[PHP-DB] mysql_insert_id - link_identifier
Hello, How do I use the linkidentifier to get me the last_inserted_id (mysql_insert_id) from a auto_increment-colomn? Do I use: $q_orders_id2 = INSERT INTO orders(orders_datum, orders_sessid); $q_orders_id2.= VALUES ('$date', '$sid'); $r_orders_id2 = mysql_query($q_orders_id2, $sqllink_id); $orders_id = mysql_insert_id($sqllink_id); $sqllink_id must be the inserted value for the auto-increment-colomn named orders_id and is placed in var $orders_id Can anyone tell me if this is correct and what can be done to optimize? regards Bart -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] mysql_insert_id - link_identifier
I already run the query without the value of the primary-key field: $q_orders_id2 = INSERT INTO orders(orders_datum, orders_sessid); $q_orders_id2.= VALUES ('$date', '$sid'); $r_orders_id2 = mysql_query($q_orders_id2, $sqllink_id); $orders_id = mysql_insert_id($sqllink_id); The primary-key field is: orders_id (not in above query). Only orders_datum and orders_sessid are sent with the query. When I call mysql_insert_id with tha vars: $q_orders_id or $r_orders_id I get an warning (Warning: Supplied argument is not a valid MySQL-Link resource in /home/httpd/blabla/file.php on line 91) but not the wanted id. In the manual it says that mysql_insert_id() is used with the linkidentifier ($sqllink_id ? ) but not how to define the identifier in mysql_query()... How do I define a linkidentifier for a specific call to mysql_query() and then use mysql_insert_id() with that linkidentifier of the query? regards Bart -Oorspronkelijk bericht- Van: Alberto. Sartori [mailto:[EMAIL PROTECTED]] Verzonden: maandag 28 januari 2002 13:11 Aan: [EMAIL PROTECTED] Onderwerp: R: [PHP-DB] mysql_insert_id - link_identifier Run the query without the value of the primary-key field. -Messaggio originale- Da: B. Verbeek [mailto:[EMAIL PROTECTED]] Inviato: lunedì 28 gennaio 2002 13.08 A: Alberto. Sartori Oggetto: RE: [PHP-DB] mysql_insert_id - link_identifier ? How do you mean ? regards -Oorspronkelijk bericht- Van: Alberto. Sartori [mailto:[EMAIL PROTECTED]] Verzonden: maandag 28 januari 2002 12:35 Aan: [EMAIL PROTECTED] Onderwerp: R: [PHP-DB] mysql_insert_id - link_identifier You can omit the primary key if the filed have auto-increment type -Messaggio originale- Da: B. Verbeek [mailto:[EMAIL PROTECTED]] Inviato: lunedì 28 gennaio 2002 12.29 A: Php-Db-Help (E-mail) Oggetto: [PHP-DB] mysql_insert_id - link_identifier Hello, How do I use the linkidentifier to get me the last_inserted_id (mysql_insert_id) from a auto_increment-colomn? Do I use: $q_orders_id2 = INSERT INTO orders(orders_datum, orders_sessid); $q_orders_id2.= VALUES ('$date', '$sid'); $r_orders_id2 = mysql_query($q_orders_id2, $sqllink_id); $orders_id = mysql_insert_id($sqllink_id); $sqllink_id must be the inserted value for the auto-increment-colomn named orders_id and is placed in var $orders_id Can anyone tell me if this is correct and what can be done to optimize? regards Bart -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] session_registered variable problem
Hello! I have a problem with session_registered variables. It seems that my sessions behave quite erratic. Well, actually just one variable, $query. Somehow when I print the value of $query, it looks fine. Then, when I change $query a bit and print it again, it looks fine. Change it a third time, and it suddenly gets the value it had in the beginning. Ideas as to how one would go about solving this little problem? Cheers, Markus -- Markus Lervik Linux-administrator with a kungfoo grip Vaasa City Library - Regional Library [EMAIL PROTECTED] +358-6-325 3589 / +358-40-832 6709 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] mysql_insert_id - link_identifier
On Monday 28 January 2002 20:18, B. Verbeek wrote: I already run the query without the value of the primary-key field: $q_orders_id2 = INSERT INTO orders(orders_datum, orders_sessid); $q_orders_id2.= VALUES ('$date', '$sid'); $r_orders_id2 = mysql_query($q_orders_id2, $sqllink_id); $orders_id = mysql_insert_id($sqllink_id); The primary-key field is: orders_id (not in above query). Only orders_datum and orders_sessid are sent with the query. When I call mysql_insert_id with tha vars: $q_orders_id or $r_orders_id I get an warning (Warning: Supplied argument is not a valid MySQL-Link resource in /home/httpd/blabla/file.php on line 91) but not the wanted id. In the manual it says that mysql_insert_id() is used with the linkidentifier ($sqllink_id ? ) but not how to define the identifier in mysql_query()... How do I define a linkidentifier for a specific call to mysql_query() and then use mysql_insert_id() with that linkidentifier of the query? When you initiate the connection to the db using mysql_connect() or mysql_pconnect() it returns a MySQL link identifier. In most cases you do NOT need to specify the link identifier when using mysql_query(). If you're only dealing with one database throughout your script then there's no reason for you to specify the link identifier because PHP automatically uses the most recently used one. That is it automatically chooses the correct link identifier to use. So in your case what you want would probably be something like this: $q_orders_id2 = INSERT INTO orders(orders_datum, orders_sessid); $q_orders_id2 .= VALUES ('$date', '$sid'); # for debugging, you may want to echo $q_order_id2 $r_orders_id2 = mysql_query($q_orders_id2); $orders_id = mysql_insert_id(); hth -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* I used to be Snow White, but I drifted. -- Mae West */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] session_registered variable problem
