Search Results

Search found 18661 results on 747 pages for 'linq to mysql'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 502/747 | < Previous Page | 498 499 500 501 502 503 504 505 506 507 508 509  | Next Page >

  • Will these security functions be enough? (PHP)

    - by ggfan
    I am trying to secure my site so I don't have sql injections and xss scripting. Here's my code. //here's the from, for brevity, i just show a field for users to put firstname <form> <label for="first_name" class="styled">First Name:</label> <input type="text" id="first_name" name="first_name" value="<?php if (!empty($first_name)) echo $first_name; ?>" /><br /> //submit button etc </form> if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //then insert into the database. ....... } mysqli_real_espace_string: I know that this func escapes certain letters like \n \r, so when the data gets inputted into the dbc, it would have '\' next to all the escaped letters? --Will this script be enough to prevent most sql injections? just escaping and checking if the data is a string. For integers values(like users putting in prices), i just: is_numeric(). --How should I use htmlspecialchars? Should I use it only when echoing and displaying user data? Or should I also use this too when inputting data to a dbc? --When should I use strip_tags() or htmlspecialchars? SOO with all these function... if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //gets rid of any <,>,& htmlspecialchars($first_name); //strips any tags with the first name strip_tags($first_name) //then insert into the database. ....... } Which funcs should I use for sql injections and which ones should I use for xss?

    Read the article

  • A logical problem with two tables

    - by Luke
    Hey guys, I created a list for fixtures. $result = mysql_query("SELECT date FROM ".TBL_FIXTURES." WHERE compname = '$comp_name' GROUP BY date"); $i = 1; $d = "Start"; while ($row = mysql_fetch_assoc($result)) { $odate = $row['date']; $date=date("F j Y", $row['date']); echo "<p>Fixture $i - $d to $date</p>"; } As you can see from the query, the date is displayed from the fixtures table. The way my system works is that when a fixture is "played", it is removed from this table. Therefore when the entire round of fixtures are complete, there wont be any dates for that round in this table. They will be in another table. Is there anyway I can run an other query for dates at the same time, and display only dates from the fixtures table if there isnt a date in the results table? "SELECT * FROM ".TBL_CONF_RESULTS." WHERE compid = '$_GET[id]' && type2 = '2' ORDER BY date" That would be the second query!

    Read the article

  • Magento: Add (and retrieve) custom database field for CMS pages

    - by Toby H
    I want to assign custom parameters to CMS pages in Magento (i.e. 'about', 'customer service', etc), so they can be grouped. The end goal is to use the parameters for each page to show (or hide) them in a nav menu. Writing a quick method in the page/html block to retrieve the pages (active only) for the menu was easy, but I can't figure out how to group them so that 'testimonials', 'history', and 'contact' are associated with 'about', and 'return policy', 'shipping', and 'contact' are associated with 'customer service'. Any help to point me in the right direction would be greatly appreciated. Thanks!

    Read the article

  • Show parts of the result of an SQL statement using PHP

    - by mouthpiec
    I have an SQL query which returns a set of data (around 40-50 tuples). I would like to display the results 5 at a time on an HTML page using PHP. I already managed to have the right SELECT statement, but i am having problems to display the results 5 by 5 using a "more" button. Can you please help? Note that every time i call the query, the data is being randomized, so it is not possible to set limits and call the query again. I have to find the method to store the results somewhere, and then show them 5 by 5.

    Read the article

  • Worpress WorkFlow Modfications

    - by blgnklc
    Hi All WordPress Lovers, I would like to ask a help about Zensor which is a plugin that you publish a post then a moderator approves the post to be published on the wordpress blog site. When a post is awating for approval, each awaiting post is appearing "waiting moderation". But, I dont want any link appears before moderator approval. Actually I found the joing sentence below; 1- Must be added to the end of JOIN part of any query: LEFT JOIN wp_zensor ON ID = wp_zensor.post_id 2- Must be added to the end of WHERE condition : AND wp_zensor.moderation_status = 'approved' Could you please show me; where should I add these modification on the category link presentation below: <h2>Politics</h2> <?php $recent = new WP_Query("cat=31&showposts=1"); while($recent->have_posts()) : $recent->the_post();?> <b><a href="<?php the_permalink() ?>" rel="bookmark"><?php the_title(); ?></a></b> <?php the_content_limit(140, "devami &raquo;"); ?> <div class="hppostmeta"> <p><?php the_time('j F Y, H:i'); ?> | <?php the_author_posts_link(); ?></p> </div> <?php endwhile; ?> Or any general solutions will be welcomed. Thanks. BK

    Read the article

  • Binary string search on one field.

