Search Results

Search found 28590 results on 1144 pages for 'best paractices'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 122/1144 | < Previous Page | 118 119 120 121 122 123 124 125 126 127 128 129  | Next Page >

  • How to write a good PHP database insert using an associative array

    - by Tom
    In PHP, I want to insert into a database using data contained in a associative array of field/value pairs. Example: $_fields = array('field1'=>'value1','field2'=>'value2','field3'=>'value3'); The resulting SQL insert should look as follows: INSERT INTO table (field1,field2,field3) VALUES ('value1','value2','value3'); I have come up with the following PHP one-liner: mysql_query("INSERT INTO table (".implode(',',array_keys($_fields)).") VALUES (".implode(',',array_values($_fields)).")"); It separates the keys and values of the the associative array and implodes to generate a comma-separated string . The problem is that it does not escape or quote the values that were inserted into the database. To illustrate the danger, Imagine if $_fields contained the following: $_fields = array('field1'=>"naustyvalue); drop table members; --"); The following SQL would be generated: INSERT INTO table (field1) VALUES (naustyvalue); drop table members; --; Luckily, multiple queries are not supported, nevertheless quoting and escaping are essential to prevent SQL injection vulnerabilities. How do you write your PHP Mysql Inserts? Note: PDO or mysqli prepared queries aren't currently an option for me because the codebase already uses mysql extensively - a change is planned but it'd take alot of resources to convert?

    Read the article

  • MongoDB query to return only embedded document

    - by Matt
    assume that i have a BlogPost model with zero-to-many embedded Comment documents. can i query for and have MongoDB return only Comment objects matching my query spec? eg, db.blog_posts.find({"comment.submitter": "some_name"}) returns only a list of comments. edit: an example: import pymongo connection = pymongo.Connection() db = connection['dvds'] db['dvds'].insert({'title': "The Hitchhikers Guide to the Galaxy", 'episodes': [{'title': "Episode 1", 'desc': "..."}, {'title': "Episode 2", 'desc': "..."}, {'title': "Episode 3", 'desc': "..."}, {'title': "Episode 4", 'desc': "..."}, {'title': "Episode 5", 'desc': "..."}, {'title': "Episode 6", 'desc': "..."}]}) episode = db['dvds'].find_one({'episodes.title': "Episode 1"}, fields=['episodes']) in this example, episode is: {u'_id': ObjectId('...'), u'episodes': [{u'desc': u'...', u'title': u'Episode 1'}, {u'desc': u'...', u'title': u'Episode 2'}, {u'desc': u'...', u'title': u'Episode 3'}, {u'desc': u'...', u'title': u'Episode 4'}, {u'desc': u'...', u'title': u'Episode 5'}, {u'desc': u'...', u'title': u'Episode 6'}]} but i just want: {u'desc': u'...', u'title': u'Episode 1'}

    Read the article

  • Using GET instead of POST to delete data behind authenticated pages

    - by Matt Spradley
    I know you should use POST whenever data will be modified on a public website. There are several reasons including the fact that search engines will follow all the links and modify the data. My question is do you think it is OK to use GET behind authenticated pages in something like an admin interface? One example would be a list of products with a delete link on each row. Since the only way to get to the page is if you are logged in, is there any harm in just using a link with the product ID in the query string?

    Read the article

  • Advice on a simple Windows Form

    - by Austin Hyde
    I have a VERY simple windows form that the user uses to manage "Stores". Each store has a name and number, and is kept in a corresponding DB table. The form has a listbox of stores, an add button that creates a new store, a delete button, and an edit button. Beside those I have text boxes for the name and number, and save/cancel buttons. When the user chooses a store from the list box, and clicks 'edit', the textboxes become populated and save/cancel become active. When the user clicks 'add', I create a new Store, add it to the listbox, activate the textboxes and save/cancel buttons, then commit it to the database when the user clicks 'save', or discards it when the user clicks 'cancel'. Right now, my event system looks like this (in psuedo-code. It's just shorter that way.) add->click: store = new Store() listbox.add(store) populateAndEdit(store) delete->click: store = listbox.selectedItem db.deleteOnSubmit(store) listbox.remove(store) db.submit() edit->click: populateAndEdit(listbox.selectedItem) save->click: parseAndSave(listbox.selectedItem) db.submit() disableTexts() cancel->click: disableTexts() The problem is in how I determine if we are inserting a new Store, or updating an existing one. The obvious solution to me would be to make it a "modal" process - that is, when I click edit, I go into edit mode, and the save button does things differently than if I were in add mode. I know I could make this more MVC-like, but I don't really think this simple form merits the added complexity. I'm not very experienced with winforms, so I'm not sure if I even have the right idea for how to tackle this. Is there a better way to do this? I would like to keep it simple, but usable.

