Search Results

Search found 36111 results on 1445 pages for 'mysql update'.

Page 451/1445 | < Previous Page | 447 448 449 450 451 452 453 454 455 456 457 458 | Next Page >

Preventing spam bots on site?

- by Mike

We're having an issue on one of our fairly large websites with spam bots. It appears the bots are creating user accounts and then posting journal entries which lead to various spam links. It appears they are bypassing our captcha somehow -- either it's been cracked or they're using another method to create accounts. We're looking to do email activation for the accounts, but we're about a week away from implementing such changes (due to busy schedules). However, I don't feel like this will be enough if they're using an SQL exploit somewhere on the site and doing the whole cross site scripting thing. So my question to you: If they are using some kind of XSS exploit, how can I find it? I'm securing statements where I can but, again, its a fairly large site and it'd take me awhile to actively clean up SQL statements to prevent XSS. Can you recommend anything to help our situation?

Read the article
Compare structures of two databases?

- by streetparade

Hello, I wanted to ask whether it is possible to compare the complete database structure of two huge databases. We have two databases, the one is a development database, the other a production database. I've sometimes forgotten to make changes in to the production database, before we released some parts of our code, which results that the production database doesn't have the same structure, so if we release something we got some errors. Is there a way to compare the two, or synchronize?

Read the article
What's wrong with this SQL query?

- by ThinkingInBits

I have two tables: photographs, and photograph_tags. Photograph_tags contains a column called photograph_id (id in photographs). You can have many tags for one photograph. I have a photograph row related to three tags: boy, stream, and water. However, running the following query returns 0 rows SELECT p.* FROM photographs p, photograph_tags c WHERE c.photograph_id = p.id AND (c.value IN ('dog', 'water', 'stream')) GROUP BY p.id HAVING COUNT( p.id )=3 Is something wrong with this query?

Read the article
Aggregate keeping the row with the max value

- by Luca Bernardi

Suppose you have the following schema (id, user_id , score). How can I take per each user the row with max score and then order all row for score. In other word I want a ranking where each user have his best result.

Read the article
whats best way to create documents Archive of images in the database's ?

- by ulduz114

What is the best way to create an Archive of image documents in the database ? Given we have about 2-10 million records and each record includes 2-4 images and about 20 text fields , what is the best way for create this archive so that we have good speed and high security for data? Also, what database is good for this project?

Read the article
Calculate time from timezones in php

- by Ramya

Hai I have the system with employees having different timezones in their profile. I would like to show the date according to their timezones specified. The GMT time zone values are placed in the database. could you guys help me

Read the article
PHP - How to get, and display the biggest values from a database?

- by Dodi300

Hello. Can anyone tell me how to get and display the biggest values from a database? I have multiple values in my database with the heading "gmd", but how would I get only the first 3 biggest ones to be displayed? How would I do it in this example: $query = "SELECT gmd FROM account"; $result = mysql_query($query); while($row = mysql_fetch_array($result, MYSQL_ASSOC)) { } Thanks.

