any comments on how I may improve it. Thanks Giles $to = $email; $subject = "the subject"; $from = "my outgoing address"; $headers = "From: $from"; $headers.= "Content-Type: text/html; charset=ISO-8859-1 "; $headers .= "MIME-Version: 1.0 "; $body = "Dear " . $firstname . " " . $surname . ", my message goes here " . "Your username is : " . $username . " " . "Your password is : " . $password; this is a comment reinserted from the author /*notice there aren't any \r\n after the second two header additions. This is what made this version work correctly*/ mail($to,$subject,$body,$headers);

hey thorpe works a treat, thank you for your response. REALLY makes a difference to this newbie to have the likes of you guy's around to help out - thanks again. Giles

Hi, I want to concatenate a number of db entries into a single string (forming a summery) I’ve come up with something that illustrates the principle, I can see that I need some sort of loop that reads each array element into the string, and then exits the loop - however my lack of experience has now got the better of me. Can you help? - thanks in advance - Giles // db query $Ddb2_query = mysql_query ( "SELECT answer FROM ddb WHERE session_id = '$session_id' AND cache = '$cacheRecall' " ); if (!$Ddb2_query) { echo 'Could not run query - page.inc Ln 335 - ' . mysql_error(); exit; } // read query results into temp array for($i=0; $row2 = mysql_fetch_array($Ddb2_query); $i++) { global $tempAnswer; $tempAnswer[$i] = answerDecode($row2["answer"]); } // prepare to return above into a form using pear’s HTML_template_IT // ANSWER is the field that will hold the result // the concatenated $tempAnswer is where the sting should go $template->setCurrentBlock("answer"); $template->setVariable ( "ANSWER", ( $tempAnswer[0] . "<br><br>" . $tempAnswer[1] . "<br><br>" . $tempAnswer[2] . "<br><br>" . $tempAnswer[4] . "<br><br>" . $tempAnswer[5] . "<br><br>" . $tempAnswer[6] ) ); $template->parseCurrentBlock("answer");

Interesting! The corsework I've been following uses it to encapsulate keyed text inside single quotes before entering it into a database, the idea being that even malicious keystrokes will be seen as a string therefore not acted upon by the system. Your response makes it appear that this is not standard practise ... begs the question ... what is the standard practise to render malicious keystrokes harmless??

Hi, I’ve run into some problems with EscapeShellArg() – wonder if you can help? I’ve been using it very successfully to place single quotes around inputted text {e.g. EscapeShellArg($answer)} to prevent meliciously keyed data being stored in my database. As said, all has been well, running on my localhost – however things are not so good after uploading it to my domain. I’m now getting MySQL syntax errors trying to write to my databases (e.g.) 'users answer'' WHERE session_id = '6tidcs36jq4bm3cceu9nnqbi16' at line 3 obviously the noicable fact is the double single quote at the end of the users answer, but I’m foxed as to where this is coming from. I’ve checked the syntax of the $answer parameter feeding the function and it’s fine, so there’s nowhere that can be adding this extra quote. The one clue, after checking versions is that there is a difference between my localhost ( running php4.3.10 MySQL 3.23.49 … ok, ok, I know it’s old) and my IP (php 5.0.4 MySQL 4.1.20), however I’ve checked EscapeShellArg() in the MySQL manual and there appears to be no reported issues in implementation. SO that’s as far as my newbie brain has gotten me. I’d appreciate any thoughts you might have. Thanks Giles

Hi, I’ve been studying a project recently which uses pear’s HTML_TEMPLATE_IT (http://pear.php.net/package/HTML_Template_IT) as a way of creating template pages that are filled with data from my databases at the time of serving. The idea is really neat, and saves loads of time, AND ISN’T SUPPORTED by my service provider It strikes me that the obvious choice is to look for alternatives, but I’m not finding much. I’m sure that this can’t be the only example of using templates in dynamic pages, but I’m getting a bit stuck. I’d really appreciate it if you could advise me of any other templates ... or should I bite the bullet and upgrade to a virtual domain (where I can apparently run PEAR) because it really is the best for the job! Thanks Giles

".L_EstDb." works just fine for me ... THANK YOU!

Hi all, Is there any way that I can use something like define() to create an alias to a database name in a MySQL query? e.g. I currently have something like $result = mysql_query ( "UPDATE DestDb SET answer = '$answer' WHERE session_id = '$session_id' AND count = '$count_history' " ); and it wold be great if I could do define("L_DestDb", "DestDb"); and subsequently use $result = mysql_query ( "UPDATE L_DestDb SET answer = '$answer' WHERE session_id = '$session_id' AND count = '$count_history' " ); that way I can alter “DestDb” without having to trawl through my increasingly large project hunting out database instances!

Hi Again, Thanks for the response ... was getting a bit tied up over the form. For anybody who has an interest my working version is : mysql_query(" UPDATE session SET session_end = NOW() WHERE session_id = '$session_id' "); thanks for your time

Hi, I'm having trouble sending a PHP timestamp command to a MySQL database. I'm sending it as a normal query, but somethings not correct. Can you reccomment a simple tutorial or clarify what I should be doing? Thanks Giles

OK ... so maybe ask the visitor to fill in a password displayed on the referring page. that way it's easy for them, that way I get to know of their referred or browsing? Eitherway thanks for shouting me back - I'm wiser and better for it - appreciate you spending the time

OK here's the thing ... I'm working on a site that will service users coming from a number or regular clients, and some just browsing. The subscription clients have too many users to issue passwords or login's, so the easiest thing right now would be to log them by URL. session_start() and security will occur after that. So I simply need this ... where did you come from stage ... is $_SERVER["HTTP_REFERER"] stable enough to give me that?

I don't need it for security, but I was thinking about it as a way of segregating paying from free visitors - (e.g. if visitor comes from a site that's signed up to our full service ...admit to full service, IfElse ... pass onto free pages) ... would that work?