Search Results

Search found 3474 results on 139 pages for 'prepared statements'.

Page 63/139 | < Previous Page | 59 60 61 62 63 64 65 66 67 68 69 70  | Next Page >

  • WHERE clause confusion with PDO

    - by Greg
    I'm having some trouble understanding how to use prepared statements, when you need to match one value against several columns at once. In other words what instead of doing this: $stmt = $dbh-prepare("SELECT * FROM REGISTRY where name = ?"); $stmt-bindParam(':name', $name); I wanted to do this: $stmt = $dbh-prepare("SELECT * FROM REGISTRY where firstname = ? or lastname = ?"); with both '?' representing the same string.

    Read the article

  • Quick MySQLi security question

    - by Benjamin Falk
    I have a quick MySQLi security related question... For example, take a look at this code (gets in put from the user, checks it against the database to see if the username/password combination exist): $input['user'] = htmlentities($_POST['username'], ENT_QUOTES); $input['pass'] = htmlentities($_POST['password'], ENT_QUOTES); // query db if ($stmt = $mysqli->prepare("SELECT * FROM members WHERE username=? AND password = ?")) { $stmt->bind_param("ss", $input['user'], md5($input['pass'] . $config['salt'])); $stmt->execute(); $stmt->store_result(); // check if there is a match in the database for the user/password combination if ($stmt->num_rows > 0) {} } In this case, I am using htmlentities() on the form data, and using a MySQLi prepared statement. Do I still need to be using mysql_real_escape_string()?

    Read the article

  • Clone a div that contains "customized" jQueryUI datePicker

    - by Enrique
    I have a div that contains 3 fields You can see the image here http://imgur.com/A3tbd.jpg I'm cloning this div with this plugin http://sroucheray.org/blog/demos/jquery-dynamic-form/ My problems are: It doesn't clone correctly datePicker. I'm using validate form plugin, but I guess this plugin is not prepared to validate cloned elements Is there any easy code, other plugin or some functions I should use for doing this sequence? Verify user has filled the 3 fields of the actual div If so, clone the div and create a new set of 3 fields. Also, clone datePicker correctly If user clicks the delete button, erase last div (last 3 fields) When form submitted, post all fields correctly Thanks,

    Read the article

  • Displaying untrusted HTML using PHP

    - by esryl
    I have a read a number of excellent questions and answers today about dealing with user input. I am now using htmlspecialchars() to display user data in the create/edit forms (but accepting the raw input via prepared PDO statements into my database). The main question I know have is, what do you do when you are allowing the user to submit HTML which will then be displayed to the public. Obviously htmlspecialchars() is no longer suitable as it just encodes the tags and renders the content useless for purpose. My application is currently accepting HTML from an admin for product descriptions. This would allow a malicious admin to inject potentially unsafe data into public facing pages. How do people cope with this?

    Read the article

  • Php PEAR, Database Abstraction & Factory Methods

    - by pws5068
    I'm interested in learning more about design practices in PHP for Database Abstraction & Factory methods. For background, my site is a special-interest social networking community currently in beta mode. Currently, I've started moving my old code for object retrieval to factory methods. However, I do feel like I'm limiting myself by keeping a lot of SQL table names and structure separated in each function/method. Questions: 1.) Is there a reason to use PEAR (or similar) if I dont anticipate switching databases? 2.) Can PEAR interface with the MySqli prepared statements I currently use? 3.) Will it help me separate table names from each method? (If no, what other design patterns might I want to research?) 4.) Will it slow down my site once I have a significantly large member base?

    Read the article

  • Cocoa multiple threads, locks don't work

    - by Igor
    I have a threadMethod which shows in console robotMotorsStatus every 0.5 sec. But when I try to change robotMotorsStatus in changeRobotStatus method I receive an exception. Where I need to put locks in that program. #import "AppController.h" @implementation AppController extern char *robotMotorsStatus; - (IBAction)runThread:(id)sender { [self performSelectorInBackground:@selector(threadMethod) withObject:nil]; } - (void)threadMethod { char string_to_send[]="QFF001100\r"; //String prepared to the port sending (first inintialization) string_to_send[7] = robotMotorsStatus[0]; string_to_send[8] = robotMotorsStatus[1]; while(1){ [theLock lock]; usleep(500000); NSLog (@"Robot status %s", robotMotorsStatus); [theLock unlock]; } } - (IBAction)changeRobotStatus:(id)sender { robotMotorsStatus[0]='1'; }