On Monday 28 January 2002 20:45, Markus Lervik wrote: Hello! I have a problem with session_registered variables. It seems that my sessions behave quite erratic. Well, actually just one variable, $query. Somehow when I print the value of $query, it looks fine. Then, when I change $query a bit and print it again, it looks fine. Change it a third time, and it suddenly gets the value it had in the beginning. Ideas as to how one would go about solving this little problem? Could you post some code please? -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* The heart has its reasons which reason knows nothing of. -- Blaise Pascal */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP-DB] mysql_insert_id - link_identifier
Thanks Jason, That was the answer I was looking for! It works like you suggested!! Thanks regards, bart -Oorspronkelijk bericht- Van: Jason Wong [mailto:[EMAIL PROTECTED]] Verzonden: maandag 28 januari 2002 13:52 Aan: [EMAIL PROTECTED] Onderwerp: Re: [PHP-DB] mysql_insert_id - link_identifier On Monday 28 January 2002 20:18, B. Verbeek wrote: I already run the query without the value of the primary-key field: $q_orders_id2 = INSERT INTO orders(orders_datum, orders_sessid); $q_orders_id2.= VALUES ('$date', '$sid'); $r_orders_id2 = mysql_query($q_orders_id2, $sqllink_id); $orders_id = mysql_insert_id($sqllink_id); The primary-key field is: orders_id (not in above query). Only orders_datum and orders_sessid are sent with the query. When I call mysql_insert_id with tha vars: $q_orders_id or $r_orders_id I get an warning (Warning: Supplied argument is not a valid MySQL-Link resource in /home/httpd/blabla/file.php on line 91) but not the wanted id. In the manual it says that mysql_insert_id() is used with the linkidentifier ($sqllink_id ? ) but not how to define the identifier in mysql_query()... How do I define a linkidentifier for a specific call to mysql_query() and then use mysql_insert_id() with that linkidentifier of the query? When you initiate the connection to the db using mysql_connect() or mysql_pconnect() it returns a MySQL link identifier. In most cases you do NOT need to specify the link identifier when using mysql_query(). If you're only dealing with one database throughout your script then there's no reason for you to specify the link identifier because PHP automatically uses the most recently used one. That is it automatically chooses the correct link identifier to use. So in your case what you want would probably be something like this: $q_orders_id2 = INSERT INTO orders(orders_datum, orders_sessid); $q_orders_id2 .= VALUES ('$date', '$sid'); # for debugging, you may want to echo $q_order_id2 $r_orders_id2 = mysql_query($q_orders_id2); $orders_id = mysql_insert_id(); hth -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* I used to be Snow White, but I drifted. -- Mae West */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] session_registered variable problem
On Monday 28 January 2002 14:57, Jason Wong wrote: Somehow when I print the value of $query, it looks fine. Then, when I change $query a bit and print it again, it looks fine. Change it a third time, and it suddenly gets the value it had in the beginning. Could you post some code please? Well, for instance, this screws up the $query. It works if one clicks once on the next-button, but clicking another time resets the query to SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huomautuksia FROM uusi_lehtitaulu L, nimet N WHERE (L.Nimi_id=N.id AND N.Nimi LIKE asdf) LIMIT 0,20 if($go==next) { if($page $nr_pages $page = 0) { $page++; $replace_with= (($page) * 20).,; echo replace_with: . $replace_with; $replace = (($page-1) * 20).,; echo replace: .$replace; $query=ereg_replace($replace,$replace_with,$query); } } It's the LIMIT 0,20 - LIMIT 20,20 - LIMIT 40,20 that doesn't work. Strange thing is, that it worked about a week ago. : \ I can't really recall changing that part of the code at all at that point. Cheers, Markus -- Markus Lervik Linux-administrator with a kungfoo grip Vaasa City Library - Regional Library [EMAIL PROTECTED] +358-6-325 3589 / +358-40-832 6709 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] mySQL 4.0.2-alpha
Hi guys, I'm running mySQL 3.23.43 at the mo' with PHP-GTK 0.5.0. Long and the short of the matter is, anyone running mySQL 4.0.2-alpha in anywhere near a production environment yet, and if so, how is it? My server is a Win2K Server SP2 box...so how steady are those windows binaries??? :-) -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Re: [PHP]please help