    Read the article

  • How many address fields would you use for a UK database?

    - by Draemon
    Address records are probably used in most database, but I've seen a number of slightly different sets of fields used to store them. The number of fields seems to vary from 3-7, and sometimes all fields are simple labelled address1..addressN, other times given specific meaning (town, city, etc). This is UK specific, though I'm open to comments about the rest of the world too. Here you need the first line of the address (actually just the number) and the post code to identify the address - everything else is mostly an added bonus. I'm currently favouring: Address 1 Address 2 Address 3 Town County Post Code We could add Country if we ever needed it (unlikely). What do you think? Is this too little, too much?

    Read the article

  • How do you make life easier for yourself when developing a really large database

    - by Hannes de Jager
    I am busy developing 2 web based systems with MySql databases and the amount of tables/views/stored routines is really becoming a lot and it is more and more challenging to handle the complexity. Now in programming languages we have namespacing e.g. Java packages, C++ namespaces to partition the software, grouping it together to make things more understandable. Databases on the other hand have more of a flat structure (MySql at least) e.g. tables and stored procedures are on the same level. So one have to be more creative, creating naming conventions, perhaps use more than one database or using tools to visualize things. What methods do you use to ease the pain? To be effective while developing your databases? To not get lost in a sea of tables and fields and stored procs? Feel free to mention tools you use also, but try to restrict it to open source and preferably Linux solutions if thats OK. b.t.w How many tables would a database have to be considered large in terms of design?

    Read the article

  • paged list with checkboxes, keep the checkbox value browsing through the paging?

    - by Dejan.S
    Hi. I got a list of customers I thought I would list in a gridview or a repeater with customer html, it gone have paging. I'm gone have a checkbox for each customer in the list. Do you guys have any suggestions on how I should do to keep the checkbox value when I go to page 2-3-4 ect in the paging. I'm thinking a session to store the id of the checked customers. After I'm done setting the values they go to the database. Do you got any other ideas then the session I'm thinking of? thanks guys

    Read the article

  • Best computer-science universities in Europe?

    - by Tom
    I am in 11th grade and only one year left when I finish my school. I am sure I want to dedicate my life to programming. In my country the education's level is not so high as in Europe, so I want to emigrate and study not just for a diploma, but for knowledge too. So, what universities would you suggest me which has subject Computer-Science? I prefer web programming. Please do not delete this message though it is quite offtopic, but it's the best place for me to get suggestions from advanced programmers who have already finished their university. And I hope here comes also teenagers who can make the best decision choosing university. Thank you. Please read the whole my message before voting to close this thread, thanks.

    Read the article

  • Is there a .NET equivalent of WebGoat

    - by PJB
    Looking at this question the OWASP WebGoat project looks like a great way to learn about web security. Although the principles will equally to .NET applications I would prefer to use .NET based application. Does anybody know of a suitable .NET alternative?

    Read the article

  • What is the difference between using IDisposable vs a destructor in C#?

    - by j0rd4n
    When would I implement IDispose on a class as opposed to a destructor? I read this article, but I'm still missing the point. My assumption is that if I implement IDispose on an object, I can explicitly 'destruct' it as opposed to waiting for the garbage collector to do it. Is this correct? Does that mean I should always explicitly call Dispose on an object? What are some common examples of this?

    Read the article

  • What's the standard behaviour for an out parameter when a TryXxxx method returns false?

    - by Matt Lacey
    Assuming a method with the following signature bool TryXxxx(object something, out int toReturn) What is it acceptable for toReturn to be if TryXxxx returns false? In that it's infered that toReturn should never be used if TryXxxx fails does it matter? If toReturn was a nulable type, then it would make sense to return null. But int isn't nullable and I don't want to have to force it to be. If toReturn is always a certain value if TryXxxx fails we risk having the position where 2 values could be considered to indicate the same thing. I can see this leading to potential possible confusion if the 'default' value was returned as a valid response (when TryXxxx returns true). From an implementation point if view it looks like having toReturn be a[ny] value is easiest, but is there anything more important to consider?