    Read the article

  • ADO "Unspecified Error" instead of actual error when fetching server side cursor

    - by Dan
    This relates to my recent question: http://stackoverflow.com/questions/2835663/force-oracle-error-on-fetch I am now able to reproduce a scenario where using ADO with the Oracle OLEDB Provider, I can force an error such as ORA-01722: invalid number to occur on calling Recordset.MoveNext However, this is not the error that is returned to the application. Instead, the application sees Provider error '80004005' Unspecified error. How can I get the application to see the real error from the database? This is with Oracle 10g (client and server), if it matters. Sample code is roughly as follows: Dim con As New ADODB.Connection Dim cmd As New ADODB.Command Dim rs As ADODB.Recordset con.ConnectionString = "Provider=OraOLEDB.ORACLE;Data Source=xxx;User Id=yyy;Password=zzz" con.CursorLocation = adUseServer con.Open Set cmd.ActiveConnection = con cmd.CommandText = "select * from table(ret_err)" cmd.Prepared = True Set rs = cmd.Execute While Not rs.EOF rs.MoveNext Wend

    Read the article

  • Swing: what to do when a GUI update takes too long and freezes other GUI elements?

    - by java.is.for.desktop
    Hello, everyone! I know that GUI code in Java Swing must be put inside SwingUtilities.invokeAndWait or SwingUtilities.invokeLater. This way threading works fine. Sadly, in my situation, the GUI update it that thing which takes much longer than background thread(s). More specific: I update a JTree with about just 400 entries, nesting depth is maximum 4, so should be nothing scary, right? But it takes sometimes one second! I need to ensure that the user is able to type in a JTextPane without delays. Well, guess what, the slow JTree updates do cause delays for JTextPane during input. It refreshes only as soon as the tree gets updated. I am using Netbeans and know empirically that a Java app can update lots of information without freezing the rest of the UI. How can it be done? NOTE 1: All those DefaultMutableTreeNodes are prepared outside the invokeAndWait. NOTE 2: When I replace invokeAndWait with invokeLater the tree doesn't get updated.

    Read the article

  • WeakReferences are not freed in embedded OS

    - by Carsten König
    I've got a strange behavior here: I get a massive memory leak in production running a WPF application that runs on a DLOG-Terminal (Windows Embedded Standard SP1) that behaves perfectly fine if I run it localy on a normal desktop (Win7 prof.) After many unsucessful attempts to find any problem I put one of those directly beside my monitor, installed the ANTs MemoryProfiler and did one hour test run simulating user operations on both the terminal and my development PC. Result is, that due to some strange reasons the embedded system piles up a huge amount of WeakReference and EffectiveValueEntry[] Objects. Here are are some pictures: Development (PC): And the terminal: Just look at the class list... Has anyone seen something like this before and are there known solutions to this? Where can I get help? (PS the terminals where installed with images prepared for .net4)

    Read the article

  • Align table columns HTML

    - by Luigi Tiburzi
    I finally was able to align the columns in the tables of a page of my website. Though I found the solution I don't understand it. This is a fiddle I prepared. If you delete display: block from the CSS the columns are centered perfectly. The fact is that I don't understand what that instruction is causing problems, doesn't it means that elements are displayed as block elements? Shouldn't it cause the elements (the raw in particular) to fill an entire line? Thanks for your explanation

    Read the article

  • Automatic Maintenance Jobs in every PDB? New SPM Evolve Advisor Task in Oracle 12.1.0.2

