Search Results

Search found 56516 results on 2261 pages for 'mysql create'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 432/2261 | < Previous Page | 428 429 430 431 432 433 434 435 436 437 438 439  | Next Page >

  • Are these two functions overkill for sanitization?

    - by jpjp
    function sanitizeString($var) { $var = stripslashes($var); $var = htmlentities($var); $var = strip_tags($var); return $var; } function sanitizeMySQL($var) { $var = mysql_real_escape_string($var); $var = sanitizeString($var); return $var; } I got these two functions from a book and the author says that by using these two, I can be extra safe against XSS(the first function) and sql injections(2nd func). Are all those necessary? Also for sanitizing, I use prepared statements to prevent sql injections. I would use it like this: $variable = sanitizeString($_POST['user_input']); $variable = sanitizeMySQL($_POST['user_input']);

    Read the article

  • PHP: How To Integrate HTML Purifier To Fileter User Submitted Data?

    - by TaG
    I have this script that collects data from users and I wanted to check their data for malicious code like XSS and SQL injections by using HTML Purifier http://htmlpurifier.org/ but how do I add it to my php form submission script? Here is my HTML purifier code require_once '../../htmlpurifier/library/HTMLPurifier.auto.php'; $config = HTMLPurifier_Config::createDefault(); $config->set('Core.Encoding', 'UTF-8'); // replace with your encoding $config->set('HTML.Doctype', 'XHTML 1.0 Strict'); // replace with your doctype $purifier = new HTMLPurifier($config); $clean_html = $purifier->purify($dirty_html); Here is my PHP form submission code. if (isset($_POST['submitted'])) { // Handle the form. $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"SELECT users.*, profile.* FROM users INNER JOIN contact_info ON contact_info.user_id = users.user_id WHERE users.user_id=3"); $about_me = mysqli_real_escape_string($mysqli, $_POST['about_me']); $interests = mysqli_real_escape_string($mysqli, $_POST['interests']); if (mysqli_num_rows($dbc) == 0) { $mysqli = mysqli_connect("localhost", "root", "", "sitename"); $dbc = mysqli_query($mysqli,"INSERT INTO profile (user_id, about_me, interests) VALUES ('$user_id', '$about_me', '$interests')"); } if ($dbc == TRUE) { $dbc = mysqli_query($mysqli,"UPDATE profile SET about_me = '$about_me', interests = '$interests' WHERE user_id = '$user_id'"); echo '<p class="changes-saved">Your changes have been saved!</p>'; } if (!$dbc) { // There was an error...do something about it here... print mysqli_error($mysqli); return; } }

    Read the article

  • Create a Sharepoint Blog comment in code ...

    - by Ren Hoek
    I have the need to create Sharepoint blog comments by code: SPSecurity.RunWithElevatedPrivileges(delegate() { sw.AllowUnsafeUpdates = true; SPList spList = SPContext.Current.Web.Lists["Kommentare"]; SPListItem listItem = spList.Items.Add(); listItem[listItem.Fields["Titel des Beitrags"].InternalName] = SPContext.Current.Item["Title"]; listItem[listItem.Fields["Titel"].InternalName] = titlearea.Value; listItem[listItem.Fields["Textkörper"].InternalName] = CommentArea.Value; listItem[SPBuiltInFieldId.Author] = curUser; // listItem[SPBuiltInFieldId.Modified] = curUser; listItem.Update(); //spList.Update(); sw.AllowUnsafeUpdates = false; }); but I allways get a "Invalid data has been used to update the list item. The field you are trying to update may be read only" I tried Systemupdate and the values seem to be valid. Has Anybody an idea? Greetings ren

    Read the article

  • Improving the speed of php

    - by cast01
    I'm currently working on a website in PHP, and I'm wondering what the best practices/methods are to reduce the time requests take. I've build the site in a modular way, so a page would consist of a number of modules, and each of these would need to request information. For example, I have a cart module, that (if a cart is set) will fetch the cart with the id (stored in a session variable) from the database and return its contents. I have another module that lists categories and this needs to fetch the categories from the database. My system is built with models, and each model might also make a request, for example a category model will make a request to get products in that category.

    Read the article

  • many-to-many query

    - by kofto4ka
    Hello, guys! I have a problem and I dont know what is better solution. Okay, I have 2 tables: posts(id, title), posts_tags(post_id, tag_id). I have next task: must select posts with tags ids for example 4, 10 and 11. Not exactly, post could have any other tags at the same time. So, how I could do it more optimized? Creating temporary table in each query? Or may be some kind of stored procedure? In the future, user could ask script to select posts with any count of tags (it could be 1 tag only or 10 at the same time) and I must be sure that method that I will choose would be the best method for my problem. Sorry for my english, thx for attention.