    - by CrazyJoe
    I have 300 boolean fields in one table, and im trying to do somithing like that: One string field: 10000010000100100100100100010001 Ha a simple way to do a simple search os this field like: select * from table where field xor "10000010000100100100000000010001" Im tring this but is to long: select * from teste where mid(info,2,1) and mid(info,3,1) :) Help!!

    Read the article

  • How do I choose what and when to cache data with ob_start rather than query the database?

    - by Tim Santeford
    I have a home page that has several independent dynamic parts. The parts consist of a list of recent news from the company, a site statistics panel, and the online status of certain employees. The recent news changes monthly, site statistics change daily, and online statuses change on a per minute bases. I would like to cache these panels so that the db is not hit on every page load. Is using ob_start() then ob_get_contents() to cache these parts to a file the correct way to do this or is there a better method in PHP5 for doing this? In asking this question I'm trying to answer these additional questions: How can I determine the correct approach for caching this data without doing extensive benchmarking? Does it make sense to cache these parts in different files and then join them together per requests or should I re-query the data and cache once per minute? I'm looking for a rule of thumb for planning pages and for situations where doing testing is not cost effective (The client is not paying enough for it I mean). Thanks!

    Read the article

  • Does UNIQ constraint mean also an index on that field(s)?

    - by Gremo
    As title, should i defined a separate index on email column (for searching purposes) or the index is "automatically" added along with UNIQ_EMAIL_USER constraint? CREATE TABLE IF NOT EXISTS `customer` ( `id` int(11) NOT NULL AUTO_INCREMENT, `user_id` int(11) NOT NULL, `first` varchar(255) NOT NULL, `last` varchar(255) NOT NULL, `slug` varchar(255) NOT NULL, `email` varchar(255) NOT NULL, `created_at` datetime NOT NULL, `updated_at` datetime NOT NULL, PRIMARY KEY (`id`), UNIQUE KEY `UNIQ_SLUG` (`slug`), UNIQUE KEY `UNIQ_EMAIL_USER` (`email`,`user_id`), KEY `IDX_USER` (`user_id`) ) ENGINE=InnoDB;

    Read the article

  • How can i bind a Database field value to a hidden field inside a gridview

    - by Dorababu
    I use the following to bind a field from the table to a hidden field inside a gridview but i am getting the error as System.Data.DataRowView' does not contain a property with the name 'AccountType'. This is how i assigned <asp:TemplateField> <ItemTemplate> <asp:HiddenField ID="hdnAccntType" runat="Server" Value='<%#Eval("AccountType") %>' /> </ItemTemplate> </asp:TemplateField> Is it correct or i have to make any corrections

    Read the article

  • Zend Framework Multiple Table Query

    - by Jeff
    I am looking to execute this statement via Zend Framework. As I understand it, I can use Zend_Db_Select. Is it possible to use Zend_Db_Table? Three tables: classes, students, and class_students select classes.name, students.student_id, students.fname, students.lname from students, classes, class_students where class_students.student_id=students.student_id AND class_students.class_id=classes.class_id;

    Read the article

  • Problem with joining to an empty table

    - by Imran Omar Bukhsh
    I use the following query: select * from A LEFT JOIN B on ( A.t_id != B.t_id) to get all the records in A that are not in B. The results are fine except when table B is completely empty, but then I do not get any records, even from table A. Later It wont work yet! CREATE TABLE IF NOT EXISTS T1 ( id int(11) unsigned NOT NULL AUTO_INCREMENT, title varchar(50) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, t_id int(11) NOT NULL, PRIMARY KEY (id) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=3 ; -- -- Dumping data for table T1 INSERT INTO T1 (id, title, t_id) VALUES (1, 'apple', 1), (2, 'orange', 2); -- -- Table structure for table T2 CREATE TABLE IF NOT EXISTS T2 ( id int(11) NOT NULL AUTO_INCREMENT, title varchar(50) CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL, t_id int(11) NOT NULL, PRIMARY KEY (id) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ; -- -- Dumping data for table T2 INSERT INTO T2 (id, title, t_id) VALUES (1, 'dad', 2); Now I want to get all records in T1 that do not have a corresponding records in T2 I try SELECT * FROM T1 LEFT OUTER JOIN T2 ON T1.t_id != T2.t_id and it won't work