Read the article
User Getting Logged Out After Making First Comment

- by John

Hello, I am using a login system that works well. I am also using a comment system. The comment function does not show up unless the user is logged in (as shown in commentformonoff.php below). When a user makes a comment, the info is passed from the function "show_commentbox" to the file comments2a.php. Then, the info is passed to the file comments2.php. When the site is first pulled up on a browser, after logging in and making a comment, the user is logged out. After logging in a second time during the same browser session, the user is no longer logged out after making a comment. How can I keep the user logged in after making the first comment? Thanks in advance, John Commentformonoff.php: <?php if (!isLoggedIn()) { if (isset($_POST['cmdlogin'])) { if (checkLogin($_POST['username'], $_POST['password'])) { show_commentbox($submissionid, $submission, $url, $submittor, $submissiondate, $countcomments, $dispurl); } else { echo "<div class='logintocomment'>Login to comment</div>"; } } else { echo "<div class='logintocomment'>Login to comment</div>"; } } else { show_commentbox($submissionid, $submission, $url, $submittor, $submissiondate, $countcomments, $dispurl); } ?> Function "show_commentbox": function show_commentbox($submissionid, $submission, $url, $submittor, $submissiondate, $countcomments, $dispurl) { echo '<form action="http://www...com/.../comments/comments2a.php" method="post"> <input type="hidden" value="'.$_SESSION['loginid'].'" name="uid"> <input type="hidden" value="'.$_SESSION['username'].'" name="u"> <input type="hidden" value="'.$submissionid.'" name="submissionid"> <input type="hidden" value="'.stripslashes($submission).'" name="submission"> <input type="hidden" value="'.$url.'" name="url"> <input type="hidden" value="'.$submittor.'" name="submittor"> <input type="hidden" value="'.$submissiondate.'" name="submissiondate"> <input type="hidden" value="'.$countcomments.'" name="countcomments"> <input type="hidden" value="'.$dispurl.'" name="dispurl"> <label class="addacomment" for="title">Add a comment:</label> <textarea class="checkMax" name="comment" type="comment" id="comment" maxlength="1000"></textarea> <div class="commentsubbutton"><input name="submit" type="submit" value="Submit"></div> </form> '; } Included in comments2a.php: $uid = mysql_real_escape_string($_POST['uid']); $u = mysql_real_escape_string($_POST['u']); $query = sprintf("INSERT INTO comment VALUES (NULL, %d, %d, '%s', NULL)", $uid, $subid, $comment); mysql_query($query) or die(mysql_error()); $lastcommentid = mysql_insert_id(); header("Location: comments2.php?submission=".$submission."&submissionid=".$submissionid."&url=".$url."&submissiondate=".$submissiondate."&comment=".$comment."&subid=".$subid."&uid=".$uid."&u=".$u."&submittor=".$submittor."&countcomments=".$countcomments."&dispurl=".$dispurl."#comment-$lastcommentid"); exit(); Included in comments2.php: if($_SERVER['REQUEST_METHOD'] == "POST"){header('Location: http://www...com/.../comments/comments2.php?submission='.$submission.'&submissionid='.$submissionid.'&url='.$url.'&submissiondate='.$submissiondate.'&submittor='.$submittor.'&countcomments='.$countcomments.'&dispurl='.$dispurl.'');} $uid = mysql_real_escape_string($_GET['uid']); $u = mysql_real_escape_string($_GET['u']);

Read the article
Jquery/Javascript gmail style stuff for message inbox, such as select all message using checkbox etc

- by Psychonetics

I am enjoying the fact that I'm here building a private message inbox for my website after building a full user signup/login and activation system when a few months ago I thought I wouldn't have enough patience to learn this stuff. Anyway to my question. I am currently building the private message inbox for my users and wondering if there are any jquery/javascript stuff I can use to make my inbox more like the gmail inbox. E.G. Gmail allows you to select all read messages or unread or starred or unstarred or none of the messages using a checkbox. I would like to add this kind of feature to my website and I'm sure the easiest way to achieve this would be using a jquery/javascript script. I would appreciate if someone could provide some links or info to where I can find several of these types of scripts to use with my inbox page. Thanks EDIT: Would also like to note that I would like the checkbox to be in a dropdown just like gmails.

Read the article
Multitenant shared user account?

- by jpartogi

Dear all, Based on your experience, which is the route to go for a multi-tenant user login? One user login per account. Which means if there is one user that has access to multiple account, there will be redundancy of record in the database One user login for all account that she has privileges to. Which means one user record has access to multiple account if she has privileges to that account. From your experience, which one is better and why? I was thinking to choose the latter, but I don't know whether it will cause security issue or less flexibility. Thank you for sharing your experience.

Read the article
Submitting a URL into a Form without "http://", with "www.", or with neither

- by John

(EDITED) Hello, In the form below, the filed for <div class="urlfield"><input name="url" type="url" id="url" maxlength="500"></div> fine when a URL is submitted that has a "http://" at the beginning of it. However, it doesn't work if a URL is submitted with only a "www." in front of it, or with neither a "http://" nor a "www." How can I make it work in all if the submitted URL has any or none of the following at the beginning of it: http:// www. http://www. Thanks in advance, John Form: echo '<div class="submittitle">Submit an item.</div>'; echo '<form action="http://www...com/.../submit2.php" method="post"> <input type="hidden" value="'.$_SESSION['loginid'].'" name="uid"> <div class="submissiontitle"><label for="title">Story Title:</label></div> <div class="submissionfield"><input name="title" type="title" id="title" maxlength="1000"></div> <div class="urltitle"><label for="url">Link:</label></div> <div class="urlfield"><input name="url" type="url" id="url" maxlength="500"></div> <div class="submissionbutton"><input name="submit" type="submit" value="Submit"></div> </form> '; submit2.php: <?php if($_SERVER['REQUEST_METHOD'] == "POST"){header('Location: http://www...com/.../submit2.php');} require_once "header.php"; if (isLoggedIn() == true) { $remove_array = array('http://www.', 'http://', 'https://', 'https://www.', 'www.'); $cleanurl = str_replace($remove_array, "", $_POST['url']); $cleanurl = strtolower($cleanurl); $cleanurl = preg_replace('/\/$/','',$cleanurl); $cleanurl = stripslashes($cleanurl); $title = $_POST['title']; $uid = $_POST['uid']; $title = mysql_real_escape_string($title); $title = stripslashes($title); $cleanurl = mysql_real_escape_string($cleanurl); $site1 = 'http://' . $cleanurl; $displayurl = parse_url($site1, PHP_URL_HOST); function isURL($url1 = NULL) { if($url1==NULL) return false; $protocol = '(http://|https://)'; $allowed = '[-a-z0-9]{1,63}'; $regex = "^". $protocol . // must include the protocol '(' . $allowed . '\.)'. // 1 or several sub domains with a max of 63 chars '[a-z]' . '{2,6}'; // followed by a TLD if(eregi($regex, $url1)==true) return true; else return false; } if(isURL($site1)==true) mysql_query("INSERT INTO submission VALUES (NULL, '$uid', '$title', '$cleanurl', '$displayurl', NULL)"); else echo "<p class=\"topicu\">Not a valid URL.</p>\n"; } else { show_loginform(); } if (!isLoggedIn()) { if (isset($_POST['cmdlogin'])) { if (checkLogin($_POST['username'], $_POST['password'])) { show_userbox(); } else { echo "Incorrect Login information !"; show_loginform(); } } else { show_loginform(); } } else { show_userbox(); } require_once "footer.php"; ?>

