Re: [PHP] database hell
On 15/07/2012 17:07, Nick Edwards wrote: > On 7/12/12, Ashley Sheridan wrote: > >> "ma...@behnke.biz [5]" wrote: >> >>> Nick Edwards hat am 12. Juli 2012 um 14:00 geschrieben: >>> On 7/12/12, Gibbs wrote: > mysql_query("DELETE from userprefs where clientr='$User'", >>> $connmy); Sidenote: And don't forget to validate user input and make use of mysql escape and prepared statements ;) -- PHP General Mailing List (http://www.php.net/ [3]) To unsubscribe, visit: http://www.php.net/unsub.php [4] >> Another way if the access credentials are the same would be to specify the full 'path' to the table in the query: DELETE FROM database.table WHERE clause > > Umm I wouldn't be doing that if using mysql replication, I only now (2 > days later) discovered that broke it! but your suggestion was the only > one that allowed it to work without crashing out for unauthed access > to (wrong) database when using db1 and db2 (worked until it needed to > return to db1, strill tried to use db2 method, hrmm at least perl > knows to return to use the original, not php though) > > thanks to all suggestions, looks like we just need to close db1 con > db2, close db2 and recon to db1 *sigh* Google for "mysql replicate-ignore-table" this will stop any replication errors because of unknown tables, well, if configured correctly :) -- If you are not the intended recipient, please notify the sender and delete all relevance of this message including any attachments immediately. Please do not send Microsoft proprietary formatted documents, instead use ODF or PDF. Links: -- [1] mailto:li...@danielgibbs.net [2] mailto:nick.z.edwa...@gmail.com [3] http://www.php.net/ [4] http://www.php.net/unsub.php [5] mailto:ma...@behnke.biz [6] mailto:ma...@behnke.biz
Re: [PHP] database hell
On 7/12/12, Ashley Sheridan wrote: > > > "ma...@behnke.biz" wrote: > >> >> >> >>Nick Edwards hat am 12. Juli 2012 um 14:00 >>geschrieben: >> >>> On 7/12/12, Gibbs wrote: >>> >>> > mysql_query("DELETE from userprefs where clientr='$User'", >>$connmy); >> >> >>Sidenote: And don't forget to validate user input and make use of mysql >>escape >>and prepared statements ;) >> >>-- >>PHP General Mailing List (http://www.php.net/) >>To unsubscribe, visit: http://www.php.net/unsub.php > > Another way if the access credentials are the same would be to specify the > full 'path' to the table in the query: > > DELETE FROM database.table WHERE clause > Umm I wouldn't be doing that if using mysql replication, I only now (2 days later) discovered that broke it! but your suggestion was the only one that allowed it to work without crashing out for unauthed access to (wrong) database when using db1 and db2 (worked until it needed to return to db1, strill tried to use db2 method, hrmm at least perl knows to return to use the original, not php though) thanks to all suggestions, looks like we just need to close db1 con db2, close db2 and recon to db1 *sigh* -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] database hell
"ma...@behnke.biz" wrote: > > > >Nick Edwards hat am 12. Juli 2012 um 14:00 >geschrieben: > >> On 7/12/12, Gibbs wrote: >> >> > mysql_query("DELETE from userprefs where clientr='$User'", >$connmy); > > >Sidenote: And don't forget to validate user input and make use of mysql >escape >and prepared statements ;) > >-- >PHP General Mailing List (http://www.php.net/) >To unsubscribe, visit: http://www.php.net/unsub.php Another way if the access credentials are the same would be to specify the full 'path' to the table in the query: DELETE FROM database.table WHERE clause Thanks, Ash http://ashleysheridan.co.uk -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] database hell
Nick Edwards hat am 12. Juli 2012 um 14:00 geschrieben: > On 7/12/12, Gibbs wrote: > > > mysql_query("DELETE from userprefs where clientr='$User'", $connmy); Sidenote: And don't forget to validate user input and make use of mysql escape and prepared statements ;) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] database hell
On 7/12/12, Gibbs wrote: >>> $connmy=mysql_connect("host","user","pass", TRUE); >>> >>> http://php.net/manual/en/function.mysql-connect.php >>> >> >> Thanks, will give that a shot >> > I forgot to add your queries will need the new link too. So > > mysql_query("DELETE from userprefs where clientr='$User'", $connmy); > Got that, ta :) > Gibbs > > > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] database hell