Hi there, here's an upload form that might be what u are looking for: Hope his helps you out :) Joe php page 1 form action='upload.php' method='post' enctype='multipart/form-data' input type='hidden' name='MAX_FILE_SIZE' value='102400' Pfont color='#ff' face='verdana' size=1Upload Photo:/fontinput type='file' name='userfile'input type='submit' value='Upload!!!'/form php page 2 -- receiving/upload processing page ?php # $userfile is the file being uploaded --- could rename the file if you wanted or add a timestamp to prevent multiple instances of same filename print $userfile . BR; print $userfile_name . BR; // copy the file being posted if(copy($userfile, /ez/codesnipits/temprotatingimages/. $userfile_name)){ print Your photo has been uploaded and renamed successfully.br ; } else { print No luck with the upload dude.br; } # create a path for storing into database $patharola = temprotatingimages/. $userfile_name; print $patharola; // insert path into database here // connect to db $connectionToDBid = odbc_connect(cts, jqwwode, dfgh5); # query statement $sqlr = INSERT INTO IMAGES (employee_id, imagepath) VALUES ($employeeid , '$patharola' ); # execute the sql statement (query) on the connection made $resultset = odbc_do($connectionToDBid, $sqlr); ? Duky Yuen [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I want to make something like when you are attaching something to an email in hotmail. I want to make something that searches your own computer for files on your harddisk that you want to upload to the server. But I don't know if this is possible. If this is possible.Can somebody tell me which function I should use? Or if someone have an example... please... Duky -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Re: Another dynamic sql.
Your select options have no values associated with them! Not sure if you did this on purpose or not, but no value will be sent to next page. Joe :) Raymond Lilleodegard [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hi all! I have this form with some choices: form Enter how many cars you want:input type=text name=number select size=1 name=car option selectedford/option optionbmw/option optionmercedes/option /select And then I am trying to get the price out of a table in my database with this code: $sql = mysql_query(SELECT '$car' FROM varetabell where carid='$carid' ); $myrow= mysql_fetch_array($sql); $x = $myrow[$car]; $price = $x * $number; Shouldn't this work? Or am I missing something here? Best regards Raymond -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP-DB] [PHP] PHP and MYSQL Security`
What I do, because I am using a test platform is to put the line with pconnect() in a small text file, place this file somewhere on the disk, outside of the web site root and refer to that file with include() in my code. This way, even if the PHP source code were compromised, the user name and password used to access the DB cannot be seen. Subject: Re: [PHP] PHP and MYSQL Security` From: Fred [EMAIL PROTECTED] Date: Sun, 27 Jan 2002 16:59:31 -0800 To: [EMAIL PROTECTED], [EMAIL PROTECTED] If this file has a .php extension remote users will not have access to the variables because the file is parsed by php and they never see the actual file contents when requesting the document via the web. If you are concerned with users on localhost having access to the file, simply give it the correct permissions so that no one else has read access. If you are concerned about web users having access, if, for example, the php parser crashed and apache tried to pass the file through without parsing, you can put the default server, user and pass variables in the php.ini file which is not in the document root for apache. Of course, this only works if all of your scripts use the same server, user and password. Fred Duky Yuen [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... How can I secure my username and password? In 1 of my files, it contains the following: $conn = mysql_connect( 12.34.56.78, username, password); mysql_select_db(database,$conn); What should I do, so people can't get this information? Duky -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] session_registered variable problem
On Monday 28 January 2002 21:05, Markus Lervik wrote: On Monday 28 January 2002 14:57, Jason Wong wrote: Somehow when I print the value of $query, it looks fine. Then, when I change $query a bit and print it again, it looks fine. Change it a third time, and it suddenly gets the value it had in the beginning. Could you post some code please? Well, for instance, this screws up the $query. It works if one clicks once on the next-button, but clicking another time resets the query to SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huom autuksia FROM uusi_lehtitaulu L, nimet N WHERE (L.Nimi_id=N.id AND N.Nimi LIKE asdf) LIMIT 0,20 if($go==next) { if($page $nr_pages $page = 0) { $page++; $replace_with= (($page) * 20).,; echo replace_with: . $replace_with; $replace = (($page-1) * 20).,; echo replace: .