|
When writing code for a single system (this will never be distributed) where the database is controlled and set (it will always be mysql as long as I work here), is there any reason at all to use database abstraction instead of simply mysqli?
|
# ? Feb 26, 2009 22:56 |
|
|
# ? May 16, 2024 06:07 |
|
KuruMonkey posted:\w Matches characters with accents which the original didn't, and \s matches all whitespace, so tab etc, which the original didn't. I didn't think of that, but if he has any non-English users, then those extra letters are going to help.
|
# ? Feb 26, 2009 23:02 |
|
Yeah, if it were me...I'd probably use '/[\w\d-\ ]+/', making the presumption that usernames would not want tab in, but that accents might be OK. But obviously I stuck to matching the same as he had. Its still in my mind that you can probably match the no leading space and the no multiple spaces with a suitably arcane regex though. But as you say; there is a regex thread.
|
# ? Feb 27, 2009 01:27 |
|
Golbez posted:When writing code for a single system (this will never be distributed) where the database is controlled and set (it will always be mysql as long as I work here), is there any reason at all to use database abstraction instead of simply mysqli? 1; does mysqli use bound parameters? 2; are you only ever going to write that one system? if not learn to write portably as soon as possible. 3; its NO EASIER to use mysqli than, say, PDO; so why not use the one thats more abstracted? If the answer to 1 is yes, and you WANT to use mysqli, then its probably OK from a technical POV? (he said fishing for anyone who knows otherwise...)
|
# ? Feb 27, 2009 01:29 |
|
Yep, it certainly does. I like mysqli on it's own personally. While I don't use it "naked" in any personal projects - I don't see why you couldn't, given Golbez's situation remaining true.
|
# ? Feb 27, 2009 02:00 |
|
quote != edit.
|
# ? Feb 27, 2009 02:01 |
Golbez posted:When writing code for a single system (this will never be distributed) where the database is controlled and set (it will always be mysql as long as I work here), is there any reason at all to use database abstraction instead of simply mysqli? Basically emphasizing what KuruMonkey said. The real question to ask yourself is there any reason to use mysqli over PDO? One is not "easier" than the other, writing in them is almost exactly the same, so why not use the one that has a major advantage over the other (PDO).
|
|
# ? Feb 27, 2009 02:25 |
|
fletcher posted:Basically emphasizing what KuruMonkey said. The real question to ask yourself is there any reason to use mysqli over PDO? One is not "easier" than the other, writing in them is almost exactly the same, so why not use the one that has a major advantage over the other (PDO). You just said they're practically identical. What's the major advantage for using what boils down to a framework, when he doesn't need the abstraction?
|
# ? Feb 27, 2009 03:05 |
|
I haven't been able to get a cookie work from a page in one directory to another page in the root directory. If it's in the root directory, it works page to page in the root directory. I use: $expire=time()+60*60*24*30; setcookie('user', $_POST["user"], $expire, '/', '.example.com'); LP0 ON FIRE fucked around with this message at 08:26 on Feb 27, 2009 |
# ? Feb 27, 2009 08:23 |
|
SuckerPunched posted:You just said they're practically identical. What's the major advantage for using what boils down to a framework, when he doesn't need the abstraction? I wrote my 3 points in general ignorance of whether mysqli would do bound params (I took a year out 07-08, and mysqli seems to have arrived in that gap; and PDO along with it - certainly I dodn't know of either when I was working before, and now PDO is my new choice, so I never really looked at mysqli; so a thanks to SuckerPunched for taking my bait and helping me learn something with zero effort ) As far as I'm concerned, as long as you can insulate yourself from embedding variables into strings for your query by hand, and there's something binding them and sanitising for you, whatever that is has already covered the 'must have' feature of an abstraction layer (the one you either had to do yourself or write lovely insecure code all day 2-3 years ago) The rest of abstracting the DB is, IMO, niceties. If you really want the DB/data storage Abstracted (with a capital A) you'd be writing models on top of whatever abstraction layer you chose anyway... So at that point the weighting I might be inclined to give 'already know it' goes way up. KuruMonkey fucked around with this message at 09:40 on Feb 27, 2009 |
# ? Feb 27, 2009 09:37 |
|
quote:Hi, I've got a question. I've stored a bunch of images in a database which I thought was a super cool idea, but now the web browser doesn't cache them. The images will never be modified or updated so I just want them to be cached and stay there but I'm not sure why they arn't. Anyways here's my code thanks a lot guys. Got it working now with... header("Cache-Control: public",true); Not exactly sure what it does but whatevers. xiNickix fucked around with this message at 13:47 on Feb 27, 2009 |
# ? Feb 27, 2009 13:19 |
|
I had to do work on a project where the header and footer includes were in the root as were the pages that they contained links to. The links were relative i.e. a href='contact.php'... to be able to refer to the links from pages several directories up, while referring to the same header file, i needed to dynamically return the path to the root... i know that the header shouldnt be in the root etc etc but... the real question i have, is there an easier way to return to root? i hope i made clear my question with my crumby example here is the code i made for what i was referring to above code:
code:
KarmaticStylee fucked around with this message at 03:48 on Mar 1, 2009 |
# ? Feb 28, 2009 17:00 |
|
Add a slash. <a href="/contact.asp">contact</a>.