    Read the article

  • same table, 1 field to 2 field query

    - by edib
    I have 2 tables: 1st holds employees (of ones in any position) and the 2nd holds manager employee relations with id numbers. I want to write a query like 1st field: name(employee), 2nd field: name(manager) How can I do that?

    Read the article

  • again new query. i am trying to solve this from one hour. please help

    - by Dharmendra
    Query : List the film title and the leading actor for all of 'Julie Andrews' films. there are three tables : movie(id, title, yr, score, votes, director) actor(id, name) casting(movieid, actorid, ord) select movie.title,actor.name as cont from movie join casting on (movie.id=casting.movieid) join actor on (casting.actorid=actor.id) where actor.name='Julie andrews' actually i can' get how to find the leading actor.

    Read the article

  • storing data at remote server using php

    - by VIPUL GOYAL
    I want to send data to php file and execute insert query in it to store data in database. When i execute this code, it executes but database does not get updated. Code of PHP file Java code------------------------------Remote.java------------------------------ public class Remote extends Activity { EditText name; Button s; String r; @Override public void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); setContentView(R.layout.main); name= (EditText)findViewById(R.id.editText1); s=(Button)findViewById(R.id.button1); s.setOnClickListener(new OnClickListener() { public void onClick(View v) { try { r = name.getText().toString(); ArrayList<NameValuePair> postParameters = new ArrayList<NameValuePair>(); postParameters.add(new BasicNameValuePair("username", r)); CustomHttpClient.executeHttpPost("http://vipul.eu5.org/abc.php", postParameters); //Enetr Your remote PHP,ASP, Servlet file link } catch (Exception e) { e.printStackTrace(); } } }); } } -----------------------------CustomHttpClient.java---------------------------- public class CustomHttpClient { private static HttpClient getHttpClient() { if (mHttpClient == null) { mHttpClient = new DefaultHttpClient(); final HttpParams params = mHttpClient.getParams(); HttpConnectionParams.setConnectionTimeout(params, HTTP_TIMEOUT); HttpConnectionParams.setSoTimeout(params, HTTP_TIMEOUT); ConnManagerParams.setTimeout(params, HTTP_TIMEOUT); } return mHttpClient; } /** * Performs an HTTP Post request to the specified url with the * specified parameters. * * @param url The web address to post the request to * @param postParameters The parameters to send via the request * @return The result of the request * @throws Exception */ public static void executeHttpPost(String url, ArrayList postParameters) throws Exception { try { HttpClient client = getHttpClient(); HttpPost request = new HttpPost(url); UrlEncodedFormEntity formEntity = new UrlEncodedFormEntity(postParameters); request.setEntity(formEntity); HttpResponse response = client.execute(request); } catch(Exception e) { } } }

    Read the article

  • How to implement filter system in SQL?

    - by sadvaw
    Right now I am planning to add a filter system to my site. Examples: (ID=apple, COLOR=red, TASTE=sweet, ORIGIN=US) (ID=mango, COLOR=yellow, TASTE=sweet, ORIGIN=MEXICO) (ID=banana, COLOR=yellow, TASTE=bitter-sweet, ORIGIN=US) so now I am interested in doing the following: SELECT ID FROM thisTable WHERE COLOR='yellow' AND TASTE='SWEET' But my problem is I am doing this for multiple categories in my site, and the columns are NOT consistent. (like if the table is for handphones, then it will be BRAND, 3G-ENABLED, PRICE, COLOR, WAVELENGTH, etc) how could I design a general schema that allows this? Right now I am planning on doing: table(ID, KEY, VALUE) This allows arbitary number of columns, but for the query, I am using SELECT ID FROM table WHERE (KEY=X1 AND VALUE=V1) AND (KEY=X2 AND VALUE=V2), .. which returns an empty set. Can someone recommend a good solution to this? Note that the number of columns WILL change regularly

    Read the article

  • how escape quotes when inserting into database in PHP

    - by Mauro74
    Hi all, I'm quite new to PHP so sorry if sounds such an easy problem... :) I'm having an error message when inserting content which contains quotes into my db. here's what I tried trying to escape the quotes but didn't work: $con = mysql_connect("localhost","xxxx","xxxxx"); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("test", $con); $nowdate = date('d-m-Y') $title = sprintf($_POST[title], mysql_real_escape_string($_POST[title])); $body = sprintf($_POST[body], mysql_real_escape_string($_POST[body])); $sql="INSERT INTO articles (title, body, date) VALUES ('$title','$body','$nowdate'),"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } header('Location: index.php'); Could you provide any solution please? Thanks in advance. Mauro

    Read the article

  • How to make a Round Robin? or Is there an easier way other than Round Robin?