$replace; $query=ereg_replace($replace,$replace_with,$query); } } It's the LIMIT 0,20 - LIMIT 20,20 - LIMIT 40,20 that doesn't work. Strange thing is, that it worked about a week ago. : \ I can't really recall changing that part of the code at all at that point. Crikey, it looks terribly complicated for what looks like something to page through a set of results. Wouldn't it be easier to do away with the ereg_replace()? if($go==next) { if($page $nr_pages $page = 0) { $page++; $start = $page * 20; } } $qry = SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huom autuksia FROM uusi_lehtitaulu L, nimet N WHERE (L.Nimi_id=N.id AND N.Nimi LIKE asdf) LIMIT $start,20 Even it this doesn't work, at least it's easier to understand :) -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* The way to love anything is to realize that it might be lost. */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] session_registered variable problem
On Monday 28 January 2002 17:34, Jason Wong wrote: Crikey, it looks terribly complicated for what looks like something to page through a set of results. Wouldn't it be easier to do away with the ereg_replace()? if($go==next) { if($page $nr_pages $page = 0) { $page++; $start = $page * 20; } } $qry = SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huom autuksia FROM uusi_lehtitaulu L, nimet N WHERE (L.Nimi_id=N.id AND N.Nimi LIKE asdf) LIMIT $start,20 Even it this doesn't work, at least it's easier to understand :) Well, in this particular case it won't work at all, because the SQL-query is dynamically created based on what the user wants to search for. It doesn't nessecary include all columns. The only static bit of the query is FROM uusi_lehtitaulu L, nimet N and WHERE (L.Nimi_id=N.id : ) It would be just as big a mess with a truckload of concatenations, like $query = SELECT . $tables . FROM uusi_lehtitaulu L, nimet N WHERE (L.nimi_id=N.id . $search . ) LIMIT $start,20; Besides, I have a strange fetisch to do everything the hard way. : ) Cheers, Markus -- Markus Lervik Linux-administrator with a kungfoo grip Vaasa City Library - Regional Library [EMAIL PROTECTED] +358-6-325 3589 / +358-40-832 6709 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] session_registered variable problem
On Monday 28 January 2002 23:45, Markus Lervik wrote: Well, in this particular case it won't work at all, because the SQL-query is dynamically created based on what the user wants to search for. It doesn't nessecary include all columns. The only static bit of the query is FROM uusi_lehtitaulu L, nimet N and WHERE (L.Nimi_id=N.id : ) It would be just as big a mess with a truckload of concatenations, like $query = SELECT . $tables . FROM uusi_lehtitaulu L, nimet N WHERE (L.nimi_id=N.id . $search . ) LIMIT $start,20; I usually give the concatenations a miss if I can and just use: $query = SELECT $tables FROM ... ; Besides, I have a strange fetisch to do everything the hard way. : ) Masochist :) Anyway, as per the subject, how are you getting $page? I assume it is stored in the session. Is $page behaving correctly when you go from one page to the next? Could you post the relevant code? -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* Distrust all those who love you extremely upon a very slight acquaintance and without any visible reason. -- Lord Chesterfield */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] session_registered variable problem
On Monday 28 January 2002 18:06, Jason Wong wrote: Besides, I have a strange fetisch to do everything the hard way. : ) Masochist :) :D Anyway, as per the subject, how are you getting $page? I assume it is stored in the session. Is $page behaving correctly when you go from one page to the next? Could you post the relevant code? $page behaves just fine : first time around (haven't got to the nav() -function yet..) : query from nav(): SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huomautuksia FROM uusi_lehtitaulu L, nimet N WHERE L.Nimi_id=N.id LIMIT 0,20 //this is from the print_table -function query: SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huomautuksia FROM uusi_lehtitaulu L, nimet N WHERE L.Nimi_id=N.id LIMIT 0,20 page: 0 - note! bells! whistles! nr_pages: 230 We hit the next-button, and we get... replace_with: 20, replace: 0, query from nav(): SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huomautuksia FROM uusi_lehtitaulu L, nimet N WHERE L.Nimi_id=N.id LIMIT 20,20 query: SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huomautuksia FROM uusi_lehtitaulu L, nimet N WHERE L.Nimi_id=N.id LIMIT 20,20 page: 1 - bells 'n' whistles again! nr_pages: 230 Looks quite good. We hit the next-button again : with: 40, what: 20, query from nav(): SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huomautuksia FROM uusi_lehtitaulu L, nimet N WHERE L.Nimi_id=N.id LIMIT 0,20 query: SELECT L.Tunnus,N.Nimi,L.ISSN,L.Vuosi,L.Lisätietoja,L.Vuosikerta,L.Numerot,L.Huomautuksia FROM uusi_lehtitaulu L, nimet N WHERE L.Nimi_id=N.id LIMIT 0,20 page: 2 - yup, it's incrementing, all right... nr_pages: 230 Whack! Doesn't work any more... It's starting to drive me mad. Cheers, Markus -- Markus Lervik Linux-administrator with a kungfoo grip Vaasa City Library - Regional Library [EMAIL PROTECTED] +358-6-325 3589 / +358-40-832 6709 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] session_registered variable problem
