Re: [PHP-DB] Corn job anomaly
to run as a different user. If the issue is mysql access, you do that just the way you would in a [web]server parsed php file. The script is whatever you put on the crontab line. The script you reference from the crontab entry can be a shell script that does some setup, and then calls your php script. Your php script can have include files (e.g., for mysql connection setup) just as you might have in a [web]server parsed php file. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy beck...@angryox.com http://www.angryox.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: Database Problems
On Mon, 25 Jun 2012, B. Aerts wrote: On 17/06/12 21:06, Ethan Rosenberg wrote: Dear List - I have a database: +-+ | Tables_in_hospital2 | +-+ | Intake3 | | Visit3 | +-+ Hey Ethan -- Remember that your posts are archived likely forever, and using dummy data like Bongish and being critical of people's weight probably isn't going to help you when you decide to seek a job somewhere. Also, for people replying, before offering advice about MySQL on a PHP list, it is good practice to actually run your queries to verify your suggestions. Most of the replies thus far have been conjecture, with only one or two reasonable data-backed voices. Those voices asked: What are you doing with $result? How you answer is important. If you are simply printing it with hopes that $result contains data, the suggestion to RTFM is vital, as that would be wrong. Those voices also stated 'where 1' just evaluates to true. They are correct and proven here (42 intentional :-) ): mysql select count(*) from numbers where 1=1 and num like '1212%'; +--+ | count(*) | +--+ | 42 | +--+ 1 row in set (0.26 sec) mysql select count(*) from numbers where 1 and num like '1212%'; +--+ | count(*) | +--+ | 42 | +--+ 1 row in set (0.02 sec) mysql select count(*) from numbers where num like '1212%'; +--+ | count(*) | +--+ | 42 | +--+ 1 row in set (0.02 sec) So Ethan, if your query works on the command line, but not in your code, where do you think the issue might exist? http://us3.php.net/manual/en/mysqli.query.php Return Values Returns FALSE on failure. For successful SELECT, SHOW, DESCRIBE or EXPLAIN queries mysqli_query() will return a mysqli_result object. For other successful queries mysqli_query() will return TRUE. Granted, the PHP manual doesn't include *how* to loop through return data. http://us3.php.net/manual/en/class.mysqli-result.php Ethan, your question was: why does this work on the command line, and not through PHP. The remarks by other posters still stand - you don't show anything that leads us to discriminate wether the fault lies in the query, in the API's or in the code. If you're not going to show it, maybe try the following 2 tips : 1) try to modify the query: SELECT . . . WHERE 1=1 ; : this formulation removes any doubt wether it is a filtering statement, or a result limiting statement 2) see if SELECT . . . WHERE 2 or SELECT . . . WHERE 3 yields respecively 2 or 3 result rows. If not, the problem is NOT with the API's. I'll save you some time, it's not the where 1 part of the query: mysql select count(*) from numbers where 3 and num like '1212%'; +--+ | count(*) | +--+ | 42 | +--+ Beckman --- Peter Beckman Internet Guy beck...@angryox.com http://www.angryox.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Random pick
On Mon, 25 Jan 2010, Karl DeSaulniers wrote:
Hello List,
Trying to learn the right way to code this line.
Can anyone tell me if I am doing this the right way?
if $req_user_level == 0 || 1 || 2 || 3 || 4 || 5 || 6 || 7 || 8 || 9 ?
Guest || Regular User || Intl. User || Contractor || Employee ||
Sales || Investor || Human Resources || Administrator;
I am wanting to stray from the if(foo == bar) { routine. ;)
if (in_array($req_user_level, array(0,1,2,3,4,5,6,7,8,9,Guest,...))) {
// do stuff
}
---
Peter Beckman Internet Guy
beck...@angryox.com http://www.angryox.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Random pick
On Mon, 25 Jan 2010, Karl DeSaulniers wrote:
Thank you for this as well.
Question? What part is in_array playing?
Is it comparing $req_user_level to array()?
Because the text Guest, etc.. is not in $req_user_level on the database.
In other words, is it checking the value of $req_user_level to see if Guest
is in it?
Sorry, I missed the question mark. in_array isn't appropriate here. The
previous poster has it right, assuming $req_user_level is an integer of
0..9.
$levels = array(Guest, Regular User, 'Intl. User', ...)
// the array is 0, 1, 2 , ...)
Going a little further:
if (!empty($levels[$req_user_level])) { // is both set and doesn't
evaluate to false
echo The user is a {$levels[$req_user_level]}.\n;
} else {
// The $req_user_level was not a valid level.
echo The returned req_user_level was not valid.\n;
}
Which would output, if $req_user_level was 1 (one):
The user is a Regular User.
Then you know you have a valid user level. Careful though -- sometimes 0
will be returned on a failure, depending on your SQL.
Beckman
---
Peter Beckman Internet Guy
beck...@angryox.com http://www.angryox.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] MySQL query executes outside of PHP, but not in PHP
On Fri, 23 Jan 2009, dave.mcgov...@sungard.com wrote:
Hi,
I am running: PHP 5.2.8, Apache 2.2.11, MySQL 5.1.30 on Win32/XP.
I have a number of queries on my page which are very similar in
structure, and they all work except for the following one.
$mysql['process'] = $client2-real_escape_string($clean['process']);
$sql = SELECT f.name, f.description
FROM files f, file_mapping m, processes p
WHERE m.file_id = f.id
AND p.name = '{$mysql['process']}'
AND m.process_id = p.id
AND m.io_flag = 'I';
if ($client2-multi_query($sql)) {
echo 'h3 class=H3-OTMSMain Input Files/h3';
do {
if ($result = $client2-use_result()) {
while ($input = $result-fetch_row()) {
$filename = $input[0];
$descr = $input[1];
echo 'pspan class=FileName'.$filename.'/span'.'
'.$descr.'/p';
}
$result-close();
}
} while ($client2-next_result());
}
If I echo the $sql, and then run it in MySQL directly, it works fine. I
have tried replacing the variable in the WHERE clause with a hardcoded
value and and have tried replacing this query with a very basic query
with no variable, but nothing has worked. No error message is returned.
Any suggestions as to what I might check? Here's an example of an echo
of the following $sql that runs OK in MySQL Query Browser:
SELECT f.name, f.description FROM files f, file_mapping m, processes p
WHERE m.file_id = f.id AND p.name = 'BCOM1AC' AND m.process_id = p.id
AND m.io_flag = 'I'
error_log(Hey, the SQL is: $sql);
Then look in your php error log (you do have error logging enabled,
right?)
If that SQL in the error log is fine, then your problem is
$client2-multi_query($sql) -- what does THAT return? What SHOULD it
return? What are you expecting it to return? Does it return what you
thought it did?
When you do if ($var) it can sometimes have unexpected results. If $var
is an empty string, it's still true, and executes. I don't know that
multi_query SHOULD return, or how to determine if it throws an error, but
that's one place to start.
Next, if multi_query worked, then this line is suspect:
if ($result = $client2-use_result()) {
This will always result in TRUE, as the assignment will always succeed.
Change it to:
if (($result = $client2-use_result())) {
(added parenthesis)
What DB library are you using?
---
Peter Beckman Internet Guy
beck...@angryox.com http://www.angryox.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Authenticating user using a web service
Your first problem is that your question is so general and vague, nobody wants to try and guess at what you are talking about. Not only that, but you are throwing out some theoretical ideas about 3rd party interfaces that, IMO, aren't on topic for this mailing list. If you have a PHP + Database specific question, this is your list. General application development questions are not really on point. On Fri, 23 Jan 2009, Abah Joseph wrote: Well, I have asked this question before but it seems people don`t understood me, my intension is to have a second login option like, user may choose to login with they facebook/myspace/etc id or the local id (my site) on my site, I want a situation whereby anyone can choose to register or use an existing social network id and password to login, so I am thinking of using facebook, but i don`t really understand something about facebook application, the application always, first go to facebook then redirect back to the site (callback url), I want all this process done under the hood. Can someone give me another idea? I will just love any simple idea that will help. --- Peter Beckman Internet Guy beck...@angryox.com http://www.angryox.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] First and Last ID of a table
On Wed, 11 Jul 2007, Matt Leonhardt wrote: [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] SELECT MIN(id), MAX(id) FROM mytable As an aside, is you are using associative arrays, be sure to use the following keys: $array['MIN(id)'] and $array['MAX(id)'] Just something I figured out recently :) or use select min(id) min, max(id) max from mytable then access as $array['min'] and $array['max'] --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.angryox.com/ --- ** PLEASE NOTE PurpleCow.com IS NOW AngryOx.com DO NOT USE PurpleCow.com ** ** PurpleCow.com is now owned by City Auto Credit LLC as of May 23, 2007 ** --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] A good PHP Ajax tutorial
On Sun, 25 Feb 2007, Denis L. Menezes wrote: Can someone please suggest a good pHP/Ajax tutorial? Use mootools, http://mootools.net/ Best JS library around, does all sorts of neat AJAXy animations as well as handling the backend cross-browser. --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Access denied for user...sometimes???
On Wed, 21 Feb 2007, James Garfield wrote: I've got 5.0.27-standard installed on an Intel Mac, using the preinstalled version of Apache and my own installation of PHP 4.4.4. I use this machine for development work and don't make it available to anyone else. I've got an instance of a PHP application running, and it works...but not all of the time!!! I created the user that accesses my MySQL via the following commands; use [web_db_name]; grant select, insert, update, delete on *.* to '[new_user]'@'%' identified by '[new_password]'; I'm able to do everything expected from the command line mysql tool, but on the PHP side it fails more than half of the time: Warning: mysql_connect() [function.mysql-connect]: Access denied for user '[new_user]'@'[my_current_dhcp_ip]' (using password: YES) in /[path]/[to]/[page]/[on]/[server]/index.php on line 66 This leaves the question: since MySQL is behaving normally otherwise, I'm using a host of '%' and my IP isn't changing, does anybody know what the problem is with PHP??? TIA, James flush privileges --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Strange action with =
I'm looping through an array and I did this: $rate = $mydata[$prefix]; Now, in some cases $mydata[$prefix] wasn't set/defined, so I expected $rate to not be defined, or at least point to something that wasn't defined. Instead, PHP 5.1.6 set $mydata[$prefix] to nothing. If I had: $mydata[1] = 3; $mydata[3] = 2; $mydata[5] = 1; And did a loop from $i=1; $i++; $i=5 I'd get: $mydata[1] = 3; $mydata[2] = ; $mydata[3] = 2; $mydata[4] = ; $mydata[5] = 1; Is this expected? A bug? Fixed in 5.2.0? I know I shouldn't set a reference to a variable that doesn't exist, but the expected result is a warning/error, not for PHP to populate an array. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Strange action with =
On Tue, 13 Feb 2007, bedul wrote:
sry i don't get what u mean??
I'm looping through an array and I did this:
$rate = $mydata[$prefix];
This is how you assign a variable by reference. $rate should be a
reference to $mydata[$prefix], not a copy. If I change the value of
$rate, the value of $mydata[$prefix] is also changed, and vice versa.
Now, in some cases $mydata[$prefix] wasn't set/defined, so I expected
$rate to not be defined, or at least point to something that wasn't
defined.
Instead, PHP 5.1.6 set $mydata[$prefix] to nothing.
If I had:
$mydata[1] = 3;
$mydata[3] = 2;
$mydata[5] = 1;
And did a loop from $i=1; $i++; $i=5 I'd get:
$mydata[1] = 3;
$mydata[2] = ;
$mydata[3] = 2;
$mydata[4] = ;
$mydata[5] = 1;
the reason mydata2 empty was because it don't have value in it!!
full source plz
why u don't try this
$txt.=ol;
foreach($mydata as $nm=$val){
$txt.=\nli $nm = $val;
$txt2=br\$mydata[$nm] = $val;
}
$txt.=/ol;
print $txt;
Because I'm trying to point out a problem with PHP, where setting a
reference when the other side is undefined or not set, PHP creates a
reference to a previously non-existent array item, just by setting a
reference. I don't think that should happen.
Your code doesn't set anything by reference.
Is this expected? A bug? Fixed in 5.2.0? I know I shouldn't set a
reference to a variable that doesn't exist, but the expected result is a
warning/error, not for PHP to populate an array.
we should cross check again.
I don't know what you mean.
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Session Problem
1. Is session support compiled into PHP, or if not, is the module there and being loaded? phpinfo() will tell you. If not, recompile PHP or build the dynamic module to support sessions. 2. If so, check the location of session.save_files and make sure it is writable by the web server user/group. If not, you must change this. Beckman On Fri, 12 Jan 2007, [EMAIL PROTECTED] wrote: Dear All, I need some help please... I'm developing an web application using PHP/MySQL, and its has been running on my company. I'm planning to migrate the system on a new server. I have installed everything that are needed on the new server to running the web application. But I'm confusing that the session isn't running. For your information, I've setting all configurations (MySQL PHP), included register globals to Off. I have trying to re-install the web server MySQL, but it still not running... Please advice... Thanks Regards, Anita --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] MySQL SQL Query Help
I have a table: id fkid foobar 1 1 345yellow 2 1 34 red 3 2 3459 green 4 2 345brown I want to select the largest value of foo for a unique fkid, and return bar, the results ordered by bar. In this case, 345 is the largest value of foo for fkid 1, and 3459 is the largest for fkid 2. green comes before yellow. My desired result set would be: fkid foobar 2 3459 green 1 345yellow How would I write that in SQL? fkid and foo are ints, bar is a varchar. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] MySQL SQL Query Help
On Mon, 13 Nov 2006, [EMAIL PROTECTED] wrote: Actually, that should not work, it should give you an error. This should work: SELECT `fkid`,max(`foo`) as foo,`bar` FROM `test2` GROUP BY `fkid` ORDER BY `bar` ASC Yes, but if the data is in a different order that fails and doesn't maintain row order: mysql create temporary table test2 (id tinyint,fkid tinyint, foo smallint, bar varchar(20)); mysql insert into test2 values (1,1,34,'red'), (2,1,345,'yellow'), (3,2,345,'brown'), (4,2,3459,'green'); mysql select * from test2; +--+--+--++ | id | fkid | foo | bar| +--+--+--++ |1 |1 | 34 | red| |2 |1 | 345 | yellow | |3 |2 | 345 | brown | |4 |2 | 3459 | green | +--+--+--++ mysql SELECT `fkid`,max(`foo`) as foo,`bar` FROM `test2` GROUP BY `fkid` ORDER BY `bar` ASC; +--+--+---+ | fkid | foo | bar | +--+--+---+ |2 | 3459 | brown | |1 | 345 | red | +--+--+---+ 2 rows in set (0.00 sec) Notice how 3459 is supposed to be green but reports brown, and 345 should be yellow but reports red? Any other solutions that maintain row integrity? Beckman Miguel Guirao wrote: select max(bar) from mytable where unique fkid order by bar asc as far as I remember!! -Original Message- From: Peter Beckman [mailto:[EMAIL PROTECTED] Sent: Lunes, 13 de Noviembre de 2006 04:59 p.m. To: PHP-DB Mailing List Subject: [PHP-DB] MySQL SQL Query Help I have a table: id fkid foobar 1 1 345yellow 2 1 34 red 3 2 3459 green 4 2 345brown I want to select the largest value of foo for a unique fkid, and return bar, the results ordered by bar. In this case, 345 is the largest value of foo for fkid 1, and 3459 is the largest for fkid 2. green comes before yellow. My desired result set would be: fkid foobar 2 3459 green 1 345yellow How would I write that in SQL? fkid and foo are ints, bar is a varchar. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Direct Access to an Array Item?