Read the article
Table not Echoing out if another Table has a Zero value

- by John

Hello, The table below with mysql_query($sqlStr3) (the one with the word "Joined" in its row) does not echo if the result associated with mysql_query($sqlStr1) has a value of zero. This happens even if mysql_query($sqlStr3) returns a result. In other words, if a given loginid has an entry in the table "login", but not one in the table "submission", then the table associated with mysql_query($sqlStr3) does not echo. I don't understand why the "submission" table would have any effect on mysql_query($sqlStr3), since the $sqlStr3 only deals with another table, called "login", as seen below. Any ideas why this is happening? Thanks in advance, John W. <?php echo '<div class="profilename">User Profile for </div>'; echo '<div class="profilename2">'.$profile.'</div>'; $tzFrom = new DateTimeZone('America/New_York'); $tzTo = new DateTimeZone('America/Phoenix'); $profile = mysql_real_escape_string($_GET['profile']); $sqlStr = "SELECT l.username, l.loginid, s.loginid, s.submissionid, s.title, s.url, s.datesubmitted, s.displayurl FROM submission AS s INNER JOIN login AS l ON s.loginid = l.loginid WHERE l.username = '$profile' ORDER BY s.datesubmitted DESC"; $result = mysql_query($sqlStr); $arr = array(); echo "<table class=\"samplesrec1\">"; while ($row = mysql_fetch_array($result)) { $dt = new DateTime($row["datesubmitted"], $tzFrom); $dt->setTimezone($tzTo); echo '<tr>'; echo '<td class="sitename3">'.$dt->format('F j, Y &\nb\sp &\nb\sp g:i a').'</a></td>'; echo '<td class="sitename1"><a href="http://www.'.$row["url"].'">'.$row["title"].'</a></td>'; echo '</tr>'; } echo "</table>"; $sqlStr1 = "SELECT l.username, l.loginid, s.loginid, s.submissionid, s.title, s.url, s.datesubmitted, s.displayurl, l.created, count(s.submissionid) countSubmissions FROM submission AS s INNER JOIN login AS l ON s.loginid = l.loginid WHERE l.username = '$profile'"; $result1 = mysql_query($sqlStr1); $arr1 = array(); echo "<table class=\"samplesrec2\">"; while ($row1 = mysql_fetch_array($result1)) { echo '<tr>'; echo '<td class="sitename5">Submissions:      '.$row1["countSubmissions"].'</td>'; echo '</tr>'; } echo "</table>"; $sqlStr2 = "SELECT l.username, l.loginid, c.loginid, c.commentid, c.submissionid, c.comment, c.datecommented, l.created, count(c.commentid) countComments FROM comment AS c INNER JOIN login AS l ON c.loginid = l.loginid WHERE l.username = '$profile'"; $result2 = mysql_query($sqlStr2); $arr2 = array(); echo "<table class=\"samplesrec3\">"; while ($row2 = mysql_fetch_array($result2)) { echo '<tr>'; echo '<td class="sitename5">Comments:          '.$row2["countComments"].'</td>'; echo '</tr>'; } echo "</table>"; $tzFrom3 = new DateTimeZone('America/New_York'); $tzTo3 = new DateTimeZone('America/Phoenix'); $sqlStr3 = "SELECT created, username FROM login WHERE username = '$profile'"; $result3 = mysql_query($sqlStr3); $arr3 = array(); echo "<table class=\"samplesrec4\">"; while ($row3 = mysql_fetch_array($result3)) { $dt3 = new DateTime($row3["created"], $tzFrom3); $dt3->setTimezone($tzTo3); echo '<tr>'; echo '<td class="sitename5">Joined:                  '.$dt->format('F j, Y').'</td>'; echo '</tr>'; } echo "</table>"; ?> </body> </html>