On Tuesday 29 January 2002 00:24, Markus Lervik wrote: On Monday 28 January 2002 18:06, Jason Wong wrote: $page behaves just fine : [snip] page: 2 - yup, it's incrementing, all right... nr_pages: 230 Whack! Doesn't work any more... It's starting to drive me mad. Me too. Post the full code so we can all revel in this madness! -- Jason Wong - Gremlins Associates - www.gremlins.com.hk /* Why must you tell me all your secrets when it's hard enough to love you knowing nothing? -- Lloyd Cole and the Commotions */ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] UPDATE query to add to a field
hello all: I need to be able to update a field in MySQL, the catch is that I have to add on to text that is already there and I have to be able to do it within MySQL (phpMyAdmin). My first idea was to do: SET prod_desc = prod_desc + more info to tack on to end but this is a mathematical function which returns 0! Any ideas? Thanks Make it idiot-proof and someone will make a better idiot. - Do You Yahoo!? Yahoo! Auctions Great stuff seeking new owners! Bid now!
Re: [PHP-DB] UPDATE query to add to a field
At 9:06 -0800 1/28/02, Adv. Systems Design wrote: hello all: I need to be able to update a field in MySQL, the catch is that I have to add on to text that is already there and I have to be able to do it within MySQL (phpMyAdmin). My first idea was to do: SET prod_desc = prod_desc + more info to tack on to end but this is a mathematical function which returns 0! Use CONCAT(). Any ideas? Thanks -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] UPDATE query to add to a field
SET prod_desc = prod_desc + more info to tack on to end but this is a mathematical function which returns 0! update table set field = concat(field, more info) where id = 1; find the string functions in the mysql manual... with kind regards, Joffrey van Wageningen -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] UPDATE query to add to a field
Hello Adv. Systems Design, I need to be able to update a field in MySQL, the catch is that I have to add on to text that is already there and I have to be able to do it within MySQL (phpMyAdmin). My first idea was to do: SET prod_desc = prod_desc + more info to tack on to end but this is a mathematical function which returns 0! Any ideas? SET prod_desc = CONCAT( prod_desc, more info to tack on to end ) Manual: 6.3.2 String Functions Regards, =dn -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP-DB] [PHP] PHP and MYSQL Security`
I've figured out a fairly secure program structure. Here's one option (I'm sure there's as many ways to accomplish similar security as there are people on this list): First, a little info about the environment. It's a Linux OS running Apache Web Server. Multi-user environment providing hosting to multiple domains. Development is done on Windows boxes. Now, to accomplish security and keep it relatively well hidden took some doing. First, I use what I call 'control files'. These are the only files in the Web accessible directory tree (i.e. www.interkan.net/News/index.phtml). These files contain only code to process submitted commands (or default ones should no command be submitted) and include the proper files (config module which is where the mySQL access info is stored, global code libraries, and the actual code modules to handle submitted data). The included modules are all kept in a PHP include directory in the appropriate user directory (i.e. /home/user/php-inc/app-name). Due to restrictions, we have to have the files themselves with 644 permissions (so the Web server can read them), but the directory permissions for php-inc and php-inc/app-name are set to 711. The permissions work out that no one can read the files unless they (1) know the exact path and filename and (2) have shell access to the server (the only people that have that are employees). This helps in a couple ways. If the PHP process ever dies, all someone will see when going a PHP file is the file comment block, the file include information (not necessarily good, but they'd have to get into the server with a shell account first), and some if and switch statements. It also narrows down any security breaches to someone who had access to the system, instead of the entire Internet community. __ Peter Adams[EMAIL PROTECTED] Web Developer http://www.interkan.net InterKan.Net, Inc. (785) 565-0991 -Original Message- From: Duky Yuen [mailto:[EMAIL PROTECTED]] Sent: Sunday, January 27, 2002 6:38 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: [PHP-DB] [PHP] PHP and MYSQL Security` How can I secure my username and password? In 1 of my files, it contains the following: $conn = mysql_connect( 12.34.56.78, username, password); mysql_select_db(database,$conn); What should I do, so people can't get this information? Duky -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP-DB] Re: [PHP] PHP and MYSQL Security`