On Wed, 9 Aug 2006, Bastien Koert wrote: use mysql_result mysql_result ( $result, 0, 2 ) where 2 is the offset of the fields in the row In one line of code, I want to fetch the row into a variable, and test a variable within that row. I want to know how to do this both within a DB query and outside of. Your solution is valid, but not what I'm looking for. --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Direct Access to an Array Item?
I want to access a variable within a function-returned array without
setting the array to a variable first. Example -- test for equal to string
'foo' on the 4th element of a returned fetch row:
if (($row = mysql_fetch_row($result))[3] == 'foo') {
$user = $row;
}
or
$bar = explode('#', $str)[2];
I know I can do this in perl, but can it be done in PHP? Obviously this is
pseudo code, it doesn't actually work, but I wonder if there is a way that
escapes me currently?
I know I can assign the result to a variable and then test the element; I
am addicted to trying to cut down the amount and complexity of code. Even
if you disagree with my goal as good computing practices, I simply want to
know if what I ask is possible, and if so, how. :-)
Beckman
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] detecting negative numbers
On Sun, 16 Jul 2006, Dave W wrote:
Currently I have this:
if($quant $amount) {echo You don't have that many!; }
$quant is the user inputted amount and $amount is the amount that they
actually have. Is there any way of checking if the result is negative rather
than doing what I have above?
I'm not sure which result you are refering to, but this echo's if:
$quant is greater than $amount
$amount is less than 0
$quant is less than 0
if ($quant $amount or $amount 0 or $quant 0) {
echo You don't have that many!;
}
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Text file (rw) question...
pear install Config
Now you can load a config file like that with a single command, load it
into an array, modify values, then write it back.
http://pear.php.net/package/Config
It is fantastic.
Beckman
On Tue, 14 Mar 2006, Rob W. wrote:
That works, but it just throws it in to a big loop and fills up the file, any
suggestions?
- Original Message - From: Chris [EMAIL PROTECTED]
To: Rob W. [EMAIL PROTECTED]
Cc: php-db@lists.php.net
Sent: Tuesday, March 14, 2006 5:54 PM
Subject: Re: [PHP-DB] Text file (rw) question...
Rob W. wrote:
Ok, The fix is just doing something like this...
list($variable, $data) = explode(=, $x);
But now my problem is trying to figure out how to update that data with
form post ect...
So the main page would get
MaxUser=32
It would read that info and put it in to a form field, which I have.
Now I gotta get it to take and make it so that a new value can be put in
that field and updated back in to the text file. I have searched all over
google for about 4 hrs looking for something like this but no go, any help
would be appricated.
This is a simple example but it should work for you:
$new_textcontent = ;
foreach($_POST as $area = $value) {
$new_textcontent .= $area . = . $value . \n;
}
$fp = fopen($filename, 'w');
fputs($fp, $new_textcontent);
fclose($fp);
- Original Message - From: Dwight Altman [EMAIL PROTECTED]
To: 'Rob W.' [EMAIL PROTECTED]; php-db@lists.php.net
Sent: Tuesday, March 14, 2006 9:13 AM
Subject: RE: [PHP-DB] Text file (rw) question...
How about posting your solution as well? Maybe someone will find it
useful.
-Original Message-
From: Rob W. [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 14, 2006 2:07 AM
To: php-db@lists.php.net
Subject: Re: [PHP-DB] Text file (rw) question...
Nevermind. I figured it out.
- Original Message - From: Rob W. [EMAIL PROTECTED]
To: php-db@lists.php.net
Sent: Tuesday, March 14, 2006 1:45 AM
Subject: [PHP-DB] Text file (rw) question...
I'm trying to figure out how to read specific data from a text file that
is already written. Example
MaxUser=3D32
PortBase=3D8000
I want to be able to have php read them specific pieces of info so I can
put them in to forms and update them via php.
Any help would be appreciated.
--
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
Postgresql php tutorials
http://www.designmagick.com/
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Storing Credit Cards, Passwords, Securely, two-way encryption
On Fri, 6 Jan 2006, Neil Smith [MVP, Digital media] wrote: Peter Beckman wrote: So I'm thinking about how to save credit card numbers in the DB, for re-charging cards for subscriptions, new orders, etc. Yes yes, lawsuits, scary, etc. I'm glad you're so blase about this and the threat of your business going Not blase -- just sick of hearing don't do it you'll get sued impossible what's wrong with you I want to secure this information, responsibly. How? (You answer this below) Security by obscurity is a myth. I believe you -- and if obscurity is a myth, let's document how it can be done safely for all the world to see and learn! *DO NOT* store any credit card numbers on any publically accessible system. Ever. Period. Sometimes when questions are asked a background of the knowledge of the poster is not given. I would never do that. A server that is connected to the internet directly storing credit cards is asking for a lawsuit. It's got a sign with please hack me on it. OK now to the candy : I've had this book a while, and it's one of the most insightful and well researched (from experience) books on security I've ever read. In fact - so good I'm going to go to the trouble to retype an excerpt of a section called One-Way Credit Card Data Path for Top Security (Bob Toxen) have come up with the concept of a one-way credit card data path. Now THAT is exactly what I was looking for -- THANKS! I'll go get the book. (snipped section about spot welded steel pipes encasing LAN cable !) *laugh* That might be a bit of overkill... but I get the idea. The CC server then contacts the processing bank through the private network to charge the amt, store the authorisastion number if successful and returns either Success or an appropriate error message Obviously most CC auths are via the 'net + SSL, private networks don't apply (and they are kind of cost prohibitive). If you have a router/firewall/ipfw between your CC and the 'net, blocking incoming but allowing outgoing to your cc auth host ip(s), is that good enough? What else can be done? As Bob's book is so bloody good, here's the ASIN for it in case you want to read all 650 pages of good advice ;-) http://www.amazon.com/gp/product/0130464562/qid=1136589506/sr=8-1/ref=pd_bbs_1/104-3174210-9795945?n=507846 Thank you Neil -- sold! Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: Storing Credit Cards, Passwords, Securely, two-way encryption
On Fri, 6 Jan 2006, Dan Baker wrote: Peter Beckman [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] So I'm thinking about how to save credit card numbers in the DB, for re-charging cards for subscriptions, new orders, etc. I'm also thinking about how to save passwords in the DB, not plaintext, but not one-way encrypted either. Any suggestions? How would I secure the database? I'm thinking some abstract process in code, or something -- security through obscurity. [Summary: Call Verisign, pay THEM to store credit cards for you] What, exactly, does VeriSign do, that makes you so sure that they have secured the credit card information any better than I could, using a well-thought-out system? Do you even know? You just hear VeriSign and believe they have smart people that have more resources available to them to do a better job securing the data? Maybe this makes sense if you are doing a few hundred or a few thousand dollars of business a month, but if you are planning on doing $5,000 to $10,000 a day, it is a lot of added expense to have someone else do it, when I could have it done internally. It is the how. Please, no more replies saying don't do it. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Storing Credit Cards, Passwords, Securely, two-way encryption
So I'm thinking about how to save credit card numbers in the DB, for re-charging cards for subscriptions, new orders, etc. I'm also thinking about how to save passwords in the DB, not plaintext, but not one-way encrypted either. Any suggestions? How would I secure the database? I'm thinking some abstract process in code, or something -- security through obscurity. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Storing Credit Cards, Passwords, Securely, two-way encryption
On Thu, 5 Jan 2006, John Meyer wrote: Peter Beckman wrote: So I'm thinking about how to save credit card numbers in the DB, for re-charging cards for subscriptions, new orders, etc. Why, is the first question I would ask you. So I'm thinking about how to save credit card numbers in the DB, for re-charging cards for subscriptions, new orders, etc. Think one-click. Why did Amazon patent one-click? Impulse buys -- the I want that, now factor. If you make 13 steps and 12 input boxes, the Impulse will probably pass, and you've lost your sale. Besides, the user can choose if they want you to save their card info. First off, on a new order, why wouldn't you just save the authorization code, instead of the credit card number? That would be a lot easier. Sure. But see my above point. I want to be able to re-charge it later when the user wants to. Secondly, you're opening yourself up to a _ton_ of lawsuits should anything go awry. Unless I had a _real_ good reason for storing their cc number, I wouldn't, despite the extra step. Yes yes, lawsuits, scary, etc. I was looking for technical solutions, i.e. maybe someone knows how USPS.com or Amazon.com or GoDaddy.com (do they?) does it. Or if it is all security via obscurity. Best solution yet: Public key encryption, with additional either secret word padding or using the users account password to pad/encrypt the card number (preventing a brute force attack, even if access to the DB is given). Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Storing Credit Cards, Passwords, Securely, two-way encryption
On Fri, 6 Jan 2006, Julien Bonastre wrote: Any reason why you need to have reversible encryption on the password value?? No... I just prefer to assume that if someone gets my DB, they might try using user/pass pairs on banking sites, or paypal, or other ways, and if I can reversible encrypt the password, I can send them an email with their password, rather than changing it to something obscure and force them to change it again... Though at this point, I just decided to md5 the password and call it good enough. I'll just force them to change it if need be. Generally I simply create some hash from the password, using something akin to a MD5 or SHA1 hash of the password string. Or in my paranoid case I use the password string, plus all sorts of replicatable combinations of values such as length of password, username, registration date/time etc plus weird other fixed values I find around the place and environment variables etc, then I hash them.. A good idea; are you just careful then that you don't accidentally update the data without re-hasing your passwords? I am completely psychotic so don't mind me, when I was 15 I wrote my Perl driven website http://operation-scifi.com [still Perl driven member system and file-system based forum] and I had a real mangler function whereby I would extract each character of the password and hash it, then hash the hash with the other characters, plus the hash of them with said fixed values from server/user account details [age, location etc..] ... It was something in the vicinity of a O(6^n+1)th generation hash by the time I had finished where n is the length of the original password.. *laugh* Awesome! Maybe a bit overkill for password, but still very cool. Unfortunately that leaves things unreversable, and if someone got a hold of your data AND your code, they could reverse-engineer... It seems security is only as good as your weakest link -- obscure code, private key, etc... Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Pre-Include File -- Global Include Pre/Post by filename
Back in 2000 I remember there being a file that could be created in the include path that, if existed, would be called and executed before any other PHP script was executed. There was also a script that if named correctly and put in the include path, would execute AFTER the called script was executed. Was this depreciated, or does it still exist? I can't remember what to call it, and I can't seem to find the right page in the manual. Any help? Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Pre-Include File -- Global Include Pre/Post by filename
Dear Peter -- Had you waited two more minutes to post (after looking for only a paltry 47 minutes), you would have found the auto_prepend_file and auto_append_file php.ini configuration directives which do what you want. Though it is a little difficult to find them on the PHP site, and Google wasn't entirely helpful, they are there for you to enjoy. Beckman On Tue, 5 Apr 2005, Peter Beckman wrote: Back in 2000 I remember there being a file that could be created in the include path that, if existed, would be called and executed before any other PHP script was executed. There was also a script that if named correctly and put in the include path, would execute AFTER the called script was executed. Was this depreciated, or does it still exist? I can't remember what to call it, and I can't seem to find the right page in the manual. Any help? --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] oracle error ORA-12154
://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] PHP use in Federal Govt
I wrote an application in PHP that the Department of Housing and Urban Development uses for its Grant programs. PHP + MySQL They love it. On Fri, 16 Jul 2004, Galbreath, Mark A wrote: Alls, My division at State is trying to get PHP 5.0 approved for use by developers in the Department, and the Powers That Be are requesting evidence that other Federal agencies/military are using PHP, and the extent of it's use. Anybody have a clue about this? I sure would appreciate some help! tia, Mark -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Oracle Client Libraries for Linux
Folks -- I've been trying to figure out where the Oracle client libraries live, but I'm confused as hell. I've read the PHP-DB archives, and everyone keeps talking about installing the client libraries (libclntsh et al), and how that's all you need for Oracle 9i PHP support. Great -- but which options presented horribly by Oracle do I download? On this page: http://otn.oracle.com/software/products/oracle9i/index.html It lists: Oracle9i Release 2 (9.2.0.4) Oracle9i Database Release 2 Enterprise/Standard Edition for Linux x86-64 New (03-May-04) Oracle9i Database Release 2 Enterprise/Standard Edition for Linux New (26-Mar-04) Oracle9i Release 2 (9.2.0.2) Oracle9i Database Release 2 Enterprise/Standard/Personal/Client Edition for Windows XP 2003/Windows Server 2003 (64-bit) Oracle9i Database Release 2 Enterprise/Standard Edition for HP-UX/IA64 (v9.2.0.2) Oracle9i Database Release 2 Enterprise/Standard Edition for HP Alpha OpenVMS Oracle9i Database Release 2 Enterprise/Standard Edition for Linux/IA64, Release 2 (v9.2.0.2) Oracle9i Release 2 (9.2.0.1) Oracle9i Database Release 2 Enterprise/Standard/Personal/Client Edition for Windows Server 2003 (32-bit) Oracle9i Database Release 2 Enterprise/Standard/Personal Edition for Windows NT/2000/XP Oracle9i Database Release 2 Enterprise/Standard Edition for Sun SPARC Solaris (32-bit) Oracle9i Database Release 2 Enterprise Edition for Sun SPARC Solaris (64-bit) Oracle9i Database Release 2 Enterprise/Standard Edition for HP-UX Oracle9i Database Release 2 Enterprise/Standard Edition for Compaq Tru64 Oracle9i Database Release 2 Enterprise/Standard Edition for AIX Oracle9i Database Release 2 Enterprise/Standard Edition for AIX-Based 5L Systems Oracle9i Database Release 2 Enterprise Edition for Linux/390 Oracle9i Database Release 2 Client for Windows 98/NT/2000/XP Oracle9i Release 2 - Developer's Releases Oracle9i Database Release 2 for IBM Power based Linux New! [01-Dec-03] Oracle9i Developer Release 1 (9.2.0.3.0) for Linux / AMD64 Oracle9i Database Release 2 Enterprise Edition for Apple Mac OS X Version 10.2 Jaguar Oracle9i Release 1 (9.0.1) Oracle9i Release 1 (9.0.1) Enterprise Edition (all platforms) Oracle9i Personal Edition for Microsoft Windows 98 Oracle9i Release 1 - Developer's Releases Oracle9i Enterprise Edition for z/Linux, Release 1 - Developer's Release I'm running Linux RH Enterprise 3 on this server, and the Oracle box is remote. My original assumption is to download the second link, 9iR2 for Linux. However, this is 1.5GB worth of a download for three friggin drivers. What the hell? All of the clients are for Windows, Even the 9.0.1 release is 1.1GB. What do I need to download from Oracle to get the drivers for PHP? Please don't just say go to otn.oracle.com and download the client because I've been there and cannot for the life of me find it. I don't have the ability to display X Windows remotely, so whatever solution has got to be command line. I'm at my wits end! I've installed Instant Client, so I have the 10g libraries: /usr/lib/oracle/10.1.0.2/client/lib -- ll total 109664 drwxr-xr-x2 root root 4096 Jun 14 12:36 ./ drwxr-xr-x4 root root 4096 Jun 14 12:36 ../ -rw-r--r--2 root root 1417242 Feb 23 19:32 classes12.jar -rw-r--r--1 root root 1353 Feb 23 19:32 glogin.sql -rwxr-xr-x2 root root 13347415 Feb 23 19:32 libclntsh.so.10.1* -rw-r--r--2 root root 2838283 Feb 23 19:32 libnnz10.so -rw-r--r--2 root root 969980 Feb 23 19:32 libocci.so.10.1 -rwxr-xr-x2 root root 91345295 Feb 23 19:32 libociei.so* -rw-r--r--2 root root96117 Feb 23 19:32 libocijdbc10.so -rw-r--r--1 root root 759920 Feb 23 19:32 libsqlplus.so -rw-r--r--2 root root 1353081 Feb 23 19:32 ojdbc14.jar How do I get connected from a remote PHP+Apache box to Oracle9i on linux? Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] PDFLib
I LOVE FPDF. I don't know where I found it, but I can insert images, it wraps text -- it's pretty fantastic. Get it. Beckman On Mon, 5 Apr 2004, Nathan Mealey wrote: Has anyone had any experience extracting text from a fulltext field/column in a MySQL DB and, using the PDFLib library, converting it to a PDF on-the-fly? I can create the PDF, but it is taking all of the text (about 6300 characters) and putting it on just one line - which goes off of the viewable page (as you can imagine). If anyone has any ideas or experience with this, that'd be super. -- Nathan Mealey Director of Operations Cycle-Smart, Inc. P.O. Box 1482 Northampton, MA 01061-1482 [EMAIL PROTECTED] (413) 587-3133 (413) 210-7984 Mobile (512) 681-7043 Fax -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] MySQL - separating web and database servers
Change, in the /etc/hosts file, this:
localhost 209.10.33.12# new db server
Hopefully this will work. Haven't tested, just a suggestion. Probably
breaks a few other things, but at least mysql will work.