On 7/12/12, Adam Nicholls wrote: > > >> -Original Message- >> From: Nick Edwards [mailto:nick.z.edwa...@gmail.com] >> Sent: 12 July 2012 12:30 >> To: php-general@lists.php.net >> Subject: [PHP] database hell >> >> Hi >> >> We have a program that manages users, throughout all database calls >> >> created as: >> $connect = mysql_connect($db_host--other variables); >> mysql_query("Delete from clients where id=$User"); >> >> All this works good, but, we need, in the delete function to delete from >> another database >> >> $connmy=mysql_connect("host","user","pass"); >> mysql_select_db("vsq",$connmy); >> mysql_query("DELETE from userprefs where >> clientr='$User'"); >> $mysql_close($connmy); this fails, unless we use a mysql_close prior to >> it, >> and then reconnect to original database after we run this delete, how can >> we >> get around this without closing and reopening? >> We have a perl script doing similar for manual runs, and it works well >> knowing that $connmy is not $connect, I'm sure there is a simple way to >> tell >> php but I'm darned if I can see it. >> >> Thanks >> Niki >> >> -- >> PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: >> http://www.php.net/unsub.php > > > Just create a new resource/connection to MySQL and pass the identifier into > mysql_query(). > You'll also want to use mysql_real_escape_string() by the looks of it to > attempt to stop SQL injection. > > > Something like this will do it: > > $db1 = mysql_connect($host,$user,$pass); > $db2 = mysql_connect($host,$user,$pass); > > mysql_select_db('db1',$db1); > mysql_select_db('db2',$db2); > > // do your queries with $DB1 > > $result = mysql_query("delete from userprefs where > clientr=".mysql_real_escape_string($user,$db1)."", $db1); > > // do your queries again with $DB1 > > mysql_close($db1);//close db1 > mysql_close($db2);//close db2 > We can not immediately close db2? if we do it seems to close all connections? Thanks > > Cheers > Adam. > > = > > This email is intended solely for the recipient and is confidential and not > for third party unauthorised distribution. If an addressing or transmission > error has misdirected this email, please notify the author by replying to > this email or notifying the system manager (online.secur...@hl.co.uk). If > you are not the intended recipient you must not disclose, distribute, copy, > print or rely on this email. > > Any opinions expressed in this document are those of the author and do not > necessarily reflect the opinions of Hargreaves Lansdown. In addition, staff > are not authorised to enter into any contract through email and therefore > nothing contained herein should be construed as such. Hargreaves Lansdown > makes no warranty as to the accuracy or completeness of any information > contained within this email. In particular, Hargreaves Lansdown does not > accept responsibility for any changes made to this email after it was sent. > > > Hargreaves Lansdown Asset Management Limited (Company Registration No > 1896481), Hargreaves Lansdown Fund Managers Limited (No 2707155), Hargreaves > Lansdown Pensions Direct Limited (No 3509545) and Hargreaves Lansdown > Stockbrokers Limited (No 1822701) are authorised and regulated by the > Financial Services Authority and registered in England and Wales. The > registered office for all companies is One College Square South, Anchor > Road, Bristol, BS1 5HL. Telephone: 0117 988 9880 > -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] database hell
