Search Results

Search found 34274 results on 1371 pages for 'mysql table'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 503/1371 | < Previous Page | 499 500 501 502 503 504 505 506 507 508 509 510  | Next Page >

  • Will these security functions be enough? (PHP)

    - by ggfan
    I am trying to secure my site so I don't have sql injections and xss scripting. Here's my code. //here's the from, for brevity, i just show a field for users to put firstname <form> <label for="first_name" class="styled">First Name:</label> <input type="text" id="first_name" name="first_name" value="<?php if (!empty($first_name)) echo $first_name; ?>" /><br /> //submit button etc </form> if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //then insert into the database. ....... } mysqli_real_espace_string: I know that this func escapes certain letters like \n \r, so when the data gets inputted into the dbc, it would have '\' next to all the escaped letters? --Will this script be enough to prevent most sql injections? just escaping and checking if the data is a string. For integers values(like users putting in prices), i just: is_numeric(). --How should I use htmlspecialchars? Should I use it only when echoing and displaying user data? Or should I also use this too when inputting data to a dbc? --When should I use strip_tags() or htmlspecialchars? SOO with all these function... if (isset($_POST['submit'])) { //gets rid of extra whitesapce and escapes $first_name = mysqli_real_escape_string($dbc, trim($_POST['first_name'])); //check if $first_name is a string if(!is_string($first_name) { echo "not string"; } //gets rid of any <,>,& htmlspecialchars($first_name); //strips any tags with the first name strip_tags($first_name) //then insert into the database. ....... } Which funcs should I use for sql injections and which ones should I use for xss?

    Read the article

  • I cant get a field on report from a view

    - by felipedz
    When I get a field, this work good. But, when get a field from a 'VIEW', is a problem because the code of a VIEW is: CREATE OR REPLACE VIEW tabla_clientes AS SELECT id_cliente,nombre, CONCAT('$ ',FORMAT(monto_a_favor,0), '???'), CONCAT('$ ',FORMAT(calcular_monto_por_cobrar_cliente(id_cliente),0)) FROM cliente; When I compile this. Appears errors from the name of fields. Description | Object ---------------------------------------------------------------------------- Syntax error, insert ";" to complete BlockStatements | ${CONCAT('$ ',FORMAT(monto_a_favor,0)} Syntax error on tokens, delete these tokens | ${CONCAT('$ ',FORMAT(monto_a_favor,0)} Syntax error on token ",", delete this token | ${CONCAT('$ ',FORMAT(monto_a_favor,0)} If I change the name at this field appears other error.

    Read the article

  • Simple PHP query question: LIKE

    - by pg
    When I replace $ordering = "apples, bananas, cranberries, grapes"; with $ordering = "apples, bananas, grapes"; I no longer want cranberries to be returned by my query, which I've written out like this: $query = "SELECT * from dbname where FruitName LIKE '$ordering'"; Of Course this doesn't work, because I used LIKE wrong. I've read through various manuals that describe how to use LIKE and it doesn't quite make sense to me. If I change the end of the db to "LIKE "apples"" that works for limiting it to just apples. Do I have to explode the ordering on the ", " or is there a way to do this in the query?

    Read the article

  • Magento: Add (and retrieve) custom database field for CMS pages

    - by Toby H
    I want to assign custom parameters to CMS pages in Magento (i.e. 'about', 'customer service', etc), so they can be grouped. The end goal is to use the parameters for each page to show (or hide) them in a nav menu. Writing a quick method in the page/html block to retrieve the pages (active only) for the menu was easy, but I can't figure out how to group them so that 'testimonials', 'history', and 'contact' are associated with 'about', and 'return policy', 'shipping', and 'contact' are associated with 'customer service'. Any help to point me in the right direction would be greatly appreciated. Thanks!

    Read the article

  • Unknown Column In Where Clause

    - by Corpo
    I have a simple query: SELECT u_name AS user_name FROM users WHERE user_name = "john"; I get "Unknown Column 'user_name' in where clause". Can I not refer to 'user_name' in other parts of the statement even after select 'u_name as user_name'?