    Read the article

  • syntax for binding multiple variables within text

    - by danke
    When binding multiple variables value1 value2 value3 in the same text field, do I do this: text="{some text value1 other text value2 and other text value3}" or text="some text {value1} other text {value2} and other text {value3}" I noticed both work, but which is the right way to do it and will work all the time.

    Read the article

  • If handcoded webpage displays the same as WYSIWYG generated page, what did I gain? Can I compete wit

    - by CrazyJugglerDrummer
    My friend uses DreamWeaver to create web pages and doesn't know any HTML at all. I know HTML inside and out and can hand code from the ground up. But our web pages look similar and he can get paid for his WYSIWYG generated sites. What have I gained from learning HTML and hand-coding? Can I compete with people using DreamWeaver or other WYSIWYG editors? I know that for something like JavaScript or PHP the only way to go is to hand-code the whole thing yourself, no tools can do that for you, but is HTML in the same position?

    Read the article

  • Premature optimization is the root of all evil, but can it ever be too late?

    - by polygenelubricants
    "We should forget about small efficiencies, say about 97% of the time: premature optimization is the root of all evil" So what is that 3% like? Can the avoidance of premature optimization ever be taken too extreme that it does more harm than good? Even if it's rare, has there been a case of a real measurable software engineering disaster due to complete negligence to optimize early in the process? Bonus question: is software engineering pretty much the only field that has such a counter intuitive principle regarding doing something earlier rather than later before things potentially become too big a problem to fix? Personal question: how do you justify something as premature optimization and not just a case of you being lazy/ignorant/dumb?

    Read the article

  • Is there an existing template for a new C++ Open Source project

    - by esavard
    I want to start a new C++ (Qt) Open Source project and I'm wondering if there is an existing template somewhere for files usually found in an Open Source project but that are not purely source code (README, LICENSE, CHANGELOG, etc.) I could probably find a popular Open Source project for inspiration but if there is some existing generic templates, I will use that instead. Thanks.

    Read the article

  • How to handle management trying to interfere with the project (including architecture decision)

    - by Zwei Steinen
    I feel this is not a very good question to post on SO, but I need some advice from experienced developers... (I'm a second year developer) I guess this is a problem to many, many projects, but in our case, it is getting intense. There were so much interference from people that don't know a bit about software development, that our development came to an almost complete stop. We had to literary escape to another location to get any useful job done. Now we were happily producing results, but then I get a request for a "meeting" and it's them again. I have a friendly relationship with them, but I feel very daunted at the thought of talking about non-sense all over again. Should I be firm and tell them to shut up and wait for our results? Or should I be diplomatic and create an illusion they are making a positive contribution or something?? My current urge is to be unfriendly and murmur some stuff so they will give up or something. What would you do if you were in this situation?

    Read the article

  • JSP application scope objects in Java library

    - by FrontierPsycho
    I am working on a preexisting web application built with JSP, which uses an external Java library. I want to make some JavaBeans that were instantiated with jsp:useBean tags available to the Java code. What would be a good practice to do that? I suppose I can pass the objects in question to every function call that requires them, but I'd like to avoid that.

    Read the article

  • Multiple REPLACE function in Oracle

    - by Adnan
    I am using the REPLACE function in oracle to replace values in my string like; SELECT REPLACE('THE NEW VALUE IS #VAL1#','#VAL1#','55') from dual So this is OK to replace one value, but what about 20+, should I use 20+ REPLACE function or is there a more practical solution. All ideas are welcome.

    Read the article

  • Git Submodule or fork

    - by Eric
    I have a private repo in github that is the complete source code to my cms. Now I have a few local customers that I want to use the same code base on but with different themes. Is it better to fork the original project out into a repo for each one. Or use a submodule and create a new repo for each customer? After each site is complete I would imagine the theme files wouldn't change much but would need to pull in changes from the main repo when bugs are discovered.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 118 119 120 121 122 123 124 125 126 127 128 129  | Next Page >