Beckman
On Thu, 18 Mar 2004, Operator wrote:
Hi everyone,
I need to put my database server on the another machine - how can I
configure system(Debian Linux)/php/mysql etc. to make it work without
changing all 'localhost' in a hundreds of customer's scripts?
The problem is, when localhost is specified as a host the connection is made
using unix socket, not TCP (is it possible to change this?). I tried to
export the socket from database server via NFS, but with no success:
(...)
munmap(0x2e1f2000, 4096) = 0
rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 8) = 0
socket(PF_UNIX, SOCK_STREAM, 0) = 3
fcntl64(3, F_GETFL) = 0x2 (flags O_RDWR)
connect(3, {sin_family=AF_UNIX, path=/var/run/mysqld/mysqld.sock},
110)
= -1 ECONNREFUSED (Connection refused)
shutdown(3, 2 /* send and receive */) = 0
close(3) = 0
(...)
Any ideas?
Regards
Piotr Babula
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] User Authentication
Try fixing your SQL:
$result = (select user_id, password FROM users WHERE username='$username'...
You forgot a comma between user_id and password.
On Fri, 27 Feb 2004, Craig Hoffman wrote:
// check if username
$result = (select user_id password FROM users WHERE
username='$username' AND password=md5('$password'));
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Paging large recordsets
On Fri, 13 Feb 2004, Karen Resplendo wrote: I guess the time has come that my boss wants Next, Previous, First, Last paging for our data displays of large recordsets or datasets. First, do a query to find out how many rows. select count(*) from table where (your where clauses for the query); That's your # of records. Then do: select count(*) from table where (your clauses) limit ($pagenum*$itemlimit)-$itemlimit), $itemlimit; so if your $itemlimit = 10 items per page, and you are on page 3, it would be ... limit 20, 10 page #1, limit 0,10 etc Also, how to deal with printing? I would assume that the ideal page size is not the ideal printed page size. oi vay! In IE 6, this works: br style='page-break-after:always;' Even if your text follows, IE will print a page break. Haven't researched how to do it in Mozilla or Netscape. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Paging large recordsets
On Fri, 13 Feb 2004, Paul Miller wrote: I have always heard it was bad to store that much data in a session array? Can someone clarify this for me? IMO It is bad to store lots of data in session variables. The $_REQUEST var for the post/get should be enough. URL: search.php?page=10 code: $conf['maxresultsperpage'] = 10; $ref = mysql_query(select count(*) as c from table where subject like '%foo%'); list($cnt) = mysql_fetch_array($ref); // will assoc work here? dunno, didn't test echo Displaying .($conf['maxresultsperpage']*$_REQUEST['page'])-9. through .($conf['maxresultsperpage']*$_REQUEST['page'])..; $ref = mysql_query(select subject, data from table where subject like '%foo%' limit .$conf['maxresultsperpage']., .($conf['maxresultsperpage']*$_REQUEST['page'])-10); // loop through array returned from mysql echo a href='url?page=.$_REQUEST['page']+1.'Next/a; I think. It might need some tweaking, but you get the idea (I hope). No need to store variables here. Beckman -Original Message- From: Robert Twitty [mailto:[EMAIL PROTECTED] Sent: Friday, February 13, 2004 12:34 PM To: Karen Resplendo Cc: [EMAIL PROTECTED] Subject: Re: [PHP-DB] Paging large recordsets Most of the PHP solutions I have seeen require the use of session variables. You could create an array containing only the unique identifiers of all the records, and then store it into a session variable. You would then use another session variable to retain the page size, and then include the page numbers in the Next, Prev, First, Last and Absolutr page links. Printing is probably best done with dynamically generated PDF instead of HTML. -- bob On Fri, 13 Feb 2004, Karen Resplendo wrote: I guess the time has come that my boss wants Next, Previous, First, Last paging for our data displays of large recordsets or datasets. Any good solutons out there already? I have pieces of a few examples. Also, how to deal with printing? I would assume that the ideal page size is not the ideal printed page size. oi vay! TIA - Do you Yahoo!? Yahoo! Finance: Get your refund fast by filing online -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Paging large recordsets
On Fri, 13 Feb 2004, Robert Twitty wrote: If you are not opearating in a stateless environment, then you could use a cursor. The web is a stateless environment, and therefore the record set needs to be cached either to disk or memeory. The other alternative is to rerun the query for each page request. Using disk space to store query results for the purpose of paging over the web is commonly done by search engines, and even some database engines use disk space for cursor implementation. I agree that using session variables for this purpose is not ideal, but what's the alternative in PHP? Storing only the identifiers instead of all the data significantly lessons the impact. I agree, it should be avoided if possible. If you are running it out of a DB, limiting the results to result 1-10 or 91-100 is pretty fast; caching results seems like more of a headache to me, and depending on how loaded your DB is, not worth the effort. If the query takes 3-5 seconds, then either your DB is configured wrong (no indexes), or your SQL is not written well, or you should consider some sort of DB query caching. Look to the manual for that. --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] newbie question
On Fri, 13 Feb 2004, t wrote: hi, i am relatively new to php and new to this email list. i have what i think are fairly simple questions about using mysql and php. i have done some research and can't seem to find the answer i need. # 1. i want to set the date format to display dates in a format other than the standard mysql -mm-dd format. i have tried using the mysql DATE_FORMAT but i can's seem to get it to work... ideally i'd like to display dates as 2 digit date followed by three letter month abbreviation and leave the year off completely... example: 13 feb Use date() Documentation: http://php.net/date # 2. i want to hide entries that are newer than the current date AND hide entries older than 365 days. Limit your SQL to ... where datenow() and datedate_sub(now(), interval 365 day) ... if date is in datetime format If in unixtime format, convert to unixtime for those functions ... where dateunix_timestamp() and date(unix_timestamp()-(365*86400)) ... Documentation: http://mysql.com/date_sub (should redirect to http://www.mysql.com/doc/en/Date_and_time_functions.html) --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Query or code?
I have this data: Table Log: appid userid points datetype Table Score: appid userid score I want to verify that the last entry in table log of type x is equal to the sum of the scores in table score for the same appid and userid. Can I do this in SQL easily? My problem is selecting the correct (most recent) row in log in which to match the score. Basically I want a report of AppID, TeamMemberID, log.points, score.score that shows where points != score; Thanks, Beckman --- Peter Beckman Director of Internet Initiatives North American Managementhttp://www.nambco.com/ 703.683.0292 x239[EMAIL PROTECTED] --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Query or code?
On Thu, 6 Nov 2003, John W. Holmes wrote: I'd still like an answer to this question. Why is there a need for a separate table with scores? The log is a snapshot in time -- what was the total points at the time of the log entry. The score table is always the accurate current score. Can it be done with a single query? I can do it brilliantly easily in code, but I like the challenge of doing it in SQL. Without knowing the exact table structure, maybe this'll work? mysql select s.applicationid, s.teammemberid, l.points, sum(s.score), date from score s, log l where s.applicationid = l.applicationid group by l.points order by l.date desc limit 1; +---+--++--+-+ | applicationid | teammemberid | points | sum(s.score) | date| +---+--++--+-+ | 19933 | 63 | 71 | 96 | 2003-08-14 17:43:22 | +---+--++--+-+ 1 row in set (0.00 sec) That works for 1 row, but I want 30+ unique appid's and teammemberid's with the most recent date points. Since some 2nd-to-last promotions occurred much later than the last promotion on others, ordering by date doesn't help either. Basically I need a report that says: When comparing the last Promotion log entry on table log, these are the applicationid and teammemberid combinations in which the sum of the items matching in the score table does not equal the points in the selected log entry. Peter --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] number_format problem
On Wed, 5 Nov 2003, Dillon, John wrote: I want to show a number from a database in the format x,xxx.00 in a textfield, then if it is changed by the user I want to post the value of the number to a decimal field. However, once you number_format the number it becomes a string, and numbers like 3,379.90 give a value of 3 when posted to the database, which is hinted at in the notes on number_format. I suppose I need a string to number function - can someone tell me what this might be called please? I use this: $x['funds'] = (int)preg_replace(/[\$,]/,,$x['funds']); where $x['funds'] contains something like $3,249,555.32, and the end result is an int of 3249555. I drop the cents... you want to keep 'em, change int to float. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] number_format problem
On Wed, 5 Nov 2003, Aleks @ USA.net wrote: Great answer... One question though, how would you convert it back to X,xxx.00 format?? number_format($variable,2); --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] PHP 4.0.6 Sessions Not Working...
Here's my test script:
?php
session_start();
echo session_id();
echo :.isset($HTTP_SESSION_VARS['user']);
print_r($HTTP_SESSION_VARS);
echo hr/Now: .$HTTP_SESSION_VARS['user'];
if (empty($HTTP_SESSION_VARS['user'])) {
$HTTP_SESSION_VARS['user'] = beckman;
} else {
$HTTP_SESSION_VARS['user'] = ;
}
echo hr/After: .$HTTP_SESSION_VARS['user'];
If sessions worked correctly, the user session variable would bounce back
and forth between the Now: and After: statements.
On a box running Apache/1.3.22 with PHP/4.0.6, sessions enabled, even the
session files are being created in /tmp, the sessions don't seem to get
saved, even though the session_id stays the same (the cookie is set on the
client).
/tmp is writable, and session files ARE being written to that directory;
however, no data is stored.
The box is run by Interland, and not using an upgraded version of PHP.
Is this a flaw in 4.0.6, or am I doing something wrong?
Beckman
---
PHP Version 4.0.6
session.use_trans_sid 1 1
Session Support enabled
Directive Local Value Master Value
session.auto_start
Off Off
session.cache_expire
180 180
session.cache_limiter
nocache nocache
session.cookie_domain
soberrecovery.com soberrecovery.com
session.cookie_lifetime
0 0
session.cookie_path
/ /
session.cookie_secure
Off Off
session.entropy_file
no valueno value
session.entropy_length
0 0
session.gc_maxlifetime
14401440
session.gc_probability
0.010.01
session.name
PHPSESSID PHPSESSID
session.referer_check
no valueno value
session.save_handler
files files
session.save_path
/tmp/tmp
session.serialize_handler
php php
session.use_cookies
On On
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] redirect
Wrong list to ask on -- you are looking for an Apache mailing list. http://apache.org/ read the manual page on mod_rewrite On Mon, 27 Oct 2003, Dan Liu wrote: Hi all, Has anyone used 'Module mod_rewrite URL Rewriting Engine'? I need to do a redirect from http://url1/cgi-bin/mapserv?map=/dir1/county.map to http://url2/cgi-bin/mapserv?map=/dir2/county.map But it is not working. Does somebody know why? Thanks in Advance. Dan -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Best way to show multiple pages reports from database
On Thu, 16 Oct 2003, Dejan Milenkovic wrote:
I'm not fammiliar with internal MySQL architecture and exactly how things
work but I was wondering what is the most effcient way of spliting reports
over multiple pages. Is there a preformance difference between these two
codes, specialy if there are some complex conditions and joins that should
be done to get result.