    - by candies
    The problem that I face is in what way if there is issue like the example below: Codes 1000, 2000, 3000, 4000, 5000 ID 1, 2, 3 ======================================== This: ID number 1 has codes 1000, 2000, 3000, 4000 ID number 2 has codes 2000, 4000, 3000 ID number 3 has codes 3000, 4000, 5000 ======================================== When all the fields are connected, each ID has found the same codes. From the example above, I want to produce fair result and adjusted to the code that it had before on each ID as below: ======================================== To be: ID number 1 has codes 1000, 2000 (1000 must be on number 1 cause only it has than other) ID number 2 has codes 3000, 4000 ID number 3 has codes 5000 (5000 must be on number 3 cause only it has than other) ======================================== Some say using Round Robin, but I never heard Round Robin before and I don't have idea how to use it, such a blank mind. Is there another easier way like to use PHP may be? I'm lost. Thanks.

    Read the article

  • CreateDIBSection is throwing, when trying to create cursor on Win

    - by Anaamika
    Hi, I am trying to create Cursor from png, and CreateDIBSection() is throwing. Follwoing is the snippet of code: HDC hdc = GetDC(NULL); void* lpBits = NULL; HBITMAP hBitmap; try { hBitmap = CreateDIBSection( hdc, (BITMAPINFO*)&bi, 0, &lpBits, NULL, (DWORD)0); } ReleaseDC(NULL, hdc); As CreateDIBSection is throwing, the code to release DC is not getting executed. can you please let me know the possible issue behind this?

    Read the article

  • How to create following Pivot table ?

    - by Vamshi
    Hi! Can we create pivot table with Multiple columns and each column contains multiple rows. For example........... Database Table: BatchID BatchName Chemical Value -------------------------------------------------------- BI-1 BN-1 CH-1 1 BI-2 BN-2 CH-2 2 -------------------------------------------------------- This is the table , i need to display like below in Excel Sheet BI-1 BI-2 BN-1 BN-2 ------------------------------------------ CH-1 1 null ------------------------------------------ CH-2 null 2 ------------------------------------------ Here BI-1,BN-1 are two rows in a single columns i need to display chemical value as row of that. Could Please help me to solve this problem. Thank You.

    Read the article

  • Thoughts/Input about Database Design for a CMS

    - by dallasclark
    I'm just about to expand the functionality of our own CMS but was thinking of restructuring the database to make it simpler to add/edit data types and values. Currently, the CMS is quite flat - the CMS requires a field in the database for every type of stored value (manually created). The first option that comes to mind is simply a table which keeps the data types (ie: Address 1, Suburb, Email Address etc) and another table which holds values for each of these data types. Just like how Wordpress keeps values in the 'options' table, PHP serialize would be used to store an array of values. The second option is how Drupal works, the CMS creates tables for every data type. Unlike Wordpress, this can be a bit of an overkill but really useful for SQL queries when ordering and grouping by a particular value. What's everyone's thoughts?

    Read the article

  • Create an autocompleter like the Facebook status update

    - by Terw
    Hello I'm trying to create a div with contenteditable like the Facebook status update. Then I mean I want to show an autocomplete box when the user have written @. How would you do that. Currently I'm just playing with keypress and check if the keycode = 64. Somehow that works, but it doesn't validate if there's a space before the alfa, or if the user has unfocused the box, then focused it again. Any ideas? Or do you know about any plugin that works something like that? Tnx

    Read the article

  • SQL where clause to work with Group by clause after performing a count()

    - by Matt
    Tried my usual references at w3schools and google. No luck I'm trying to produce the following results. QTY is a derived column | Position | QTY -------------------- 1 Clerk 2 2 Mgr 2 Here's what I'm not having luck with: SELECT Position, Count(position) AS 'QTY' FROM tblemployee Where ('QTY' != 1) GROUP BY Position I know that my Position is set up as varchar(255) Count produces a integer data and my where clasue is accurate so that leads me to believe that that Count() is jamming me up. Please throw up an example so I can reference later. Thanks for the help!

    Read the article

  • Databases design - one link table or multiple link tables?

    - by David
    Hi there, I'm working on a front end for a database where each table essentially has a many to many relationship with all other tables. I'm not a DB admin, just a few basic DB courses. The typical solution in this case, as I understand it, would be multiple link tables to join each 'real' table. Here's what I'm proposing instead: one link table that has foreign key dependencies to all other PKs of the other tables. Is there any reason this could turn out badly in terms of scalability, flexibility, etc down the road?