    Read the article

  • Beginner having difficulty with SQL query

    - by Vulcanizer
    Hi, I've been studying SQL for 2 weeks now and I'm preparing for an SQL test. Anyway I'm trying to do this question: For the table: 1 create table data { 2 id int, 3 n1 int not null, 4 n2 int not null, 5 n3 int not null, 6 n4 int not null, 7 primary key (id) 8 } I need to return the relation with tuples (n1, n2, n3) where all the corresponding values for n4 are 0. The problem asks me to solve it WITHOUT using subqueries(nested selects/views) It also gives me an example table and the expected output from my query: 01 insert into data (id, n1, n2, n3, n4) 02 values (1, 2,4,7,0), 03 (2, 2,4,7,0), 04 (3, 3,6,9,8), 05 (4, 1,1,2,1), 06 (5, 1,1,2,0), 07 (6, 1,1,2,0), 08 (7, 5,3,8,0), 09 (8, 5,3,8,0), 10 (9, 5,3,8,0); expects (2,4,7) (5,3,8) and not (1,1,2) since that has a 1 in n4 in one of the cases. The best I could come up with was: 1 SELECT DISTINCT n1, n2, n3 2 FROM data a, data b 3 WHERE a.ID <> b.ID 4 AND a.n1 = b.n1 5 AND a.n2 = b.n2 6 AND a.n3 = b.n3 7 AND a.n4 = b.n4 8 AND a.n4 = 0 but I found out that also prints (1,1,2) since in the example (1,1,2,0) happens twice from IDs 5 and 6. Any suggestions would be really appreciated.

    Read the article

  • How to store coordinates in a database

    - by Tim
    Hello all! I have a Flex GUI where I have to place quadrate elements. The position of these elements need to be stored into a database. So I can create two integer fields in the db table x and y. Also I need an angle, because the user can rotate these elements, so I can also make a int (int is okay, I do not need a double value therefore). As a ORM, I use Hibernate. But the question is, if creating three integer fields is the best way to handle this. Perhaps someone can tell me if this will be okay or if there are better ways? Thanks a lot in advance & Best Regards.

    Read the article

  • SELECT GROUP BY latest entry in INBOX msg sent by user

    - by Mohatir S
    i am building a simple PM for my personal website where a user can join and send message to the registered users on my website, i am stuck in grouping and selecting latest user (by latest msg time) in INBOX page my table : id msg_from msg_to msg date in_del out_del i want to show latest user's id each in a group here is my SQL query : SELECT ttalk.id, ttalk.msg_from, users.first_name, users.last_name FROM ttalk INNER JOIN users ON ttalk.msg_from = users.id WHERE ttalk.msg_to = '$_SESSION[user_id]' AND ttalk.in_del='0' GROUP BY ttalk.msg_from DESC LIMIT 500 Thanks in advance :-)

    Read the article

  • Can't use method return value in write context; Not sure where to go from here

    - by Morgan Green
    This is my source for the variable. <?php if ($admin->get_permissions()=3) echo 'Welcome to the Admin Panel'; else echo 'Sorry, You do not have access to this page'; ?> And the code that I'm actually trying to call with the if statement is: public function get_permissions() { $username = $_SESSION['admin_login']; global $db; $info = $db->get_row("SELECT `permissions` FROM `user` WHERE `username` = '" . $db->escape($username) . "'"); if(is_object($info)) return $info->permissions; else return ''; } This should be a simple way to call my pages that the user is authorized for by using an else if statement. Or So I thought

    Read the article

  • Simple PHP query question: LIKE

    - by pg
    When I replace $ordering = "apples, bananas, cranberries, grapes"; with $ordering = "apples, bananas, grapes"; I no longer want cranberries to be returned by my query, which I've written out like this: $query = "SELECT * from dbname where FruitName LIKE '$ordering'"; Of Course this doesn't work, because I used LIKE wrong. I've read through various manuals that describe how to use LIKE and it doesn't quite make sense to me. If I change the end of the db to "LIKE "apples"" that works for limiting it to just apples. Do I have to explode the ordering on the ", " or is there a way to do this in the query?