$page=1; // this is set via GET or POST
$items_per_page=10;
$sql=SELECT COUNT(*) FROM table;
$result=mysql_query($sql)
$number_of_items=mysql_numrows($result);
$start=($page-1)*$items_per_page;
$sql=SELECT * FROM table LIMIT $start, $items_per_page;
$result=mysql_query($sql)
while ($row=mysql_fetch_assoc($result)) {
// here goes output
}
The above is better. MySQL doesn't return 4,000 pages to PHP, just the 10
you ask for. Faster, cleaner, better. Select count(*) from table is
super-fast, so almost no overhead there.
$page=1; // this is set via GET or POST
$items_per_page=10;
$sql=SELECT * FROM table;
$result=mysql_query($sql)
$number_of_items=mysql_numrows($result);
$start=($page-1)*$items_per_page;
mysql_data_seek($result, $start);
for ($i=0; $i$items_per_page; $i++) {
$row=mysql_fetch_assoc($result)
// here goes output
}
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Using two colomns of mysql data as key/value pairs in arrays
On Mon, 20 Oct 2003, Jon Kriek wrote:
Easier is not always right or good script-logic
Would it be easier for you to type:
mysql_fetch_array($result, MYSQL_ASSOC) {
OK, can we clear this up once and for all?
mysql_fetch_assoc(): 3.7182140350342 seconds [18880 rows]
mysql_fetch_array(): 5.769602060318 seconds [18880 rows]
Same data set in both cases. While there isn't MUCH difference, using
assoc gives one a 30% increase in speed in my rudimentary test over array.
Mysql_fetch_assoc() is faster -- use it. I've learned something.
The code:
$sql = select * from tblApplications;
list($l,$r) = split( ,microtime());
$start = $l + $r;
$r = mysql_query($sql);
$num = mysql_num_rows($r);
while( $row = mysql_fetch_assoc($r) ) {
// echo ;
}
list($l, $r) = explode( ,microtime());
$diff = ((float)$l + (float)$r) - (float)$start;
echo hr/fetch_assoc(): $diff seconds [$num rows]($r.$l : $start)hr/;
list($l,$r) = explode( ,microtime());
$start = ((float)$l + (float)$r);
$r = mysql_query($sql);
$num = mysql_num_rows($r);
while( $row = mysql_fetch_array($r) ) {
// echo ;
}
list($l, $r) = explode( ,microtime());
$diff = ((float)$l + (float)$r) - (float)$start;
echo hr/fetch_array(): $diff seconds [$num rows]($r.$l : $start)hr/;
Beckman
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: [PHP] $_POST in MySQL query issue...
On Thu, 16 Oct 2003, Jon Kriek wrote:
I concur, assign the superglobal array to a variable ...
$Name = strip_slashes($_POST['elementName']);
$sql=INSERT INTO $table SET Name='$Name'];
... and then use that opportunity to run additional checks on the content.
Again, waste of variable space, and makes what you are doing less
readable. You also don't want to strip slashes most likely. If you have
magic_quotes turned on, PHP will automatically backslash any escaped
characters (', /, some others), so you don't need to use addslashes on
that variable. If it is not turned on, you will need to addslashes on
your post variable.
magic_quotes turned on
You don't know me! = $_POST['elementName'] == You don\'t know \me\!
Turned off
You don't know me! = $_POST['elementName'] == You don't know me!
If you don't addslashes when magic_quotes are turned off, your select will
fail, as the string will end at the first set of quotes (just after know
).
Beckman
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] $_POST in MySQL query issue...
On Thu, 16 Oct 2003, Adam Reiswig wrote: $sql=insert into $table set Name = '$_POST[elementName]'; Unfortunately this and every other combination I can think of, combinations of quotes that is, does not work. I believe the source of the problem is the quotes within quotes within quotes. I also tried: $sql='insert into $table set Name = '.$_POST[elementName]; or $sql=insert into $table set Name = .$_POST['elementName']; You need to quote the Name. $sql = 'insert into '.$table.' set Name = '.addslashes($_POST['elementName']).''; You've done everything here that you need, no extra variables, no nothing. Register_Globals is bad -- if you can avoid using it, do so. Performance-wise, it is better to use single quotes and concat the variables outside of the quoted line. Better performance, less problems with variables not being expanded correctly. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: [PHP] $_POST in MySQL query issue...
On Fri, 17 Oct 2003, BAO RuiXian wrote: I see you can achieve this by two ways: 1. Take out all the inside quotes (single or double) like the following: $sql=insert into $table set Name = $_POST[elementName]; This is bad. Using no quotes MAY work, but it is considered a BARE WORD and not an actual string. $sql='insert into '.$table.' set Name = '.addslashes($_POST['elementName']).''; is the (more) correct way to do this. 2. Use a temporary variable for $_POST[elementName], like $elementName = $_POST[elementName], then continute use your original SQL sentence when the register_globals was on. Waste (albeit very minor) of variable space. Concat them. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Round a number
On Fri, 3 Oct 2003, Shaun wrote:
I have a query that returns a number from culculation in my table. It
returns say 4.00, 8.75, 0.00, 12.50 etc. How can I get MySQL to return the
number without any zeros, i.e. 4, 8.75, 0, 12.5 etc?
You can't in MySQL. At least not that I could figure out.
In PHP you could write code to do it.
$float = 4.00;
$text = (string)$float;
if (preg_match(/\d+\.0+$/, $text)) {
list($final) = (int)split(\., $text);
} elseif {
... blah blah blah
}
code is untested, I may have written it wrong.
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] mysql field not resolving comaparison condition for zip code locator
On Tue, 23 Sep 2003, AdminHMO wrote: I am having trouble implementing a zip code locator program. All of the functions work correctly but the $sql variable. Try putting the SQL in quotes: $sql = SELECT City FROM ZIPCodes WHERE Latitude = 122.02671343318 AND Latitude = 121.96888656682 AND Longitude = 37.617091284671 AND Longitude = 37.508048715329; The problem occurs by using the latitude argument as a comparison. The first latitude argument works but when the second latitude argument is added the query returns no data. Here is an example of the $sql variable being used. $sql=SELECT City FROM ZIPCodes WHERE Latitude = 122.02671343318 AND Latitude = 121.96888656682 AND Longitude = 37.617091284671 AND Longitude = 37.508048715329; This is the format recommended by the zip code locator develper for the sql argument. There must be some logical way to present this to the mysql database that will perform the latitude and longitude comparison and retun the proper results. A suggestion was making sure that the field is a numberic string type. I used Float, Decmial, Double and CHAR the result was the same. Please help! --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Category Listing
On Sun, 21 Sep 2003, Paul B. [pbcomm, aka WPD] wrote: Hi, i'm working on the site that involves a lot ot categories and subs there of ... The way i have things now is that the structure goes one sub deep ... Ex: PHP - Database PHP - Books in the DB it looks like: id 1 name PHP parent 0 id 2 name Database parent 1 this way its easy to show dinamicaly where the user is (PHP: Database) by prividing index.php?dir=1sub=1. What i want to do, is go 3 or 4 subs deep. I just wanted to get an idea on the best posible way of doing this. index.php?dir=2 Then select * from DB where id=2 that gives you 2 Database1 If parentid!=0 select * from DB where id=parentid (1 in this case) push $name onto an array (database is now array index 0) Then you'll have 1 PHP 0 Know you know you are at the top. push $name onto an array (PHP is now array index 1) Now just pop them off the array (PHP - Database - end of array) Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] MySQL: How to properly extract fields from retrieved single record ???
On Mon, 22 Sep 2003, -{ Rene Brehmer }- wrote:
$result = mysql_query($query);
replace with:
$result = mysql_query($query) or die(MySQL Error: .mysql_error().\nbr/SQL:
.$query);
If the query fails, you will see why the query failed, and be able to view
the query itself. Maybe $_POST['edit'] isn't set. Maybe you have a
problem in your SQL. Maybe the DB you are connecting to doesn't exist. I
would check your connection as well.
Beckman
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Count down
On Mon, 22 Sep 2003, Frank McIsaac wrote: Hi all. I was wanting to make a page that takes a set date and counts down to zero displaying days, minutes, and seconds. Basically, I want it to count down from the current date and time until a future date and time is reached (ie. Sept. 30th is x days, y minutes, and z seconds away from right now). Is this possible? If so, how. Thanks for the help. $futuretime = strtotime(9/30/2003 12:00:00); $difftime = $futuretime - time(); $days = (int)($difftime/86400); $leftover = $difftime%86400; $minutes = (int)($leftover/1440); $leftover = $leftover%1440; $seconds = $leftover; printf(Future Time is %d day%s, %d minute%s, and %d second%s away from now., $days, $days==1?:s, $minutes, $minutes==1?:s, $seconds, $seconds==1?:s); Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ - PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Count down
On Mon, 22 Sep 2003, Peter Beckman wrote: On Mon, 22 Sep 2003, Frank McIsaac wrote: Hi all. I was wanting to make a page that takes a set date and counts down to zero displaying days, minutes, and seconds. Basically, I want it to count down from the current date and time until a future date and time is reached (ie. Sept. 30th is x days, y minutes, and z seconds away from right now). Is this possible? If so, how. Thanks for the help. $futuretime = strtotime(9/30/2003 12:00:00); $difftime = $futuretime - time(); $days = (int)($difftime/86400); $leftover = $difftime%86400; $minutes = (int)($leftover/1440); $leftover = $leftover%1440; Whoops. Change 1440 to 60 in the above two lines. $seconds = $leftover; printf(Future Time is %d day%s, %d minute%s, and %d second%s away from now., $days, $days==1?:s, $minutes, $minutes==1?:s, $seconds, $seconds==1?:s); Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] MySQL depreciated mysql_list_* commands: Replacements?
So PHP is saying mysql_list_tables is depreciated. I replaced it with mysql_query(SHOW TABLES FROM DB) and everything is fine. Then mysql_list_fields didn't work right. So I submitted a bug (http://bugs.php.net/bug.php?id=25460) about it, and they said IT TOO was depreciated, which is fine. But I haven't figured out how to replace mysql_list_fields with a nice simple SQL command, since a bunch of code relies on mysql_list_fields to return a nice $result (ie Resource #37) to use with mysql_field_flags, mysql_field_name, etc. Anyone got any ideas on how to do that without replacing mysql_field_flags et al? Or do I have to rewrite the code entirely to use SHOW FIELDS FROM DB.TABLE and rewrite my own _field_ functions? Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] MySQL depreciated mysql_list_* commands: Replacements?
On Wed, 10 Sep 2003, Micah Stevens wrote:
describe TBL;
explain TBL;
show columns from TBL;
Yes, they do give the correct information.
However, my question was is there a nice simple SQL command that will
return exactly what mysql_list_fields (now depreciated) so that the
$result can be used with the mysql_field_* functions.
All of the above commands give the exact same data in the same format, all
of which are incompatible with the mysql_field_* functions.
$fld_results = mysql_query(show fields from .$db...$tbl) or
die(mysql_error().'PMA_mysql_list_fields(' . $db . ', ' . $tbl . ')');
$fld_results_cnt = ($fld_results) ? mysql_num_fields($fld_results) : 0;
for ($j = 0; $j $fld_results_cnt; $j++) {
echo mysql_field_name($fld_results, $j) . br/;
}
Returns:
Field
Type
Null
Key
Default
Extra
instead of what I was expecting.
On Wed September 10 2003 12:08 pm, Peter Beckman wrote:
So PHP is saying mysql_list_tables is depreciated. I replaced it with
mysql_query(SHOW TABLES FROM DB) and everything is fine.
Then mysql_list_fields didn't work right. So I submitted a bug
(http://bugs.php.net/bug.php?id=25460) about it, and they said IT TOO was
depreciated, which is fine. But I haven't figured out how to replace
mysql_list_fields with a nice simple SQL command, since a bunch of code
relies on mysql_list_fields to return a nice $result (ie Resource #37) to
use with mysql_field_flags, mysql_field_name, etc.
Anyone got any ideas on how to do that without replacing mysql_field_flags
et al? Or do I have to rewrite the code entirely to use SHOW FIELDS FROM
DB.TABLE and rewrite my own _field_ functions?
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: MySQL depreciated mysql_list_* commands: Replacements?
On Wed, 10 Sep 2003, Peter Beckman wrote: Then mysql_list_fields didn't work right. So I submitted a bug (http://bugs.php.net/bug.php?id=25460) about it, and they said IT TOO was depreciated, which is fine. But I haven't figured out how to replace mysql_list_fields with a nice simple SQL command, since a bunch of code relies on mysql_list_fields to return a nice $result (ie Resource #37) to use with mysql_field_flags, mysql_field_name, etc. Figured it out: replace: $result = mysql_list_fields($db, $table [, $link]) with: $result = mysql_query(SELECT * FROM .$db...$table. LIMIT 1 [, $link]) Works with mysql_field_* functions (at least it seems to) correctly. Since mysql_list_fields is now depreciated, you might want to check your code out soon/now to make sure you don't get screwed when the PHP team takes mysql_list_fields out of PHP entirely. Don't you love it when you figure out your own question? Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] MySQL, PHP or ghost?
Seems that either I don't understand mysql, or something. My table, with the non-important things removed... mysql explain plate; +-+---+--+-+-++ | Field | Type | Null | Key | Default | Extra | +-+---+--+-+-++ | pid | mediumint(8) unsigned | | PRI | NULL| auto_increment | | year| year(4) | YES | | NULL| | [...] So my assumption is that if I insert with year= it should use the default. Or at least . mysql update plate set year=NULL where pid=65; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql select * from plate where pid=65; +-+-+--+- | pid | plate | year | +-+-+--+- | 65 | DVF0343 | NULL | +-+-+--+- But if I do this: mysql update plate set year= where pid=65; Query OK, 1 row affected (0.01 sec) Rows matched: 1 Changed: 1 Warnings: 1 mysql select * from plate where pid=65; +-+-+--+- | pid | plate | year | +-+-+--+- | 65 | DVF0343 | 2000 | +-+-+--+- 2000? What? Why? Confused. PHP or Mysql fault? Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] MySQL, PHP or ghost?