Read the article
NSPredicate cause update editing to return NSFetchedResultsChangeDelete not NSFetchedResultsChangeUp

- by Matthew Weiss

I have predicate inside of - (NSFetchedResultsController *)fetchedResultsController in a standard way starting from the CoreDataBook example. NSPredicate *predicate = [NSPredicate predicateWithFormat:@"state=%@ && date = %@ && date < %@", @"1",fromDate,toDate]; [fetchRequest setPredicate:predicate]; This works fine however when editing an item, it returns with NSFetchedResultsChangeDelete not Update. When the main view returns, it is missing the item. If I restart the simulator the delete was not saved and the correct editing result is shown the the predicate working correctly. case NSFetchedResultsChangeDelete: [tableView deleteRowsAtIndexPaths:[NSArray arrayWithObject:indexPath] withRowAnimation:UITableViewRowAnimationFade]; break; I can confirm the behavior by commenting out the two predicate lines ONLY and then all works as it should correctly returning with the full set after editing and calling NSFetchedResultsChangeUpdate instead of NSFetchedResultsChangeDelete. I have read http://matteocaldari.it/2009/11/multiple-contexts-controllers-delegates-and-coredata-bug who reports similar behavior but I have not found a work around to my problem. I can

Read the article
Javascript Confirm Delete in One PHP File (on href)

- by gamerzfuse

<p><span class="linky"><a href="deletephone.php?id=' . $row['id'] . '">Delete Phone</a></span></p><br /> I have the above code that I am using to link to a delete script. I want to somehow incorporate Javascript with a simple onclick confirmation. This way if they choose OK, I can run the code to delete the item from the database, but if they choose Cancel then I can cancel the operation and do nothing. I have tried a whole variety of functions with changing the window.location to the delete file, and trying to cancel the href= if they choose Cancel, but it always goes to the link regardless of what the user clicks. I would like to be able to keep the delete functions inside the same PHP file if possible, but this is not necessary at all. Thanks in advance! ASIDE: If there is a simple PHP way to check IF the alert was confirmed or denied, that could work also. Any way to check what the user chooses and then run my simple delete PHP command.

Read the article
how to send value to the from action page from database

- by Mayank swami

I am creating a faq panel for there can be multiple answers for question and i want to take the answer id .because i am storing comment by answer id the problem is that how to sent the $answer_id to the comment_submit_process.php and how to recognize the answer ? $selected_ques= mysql_prep($_GET['ques']); $query = "SELECT * FROM formanswer where question_id = {$selected_ques}"; $ans= mysql_query($query); if($ans){ while($answer = mysql_fetch_array($ans)) //here is the form <form id="add-comment" action="comment_submit_process.php" > <textarea class="comment-submit-textarea" cols="78" name="comment" style="height: 64px;"></textarea> <input type="submit" name="submitbutton" value="Add Comment" class="comment-submit-button" > <br> <?php $ans_id= $answer['id']; echo $ans_id; ?> <input type="hidden" name="ques" value="<?php echo $_GET['$ans_id'] ?>" /> <span class="counter ">enter at least 15 characters</span> <span class="form-error"></span> </form> <?php }} ?>

Read the article
PHP Login, Store Session Variables.

- by Andreas Carlbom

Yo. I'm trying to make a simple login system in PHP and my problem is this: I don't really understand sessions. Now, when I log a user in, I run session_register("user"); but I don't really understand what I'm up to. Does that session variable contain any identifiable information, so that I for example can get it out via $_SESSION["user"] or will I have to store the username in a separate variable? Thanks.