    Read the article

  • help me with the following sql query

    - by rupeshmalviya
    could somebody correct my following query, i am novice to software development realm, i am to a string builder object in comma separated form to my query but it's not producing desired result qyery is as follows and string cmd = "SELECT * FROM [placed_student] WHERE passout_year=@passout AND company_id=@companyId AND course_id=@courseId AND branch_id IN('" + sb + "')"; StringBuilder sb = new StringBuilder(); foreach (ListItem li in branch.Items) { if (li.Selected == true) { sb.Append(Convert.ToInt32(li.Value) +", "); } } li is integer value of my check box list which are getting generated may be differne at different time ...please also suggest me some good source to learn sql..

    Read the article

  • How can I find all records for a model without doing a long list of "OR" conditions?

    - by gomezuk
    I'm having trouble composing a CakePHP find() which returns the records I'm looking for. My associations go like this: User -(has many)- Friends , User -(has many)- Posts I'm trying to display a list of all a user's friends recent posts, in other words, list every post that was created by a friend of the current user logged in. The only way I can think of doing this is by putting all the user's friends' user_ids in a big array, and then looping through each one, so that the find() call would look something like: $posts = $this->Post->find('all',array( 'conditions' => array( 'Post.user_id' => array( 'OR' => array( $user_id_array[0],$user_id_array[1],$user_id_array[2] # .. etc ) ) ) )); I get the impression this isn't the best way of doing things as if that user is popular that's a lot of OR conditions. Can anyone suggest a better alternative?

    Read the article

  • Worpress WorkFlow Modfications

    - by blgnklc
    Hi All WordPress Lovers, I would like to ask a help about Zensor which is a plugin that you publish a post then a moderator approves the post to be published on the wordpress blog site. When a post is awating for approval, each awaiting post is appearing "waiting moderation". But, I dont want any link appears before moderator approval. Actually I found the joing sentence below; 1- Must be added to the end of JOIN part of any query: LEFT JOIN wp_zensor ON ID = wp_zensor.post_id 2- Must be added to the end of WHERE condition : AND wp_zensor.moderation_status = 'approved' Could you please show me; where should I add these modification on the category link presentation below: <h2>Politics</h2> <?php $recent = new WP_Query("cat=31&showposts=1"); while($recent->have_posts()) : $recent->the_post();?> <b><a href="<?php the_permalink() ?>" rel="bookmark"><?php the_title(); ?></a></b> <?php the_content_limit(140, "devami &raquo;"); ?> <div class="hppostmeta"> <p><?php the_time('j F Y, H:i'); ?> | <?php the_author_posts_link(); ?></p> </div> <?php endwhile; ?> Or any general solutions will be welcomed. Thanks. BK

    Read the article

  • MDX: Filtering a member set by a measure's table values

    - by oyvinro
    I have some numbers in a fact table, and have generated a measure which use the SUM aggregator to summarize the numbers. But the problem is that I only want to sum the numbers that are higher than, say 10. I tried using a generic expression in the measure definition, and that works of course, but the problem is that I need to be able to dynamically set that value, because it's not always 10, meaning users should be able to select it themselves. More specifically, my current MDX looks like this: WITH SET [Email Measures] AS '{[Measures].[Number Of Answered Cases], [Measures].[Max Expedition Time First In Case], [Measures].[Avg Expedition Times First In Case], [Measures].[Number Of Incoming Email Requests], [Measures].[Avg Number Of Emails In Cases], [Measures].[Avg Expedition Times Total],[Measures].[Number Of Answered Incoming Emails]}' SET [Organizations] AS '{[Organization.Id].[860]}' SET [Operators] AS '{[Operator.Id].[3379],[Operator.Id].[3181]}' SET [Email Accounts] AS '{[Email Account.Id].[6]}' MEMBER [Time.Date].[Date Period] AS Aggregate ({[Time.Date].[2008].[11].[11] :[Time.Date].[2009].[1].[2] }) MEMBER [Email.Type].[Email Types] AS Aggregate ({[Email.Type].[0]}) SELECT {[Email Measures]} ON columns, [Operators] ON rows FROM [Email_Fact] WHERE ( [Time.Date].[Date Period] ) Now, the member in question is the calculated member [Avg Expedition Times Total]. This member takes in two measures; [Sum Expedition Times] and [Nr of Expedition Times] and splits one on the other to get the average, all this presently works. However, I want [Sum Expedition Times] to only summarize values over or under a parameter of my/the user's wish. How do I filter the numbers [Sum Expedition Times] iterates through, rather than filtering on the sum that the measure gives me in the end?