On Wed, 27 Aug 2003, Ignatius Reilly wrote: Read the MySQL manual. Hmmm, I thought I did. 6.2.2.4: Illegal YEAR values are converted to . 0 value is interpreted as 2000. Your empty string is converted to an integer, thus 0. What confuses me (what I can't find) is why a quoted empty string is converted to a quoted integer 0 for a YEAR type. Based on the manual, I assumed an empty string is considered an Illegal YEAR and thus converted to . The empty string is NOT converted to an UNQUOTED digit 0, because otherwise the field would be set to (the intended and expected action). You must specify it as a string '0' or '00' or it will be interpreted as . Can you point me to the correct portion of the manual that explains that? What you explain sounds like MySQL is working as designed, but I'm a bit embarrassed that I missed that in the manual, so I want to read up on it. Seems a bit obscure; I've been using mysql for 4+ years and have never came across this. Thanks, Beckman - Original Message - From: Peter Beckman [EMAIL PROTECTED] Seems that either I don't understand mysql, or something. My table, with the non-important things removed... mysql explain plate; +-+---+--+-+-+-- --+ | Field | Type | Null | Key | Default | Extra | +-+---+--+-+-+-- --+ | pid | mediumint(8) unsigned | | PRI | NULL| auto_increment | | year| year(4) | YES | | NULL| | [...] So my assumption is that if I insert with year= it should use the default. Or at least . mysql update plate set year=NULL where pid=65; Query OK, 1 row affected (0.00 sec) Rows matched: 1 Changed: 1 Warnings: 0 mysql select * from plate where pid=65; +-+-+--+- | pid | plate | year | +-+-+--+- | 65 | DVF0343 | NULL | +-+-+--+- But if I do this: mysql update plate set year= where pid=65; Query OK, 1 row affected (0.01 sec) Rows matched: 1 Changed: 1 Warnings: 1 mysql select * from plate where pid=65; +-+-+--+- | pid | plate | year | +-+-+--+- | 65 | DVF0343 | 2000 | +-+-+--+- 2000? What? Why? Confused. PHP or Mysql fault? --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] MySQL, PHP or ghost?
On Wed, 27 Aug 2003, David T-G wrote: Looks like it, though I admit that the manual doesn't adequately explain your results. Check out section 6.2.2.4 for details. I did; see my previous (moments ago) email on my read on that manual section. % So my assumption is that if I insert with year= it should use the % default. Or at least . That makes sense. And so what is the default? Looks like it is, for some reason, 2000. [This isn't a TIMESTAMP field, so we don't necessarily expect it to be this year.] The default at the time was . After I saw the problem I changed it to the below, but that didn't solve the problem: | year| year(4) | YES | | NULL| Before the change it was: | year| year(4) | NO | | | Looks like it's standard mysql behavior: But that's what I'm questioning. Should it be that way? If so, the manual page for YEAR should be altered. If it shouldn't work that way, it should be submitted as a bug. Note that I sometimes get warnings and sometimes don't. I haven't dug into them, though. Hmmm. Unfortunately I can't use show warnings to show the warnings since I don't have 4.1.0, I have 3.23.49. I can't find the manual on the MySQL site for 3.23.49, just 4.1.1. I've checked the .err file in my /var/db/mysql directory but no avail on the warning. Obviously I shouldn't be using year=, and I've since stopped. However, I do want to learn what is going on and why when given an empty quoted string MySQL translates that to 2000 versus the default value (if not null, ; if null, NULL). Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] MySQL, PHP or ghost?
On Wed, 27 Aug 2003, Ruprecht Helms wrote: you have chosen a wrong format. The format for year is . With string the field years don't know what to do. Right -- and if it doesn't know what to do, why would it insert a value that isn't correct and not give me an error? It does give a warning, but I haven't figured out how to view the warnings (or detect them) in PHP, much less in MySQL. Thanks to all who responded -- I wanted to make sure it was a MySQL thing rather than a PHP thing before I posted on the MySQL lists. Beckman --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] AGONIZING Mysql Select DB issue.
If you are doing this: $dbh = mysql_connect(db1, blah blah blah); $dbh2 = mysql_connect(db2, blah blah blah); Then $r = mysql_query(select * from mytable); will use the db2 connection, because it is the most recent. However, if you do this: $r = mysql_query(select * from mytable, $dbh); it will use the first connection, as specified in the handle that is passed back by mysql_connect. mysql_query uses the most recent connection by default; you can override this action by specifying which DB handle to use for a given query. Replace $dbh with $dbh2 to select from tables on the second database. Peter On Fri, 15 Aug 2003, Thomas Deliduka wrote: Here's the stats: Two servers: Server 1, Mysql 4.0.12, PHP 4.3.2, apache 1.3.27 Server 2, Mysql 4.0.14, PHP 4.3.2, apache 1.3.27 --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] PHP errors - strange variables causing form corruption?
I just played with it for a few minutes. It worked fine for me, no problems. Keyed in 5d6-3 k2 and it kept rolling and not resetting. Are you using IE or some other browser? It could be a browser problem. Or you've fixed it since you've posted. On Wed, 30 Jul 2003, Peter Westergaard wrote: I cobbled together a really quick and dirty PHP to run a dice-rolling simulator. Sometimes, it works great. Other times, it gets into some weird state, when strange extra characters are injected into variable values and/or variable NAMES even! You can see an uploaded version at http://www.westergaard.ca/dierolling. php - if you key in something like 30d100+40 k20 (by which I mean roll 30 100-sided dice, keep the best 20, and add 40 to the resulting sum), then click roll a few times, you'll probably notice that at some point, the string +/- in the help text disappears. The next time you click Roll the system will stop giving roll results, will reset to rolling 3d6, and will ignore input. I've struggled with this till I'm red in the face. I'm stumped. Please, Help! :) I've also uploaded the source at http://www.westergaard.ca/dierolling. phpsrc The webserver at westergaard.ca is Linux, but I've also tested this on a Win2000 IIS webserver, and have the exact same results. If anyone has any clue what is going on, I'd really appreciate a suggestion. Thanks! Peter Westergaard [EMAIL PROTECTED] ### ICQ#: 10294457 http://www.westergaard.ca/ ### http://courtly.livejournal.com -- 'Our response to being bored and rich is not to discard our possessions and live more simply, but to buy more stuff to reduce the space in which we might contemplate our shame.' - Stuart Jeffries Robots without a cause === EASY and FREE access to your email anywhere: http://Mailreader.com/ === -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Function Name available within function?
Is there some sort of master variable which will tell you which function you are currently in? Like __FUNCTION__ like there is for __FILE__ and __LINE__... Something like that. Even a function that does that? I am writing a program in which several functions refer back to themselves by name, and it'd be nice to be able to do it dynamically. If I change a function name, then I have to change (currently) the string that contains the function name within that function. Peter --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Hackers?
by e-mail, and delete the original message. *** --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Tricky Database Question
What about a 5th table which stores metadata: table metadata: mdidmediumint unsigned not null auto_increment table varchar(15) not null xid mediumint unsigned not null name varchar(25) not null valvarchar(25) not null The table will have all the metadata you need for any table you create. If you want to add a Cell Phone # to an Owner: insert into metadata (table,xid,name,val) values (Owner, 35, Cell Phone #, 212-555-1212) Now when you want to see all the metadata for a given owner, let's say you (Sam) are Owner ID 35. Just show all the data you are sure almost all owners will have (home phone, address, email, etc), then do a select from metadata where table=Owner and xid=35. Do that for Breed or Species and you have an unlimited but space-conscious way to store that data. Peter On Fri, 18 Jul 2003, Sam Richardson wrote: I'm developing an application that is going to deal with information about different animals, and breeds of those animals. So far it is quite straight forward, I've created four tables, [Species] (containing a ID and name) [Breed] (also containing an ID, Name and relative link to the Species) [Owner] (ID, basic details about the owner such as name etc) [Animal] (An ID and a relative link to the owner and breed) People searching for horses/appoloosa's (species and breed) will be concerned with how tall they are, however someone who is searching for information about horses/quarterhorses will not be concerned with it's height but how fast it can run a quarter mile. The quarter mile may or may not apply to the appoloosa. Administrators using the application will have to be able to create attributes for the breeds on the fly, they will be based on a few various types of data. e.g. shorttext (for names, this will be stored as a varchar) longtext (for descriptions, stored as text) numeric (stored as an int) bullet lists check boxes drop lists etc These attributes will need to be given names and be assigned to breeds. The end users will fill these out when they add new horses to the database. My question is: How do I store the data from the attributes? Because each attribute will need to store it in a different way, do I create a table for each type of attribute? (Varchar, text, int etc), do I create a table for each individual attribute (Names, Heights etc) or do I somehow store all the data in one table (text for all the entries, although I may be storing short numbers, short descriptions, large amounts of text and abstracted radio buttons). The development platform is PHP with either MySQL or Postgres as needed. -- Sam Richardson - Web Developer, Outwide Limited DDI: +64 4 381-6841 [EMAIL PROTECTED] Tel: +64 4 381-6820, Fax: +64 4 381-6821 www.outwide.com Level 6, 61-63 Taranaki Street, Wellington, New Zealand Warning: Confidential information may be contained in this message and any associated attachments. If you are not the intended recipient, you must not copy, send on or retain this message. Please delete it and notify the sender by reply email, thank you. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] [php] printing query output to a printen and or file
CSS is your only option; not sure yet if the page break option in CSS
actually works or not.
Use px widths (table class='wide'; wide class is wide { width:500px; }) and
such.
Peter
On Mon, 14 Jul 2003, Snijders, Mark wrote:
hello
i'm busy with generating some overviews out of a mysql database (with php)
this are aroudn 8 different overviews and query's.
and the output to the screen is very nice.
but now i'm also want to give the visiter the option to send the output to a
printer of file.
but how do I manage that? and can you also add some options for the 'format'
to be different when printing or viewing it on the screen?
Kind regards,
mark
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] AAAAGGGGHHH!!! Help!!
I think: change id to visitor_id If it still doesn't work, make sure date_sub and created are of the same type -- created must be in -mm-dd hh:mm:ss format (datetime type) in order for that to work; the might even fail (can't remember). why not do ... where unix_timestamp(visitors.created)unix_timestamp(date_sub(NOW(), INTERVAL 1 HOUR)) and ... Peter; it's friday, I can't remember things On Fri, 11 Jul 2003, Mike Mannakee wrote: I am running a query in mysql : SELECT DISTINCT (id) AS visitor_id, MAX(date_time) AS last, MIN(date_time) AS first, UNIX_TIMESTAMP( MAX(date_time)) - UNIX_TIMESTAMP( MIN(date_time)) AS diff FROM visitors, pixeldata_ WHERE visitors.created DATE_SUB( CURRENT_DATE, INTERVAL 1 HOUR ) AND id = pixeldata_.remote GROUP BY visitors.id The idea behind the WHERE clause is to only get results from the last hour. I have used this construct successfully in dozens of other queries. However, the results here are giving me every single visitor in the table. Regardless of when created. In other words that part of the WHERE clause is not working. Does anybody see any problem in the sql that I'm not seeing?? This is driving me nuts. Mike -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: Efficiency question
Since this is the PHP DB list, I can tell you this -- you would be better off performance-wise replacing the * in select * from and replacing it with a list of the columns (even if it is all of them) than you would putting all of that on one line. $r = rand(0,7)*-1; $s = abs($r); is as fast as (maybe a few CPU cycles, but when you're talking 2GHz processor, eh) $s = abs(rand(0,7)*-1); The second is probably more elegant, but then again, you still have to check to see what $data contains -- the DB might not have returned a row (for some unknown reason). Optimize DB calls before compacting variables. I'm all about writing compact optimized code, but your DB calls and DB layout (indexes and queries mostly, but also table design) cost the most performance-wise and you're better off spending time getting them better. I highly recommend: http://www.mysql.com/documentation/mysql/bychapter/manual_MySQL_Optimisation.html#Estimating_performance Peter On Thu, 26 Jun 2003, Hugh Bothwell wrote: Micah Stevens [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] $data = mysql_fetch_assoc(mysql_query(select * from some_table limit 1)); would be faster than: $pointer = mysql_query(select * from some_table limit 1); $data = mysql_fetch_assoc($pointer); but I'm not sure, php may optimize this. Anyone know the answer? It will be faster by one store and one fetch... the database query probably takes 1000 times as long. I don't think the difference is worth the time you'd take to change it. -- Hugh Bothwell [EMAIL PROTECTED] Kingston ON Canada v3.1 GCS/E/AT d- s+: a- C+++ L+$ P+ E- W+++$ N++ K? w++ M PS+ PE++ Y+ PGP+ t-- 5++ !X R+ tv b DI+++ D-(++) G+ e(++) h-- r- y+ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] md5 question!
md5 returns a 32 char hexdec string. I'm not sure where you get an 11
char alpha string from md5...
Since the MD5 is 32 chars in length, with 36 possibilities for each char,
that leaves us with 36^32, or 63340286662973277706162286946811886609896461828096
or 63,340,286,662,973,276,904,018,768,749,012,366,609,829,142,200,320 after
using number_format. What is that? A little more than the billions of
possibilities you suggest would exist... Hmmm, that's 63 quindecillion, or
like 63 * 10^48. Ouch. I think even with 3+ Ghz processors you might have
to wait a few years. Months? Maybe distributed, but doubtful. Given that
it took 4 years to go through 15,769,938,165,961,326,592 keys (out of a
possible 18,446,744,073,709,551,616) to break 64
bit RSA encryption. Thats 18 * 10^18 total possible keys. That's a lot
less than 63 * 10^48 and it took 4 years and 331,000 computers.
http://www.pcw.co.uk/News/1135452
From the PHP manual:
http://php.net/md5
Calculates the MD5 hash of str using the RSA Data Security, Inc. MD5
Message-Digest Algorithm, and returns that hash. The hash is a 32-character
hexadecimal number. If the optional raw_output is set to TRUE, then the md5
digest is instead returned in raw binary format with a length of 16.
Beckman
On Tue, 24 Jun 2003 [EMAIL PROTECTED] wrote:
Just use brute force...
Example:
md5('password') will ALWAYS produce the same output!
So, if I intercept a pmd5 encrypted password that looks like: SKHGDOIUYFB
then I could just say:
if (strcmp (md5('password'), SKHGDOIUYFB) == 0)
printf(Your password is: %s\n, password);
So, just start a loop going through all possible combinations od legal password
character and encrypt with md5, then compare.
Hard? Not at all, Time consuming, perhaps, but with 3+ Ghz processors coming
out you'd be surprised how quickly one could loop through billlions of possible
password combinations. Enter distributed environments and it is much fatser.