If this file has a .php extension remote users will not have access to the variables because the file is parsed by php and they never see the actual file contents when requesting the document via the web. If you are concerned with users on localhost having access to the file, simply give it the correct permissions so that no one else has read access. No so easy. The server itself must have read access. If other users on the local host can install scripts that the server executes, any of those scripts can read the text of your scripts. What then? You're hosed. That's the beauty of running safe mode. With that engaged, scripts can't access files owned by a different username. There are ways around it (we have a special exception set up for an app I've been working on that allows it to include a file based on the domain it was called from then include the proper templates, which are generally owned by a different user), but it's difficult without shell access. __ Peter Adams[EMAIL PROTECTED] Web Developer http://www.interkan.net InterKan.Net, Inc. (785) 565-0991 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Re: [PHP] File uploading like hotmail
I think you might be looking for input type=file HTML form element. Duky Yuen [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... I want to make something like when you are attaching something to an email in hotmail. I want to make something that searches your own computer for files on your harddisk that you want to upload to the server. But I don't know if this is possible. If this is possible.Can somebody tell me which function I should use? Or if someone have an example... please... Duky -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Re: uploading
thanks alot it helped Thomas Omega Henning [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Hello how can i upload something from my hdd to the webserver using php? note: don't have ftp on the machine!! Thanks Thomas omega Henning -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] storing and retrieving arrays in mysql
Hi folks, I've got a question hopefully someone can shed some light on for me. I'm building an online store for a client, and one of the things he wants is to organize his products into categories and subcategories.. not so unusual, but the kicker is he wants to be able to associate a subcategory with more than one category. I was thinking that I should be able to easily serialize an array of cat_IDs and store it, but my concern is that this will sacrifice a great deal of flexibility when retrieving the data. For instance when I want to get the subcategories in a single category, I would pretty much have to select ALL the rows in the subcategory table, unserialize the category array for each row, and then check each to see if the cat_ID is in the array..? That just feels inefficient to me, and I'm almost certain I must be overlooking something simpler.. Also, I don't think I can use a SET data type because I want to be able to add values to the set (categories) dynamically in the future. But maybe I'm wrong and there is a way to do that...? Anyway I thought I'd throw it to those more experienced than me before I started coding. Anyone have any ideas? Thanks in advance, Corey Eiseman Infinite Orange Incorporated http://infiniteorange.com/ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] storing and retrieving arrays in mysql
I've done something similar by building a multidimensional array of categories and subcats in one query and then Loop thru this with a for each to build the category structure. Categories table looks like this CatID | ParentID | CategoryName Array is $category_menu[$ParentID][$CatID] I'm sure there's a better way, but this seems to work OK. I will email code sample later [off-list]. I would be happy to share code with others as well. olinux --- Corey Eiseman [EMAIL PROTECTED] wrote: Hi folks, I've got a question hopefully someone can shed some light on for me. I'm building an online store for a client, and one of the things he wants is to organize his products into categories and subcategories.. not so unusual, but the kicker is he wants to be able to associate a subcategory with more than one category. I was thinking that I should be able to easily serialize an array of cat_IDs and store it, but my concern is that this will sacrifice a great deal of flexibility when retrieving the data. For instance when I want to get the subcategories in a single category, I would pretty much have to select ALL the rows in the subcategory table, unserialize the category array for each row, and then check each to see if the cat_ID is in the array..? That just feels inefficient to me, and I'm almost certain I must be overlooking something simpler.. Also, I don't think I can use a SET data type because I want to be able to add values to the set (categories) dynamically in the future. But maybe I'm wrong and there is a way to do that...? Anyway I thought I'd throw it to those more experienced than me before I started coding. Anyone have any ideas? Thanks in advance, Corey Eiseman Infinite Orange Incorporated http://infiniteorange.com/ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] __ Do You Yahoo!? Great stuff seeking new owners in Yahoo! Auctions! http://auctions.yahoo.com -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