    Read the article

  • PHP: How to get the days of the week?

    - by fwaokda
    I'm wanting to store items in my database with a DATE value for a certain day. I don't know how to get the current Monday, or Tuesday, etc. from the current week. Here is my current database setup. menuentry id int(10) PK menu_item_id int(10) FK day_of_week date message varchar(255) So I have a class setup that holds all the info then I was going to do something like this... foreach ( $menuEntryArray as $item ) { if ( $item->getDate() == [DONT KNOW WHAT TO PUT HERE] ) { // code to display menu_item information } } So I'm just unsure what to put in "[DONT KNOW WHAT TO PUT HERE]" to compare to see if the date is specified for this week's Monday, or Tuesday, etc. The foreach above runs for each day of the week - so it'll look like this... Monday Item 1 Item 2 Item 3 Tuesday Item 1 Wednesday Item 1 Item 2 ... Thanks!

    Read the article

  • Autopopulate from Select box from database

    - by Chris Spalton
    hope you can help, please forgive any poor coding or anytihng, I'm new to this and just hacking my way through to get things to work. That said, on one of my projects I have this code, which successfully populates the dropdown from a database when the page is loaded: <select name="Region" id="Region"> <option value="">-- Select Region --</option> <?php $region=$POST['Region']; if ($region); { $regionquery = "SELECT DISTINCT REGION FROM Sales_Execs "; $regionresult = mysql_query($regionquery); while($row = mysql_fetch_array($regionresult)) { echo "<option value=\"".$row['REGION']."\">".$row['REGION']."</option>\n "; } } ?> <script type="text/javascript"> document.getElementById('Region').value = <?php echo json_encode(trim($_POST['Region']));?>; </script> </select> On my next project that I'm working on now, I need to do the same thing, so I copied the above code amended, and placed in my new project: <select name="Sales_Exec" id="Sales_Exec"> <option value="">-- Select SE --</option> <?php $salesexec=$POST['Sales_Exec']; if ($salesexec); { $salesexecquery = "SELECT DISTINCT Assigned FROM Data "; $salesexecresult = mysql_query($salesexecquery); while($row = mysql_fetch_array($salesexecresult)) { echo "<option value=\"".$row['ASSIGNED']."\">".$row['ASSIGNED']."</option>\n "; } } ?> <script type="text/javascript"> document.getElementById('Sales_Exec').value = <?php echo json_encode(trim($_POST['Sales_Exec']));?>; </script> </select> This second chunk of code doesn't work... and I can't work out why as it seems I've copied it all and amended all the neccersary parts, can anyone spot what is wrong? Thankyou!

    Read the article

  • Use where clause with Like in codeigniter

    - by user2524013
    I am working on a project. I am implementing the Search functionality in my System. I will have to show the search record from two tables base on the current use login. I have tried the following code: function searchActivity($limit,$offset,$keyword1,$keyword2,$recruiter_id) { $q=$this->db->select('*')->from('tbl_activity')->limit($limit,$offset); $this->db->join('tbl_job', 'tbl_job.job_id = tbl_activity.job_id_fk', 'left outer'); $this->db->order_by("activity_id", "ASC"); $this->db->like('job_title',$keyword1,'both'); $this->db->or_like('job_title',$keyword2,'both'); $this->db->or_like('activity_subject',$keyword1,'both'); $this->db->or_like('activity_subject',$keyword2,'both'); $this->db->or_like('activity_details',$keyword1,'both'); $this->db->or_like('activity_details',$keyword2,'both'); $this->db->where('tbl_activity.recruiter_id_fk',$recruiter_id); $ret['rows']=$q->get()->result(); return $ret; } I want to show search results based on the current user id, which is currently store in $recruiter. Thanks in advance.

    Read the article

  • trying to redirect the php page is get id is empty ir does not exists.