    - by Mike Dietrich
    A customer checking out our slides from the OTN Tour in August 2014 asked me a finicky question the other day: "According to the documentation the Automatic SQL Tuning Advisor maintenance task gets executed only within the CDB$ROOT, but not within each PDB - but the slides are not clear here. So what is the truth?" Ok, that's good question. In my understanding all tasks will get executed within each PDB - that's why we recommend (based on experience) to break up the default maintenance windows when using Oracle Multitenant. Otherwise all PDBs will have the same maintenance windows, and guess what will happen when 25 PDBs start gathering object statistics at the same time ... The documentation indeed says: Automatic SQL Tuning Advisor data is stored in the root. It might have results about SQL statements executed in a PDB that were analyzed by the advisor, but these results are not included if the PDB is unplugged. A common user whose current container is the root can run SQL Tuning Advisor manually for SQL statements from any PDB. When a statement is tuned, it is tuned in any container that runs the statement. This sounds reasonable. But when we have a look into our PDBs or into the CDB_AUTOTASK_CLIENT view the result is different from what the doc says. In my environment I did create just two fresh empty PDBs (CON_ID 3 and 4): SQL> select client_name, status, con_id from cdb_autotask_client; CLIENT_NAME                           STATUS         CON_ID------------------------------------- ---------- ----------auto optimizer stats collection       ENABLED             1sql tuning advisor                    ENABLED             1auto space advisor                    ENABLED             1auto optimizer stats collection       ENABLED             4sql tuning advisor                    ENABLED             4auto space advisor                    ENABLED             4auto optimizer stats collection       ENABLED             3sql tuning advisor                    ENABLED             3auto space advisor                    ENABLED             3 9 rows selected. I haven't verified the reason why this is different from the docs but it may have been related to one change in Oracle Database 12.1.0.2: The new SPM Evolve Advisor Task ( SYS_AUTO_SPM_EVOLVE_TASK) for automatic plan evolution for SQL Plan Management. This new task doesn't appear as a stand-alone job (client) in the maintenance window but runs as a sub-entity of the Automatic SQL Tuning Advisor task. And (I'm just guessing) this may be one of the reasons why every PDB will have to have its own Automatic SQL Tuning Advisor task  Here you'll find more information about how to enable, disable and configure the new Oracle 12.1.0.2 SPM Evolve Advisor Task: Oracle Database 12.1.0.2 SQL Tuning Guide:Managing the SPM Evolve Advisor Task -Mike

    Read the article

  • hibernate not throwing stale state exception nor it is overwriting data

    - by Reddy
    Our application do the following. 1. Start the transaction. 2. Execute a query using prepared statement 3. Check a condition to see the number of rows updated are equal to the required number. 4. It commits on success of above condition otherwise it will roll back However the problem is that when two threads are simultaneously enter this code. Thread-1 is updating a row in step 2. It checked the condition and committed successfully since the condition is successful. Thread-2 started execution somewhere between steps 1 & 4, and it is failing on at condition checking at step 3 (as it is getting number of updated rows as 0). I expected second thread to throw an exception but it is not. What could be the problem?

    Read the article

  • How Do I See The Final Text Of A Query Resulting From A Call To mysqli->prepare?

    - by Joshua
    After code like this: $stmt = $mysqli->prepare("SELECT District FROM City WHERE Name=?")) { $stmt->bind_param("s", $city); $stmt->execute(); $stmt->bind_result($district); $stmt->fetch(); printf("%s is in district %s\n", $city, $district); How Do I See The Actual SQL Statement That Was Executed? (It Should Look Something Like "SELECT District FROM City WHERE Name='Simi Valley';") I already realize that in this simplistic case it would be very easy to simply reconstruct the query... but how can I access it in a general way that will work for very complicated prepared statements, and cases where I don't necessarily already understand the intended structure of the query, etc. Isn't there some function or method that can be called on the statement object that will return the actual text of the SQL query, after binding?

    Read the article

  • Paging Results - Drupal Module

    - by Krishma
    Hi I have custom drupal module. I receive result from a webservice that I need to page. Here is what I am doing $result = webservice_call_results(); $attributes = array( 'border' = 1, 'cellspacing' = 0, 'cellpadding' = 5, 'width' = 600, ); $rows = array(); foreach ($result-headers-RPMHeader as $data) { $rows[] = array( l(t($data-reg_no), round($data-total_payment,2), $data-prepared_by ); } $headers = array(t(' Reg Number'), t('Total Payment'),t('Prepared By')); $output =theme('table',$headers,$rows,$attributes); $output .= theme('pager', 1); // Not Working -- Paging $form['manufacturer_search']['table'] = array( '#type' = 'markup', '#value' = $output); The paging is not working. Any Idea why, please help