RE: [PHP-DB] storing and retrieving arrays in mysql
I've been working on something like this since about September/October. It's not too hard, but it did take more coding than I thought it would. Now, there's a couple of ways you could do this. I chose the cheap (in terms of the number of DB tables) way out. The way I have it set up is this. You have certain categories (Main categories) that have a parent category of ',0,' (I found I had to enclose the categoryIDs in commas to prevent accidentally selecting a category that matched any of the digits of any other categoryID in the same order) then I have the subcategories which have multiple parents. The form to add a new product gathers all the information I need -- category name/title, description, whether it should be displayed and the parent category(s), with the parent categorys being displayed in the form of checkboxes. This lets the admin select multiple categories for the parent (we have a similar set up for the products since a product can belong in multiple categories). The checkboxes themselves are named p_id (I think) and are an array, thus I print the name value as NAME='p_id[ . $cid . ]', where $cid is the variable containing the category ID (I actually have it in a recordset array, of course). Then, it just prints a p_id checkbox for each possible parent (obviously when editing the category ID of the one being edited isn't printed). When editing, those categories to which the category has as parents are checked. When the form is submitted, it puts the posted variable values (the array of checkboxes) into a comma-delimited string. Whenever I query the database for subcategories, unfortunately, I have to make sure I remember to check for parent LIKE '%,ID,%' so I don't pick up one I don't want (i.e. if I were to say LIKE '%ID%' and I was looking for ID = 20 and had that and ID =200, subcategories with parents of category 20 and 200 would end up returned). That's how I handled it. I'm probably going to upgrade to this next option later on, though. Create a table for the categories and then a table that determines a category's children. Basically, it's just two fields: categoryID and parent -- with both fields making up the primary key. Then, for each parent category they checked on the form, insert the new category's ID in the categoryID field and the parent's ID into the parent field. That's probably the best way since it would probably cut down on space (I use a TEXT field currently, whereas the second option could be done with two MEDIUMINT fields). If you want some code samples, e-mail me privately. If you want to see the script (version 1.5.23 -- we've got 2.0 almost finished up now) in action, we've got one of our clients playing guinea pig at www.4dacres.com. __ Peter Adams[EMAIL PROTECTED] Web Developer http://www.interkan.net InterKan.Net, Inc. (785) 565-0991 -Original Message- From: Corey Eiseman [mailto:[EMAIL PROTECTED]] Sent: Monday, January 28, 2002 2:56 PM To: [EMAIL PROTECTED] Subject: [PHP-DB] storing and retrieving arrays in mysql Hi folks, I've got a question hopefully someone can shed some light on for me. I'm building an online store for a client, and one of the things he wants is to organize his products into categories and subcategories.. not so unusual, but the kicker is he wants to be able to associate a subcategory with more than one category. I was thinking that I should be able to easily serialize an array of cat_IDs and store it, but my concern is that this will sacrifice a great deal of flexibility when retrieving the data. For instance when I want to get the subcategories in a single category, I would pretty much have to select ALL the rows in the subcategory table, unserialize the category array for each row, and then check each to see if the cat_ID is in the array..? That just feels inefficient to me, and I'm almost certain I must be overlooking something simpler.. Also, I don't think I can use a SET data type because I want to be able to add values to the set (categories) dynamically in the future. But maybe I'm wrong and there is a way to do that...? Anyway I thought I'd throw it to those more experienced than me before I started coding. Anyone have any ideas? Thanks in advance, Corey Eiseman Infinite Orange Incorporated http://infiniteorange.com/ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED] -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] How to upload image?
Hi there everyone, I'm writing an update utility for a database system, but I need to give the user the option to select a file from their machine to upload to the server (Not to the DB itself, but an images dir), what is the best way of doing this in PHP so that it brings up a file requestor too? Thanks for your help everyone :-) Chris
Re: [PHP-DB] How to upload image?