    - by user570782
    <? include..... if ($picid != $_GET['picid']) || (empty($picid)) { echo "page not working"; } else { $picid = $_GET['picid']; $query = mysql_query("SELECT * FROM pic_info WHERE picid = 'picid1' ");// problem while($rows = mysql_fetch_assoc($query)): $picid = $rows['picid']; $title = $rows['title']; $link = $rows['link']; $description = $rows['description']; $movie_pic = $rows['movie_pic']; $source = $rows['source']; } $get_comment = mysql_query("SELECT * FROM comment WHERE picid ='$picid'");// work partially $comment_count = mysql_num_rows($get_comment); if ($comment_count>0) { messages = " "; while ($com = mysql_fetch_array($get_comment)){ $comment_id = $com['comment_id']; $name = $com['name']; $message = $com['message']; $time_post= $com['time_post']; $messages .= '<em> on ' .$time_post.'</em><b> '.$name.' said.....</b><br/> '.$message.'<hr/>'; // line with problem } } ?> i am stuck i am trying to say that if $_GET['picid']; is empty echo out error message or if the movid does not exist in the db echo out error message. when i run it i get an error. not sure if i am calling the correct function. what am i doing wrong please help

    Read the article

  • Storing database records into array

    - by zerey
    I would want to create an array that will hold records retrieved from a database using a query of SELECT statement. The records to be retrieved have multiple fields such as lastname, firstname, mi and 20 more fields. What would be the best approach on coding this function? alright i have followed what prisoner have given below.. the next question is how do i search through this kind of array using queries? for example i want to search for a username..

    Read the article

  • get value from database based on array in codeigniter

    - by Developer
    I have an array $user = array([0]=>1 [1]=>2 [2]=>3) which contains id's of certain users. I need to get the countries of these users from database. foreach($userid as $user){ $this->db->select('country'); $this->db->where('user_id',$user); $this->db->from('company'); $usercountry = $this->db->get(); $count = $usercountry->row(); $country = $count->country; } Suppose user1 has country ES, user2 has IN, user3 has US, user4 has UK. then if array contains 1,2,3. Then i need to get the countries ES,IN,US.

    Read the article

  • Database design for business numbers

    - by Rob Morris
    I'm in need of some help, I need to store the information below into a database, what would the relational database structure be for this: Then I need to create a dropdown for the insurance company followed by another dropdown depending on what the first dropdown selected value was, then once both selects have been chosen display the relevant telephone number. I guess i need to query the database, then display the dropdowns using javascript(jquery) or Ajax?

    Read the article

  • PHP Code Problem...

    - by aamir Fayyaz
    function check_login($array_val) { $strQury = "Select * from tblsignup where usr_email ='".$array_val[0]."' and usr_password = '".$array_val[1]."'" ; $result = mysql_query($strQury); $row_user = mysql_fetch_array($result); if(mysql_num_rows($result)>0) { $msg = "true"; } else { $msg = "false"; } return $msg ; } The return value is Object id #1true???? what is object id#1?

    Read the article

  • PHP: Building A Stock Index Using Yahoo Finance [on hold]

    - by Jeremy
    I have the following code which is pulling data but it is not outputting properly. <?php class YahooStock { public function getQuotes(){ $stocks = array(); $result = array(); $s = file_get_contents("http://finance.yahoo.com/d/quotes.csv?s=AMZN+CRM+CNQR+CTL+CTXS+DWRE+EMC+GOOG+HP+IBM+JIVE+LNKD+MKTO+MSFT+N+NFLX+NOW+ORCL+RAX+SAP+T+VEEV+VMW+VZ+WDAY&f=npf6&e=.csv"); $data = explode( ',', $s); $result = $data; return $result; } } $objYahooStock = new YahooStock; foreach( $objYahooStock->getQuotes() as $code => $result){ echo 'Name:' . $result[0] . '<br />'; echo 'Price:' . $result[1] . '<br />'; echo 'Float:' . $result[2] . '<br />'; } ?> The output looks like it is separating every character with a comma instead of each column: Name:" Price:A Float:m Name: Price:I Float:n Name:3 Price:3 Float:2 Name: Price: Float: Any help is appreciated!

    Read the article

  • How to skip an empty LIKE operator in a multiple LIKE query?

    - by alex
    I notice my query doesn't behave correctly if one of the like variables is empty: SELECT name FROM employee WHERE name LIKE '%a%' AND color LIKE '%A%' AND city LIKE '%b%' AND country LIKE '%B%' AND sport LIKE '%c%' AND hobby LIKE '%C%' Now when a and A are not empty it works but when a, A and c are not empty the c part is not excuted so it seems? How can I fix this?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 499 500 501 502 503 504 505 506 507 508 509 510  | Next Page >