Read the article
to take values of checkbox in table attributes

- by mwj

i have a database patient with 3-4 tables n each table has about 8 attributes.... i have a table medical history which has attribute additional info ... under which i have 5 checkboxes.... all the values entered are taken up except the chekbox values..... plz help

Read the article
how to have defined connection within function for pdo communication with DB

- by Scarface

hey guys I just started trying to convert my query structure to PDO and I have come across a weird problem. When I call a pdo query connection within a function and the connection is included outside the function, the connection becomes undefined. Anyone know what I am doing wrong here? I was just playing with it, my example is below. include("includes/connection.php"); function query(){ $user='user'; $id='100'; $sql = 'SELECT * FROM users'; $stmt = $conn->prepare($sql); $result=$stmt->execute(array($user, $id)); // now iterate over the result as if we obtained // the $stmt in a call to PDO::query() while($r = $stmt->fetch(PDO::FETCH_ASSOC)) { echo "$r[username] $r[id] \n"; } } query();

Read the article
SQL Injection When Using MySQLi Prepared Statements

- by Sev

If all that is used to do any and all database queries is MySQLi prepared statements with bound parameters in a web-app, is sql injection still possible? Notes I know that there are other forms of attack other than sql-injection, but my question is specific to sql-injection attacks on that particular web application only.

Read the article
how to link table to table

- by Niño Seymour L. Rodriguez

I am a comsci student and I'm taking up database now. I got a problem in or should I say I dont know how to link table to table. It is not like you'll just use a foreign key and connect it to the primary key. The outcome should be like this: In the table Course there are three fields namely "course_id", "Description" and "subjects". When you click the name field Subject, a table named Subject should appear. Can you help me with this? hope you understnd my grammar, hehe..im not good in english......it will be a big help if you can answer it.........thank you po..............

Read the article
SQL hidden techniques?

- by AlexRednic

What are those pro/subtle techniques that SQL provides and not many know about which also cut code and improve performance? eg: I have just learned how to use CASE statements inside aggregate functions and it totally changed my approach on things. Are there others?

Read the article
SQL Query Math Gymnastics

- by keruilin

I have two tables of concern here: users and race_weeks. User has many race_weeks, and race_week belongs to User. Therefore, user_id is a fk in the race_weeks table. I need to perform some challenging math on fields in the race_weeks table in order to return users with the most all-time points. Here are the fields that we need to manipulate in the race_weeks table. races_won (int) races_lost (int) races_tied (int) points_won (int, pos or neg) recordable_type(varchar, Robots can race, but we're only concerned about type 'User') Just so that you fully understand the business logic at work here, over the course of a week a user can participate in many races. The race_week record represents the summary results of the user's races for that week. A user is considered active for the week if races_won, races_lost, or races_tied is greater than 0. Otherwise the user is inactive. So here's what we need to do in our query in order to return users with the most points won (actually net_points_won): Calculate each user's net_points_won (not a field in the DB). To calculate net_points, you take (1000 * count_of_active_weeks) - sum(points__won). (Why 1000? Just imagine that every week the user is spotted a 1000 points to compete and enter races. We want to factor-out what we spot the user because the user could enter only one race for the week for 100 points, and be sitting on 900, which we would skew who actually EARNED the most points.) This one is a little convoluted, so let me know if I can clarify further.

Read the article
How can I get the rank of rows relative to total number of rows based on a field?

- by Arms

I have a scores table that has two fields: user_id score I'm fetching specific rows that match a list of user_id's. How can I determine a rank for each row relative to the total number of rows, based on score? The rows in the result set are not necessarily sequential (the scores will vary widely from one row to the next). I'm not sure if this matters, but user_id is a unique field. Edit @Greelmo I'm already ordering the rows. If I fetch 15 rows, I don't want the rank to be 1-15. I need it to be the position of that row compared against the entire table by the score property. So if I have 200 rows, one row's rank may be 3 and another may be 179 (these are arbitrary #'s for example only). Edit 2 I'm having some luck with this query, but I actually want to avoid ties SELECT s.score , s.created_at , u.name , u.location , u.icon_id , u.photo , (SELECT COUNT(*) + 1 FROM scores WHERE score > s.score) AS rank FROM scores s LEFT JOIN users u ON u.uID = s.user_id ORDER BY s.score DESC , s.created_at DESC LIMIT 15 If two or more rows have the same score, I want the latest one (or earliest - I don't care) to be ranked higher. I tried modifying the subquery with AND id > s.id but that ended up giving me an unexpected result set and different ties.

Read the article
How do I select distinct rows where a column may have a number of the same values but all their 2nd

- by Martin Rose

I have a table in the form: test_name| test_result | test1 | pass | test2 | fail | test1 | pass | test1 | pass | test2 | pass | test1 | pass | test3 | pass | test3 | fail | test3 | pass | As you can see all test1's pass while test2's and test3's have both passes and fails. Is there a SQL statement that I can use to return the distinct names of the tests that only pass? E.g. test1

Read the article
How do I write this query in Django?

- by alex

Suppose I have a datetime column. "SELECT * FROM mytable WHERE thetime < INTERVAL 1 HOUR" How do you write this in Django?

Read the article

< Previous Page | 447 448 449 450 451 452 453 454 455 456 457 458 | Next Page >