    Read the article

  • trying to redirect the php page is get id is empty ir does not exists.

    - by user570782
    <? include..... if ($picid != $_GET['picid']) || (empty($picid)) { echo "page not working"; } else { $picid = $_GET['picid']; $query = mysql_query("SELECT * FROM pic_info WHERE picid = 'picid1' ");// problem while($rows = mysql_fetch_assoc($query)): $picid = $rows['picid']; $title = $rows['title']; $link = $rows['link']; $description = $rows['description']; $movie_pic = $rows['movie_pic']; $source = $rows['source']; } $get_comment = mysql_query("SELECT * FROM comment WHERE picid ='$picid'");// work partially $comment_count = mysql_num_rows($get_comment); if ($comment_count>0) { messages = " "; while ($com = mysql_fetch_array($get_comment)){ $comment_id = $com['comment_id']; $name = $com['name']; $message = $com['message']; $time_post= $com['time_post']; $messages .= '<em> on ' .$time_post.'</em><b> '.$name.' said.....</b><br/> '.$message.'<hr/>'; // line with problem } } ?> i am stuck i am trying to say that if $_GET['picid']; is empty echo out error message or if the movid does not exist in the db echo out error message. when i run it i get an error. not sure if i am calling the correct function. what am i doing wrong please help

    Read the article

  • Storing database records into array

    - by zerey
    I would want to create an array that will hold records retrieved from a database using a query of SELECT statement. The records to be retrieved have multiple fields such as lastname, firstname, mi and 20 more fields. What would be the best approach on coding this function? alright i have followed what prisoner have given below.. the next question is how do i search through this kind of array using queries? for example i want to search for a username..

    Read the article

  • PHP: Building A Stock Index Using Yahoo Finance [on hold]

    - by Jeremy
    I have the following code which is pulling data but it is not outputting properly. <?php class YahooStock { public function getQuotes(){ $stocks = array(); $result = array(); $s = file_get_contents("http://finance.yahoo.com/d/quotes.csv?s=AMZN+CRM+CNQR+CTL+CTXS+DWRE+EMC+GOOG+HP+IBM+JIVE+LNKD+MKTO+MSFT+N+NFLX+NOW+ORCL+RAX+SAP+T+VEEV+VMW+VZ+WDAY&f=npf6&e=.csv"); $data = explode( ',', $s); $result = $data; return $result; } } $objYahooStock = new YahooStock; foreach( $objYahooStock->getQuotes() as $code => $result){ echo 'Name:' . $result[0] . '<br />'; echo 'Price:' . $result[1] . '<br />'; echo 'Float:' . $result[2] . '<br />'; } ?> The output looks like it is separating every character with a comma instead of each column: Name:" Price:A Float:m Name: Price:I Float:n Name:3 Price:3 Float:2 Name: Price: Float: Any help is appreciated!

    Read the article

  • I can't delete record in Codeigniter

    - by jomblo
    I'm learning CRUD in codeigniter. I have table name "posting" and the coloumns are like this (id, title, post). I successed to create a new post (both insert into database and display in the view). But I have problem when I delete my post in the front-end. Here is my code: Model Class Post_Model extends CI_Model{ function index(){ //Here is my homepage code } function delete_post($id) { $this->db->where('id', $id); $this->db->delete('posting'); } } Controller Class Post extends CI_Controller{ function delete() { $this->load->model('Post_Model'); $this->Post_Model->delete_post("id"); redirect('Post/index/', 'refresh'); } } After click "delete" in the homepage, there was nothing happens. While I'm looking into my database, my records still available. Note: (1) to delete record, I'm following the codeigniter manual / user guide, (2) I found a message error (Undefined variable: id) after hiting the "delete" button in the front-end Any help or suggestion, please

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 498 499 500 501 502 503 504 505 506 507 508 509  | Next Page >