    Read the article

  • Creation time of Innodb tables

    - by shantanuo
    CRETAE_TIME column of "TABLES" table from INFORMATION_SCHEMA shows the same CREATE_TIME for all my innodb tables. It means all these tables were created between 2010-03-26 06:52:00 and 2010-03-26 06:53:00 while actually they were created a few months ago. Does the CREATE_TABLE field change automatically for Innodb tables?

    Read the article

  • How to sekect latest chnge done in the given Table structure?

    - by OM The Eternity
    I have a Table structure as id, trackid, table_name, operation, oldvalue, newvalue, field, changedonetime Now if I have 3 rows for the same "trackid" same "field", then how can i select the latest out of the three? i.e. for e.g.: id = 100 trackid = 152 table_name = jos_menu operation= UPDATE oldvalue = IPL newvalue = IPLcccc field = name live = 0 changedonetime = 2010-04-30 17:54:39 and id = 101 trackid = 152 table_name = jos_menu operation= UPDATE oldvalue = IPLcccc newvalue = IPL2222 field = name live = 0 changedonetime = 2010-04-30 18:54:39 As u can see above the secind entry is the latest change, Now what query I shoud use to get the only one and Latest row out of many such rows...

    Read the article

  • [PHP] Associate different data

    - by Alex Cane
    I will try to be as clear as possible because I can't get anybody to help me around, I am trying to associate some data from a 'videos' table with their respective ID. Lets say, I have column ID, title, serie, season, episode. I am getting my data : <? $result = mysql_query("SELECT * FROM videos WHERE serie = '".$row['serie']."' AND season = '".$row['season']."'"); $total_rows = mysql_num_rows($result); ?> (that is in the page where you see the video itself) So now I can get the number of episodes from a serie and season. What I'm trying to do is have a link for the next episode, and aa link for the previous one. In the URL I am working with the id, so http://website.com/view/id/'video id here'/ So how can I get the ID of the following and previous episodes of the same season AND serie? Help will be much appreciated! The easiest thing I thought of is <?=$row['id'] + 1?> <?=$row['id'] - 1?> But the thing is that it's mixed videos, so it wont work 100%

    Read the article

  • Do a query only if there are no results on previous query

    - by yes123
    Hi guys: I do this query(1): (1)SELECT * FROM t1 WHERE title LIKE 'key%' LIMIT 1 I need to do a second(2) query only if this previous query has no results (2)SELECT * FROM t1 WHERE title LIKE '%key%' LIMIT 1 basically i need only 1 row who got the most close title to my key. Atm i am using an UNION query with a custom field to order it and a LIMIT 1. Problem is I don't want to do the others query if already the first made the result. Thanks

    Read the article

  • How to create a VS2010 extension that uses Language Services

    - by Hades32
    Creating extensions got much easier with Vs2010, but this seems not to be the case for everything... My aim: I wnat to make method calls and property uses of STATIC classes ITALIC. (Just like Eclipse and Java) I think I need to talk to the C# Language Service for this information, but searching for "Language Service" just yields results on how to CREATE one, not how to use one of the existing ones... To get this question a little more general: How do I get information about properties of the code (static/visibility etc) for using it in a VSX?

    Read the article

  • Edit and Create view using EditCreate.ascx partial in ASP.NET MVC

    - by mare
    If you look at the NerdDinner example of creating and editing dinners then you see they use a partial (ViewUserControl or ASCX) DinnerForm to put the functionality of creating and editing dinners into one file because it is essential the same and they use it using RenderPartial("DinnerForm"). This approach seems fine for me but I've run into a problem where you have to add additonal route values or html properties to the Form tag. This picks up the current action and controller automatically: <% using (Html.BeginForm()) { %> However, if I use another BeginForm() overload which allows to pass in enctype or any other attribute I have to do it like this: <% using ("Create", "Section", new { modal = true }, FormMethod.Post, new { enctype = "multipart/form-data" })) and as you can see we lose the ability to automatically detect in which View we are calling RenderPartial("OurCreateEditFormPartial"). We can't have hardcoded values in there because in Edit View this postback will fail or won't postback to the right controller action. What should I do in this case?

    Read the article

  • SQL Like question

    - by mike
    Is there a way to reverse the SQL Like operator so it searches a field backwards? For example, I have a value in a field that looks like this "Xbox 360 Video Game". If I write a query like below, it returns the result fine. SELECT id FROM table WHERE title like "%Xbox%Game%" However, when I search like this, it doesn't find any results. SELECT id FROM table WHERE title like "%Video%Xbox%" I need it to match in any direction. How can I get around this?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 428 429 430 431 432 433 434 435 436 437 438 439  | Next Page >