The key is not to rely on passwords but to rely on other system security
messures, use SSL, so it is hard to intercept in the first place, make sure
your system is secure so these passwords cannot be extracted from your DB
without you knowing about it, etc...
Marco,
Thanks, that's what I originally thought that it was
one way. So websites that have the option to retrieve
password don't use md5?
I guess technically there MUST be a way to break the
barrier where you can reverse it. If there is a way
to make it there is always a way to break it, somehow.
But what I have heard and read it's very tight
and probably the best method to handle passwords for
now, until something new is released. Which will
happen when md5 is broken, like everything else after
a little bit of time.
Jerry
--- Marco Tabini [EMAIL PROTECTED] wrote: Hi
Jerry--
No, md5 is a one-way hash. That's why it's so
safe--because if someone
steals the information he still can't tell what the
passwords are.
You may want to reset the passwords upon your users'
request and send it
to them via e-mail instead.
Cheers,
Marco
--
php|architect -- The Magazine for PHP Professionals
Come try us out at http://www.phparch.com and get a
free trial issue
On Tue, 2003-06-24 at 08:35, JeRRy wrote:
Hi,
If I use md5 to handle passwords to my database is
there a way to reverse the action if someone
forgets
their password? Is there a way for me to decode
the
32bit to plain text?
Jerry
http://mobile.yahoo.com.au - Yahoo! Mobile
- Check compose your email via SMS on your
Telstra or Vodafone mobile.
--
Marco Tabini
President
Marco Tabini Associates, Inc.
28 Bombay Avenue
Toronto, ON M3H 1B7
Canada
Phone: (416) 630-6202
Fax: (416) 630-5057
Web: http://www.tabini.ca
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
http://mobile.yahoo.com.au - Yahoo! Mobile
- Check compose your email via SMS on your Telstra or Vodafone mobile.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] md5 question!
http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php http://mobile.yahoo.com.au - Yahoo! Mobile - Check compose your email via SMS on your Telstra or Vodafone mobile. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] md5 question!
Most sites save/allow an 8 character password. Allowing alphanumerics and underscore, period and pound (_, ., #), that is 39^8, or 5,352,009,260,481 or about 5 trillion possible passwords. If you allow more than 8 characters, that number increases. On Tue, 24 Jun 2003, Marco Tabini wrote: On Tue, 2003-06-24 at 09:36, JeRRy wrote: Hi, Hmmm okay... So if the passowrd was. [snip] There are ways to avoid this. Typically, you can add a random token (or a salt) to the password before you calculate its checksum. This way, two users with the same password will have two different hashes. However, a brute-force approach as the one suggested is *not* quite as simple and powerful as it looks. assuming that there are even just 62 valid characters for the password (uppercase+lowercase+digits) to go over passwords as short as five characters you'd have to do 380,204,032 iterations. Add one more digit and you're already up to 19,770,609,664. Sure, these are not insurmountable numbers, but they quickly add up with more and more characters (and I'm not even counting all the possibilities when it comes to making this more secure). Mt. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] md5 question!
md5 is also a one-way encryption. crypt also provides 300*10^21 possible
values, whereas md5 provides a possible 63*10^48, or
63000 * 10^21 possible values. A little bit better
security I'd say. Crypt is fine, md5 is better (a lot better by the
numbers).
The salt doesn't matter -- it is part of the password.
The first iteration, the salt is 8m. The next one is v9. The first two
chars are the salt used, so the salt really doesn't make things more
secure. If you are storing the crypt value, you have to first select the
value from your DB, get the first two chars (8m for this example) and do
crypt($form['password'], 8m)
in order to get 8m7UxPXfRw7/2 from crypt.
With md5 you just say md5($form['password']) and send it to your select
statement and see what happens.
To answer your question, md5 is easier and more secure; however, your
system is only as secure as your password, and if your password is
password (one of the most popular passwords in the world) md5 nor crypt
nor the best encryption will help you.
Peter
On Tue, 24 Jun 2003, Hutchins, Richard wrote:
I already admitted that this stuff was mostly over my head. However, I
started messing around with it a bit and would like to know if the crypt()
function would help Jerry out?
I tried md5('password') twice in a row and it did return:
5f4dcc3b5aa765d61d8327deb882cf99
5f4dcc3b5aa765d61d8327deb882cf99
Then I tried crypt('password') in a 10-step loop and got this:
8m7UxPXfRw7/2
v9iuCQikPaf7w
MwV8vcCiqrRbM
lpf02L./2VtiU
KRkddkPGedm2.
LDMEpQwJgY.Mo
2HW51zTN93I9Y
hyONnFjRN/9bM
W9NKVzVgJ9kLM
nNany7wy2drdQ
The code for all of the above if anybody is interested:
?php
echo md5('password')./br;
echo md5('password')./br/br;
echo CRYPT with password/br;
for($i=0;$i10;$i++){
echo crypt('password')./br;
}
}
?
PHP.NET states that there is no decrypt function since crypt() is a one-way
encryption. And given that, by default, it uses a random salt generated by
PHP, why is this not as secure as an MD5 encrypted password? Of course, all
of this is based on the supposition that the database is properly secured.
I am, by no means, arguing with any of the advice already offered regarding
the MD5 question. However, If what you're looking for is a different
encryption result for the same password, crypt() seems to do it.
Can somebody explain if this is less secure or less-preferable than MD5?
Even if one were able to decipher the algorithm PHP uses for a crypt()
operation, the salt is supposedly random so having the encryption algorithm
would not be all that useful.
Am I totally missing something here?
Rich
-Original Message-
From: Matt Schroebel [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 24, 2003 9:52 AM
To: JeRRy
Cc: [EMAIL PROTECTED]
Subject: RE: [PHP-DB] md5 question!
-Original Message-
From: JeRRy [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 24, 2003 9:50 AM
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: [PHP-DB] md5 question!
So with md5 I can
retrieve the passwords back to the user if they lose
them via email.
No, you can't. You'll need to generate a new password, md5
it, store it
mark it expired, timestamp it so it's only valid for, say,
30 minutes,
email it, and finally, force the person to choose a new password when
they sign in.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] md5 question! [CORRECTED]
My mistake -- I'm wrong here. Through a few emails I learned that it is a 32 character hex value that is returned, not a 32 char alphanumeric. That reduces my estimate of 63*10^48 to 340*10^36, still more than crypt though. My bad, sorry to all who believed me without question! Beckman On Tue, 24 Jun 2003, Peter Beckman wrote: md5 is also a one-way encryption. crypt also provides 300*10^21 possible values, whereas md5 provides a possible 63*10^48, or 63000 * 10^21 possible values. A little bit better security I'd say. Crypt is fine, md5 is better (a lot better by the numbers). The salt doesn't matter -- it is part of the password. The first iteration, the salt is 8m. The next one is v9. The first two chars are the salt used, so the salt really doesn't make things more secure. If you are storing the crypt value, you have to first select the value from your DB, get the first two chars (8m for this example) and do crypt($form['password'], 8m) in order to get 8m7UxPXfRw7/2 from crypt. With md5 you just say md5($form['password']) and send it to your select statement and see what happens. To answer your question, md5 is easier and more secure; however, your system is only as secure as your password, and if your password is password (one of the most popular passwords in the world) md5 nor crypt nor the best encryption will help you. Peter --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] session
Also, you don't register values, you register variables.
$id = 123;
$name = leooi;
$_SESSION['id'] = $id; // same as session_register(id), but better
$_SESSION['name'] = $name; // same as session_register(name), but better
You could also skip the whole variable setting and just do this:
$_SESSION['id'] = 123;
What I like to do is this (and yes, I know, the brackets cause additional
overhead):
$r = db_query(select * from user where username='{$un}' and password='{$pw}');
$_SESSION['user'] = mysql_fetch_object($r);
Now anything in the user table is now accessible in my session:
if ($_SESSION['user']-id) { do something for the user that's logged in }
Peter
On Thu, 5 Jun 2003, heilo wrote:
well - this is not really a DB-question. and if you take a look at the
php-docu at http://www.php.net/manual/en/language.variables.predefined.php
you'd see that you can access and alter them with $_SESSION or
$HTTP_SESSION_VARS (older versions of php).
[EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] 3:34 Uhr:
Hi all,
I had create a session and stored some value into session.
?php
session();
session_register(id 123,name leooi);
?
How can i retrieved the value???
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] forms with php/mysql
1. Search the archives, they are here: http://www.php.net/mailing-lists.php 2. If you aren't a coder, you probably cannot do what you ask; there aren't any pre-built simple systems that do exactly what you ask. You could look on freshmeat.net or sourceforge.com, but I doubt you'd find what you are looking for. Peter On Thu, 5 Jun 2003, Philippe Rousselot wrote: Hi, I need for an association to create a form using php/mysql. If I can understand php, I am not a coder, so if someone had the code I need, I would really be greatful. I need : 1. on a page someone identify himself or register to the service using a form where the person enter name, email(username) and password. 2. once registered, the person can access a secured zone containing a form 3. the persone can fill the form, abandon half way and save the result, then come back and have the previously recorded information appearing again. all data need to be in a Mysql database. Thank you very much for your help. Philippe -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Stuck on table design
I have a system I'm building. There are several applications. For each application there are one OR two reviewers. For each reviewer, there is a team leader, and for each team leader there is an administrator. Applications primary key is ApplicationID. Two reviewers can edit their own application at any time until they submit it to the team leader. At that point the team leader can send it back to the reviewer, make changes or send back to the reviewer, or approve and send to the administrator. Can anyone suggest a table which would allow me to check for, at any given time, who controls the application? The reason I'm running into a wall is because there is 1 application, but two reviewers scoring that application; both scores must be saved, and reviewer A must be able to send to the team leader without affecting reviewer B's ability to continue to edit/score. I've come up with this: AppID int // refers to application table admin int // refers to the personnel ID in personnel table teamleadint // same reviewerint // same owner enum(admin,teamlead,reviewer) // actually is a tinyint that refers to a role table for full normalcy For each application, and for each reviewer, a row would be added. The reviewer would have full control until the owner field changed to teamlead. This is the only way I can think of to do what I'm looking for. I also have an assignments table, where I have: AppID TeamMemberID roleid so I know for each application, a person is assigned a role. There can be multiple reviewers, so there is no unique key on these columns. Any other suggestions? --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Reserve Username while Confirming Signup
I like that idea the best... Just insert into your DB with their requested login name and password. Have a timestamp field AND a registration completed field or a status field. I used to do this for people who had registered but had not come back to the site to verify that they recieved their confirm email. No need for two tables -- just use one with a status field so you can say select * from user where status='regnotdone' and date_add(updated, interval 20 minutes)now() This gives you all the users that have not completed their registration, and have not done anything to update their account in the last 20 minutes. Pick your time interval. updated is type timestamp. When they complete their registration, change the status to 'completed' or 'unverified' or something like that -- come up with as many statuses as you want. But don't use another table -- that's a waste. Besides, if you define username as a unique index, then your DB will prevent duplicate usernames -- always good. Peter On Tue, 3 Jun 2003, Gavin Amm wrote: I'm inexperienced with db's, but here are my thoughts: Maybe add a TIMESTAMP(14) field in your temp table, then run a script periodically to delete any rows stored that are more than, say, 20 mins old? Gav -Original Message- From: Dewi Wahyuni [mailto:[EMAIL PROTECTED] Sent: Tuesday, 3 June 2003 1:48 PM To: [EMAIL PROTECTED] Subject: [PHP-DB] Reserve Username while Confirming Signup Hi All, I have a sign up page and when the user submit, it goes to a confirmation page, before the person actually submits. The confirmation page stores the username and password in the Session variable and the submit page stores it into the database by getting it from the session. The rest of the information (eg. address) is resubmited via hidden input type. The question is : I want to reserve the username for the person(say A) while he/she is in the confirmation page and perhaps going back to edit some stuff. What is the best way to do that? I tried putting it in my database in a Logintemp table. With the same fields as the Login table. When the user submits, the Logintemp contents is moved to the Login table. The problem is what if while A is staring at the screen the computer hangs. How do I know if he/she closes the page altogether. I need to delete the contents of Logintemp since it was not moved to Login. Is there any other better way to do this? Get advanced SPAM filtering on Webmail or POP Mail ... Get Lycos Mail! http://login.mail.lycos.com/r/referral?aid=27005 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Dealing with ENUM fields
Will there ever be 5 specials categories? 6? I like enums for strings, but for more complex sites I go with a separate table for even 4 categories. I don't actually know what happens if you change lunch to pre-dinner on the enum column -- does everything remain as enum selection #1 and change to pre-dinner or do things get messed up? If you already have a categories table, just add one more column -- specials which is a tinyint default 0 -- those 4 categories are set to non-zero (or 1 (that's one)). This needs no more tables, no specialized enums, and you are reusing an existing table structure. I like that better. But either way works. ALSO NOTE! If you use enums for numbers, such as '0', '1', they are treated as strings. I don't believe you can make an enum treat a number as a numeric. ALTER TABLE `reviewdates` ADD `asdf` ENUM( 0, 1 ) NOT NULL You have an error in your SQL syntax near '0,1) NOT NULL' at line 1 Peter On Tue, 3 Jun 2003, Becoming Digital wrote: This is for another menu project that I'm working on. The restaurant has a large list of daily specials, all of which fit into one of four categories (lunch, dinner, pizza, dessert). Because the data will never mix (no need for joins or unions), I wanted to keep the specials categories separate from the regular menu item categories. Because there are only four specials categories and they are static, I thought ENUM would work best. Your opinions? Edward Dudlik Becoming Digital www.becomingdigital.com --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] hotornot functionality
Uh, why not just do this:
input type='hidden' name='lastid' value='1930'
Then on the next page, you can get the id. Or geez, it's gonna be there
anyway -- after you do the insert/update of your vote, just pass that ID to
the function that displays the page.
function display($x) {
if (!empty($x['vote'])) {
db_query(insert into vote (pid,vote) values
(.$x['thisid'].,.$x['vote'].));
}
$r = db_query(select * from pictures order by rand() limit 1);
$row = mysql_fetch_array($r); // sure, do error checking if you want
beginpage($x['thisid'],$x['vote']);
votebar($row['pid']);
echo img src='.$row['imgurl'].';
endpage();
}
assuming beginpage is responsible for displaying the last image you voted
on.