    Read the article

  • Compilation Error on Recursive Variadic Template Function

    - by Maxpm
    I've prepared a simple variadic template test in Code::Blocks, but I'm getting an error: No matching function for call to 'OutputSizes()' Here's my source code: #include <iostream> #include <typeinfo> using namespace std; template <typename FirstDatatype, typename... DatatypeList> void OutputSizes() { std::cout << typeid(FirstDatatype).name() << ": " << sizeof(FirstDatatype) << std::endl; OutputSizes<DatatypeList...>(); } int main() { OutputSizes<char, int, long int>(); return 0; } I'm using GNU GCC with -std=C++0x. Using std=gnu++0x makes no difference.

    Read the article

  • How important is caching for a site's speed with PHP?

    - by benhowdle89
    I've just made a user-content orientated website http://www.humanisms.co.uk Its done in PHP, MySQL and jQuery's AJAX, at the moment there is only a dozen or so submissions and already i can feel it lagging slightly when it goes to a new page (therefore running a new mysql query) Is it most important for me to try and optimise my mysql queries (by prepared statements) or is it worth in looking at CDN's (amazon s3) and caching (much like the WordPress plugin WP Super Cache) which works by serving static HTML files when there hasnt been new content submitted. Which route is the most beneficial, for me as a developer, to take, ie. where am i better off concentrating my efforts to speed up the site?

    Read the article

  • Can Tomcat provide seperate (or HTTPS only) sessions for HTTPS requests?

    - by Joe
    I have a web application which contains both secure (SSL) and non-secure pages. A user can login to the site and must appear logged-in in both the SSL and non-SSL areas. (NB. SSL isn't implemented via Tomcat, but via Apache HTTPD servers which sit in front of Tomcat - so Tomcat has no SSL configuration.) The logged-in state is currently maintained via a servlet session (using Tomcat's vanilla session management). The obvious issue with this approach is that the JSESSIONID cookie is transported over both HTTP and HTTPS connections, meaning that it's potentially possible to intercept it and hijack the session. Are there any solutions to this without rolling our own session management (i.e. does Tomcat cater for this situation)? I'm prepared to implement our own session management, but don't want to reinvent something that may already be supported.

    Read the article

  • Database Abstraction & Factory Methods

    - by pws5068
    I'm interested in learning more about design practices in PHP for Database Abstraction & Factory methods. For background, my site is a common-interest social networking community currently in beta mode. Currently, I've started moving my old code for object retrieval to factory methods. However, I do feel like I'm limiting myself by keeping a lot of SQL table names and structure separated in each function/method. Questions: Is there a reason to use PEAR (or similar) if I dont anticipate switching databases? Can PEAR interface with the MySqli prepared statements I currently use? Will it help me separate table names from each method? (If no, what other design patterns might I want to research?) Will it slow down my site once I have a significantly large member base?

    Read the article

  • Which encoding (code page) is used for file names in ZIP archive under Mac OS x 10.6

    - by bao
    I have a zip library SharpZipLib which intended to work with ZIP archives using C#. It has parameter ICSharpCode.SharpZipLib.Zip.ZipConstants.DefaultCodePage which specifies encoding of file names in zip archive. I know that in Windows and in OSX different encodings are used to store file names. 1) Which encodings (code pages) are used in both? 2) How to determine programmatically which encoding is used? When I open in Win7 zip file packed under MacOS X, I see files with bad names (originally - cyrillic) and folder called __MACOSX, so I can say zip was prepared on Mac box. Any other way? What about other UNIX like systems?

    Read the article

  • How to correctly size containing views

    - by Gerry
    I have an Activity that will display a custom view made up of 2 parts. I want one part to be 1/3 of visible screen height, the other part to be 2/3. I can override onMeasure and use display metrics to find the height of the display, but this does not account for the battery bar or view title sizes. DisplayMetrics dm = new DisplayMetrics(); ((WindowManager)contxt.getSystemService(Context.WINDOW_SERVICE)).getDefaultDisplay().getMetrics(dm); int height = dm.heightPixels; How can I tell the height of the displayable area? I'm prepared to override the layout or whatever. What is the Android best practices? I've seen other questions along this line, but they are inconclusive.