For the form, use input name=myfile type=file and as for handling where the file get saved on the server-side, see: http://www.php.net/manual/en/features.file-upload.php On January 28, 2002 05:04 pm, you wrote: Hi there everyone, I'm writing an update utility for a database system, but I need to give the user the option to select a file from their machine to upload to the server (Not to the DB itself, but an images dir), what is the best way of doing this in PHP so that it brings up a file requestor too? Thanks for your help everyone :-) Chris - Dave -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] ensuring unique field value in MySQL using PHP
I have a form in which users create their own login name. The code for storing the login name they created does something like the following: $userlogin is the name the user typed in the form $sql = select loginname from login where loginname='$userlogin'; $result=mysql_query($sql); $num=mysql_num_rows($result); if ($num 0) { echo Sorry, that login name is already taken, Try another; shows form again; } else insert new record into database; echo okay, your new account is added; I am wondering if it is possible that two people could hit the submit button at the exact same time with the same login name so that the same login name could get entered twice? Seems unlikely that this would happen by accident, but is this something a hacker could do on purpose? Thanks, Janet -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] RE: ensuring unique field value in MySQL using PHP
Checking a small database for username/password combination would happen so quick, it would be nearly impossible for two usernames to be entered in. Your script should work properly, but to make sure no duplicates are entered, you can change the column definition using the ALTER columnName command to make sure there are no duplicates. Look in the mySQL documentation (www.mysql.com) to find the correct command. Adam -Original Message- From: Janet Valade [mailto:[EMAIL PROTECTED]] Sent: Tuesday, January 29, 2002 1:24 PM To: [EMAIL PROTECTED] Subject: ensuring unique field value in MySQL using PHP I have a form in which users create their own login name. The code for storing the login name they created does something like the following: $userlogin is the name the user typed in the form $sql = select loginname from login where loginname='$userlogin'; $result=mysql_query($sql); $num=mysql_num_rows($result); if ($num 0) { echo Sorry, that login name is already taken, Try another; shows form again; } else insert new record into database; echo okay, your new account is added; I am wondering if it is possible that two people could hit the submit button at the exact same time with the same login name so that the same login name could get entered twice? Seems unlikely that this would happen by accident, but is this something a hacker could do on purpose? Thanks, Janet -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] Re: Moving from MySQL to MSSQL Server 2000
Hello, Boaz Yahav wrote: I don't think you realize the nature of the site. Its an auction site and not a retail site. Prices need to be updated on thousands of clients simultaneously. Our goal is to refresh the data on the client every 3-10 seconds while having 1500 online open auctions. This is quite a mess :) humm I am afraid that goal may be a bit unrealistic for your budget. I suggest that you cache as much content as you can to avoid hitting the database. One technique that I use in the PHP Classes site is to cache content indefinitly. Then when the data that defines that content is changed I call a method of my cache file class to void the cache, so it will force the cached data if and when it is needed on the next access for a page that uses that. This way I don't retard the database update process and the cache is only generated if it will ever be need. So I avoid having situations where more than one update is made to the database before the cached data needs to be redisplayed. For making your site static as much as possible, I usually recommend the page fault technique. That consists of static pages that are deleted when their content is updated. When there is a request for them, since when they are missing the server redirects the request to your error document. That is where you regenarate the page file with upto date data. While the page is upto date it remains in the disk and is served as static page at the server top speed (no scripting language nor database to clutter the access). Regards, Manuel Lemos -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
Re: [PHP-DB] Re: Moving from MySQL to MSSQL Server 2000
Hello, Boaz Yahav wrote: Fail Over is not for when the cluster is too busy, it's for when the server dies, or when someone killed it's power, or when you loose your network, or when you get a blue screen (assuming you are on windows :). Ok, it is the same. When the server is dead, the response is the same: none. Then, in about 30 seconds the cluster will do a fail over to the 2nd node and the site will continue to work as if nothing happens... it's pretty amazing to see this in action :) I had requests to implement that in Metabase. The problem is that PHP database connection functions do not let you define the connection timeout parameters or check if the current persistent connection is still alive. Anyway, nothing that a good middleware could not do better for you. Regards, Manuel Lemos -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]
[PHP-DB] Date operations.
Hi All, I have a problem working out a suitable algorithm either in PHP or MySQL. Basically I have a DB that keeps track of breeding records. Each record has a paired data, and a split-up date. I need to generate some statistics to work out average numbers of pairs per month, averaged on a daily basis, for a given start and stop date, typically a year or year-to-date. All the algorithms I can think of are messy, where I have to loop through all the breeding records for every day of the year, and count how many pairs are breeding by seeing if the date is between the start and stop dates, and then average that on a monthly basis. I can't see that scaling very well, as there might be several hundred breeding records for a given year, multiplied by 365 days. Has anyone any hints/pointers for an efficient way to do this? Regards, Garry. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] To contact the list administrators, e-mail: [EMAIL PROTECTED]