On 12/07/12 12:38, Nick Edwards wrote: On 7/12/12, Gibbs wrote: On 12/07/12 12:29, Nick Edwards wrote: Hi We have a program that manages users, throughout all database calls created as: $connect = mysql_connect($db_host--other variables); mysql_query("Delete from clients where id=$User"); All this works good, but, we need, in the delete function to delete from another database $connmy=mysql_connect("host","user","pass"); mysql_select_db("vsq",$connmy); mysql_query("DELETE from userprefs where clientr='$User'"); $mysql_close($connmy); this fails, unless we use a mysql_close prior to it, and then reconnect to original database after we run this delete, how can we get around this without closing and reopening? We have a perl script doing similar for manual runs, and it works well knowing that $connmy is not $connect, I'm sure there is a simple way to tell php but I'm darned if I can see it. Thanks Niki You need to make a new link. So you would add TRUE to the end of the second connection. $connmy=mysql_connect("host","user","pass", TRUE); http://php.net/manual/en/function.mysql-connect.php Thanks, will give that a shot I forgot to add your queries will need the new link too. So mysql_query("DELETE from userprefs where clientr='$User'", $connmy); Gibbs -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP] database hell
> -Original Message- > From: Nick Edwards [mailto:nick.z.edwa...@gmail.com] > Sent: 12 July 2012 12:30 > To: php-general@lists.php.net > Subject: [PHP] database hell > > Hi > > We have a program that manages users, throughout all database calls > > created as: > $connect = mysql_connect($db_host--other variables); > mysql_query("Delete from clients where id=$User"); > > All this works good, but, we need, in the delete function to delete from > another database > > $connmy=mysql_connect("host","user","pass"); > mysql_select_db("vsq",$connmy); > mysql_query("DELETE from userprefs where > clientr='$User'"); > $mysql_close($connmy); this fails, unless we use a mysql_close prior to it, > and then reconnect to original database after we run this delete, how can we > get around this without closing and reopening? > We have a perl script doing similar for manual runs, and it works well > knowing that $connmy is not $connect, I'm sure there is a simple way to tell > php but I'm darned if I can see it. > > Thanks > Niki > > -- > PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: > http://www.php.net/unsub.php Just create a new resource/connection to MySQL and pass the identifier into mysql_query(). You'll also want to use mysql_real_escape_string() by the looks of it to attempt to stop SQL injection. Something like this will do it: $db1 = mysql_connect($host,$user,$pass); $db2 = mysql_connect($host,$user,$pass); mysql_select_db('db1',$db1); mysql_select_db('db2',$db2); // do your queries with $DB1 $result = mysql_query("delete from userprefs where clientr=".mysql_real_escape_string($user,$db1)."", $db1); // do your queries again with $DB1 mysql_close($db1);//close db1 mysql_close($db2);//close db2 Cheers Adam. = This email is intended solely for the recipient and is confidential and not for third party unauthorised distribution. If an addressing or transmission error has misdirected this email, please notify the author by replying to this email or notifying the system manager (online.secur...@hl.co.uk). If you are not the intended recipient you must not disclose, distribute, copy, print or rely on this email. Any opinions expressed in this document are those of the author and do not necessarily reflect the opinions of Hargreaves Lansdown. In addition, staff are not authorised to enter into any contract through email and therefore nothing contained herein should be construed as such. Hargreaves Lansdown makes no warranty as to the accuracy or completeness of any information contained within this email. In particular, Hargreaves Lansdown does not accept responsibility for any changes made to this email after it was sent. Hargreaves Lansdown Asset Management Limited (Company Registration No 1896481), Hargreaves Lansdown Fund Managers Limited (No 2707155), Hargreaves Lansdown Pensions Direct Limited (No 3509545) and Hargreaves Lansdown Stockbrokers Limited (No 1822701) are authorised and regulated by the Financial Services Authority and registered in England and Wales. The registered office for all companies is One College Square South, Anchor Road, Bristol, BS1 5HL. Telephone: 0117 988 9880 __ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com __
Re: [PHP] database hell