    Read the article

  • Mock a void method which change the input value

    - by Kar
    Hi, How could I mock a void method with parameters and change the value parameters? My void method looks like this: public interface IFoo { void GetValue(int x, object y) // takes x and do something then access another class to get the value of y } I prepared a delegate class: private delegate void GetValueDelegate(int x, object y); private void GetValue(int x, object y) { // process x // prepare a new object obj if (y == null) y = new Object(); if (//some checks) y = obj; } I wrote something like this: Expect.Call(delegate {x.GetValue(5, null);}).Do (new GetValueDelegate(GetValue)).IgnoreArguments().Repeat.Any(); But seems like it's not working. Any clue on what could be wrong?

    Read the article

  • MySQL Many to Many with Unique keys and Update/Select if Exists otherwise Insert

    - by Jayrox
    In my goal to have a Many-to-Many relationship in my MySQL database I have arrived at another bridge to build. Current Tables: Users (id, name) Tags (id, name) User_Tags (user_id, tag_id) Here is the goal: I would like to have the ability to take a tag i.e: #fb and insert it into my Tags database which has a unique constraint on name and if the tag exists I would like to return it's id I would like to insert the tag.id and the current user's user.id into User_Tags. I do not have any unique constraints on the User_Tags table because I would like to be able to track the user's most commonly used tags and present them in a list ordered by frequency of use. I am currently developing this project in PHP using prepared statements. Additionally, performance is not currently an issue as my user count is still fairly small, but it is steadily growing and may be an issue in the future.

    Read the article

  • ASP Classic Named Parameter in Paramaterized Query: Must declare the scalar variable

    - by My Alter Ego
    I'm trying to write a parameterized query in ASP Classic, and it's starting to feel like i'm beating my head against a wall. I'm getting the following error: Must declare the scalar variable "@something". I would swear that is what the hello line does, but maybe i'm missing something... <% OPTION EXPLICIT %> <!-- #include file="../common/adovbs.inc" --> <% Response.Buffer=false dim conn,connectionString,cmd,sql,rs,parm connectionString = "Provider=SQLOLEDB.1;Integrated Security=SSPI;Data Source=.\sqlexpress;Initial Catalog=stuff" set conn = server.CreateObject("adodb.connection") conn.Open(connectionString) set cmd = server.CreateObject("adodb.command") set cmd.ActiveConnection = conn cmd.CommandType = adCmdText cmd.CommandText = "select @something" cmd.NamedParameters = true cmd.Prepared = true set parm = cmd.CreateParameter("@something",advarchar,adParamInput,255,"Hello") call cmd.Parameters.append(parm) set rs = cmd.Execute if not rs.eof then Response.Write rs(0) end if %>

    Read the article

  • TCP/IP and UDP Questions and very small application for interview

    - by Shantanu Gupta
    I am going for an interview day after tomorrow where i will be asked vaious questions related to TCP/IP and UDP. As of now i have prepared theoritical knowledge about it. But now I am looking up for gaining some practicle knowledge related to how it works in a network. What all is going in vaious .NET classes. I want to create a very small application like a chat or something that can make me all these concepts very much clear. Could you please suggest some questions related to TCP/IP that you generally ask or that you might have faced. How communication is going from server to client. Right now I am studying TcpClient, TcpListener and UdpClient Class but I want to implement all of them so as to get aware about its working. Is Chat application a Tcp/IP application ? I would appreciate your help.

    Read the article

  • Which Visual Studio 2010 edition for sole developer

    - by bufferz
    I am the sole .net developer for a small company. My projects span many .net technologies including WinForms, WPF, SQL, XNA, Linq, WCF, WTF?, and others. I struggle staying on top of all these projects so I'm looking to make my life easier with the release of VS2010. Without a mentor I rely heavily on StackOverflow and whatever else Google comes up with. Should I convince my company to get an edition with an MSDN subscription? Is it one of those things where once you have it, you can't imagine life without it? What about the source control that comes with VS2010, do you all find it better than an SVN server? We're looking to hire another programmer this year, would I be best off getting a Team edition of VS2010 to be best prepared for that hire? Thanks!

    Read the article

< Previous Page | 59 60 61 62 63 64 65 66 67 68 69 70  | Next Page >