Peter
On Wed, 28 May 2003, Matthew Horn wrote:
I am toying with the idea of implementing functionality similar to the hotornot.com
site -- for a different purpose, mind you, but the same kind of user experience.
Here's what it does:
1. A picture is served up.
2. User clicks on a radio button scale from 1 to 10 to rate the picture.
3. The page refreshes. The rating is re-computed with the user's rating for the
original picture. The original picture becomes that last rated pic, and a new one
is served up.
4. The user can cycle through as many pictures this way as they want.
I have MySQL and PHP to work with.
What I am trying to do is figure out the best approach to implementing it.
Specifically, when the user clicks on the radio button, that triggers the form
submit via JavaScript. The form submit updates the database with the rating and then
fetches the next row.
The problem that occurred to me as I was putting together a prototype is:
I don't want the user to get the entire result set of all the images in the database
at once. I really want them to get just the two images (the one they just rated and
the one they are about to rate). Is there a way to remember the last row they
selected and then use that number to fetch the next one on the subsequent request? I
can keep recycling hidden form fields with a number, which should work ok, but the
problems come up when they reach the last row.
Anyway, just looking to see if you folks have some ideas. I would prefer to roll my
own rather than use one of the available hotornot-style PHP scripts to do this.
Matthew J. Horn
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] phpMsAdmin ?
Are there any scripts out there, in PHP or ASP, that give similar support in Microsoft SQL Server (MSSQL) that phpMyAdmin gives for MySQL databases? I have a client who is requiring me to code in ASP using MSSQL server, and I'd like to have a web-based (preferably in PHP) admin tool for the server. Peter --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: Really easy question
$str = 'hi';
$newstr = preg_replace(/\/, , $str);
On Wed, 19 Mar 2003, Foong wrote:
try
$with_quote = '0';
$without_quote = str_replace('', '', $with_quote);
Foong
Jeremy [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Hey folks,
Im apologize that this is just a really easy general php question but any
help would be appreciated.
if i have a variable that is = to something like 0 or 1
but I just need it to be 0 or 1. how do i strip the off.
thanks,
Jeremy
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Server Error
Does /var/lib/mysql/mysql.sock exist? Is it world unwritable? Is it writable by whatever user starts mysql? Does it exist (did it get deleted)? Are you sure you want to use configi.inc.php and not config.inc.php? That's all I can think of. On Mon, 17 Mar 2003, Marie Osypian wrote: I was able to access my database for weeks and now I am getting this error. Can anyone help? Warning: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/blah/public_html/includes/configi.inc.php on line 3 Warning: MySQL Connection Failed: Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) in /home/blah/public_html/includes/configi.inc.php on line 3 Thanks, Marie -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Real Killer App!
Could it be that a certain web server sees you connect, you request a file, and that file happens to take forever to load, leaving your script hanging until memory runs out or something else? Do you have timeouts set properly to stop the HTTP GET/POST if nothing is happening on that connection? Peter On Tue, 11 Mar 2003, Nicholas Fitzgerald wrote: I'm having a heck of a time trying to write a little web crawler for my intranet. I've got everything functionally working it seems like, but there is a very strange problem I can't nail down. If I put in an entry and start the crawler it goes great through the first loop. It gets the url, gets the page info, puts it in the database, and then parses all of the links out and puts them raw into the database. On the second loop it picks up all the new stuff and does the same thing. By the time the second loop is completed I'll have just over 300 items in the database. On the third loop is where the problem starts. Once it gets into the third loop, it starts to slow down a lot. Then, after a while, if I'm running from the command line, it'll just go to a command prompt. If I'm running in a browser, it returns a document contains no data error. This is with php 4.3.1 on a win2000 server. Haven't tried it on a linux box yet, but I'd rather run it on the windows server since it's bigger and has plenty of cpu, memory, and raid space. It's almost like the thing is getting confused when it starts to get more than 300 entries in the database. Any ideas out there as to what would cause this kind of problem? Nick -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Subtraction of two units of time.
$foo = split(:,$time1); $bar = split(:,$time2); $time1 = mktime($foo[0],$foo[1],$foo[2],1,1,1980); $time2 = mktime($bar[0],$bar[1],$bar[2],1,1,1980); $total = $time1 - $time2; That will give you the difference in seconds between the two. I'll let you convert it to hh:mm:ss. Peter On Thu, 6 Mar 2003, David Rice wrote: I want to take away two times stored in the format 00:00:00 in a mysql database, i retrieve the times and take them away by using the following $total = $time1 - $time2 ; when i echo the total it is a whole number of the hours.. and does not take the minutes into account, anyone have an idea of how to get an exact answer to 2decimal places of the subtraction of the two times? cheers, dave _ Chat online in real time with MSN Messenger http://messenger.msn.co.uk -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] One more date question (NOOOOOOO) :-)
Sure --
for ($x=0;$x12;$x++) {
echo
option.date('F',mktime(0,0,0,(date('n')+$x),date('j'),date('Y')))./option\n;
}
For the day limitation, there are lots of javascripts out there to do that.
Peter
On Thu, 27 Feb 2003, Chris Payne wrote:
Hi there everyone,
Sorry about all these emails :-) I have one final question (For this
week - LOL). How can I get the current month + the next 11 months in a
dropdown form box? Ideally there'd be 3 boxes, 1 with the day, dependant
on the month you select plus the year, though I can hardcode the year
without a problem.
Any ideas how I could do this?
Thanks for everything, you are all life savers. Oh and after thinking
about it I realized how dumb storing Credit Card details in a DB were :-)
Chris
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: testing the validity of a link
You could do an fopen on the URL and see if the results contain the string 404 not found or something. Read these pages: http://www.php.net/manual/en/function.fopen.php http://www.php.net/manual/en/wrappers.php http://www.php.net/manual/en/function.stream-get-meta-data.php Looks like with 4.3+ you can use the internal functions of PHP to do what you are asking. You could alternatively install curl and get the resulting HTTP code. http://www.php.net/manual/en/ref.curl.php Peter --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Array help please
$arr = array(.co.uk,.com,.net,.me.uk);
echo Top Level Domains: ;
while(list(,$tld)=each($arr)) {
echo $tld., ;
}
On Sun, 19 Jan 2003, Dave Carrera wrote:
Hi All
I am trying to create a tld lookup script for uk and main us domains.
I have success by creating multiple function hardcode the whois server
and tld but I would love to be able to make an array of tlds then step
through the array to check availability of domain.
Example
$arr = array(.co.uk,.com,.net,.me.uk);
How do I step though one at a time and give a viewable result?
I know I have to check the value of the array and assign the relevant
whois server. How do I do that?
Any help, guidance, code examples will be very much appreciated.
Thank you in advance as always
Dave Carrera
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.443 / Virus Database: 248 - Release Date: 10/01/2003
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Users on line
Create a new table named online: id time (int unix timestamp) uid (int probably, user ID of user in question, relating to a user info table?) sessid (char 32 I think) When the user logs in, I assume you set the session. Insert a row with the current time (unix_timestamp(now()), User ID and the output of session_id() in PHP. This way you can run a query on that table at any time in one of two ways. 1. select count(id) from online where time=(unix_timestamp(now())-900) This will give you the number of people who at least logged in in the last 15 minutes. This isn't very accurate though... so 2. If not already, put sessions in your SQL table. This way you can run a query like (and John Holmes, please feel free to clean up my joins, i suck at them): select count(*) from online,sessions where online.sessid=sessions.sessid and sessions.date=(unix_timestamp(now())-900) This will give you the number of users who have done anything on the site in the last 15 minutes. Change the 900 to 600 or 300 for 10 or 5 minutes respectively. Every week or so you'll want to delete from online where time=[some number here, unix_timestamp(now()) minus how long you want to leave those entries there]. Depending on how often you want to do this and how busy your site is and how focused on performance you are, I'd advise running it once per minute and every time someone logs in, rather than once per page view, and put the values generated into a text file and read it in with readfile(). Peter On Fri, 3 Jan 2003, Bernain, Fernando G. wrote: I'm working in an app that requires to know who are on line. When the user login the app, I use session in order to storage de name and login. Its posible to do this??? Thanks! Fernando Bernain Senior A Business Process Outsourcing KPMG Argentina Tel: 54 11 4316 5754 Fax: 54 11 4316 5734 [EMAIL PROTECTED] Email Disclaimer The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Users on line
I agree; it'd be nice if there was some sort of code that'd be executed when someone closed their browser. There is the javascript on_exit() or something where the user, when they leave a domain, is executed. However, this only works if they click off the site, not if they close their browser. Plus if they go to another site and come back within 5/10/15 minutes, are they still considered logged in? It's fairly impossible to keep track of when users are or are not using the site that is not really complex. What if they are reading an article, run to the restroom, finish reading the article and then click on another page? I figure they are idle after 15 minutes. If they continue to surf the site in an hour or two, their session will be updated (if your sessions last long enough, or if not they'll probably be automatically re-logged in which case they'd be updated/re-inserted in the online table), and will once again be counted as a person online. One example is forcing people to be logged out after 10 minutes of inactivity. Bank of America does this, most likely using javascript. However, if yahoo! did this when I was reading my mail and I stepped away, I'd be annoyed. Most sites allow you to be logged in forever (Remember me) so forcing people to log out just to be able to count who is online seems silly. If you just want to keep track of how many people are logged in, I'd just say that logged in is defined as having an active logged in session that was active in the last 5/10/15 minutes. I'm almost positive that method is how most web sites determine time online. Peter On Fri, 3 Jan 2003, Hutchins, Richard wrote: How would the online table be maintained if a user simply closes out the browser without actually logging out properly? I'm not at all experienced with sessions, but closing the browser should terminate the session, correct? Bernain may want to delete from his online table every hour or so to catch those people who have not properly logged out (assuming the delete from online... query is only fired when they click on a log out button). I'm not slagging Peter's recommendation. I was thinking this solution through as well, but was a bit stuck when it came to users just closing their browsers without logging out. -Original Message- From: Peter Beckman [mailto:[EMAIL PROTECTED]] Sent: Friday, January 03, 2003 2:32 PM To: Bernain, Fernando G. Cc: '[EMAIL PROTECTED]' Subject: Re: [PHP-DB] Users on line Create a new table named online: id time (int unix timestamp) uid (int probably, user ID of user in question, relating to a user info table?) sessid (char 32 I think) When the user logs in, I assume you set the session. Insert a row with the current time (unix_timestamp(now()), User ID and the output of session_id() in PHP. This way you can run a query on that table at any time in one of two ways. 1. select count(id) from online where time=(unix_timestamp(now())-900) This will give you the number of people who at least logged in in the last 15 minutes. This isn't very accurate though... so 2. If not already, put sessions in your SQL table. This way you can run a query like (and John Holmes, please feel free to clean up my joins, i suck at them): select count(*) from online,sessions where online.sessid=sessions.sessid and sessions.date=(unix_timestamp(now())-900) This will give you the number of users who have done anything on the site in the last 15 minutes. Change the 900 to 600 or 300 for 10 or 5 minutes respectively. Every week or so you'll want to delete from online where time=[some number here, unix_timestamp(now()) minus how long you want to leave those entries there]. Depending on how often you want to do this and how busy your site is and how focused on performance you are, I'd advise running it once per minute and every time someone logs in, rather than once per page view, and put the values generated into a text file and read it in with readfile(). Peter On Fri, 3 Jan 2003, Bernain, Fernando G. wrote: I'm working in an app that requires to know who are on line. When the user login the app, I use session in order to storage de name and login. Its posible to do this??? Thanks! Fernando Bernain Senior A Business Process Outsourcing KPMG Argentina Tel: 54 11 4316 5754 Fax: 54 11 4316 5734 [EMAIL PROTECTED] Email Disclaimer The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any
RE: [PHP-DB] Users on line
Again, a person who is idle for more than x number of minutes (1-15 in my
mind) is no longer online. Do they need to be logged out? On every page
you could have a javascript timer which logs the user out if they are idle
for more than x minutes in addition to the onunload=logoutfunction() in
the body tag in Javascript to log them out.
// This assumes that sessions.gc (garbage collection) is on and that your
// session timeout is set to whatever you want sessions to be limited to
function number_of_open_sessions() {
$r = mysql_query(select count(*) as c from php.phpsessions);
$x = mysql_fetch_array($r);
return $x['c'];
}
// or if a file system
function number_of_open_sessions() {
$x = ini_get(session.save_path);
// look for files in this dir that start with sess_
// count them
// return the number of files that match.
}
Peter
On Fri, 3 Jan 2003, Bernain, Fernando G. wrote:
I'm thinking in something similar to ICQ or MSN. This is an app for a few
number of users (less than 50) but they need to know who are online when
they are working in the app too!!! Maybe I can use the table online and
insert then name of the user when he login the app... but I still have the
problem of the logout...
I was looking for something (like a function?) in apache or php who tells me
the open sessions at a moment...
Fernando Bernain
Senior A
Business Process Outsourcing
KPMG Argentina
Tel: 54 11 4316 5754
Fax: 54 11 4316 5734
[EMAIL PROTECTED]
-Original Message-
From: Peter Beckman [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 03, 2003 4:49 PM
To: Hutchins, Richard
Cc: Bernain, Fernando G.; '[EMAIL PROTECTED]'
Subject: RE: [PHP-DB] Users on line
I agree; it'd be nice if there was some sort of code that'd be executed
when someone closed their browser. There is the javascript on_exit() or
something where the user, when they leave a domain, is executed. However,
this only works if they click off the site, not if they close their
browser. Plus if they go to another site and come back within 5/10/15
minutes, are they still considered logged in?
It's fairly impossible to keep track of when users are or are not using the
site that is not really complex. What if they are reading an article, run
to the restroom, finish reading the article and then click on another page?
I figure they are idle after 15 minutes. If they continue to surf the
site in an hour or two, their session will be updated (if your sessions
last long enough, or if not they'll probably be automatically re-logged in
which case they'd be updated/re-inserted in the online table), and will
once again be counted as a person online.
One example is forcing people to be logged out after 10 minutes of
inactivity. Bank of America does this, most likely using javascript.
However, if yahoo! did this when I was reading my mail and I stepped away,
I'd be annoyed. Most sites allow you to be logged in forever (Remember
me) so forcing people to log out just to be able to count who is online
seems silly.
If you just want to keep track of how many people are logged in, I'd just
say that logged in is defined as having an active logged in session that
was active in the last 5/10/15 minutes. I'm almost positive that method is
how most web sites determine time online.