On 12 Jul 2012, at 12:29, Nick Edwards wrote: > We have a program that manages users, throughout all database calls > > created as: > $connect = mysql_connect($db_host--other variables); > mysql_query("Delete from clients where id=$User"); > > All this works good, but, we need, in the delete function to delete > from another database > > $connmy=mysql_connect("host","user","pass"); >mysql_select_db("vsq",$connmy); >mysql_query("DELETE from userprefs where clientr='$User'"); > $mysql_close($connmy); > this fails, unless we use a mysql_close prior to it, and then > reconnect to original database after we run this delete, how can we > get around this without closing and reopening? > We have a perl script doing similar for manual runs, and it works > well knowing that $connmy is not $connect, I'm sure there is a simple > way to tell php but I'm darned if I can see it. The mysql_query method takes a second parameter specifying the MySQL connection to which to send the query. If you're dealing with multiple hosts you will want to add that to every single mysql_* function call that supports it, otherwise you could end up running queries on the wrong database. You may also want to note that using the mysql_* functions is now discouraged in favour of MySQLi or PDO: http://php.net/mysqlinfo.api.choosing -Stuart -- Stuart Dallas 3ft9 Ltd http://3ft9.com/
Re: [PHP] database hell
On 7/12/12, Gibbs wrote: > On 12/07/12 12:29, Nick Edwards wrote: >> Hi >> >> We have a program that manages users, throughout all database calls >> >> created as: >> $connect = mysql_connect($db_host--other variables); >> mysql_query("Delete from clients where id=$User"); >> >> All this works good, but, we need, in the delete function to delete >> from another database >> >> $connmy=mysql_connect("host","user","pass"); >> mysql_select_db("vsq",$connmy); >> mysql_query("DELETE from userprefs where >> clientr='$User'"); >> $mysql_close($connmy); >> this fails, unless we use a mysql_close prior to it, and then >> reconnect to original database after we run this delete, how can we >> get around this without closing and reopening? >> We have a perl script doing similar for manual runs, and it works >> well knowing that $connmy is not $connect, I'm sure there is a simple >> way to tell php but I'm darned if I can see it. >> >> Thanks >> Niki >> > You need to make a new link. So you would add TRUE to the end of the > second connection. > > $connmy=mysql_connect("host","user","pass", TRUE); > > http://php.net/manual/en/function.mysql-connect.php > Thanks, will give that a shot -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] database hell
On 12/07/12 12:29, Nick Edwards wrote: Hi We have a program that manages users, throughout all database calls created as: $connect = mysql_connect($db_host--other variables); mysql_query("Delete from clients where id=$User"); All this works good, but, we need, in the delete function to delete from another database $connmy=mysql_connect("host","user","pass"); mysql_select_db("vsq",$connmy); mysql_query("DELETE from userprefs where clientr='$User'"); $mysql_close($connmy); this fails, unless we use a mysql_close prior to it, and then reconnect to original database after we run this delete, how can we get around this without closing and reopening? We have a perl script doing similar for manual runs, and it works well knowing that $connmy is not $connect, I'm sure there is a simple way to tell php but I'm darned if I can see it. Thanks Niki You need to make a new link. So you would add TRUE to the end of the second connection. $connmy=mysql_connect("host","user","pass", TRUE); http://php.net/manual/en/function.mysql-connect.php Gibbs -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] database hell
Hi We have a program that manages users, throughout all database calls created as: $connect = mysql_connect($db_host--other variables); mysql_query("Delete from clients where id=$User"); All this works good, but, we need, in the delete function to delete from another database $connmy=mysql_connect("host","user","pass"); mysql_select_db("vsq",$connmy); mysql_query("DELETE from userprefs where clientr='$User'"); $mysql_close($connmy); this fails, unless we use a mysql_close prior to it, and then reconnect to original database after we run this delete, how can we get around this without closing and reopening? We have a perl script doing similar for manual runs, and it works well knowing that $connmy is not $connect, I'm sure there is a simple way to tell php but I'm darned if I can see it. Thanks Niki -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php