Peter
On Fri, 3 Jan 2003, Hutchins, Richard wrote:
How would the online table be maintained if a user simply closes out the
browser without actually logging out properly? I'm not at all experienced
with sessions, but closing the browser should terminate the session,
correct? Bernain may want to delete from his online table every hour or so
to catch those people who have not properly logged out (assuming the
delete
from online... query is only fired when they click on a log out
button).
I'm not slagging Peter's recommendation. I was thinking this solution
through as well, but was a bit stuck when it came to users just closing
their browsers without logging out.
-Original Message-
From: Peter Beckman [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 03, 2003 2:32 PM
To: Bernain, Fernando G.
Cc: '[EMAIL PROTECTED]'
Subject: Re: [PHP-DB] Users on line
Create a new table named online:
id
time (int unix timestamp)
uid (int probably, user ID of user in question, relating to a
user info table?)
sessid (char 32 I think)
When the user logs in, I assume you set the session. Insert
a row with the
current time (unix_timestamp(now()), User ID and the output
of session_id()
in PHP. This way you can run a query on that table at any
time in one of
two ways.
1. select count(id) from online where
time=(unix_timestamp(now())-900)
This will give you the number of people who at least
logged in in the
last 15 minutes. This isn't very accurate though... so
2. If not already, put sessions in your SQL table. This way
Re: [PHP-DB] Users on line
Yes, IF the user has cookies turned on. The cookie is stored on the users computer, regardless of if the IP changes. I actually use sessions which have a php.ini set expiration date of 6 months. I manually clean the sessions out every night, but the cookie is set to expire after 6 months. The reason? To better track if a user is giving out his/her username/password. If a user logs into the site several times a day with different session IDs, I can be relatively assured that those logins are not from the same user, especially if logins occur from completely different IP blocks with different session IDs. So yes, Session IDs remain constant if users are using/accepting cookies, regardless of their IP. Peter On Fri, 3 Jan 2003, Gerard Samuel wrote: I had asked on -questions about something similar to this. My concern is how would a setup like this react to a dial up user that hops ip addresses (like AOL). Would the session id remain constant, over the ip hops?? Thanks Peter Beckman wrote: Create a new table named online: id time (int unix timestamp) uid (int probably, user ID of user in question, relating to a user info table?) sessid (char 32 I think) When the user logs in, I assume you set the session. Insert a row with the current time (unix_timestamp(now()), User ID and the output of session_id() in PHP. This way you can run a query on that table at any time in one of two ways. 1. select count(id) from online where time=(unix_timestamp(now())-900) This will give you the number of people who at least logged in in the last 15 minutes. This isn't very accurate though... so 2. If not already, put sessions in your SQL table. This way you can run a query like (and John Holmes, please feel free to clean up my joins, i suck at them): select count(*) from online,sessions where online.sessid=sessions.sessid and sessions.date=(unix_timestamp(now())-900) This will give you the number of users who have done anything on the site in the last 15 minutes. Change the 900 to 600 or 300 for 10 or 5 minutes respectively. Every week or so you'll want to delete from online where time=[some number here, unix_timestamp(now()) minus how long you want to leave those entries there]. Depending on how often you want to do this and how busy your site is and how focused on performance you are, I'd advise running it once per minute and every time someone logs in, rather than once per page view, and put the values generated into a text file and read it in with readfile(). Peter On Fri, 3 Jan 2003, Bernain, Fernando G. wrote: I'm working in an app that requires to know who are on line. When the user login the app, I use session in order to storage de name and login. Its posible to do this??? Thanks! Fernando Bernain Senior A Business Process Outsourcing KPMG Argentina Tel: 54 11 4316 5754 Fax: 54 11 4316 5734 [EMAIL PROTECTED] Email Disclaimer The information in this email is confidential and may be legally privileged. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribution or any action taken or omitted to be taken in reliance on it, is prohibited and may be unlawful. When addressed to our clients any opinions or advice contained in this email are subject to the terms and conditions expressed in the governing KPMG client engagement letter. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- Gerard Samuel http://www.trini0.org:81/ http://dev.trini0.org:81/ -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] How to return records in _random_ order ???
Try this; it only works on certain versions of mysql: select * from table order by rand(); Peter On Tue, 17 Dec 2002, Miles Thompson wrote: I dunno - why does this topic pop up periodically. Anyway, here are two suggestions: 1. Add a field to the table, called rand_order. Whenever you update the table insert a random number in it and when fetching records order by Rand_order. 2. Generate an array of 20 random numbers and use it to index the returned records. Neither of these are though out -- sort of 1:00 in the morning inspiration? Why do you want them in random order? Cheers - Miles At 11:10 PM 12/16/2002 -0500, tmb wrote: I need to... 1 - Select a set of records from a db 2 - Return a list of one or two fields from the selected record set in random order on a web page. Once I have my selected records fields... say I end up with 20 records after my select query... How can I return the selected records in _random_ order ?? Hopefully I have made the question clear... thanks for any help. tmb -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Re: Listing A Certain # Range
On Tue, 17 Dec 2002, conbud wrote:
Conbud wrote:
Hello,
Im using MySQL and PHP 4.2.3 on Apache and Mandrake Linux, I was
wondering how to get PHP to list let says row 5 - 10 from a database, I
read the MySQL manual and all I could find is LIMIT 0,5 to list just the
first 5, but I dont know how to make that list 5 - 10 or 10 - 15. Any
help would be appreciated.
Hey, Is there another way to do it with out using Limit ?
Sure, select all of the lines, pass a var offset, then loop through the
results.
for ($i=0;$imysql_num_rows($result);$i++) {
if ($j=$number_to_display) break;
if ($i=$offset) continue;
print stuff here;
}
Terrible code, I know, but you should be able to get the idea. Why
wouldn't you use limit? That seems silly.
I know Holmes would agree. :-)
Peter
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] newbie - last_insert_id() with mysql
mysql_insert_id() is a PHP function, not a MYSQL function. You are also
missing a close quote on your insert string. So you have to do it like
this:
$sql2 = insert into acl (adminId,transportId,securityId) values
('$userid',.last_insert_id().,'1');
Notice the string.function().string -- this basically puts the return
value of the function (in this case, the last ID inserted) into the string.
If it was a MySQL function, you'd have done it correctly; however
mysql_insert_id() is a PHP function and thus you must have PHP run the
function ouside of the string instead of passing the function as part of
the string.
The above is the same as doing this:
$lastid = mysql_insert_id();
$sql2 = insert into acl (adminId,transportId,securityId) values
('$userid',.$lastid.,'1');
which is the same as:
$lastid = mysql_insert_id();
$sql2 = insert into acl (adminId,transportId,securityId) values
('$userid',$lastid,'1');
But use the first example I gave you.
Peter
On Thu, 12 Dec 2002, Max Clark wrote:
Hi-
I am trying to insert information into mysql based with the sql queries
below. When I run this insert from the mysql console everything works
correct, however, when I run this through php the second sql query doesn't
execute (I'm assuming there is a problem with the last_insert_id()).
I have tried changing the last_insert_id() to a mysql_insert_id()
function with no success?
How do I get this to work?
Thanks in advance,
Max
$sql1 = insert into transport (domain,transport) values
('$domain','$transport');
$sql2 = insert into acl (adminId,transportId,securityId) values
('$userid',last_insert_id(),'1';
mysql_query($sql1);
mysql_query($sql2);
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] limiting field extraction to 40 characters
$1 is a bad variable. You can't have variables that start with a number.
Try $a or $foo or $bar.
On Thu, 12 Dec 2002, mike karthauser wrote:
If i try the below in my query i get no results.
Ideally i would like to do this (not valid sql)
? $result = mysql_query(SELECT * FROM courses,$db);
printf(select name=\coursecode\\n);
while ($myrow = mysql_fetch_array($result)) {
$l=$myrow['coursecode'];
?option value=?=$l;??=($_POST['coursecode']==$l)?'
selected=selected':;??=$myrow['left(title,40)'];?/option?
}
printf(/select\n);
?
on 11/12/02 5:26 pm, Peter Beckman at [EMAIL PROTECTED] wrote:
LEFT(str,len)
Returns the leftmost len characters from the string str:
mysql SELECT LEFT('foobarbar', 5);
- 'fooba'
This function is multi-byte safe.
select left(coursecode,40) from courses
On Wed, 11 Dec 2002, mike karthauser wrote:
I am using
? $result = mysql_query(SELECT * FROM courses,$db);
printf(select name=\coursecode\\n);
while ($myrow = mysql_fetch_array($result)) {
$l=$myrow['coursecode'];
?option value=?=$l;??=($_POST['coursecode']==$l)?'
selected=selected':;??=$myrow['title'];?/option?
}
printf(/select\n);
?
to generate a html optionselect. Unfortunately a few of my course titles
are really long and this effects the rendering of the optionselect
making it ultra wide.
Is there a way i can print only the first 40 characters of the title - even
though the full title lives in the db still (it is used throughout the
site)?
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Index on email or ID?
Something I used was this: id | username | password | cookie_string $foo = the id was rot13'ed then base64-encoded $str = the cookie_string was an md5 hash generated at the time of registration then a cookie was set: setcookie(cookie_string,$foo.|.$str); When the user returns, we checked for the cookie, and if it existed, split on the |, de-crypted (haha) the ID, looked up the cookie_string in the DB and saw if it matched. If it did, it was pretty unlikely that it was hacked so we logged them in. Peter On Wed, 4 Dec 2002, Jim wrote: Always, always, always use a value that has no other significance other than being a unique ID. Email addresses change and so do passwords, so those are poor choices for linking data. They are fine and good choices for login, but that's about the only thing they should be used for. I understand what your saying, but if I just use the ID, then it makes it extremely easy to login as another user, simply change the ID in your cookie. Atleast if I have email/password aswell it takes someone with access to the network and a sniffer to get the values. If a user changes his email and/or password, then the cookie gets updated, simple. I can't see that its that much of an issue. If we were talking about a credit card number or something else critical then I'd agree. Jim. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] calling function on submit instead of going to a newscript
form action = script.php?f=myfunction
OR
form action = script.php
AND add a input type='hidden' name='f' value='myfunction'
if (!empty($_GET['f']) and is_callable($_GET['f'])) {
$_GET['f']();
} else {
echo No function.;
}
On Thu, 5 Dec 2002, Gavin Amm wrote:
Hi,
I'm using some form fields on a page to pick up existing data from a MySQL
database, make any changes, and update the database when i hit submit.
I've picked up the data ok, now i want to process the update...
How do i call a function(?) on the same page rather than use another page
through action=somescript.php?
what i'd like to do (in seudo-code) is:
form action=myfunction()
...
input type=submit
/form
myfunction(){
process update send user back to homepage
}
cheers,
Gav
This e-mail and any attachments are intended solely for the named addressee,
are confidential and may contain legally privileged information.
The copying or distribution of them or of any information they contain, by
anyone other than the addressee, is prohibited. If you received this e-mail
in error, please notify us immediately by return e-mail or telephone +61 2
9413 2944 and destroy the original message. Thank you.
As Email is subject to viruses we advise that all Emails and any attachments
should be scanned by an up to-date Anti Virus programme automatically by
your system. It is the responsibility of the recipient to ensure that all
Emails and any attachments are cleared of Viruses before opening. KSG can
not accept any responsibility for viruses that maybe contained here in.
Please advise KSG by return Email if you believe any Email sent by our
system may contain a virus. It should be noted that most Anti Virus
programmes can not scan encrypted file attachments (example - documents
saved with a password). Thus extra care should be taken when opening these
files.
Liability limited by the Accountants Scheme, approved under the Professional
Standards Act 1994 (NSW).
Level 4
54 Neridah StreetPO Box 1290
CHATSWOOD NSW 2067 CHATSWOOD NSW 2057
Ph: +61 2 9413 2944 Fax: +61 2 9413 9901
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] anchors
Try auction.php?clientid=1#map On Wed, 4 Dec 2002, Edward Peloke wrote: Ok, I know this isn't really a db specific question so forgive me. In my php/mysql page, I have a button that loops back to the same page only when it opens the page again, I want it to go to a certain spot on the page with certain parameters. For Example auction.php#map takes me to the map section of the page but if I loop to that section with parameters auction.php#map?clientid=1 nothing happens. How do I distinguish between the end of the anchor and the start of the parameters? Thanks, Eddie -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Processing HTML forms
I have a form handler that I use that I wrote. It works great, but I have
a problem. I want it to save all the values from the forms when used with
PHP. For example, I have a text box that is named data[phone][1][number]
and I want the form to be automatically filled in for me. It works for the
first [] (ie data[stuff] gets filled in properly in my code).
Here's the code:
function displayText($name, $default = '',
$size = HTML_FORM_TEXT_SIZE, $maxlength = '')
{
if (preg_match(/^(.*)\[+(.*)\]+$/,$name,$x)) $setvalue =
$GLOBALS[$x[1]][$x[2]]; else $setvalue = $GLOBALS[$name];
$default = stripslashes((empty($setvalue))?$default:$setvalue);
if (!$maxlength) {
print input name=\$name\ value=\$default\ size=\$size\;
} else {
print input name=\$name\ value=\$default\ size=\$size\
maxlength=\$maxlength\;
}
print /;
}
How would I write this to support multiple brackets? Basically it is the
preg_match line that does the magic.
Peter
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Fulltext matching
Is there any way in PHP and MySQL to find out the most used words in a full
text index? Is there access to the index? In the index I want to show the
words that occur the most in descending order limit 50.
In addition, is there any way to search for, without boolean (using
3.23.??), words in a row? I've tried searching for print pal (which I
know exists) but only get print and pal returned as two separate words, and
since pal is 3 letters or less, it isn't indexed.
This doesn't work:
select id, match(body) against ('print pal') from body where match(body) against
('print pal');
Peter
---
Peter Beckman Internet Guy
[EMAIL PROTECTED] http://www.purplecow.com/
---
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] PHP4, Apache 1.3.x, and mod ssl install document?
Actually, it's easier: cd /usr/ports/www/apache13-modssl make install cd /usr/ports/www/mod_php4 make install apachectl start (or restart) Peter On Wed, 27 Nov 2002, RClark wrote: Hello all, I have a FreeBSD server which has been updated to 4.7 STABLE. I have updated my ports collection and installed mysql server. Does anyone have an updated doc on how to install apache with PHP4 and modssl support either from ports collection or from source. I would greatly appreciate it. Thanks Ron -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php --- Peter Beckman Internet Guy [EMAIL PROTECTED] http://www.purplecow.com/ --- -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