|
# ? Feb 28, 2009 20:57 |
|
Working with images in php is absolutely mindfucking me. I'm trying to auto-create thumbnails based on user uploaded images. I don't want to do this on view which is pretty well every example script out there, but rather create on upload, and then ftp the file to my webserver. Spent a couple hours trying to put it all together, ended up just getting jpg only and pretty well copying the code from php's man page for imagecopyresampled. Here's what I have thus far, (working, but jpg only). php:<? //Usage example: $fileforftp = CreateThumb($user_submitted_file['tmp_name'],150,150); //$$fileforftp will == something like '/tmp/img23ffsa3' function CreateThumb($filename,$new_w,$new_h) { $width = $new_w; $height = $new_h; // Get new dimensions list($width_orig, $height_orig) = getimagesize($filename); // Resample $image_p = imagecreatetruecolor($width, $height); $image = imagecreatefromjpeg($filename); imagecopyresampled($image_p, $image, 0, 0, 0, 0, $width, $height, $width_orig, $height_orig); // Capture Output instead of send to browser ob_start(); // Start capturing stdout. imagejpeg($image_p, null, 80); // As though output to browser. $img = ob_get_contents(); // the raw jpeg image data. ob_end_clean(); // Send Captured output to temp file $tmpfname = tempnam('/tmp','img'); //generate random tmp file : if /tmp not there, will default to system tmp $handle = fopen($tmpfname, "w"); //open new tmp file for writing fwrite($handle, $img); //write generated img data from ob_ capture fclose($handle); return $tmpfname; } ?>
|
# ? Mar 1, 2009 18:14 |
|
Halo_4am posted:Ok, so no detection or anything. I started looking at mime-type detection and my mind pretty well melted. Can anybody take a shot at explaining how to detect if the image uploaded is png/gif/tiff and act accordingly? It's really this line: $image = imagecreatefromjpeg($filename); I'm concerned with. I don't particularly care if thumbnails go out in jpg only... as they're only thumbnails. r1ch's image upload script in the first post does header based detection. Also, why are you writing the thumbnail to the output buffer, then writing the buffer to a temp file? Why not just write the thumbnail directly there?
|
# ? Mar 1, 2009 18:42 |
|
Mercator posted:Add a slash. <a href="/contact.asp">contact</a>. hmm why does this not work for me? i am forced to use "../" for each level i need to travel down
|
# ? Mar 1, 2009 19:35 |
|
Im writing to .xml using DOMDocument for interaction with JW Media Player. I am required to use this for my project. Anyway the player accepts an xml style format for its playlists. When I save out the xml file using DOMDocument Save the file is started with <?xml version="1.0"?>. Is there anyway that I can write my xml file without that?code:
BubbaGrace fucked around with this message at 02:23 on Mar 2, 2009 |
# ? Mar 2, 2009 01:44 |
|
I'm having some trouble convincing cURL to use a cookiejar, and I'm not getting any help out of google or any of my usual support avenues as it seems that once file permissions are confirmed to be correct, COOKIEJAR should just magically work. I know I've got permissions all good because the first 3 lines of my code create the file successfully. My code is as follows, the my_cookies.txt file just remains blank no matter what I do.code:
|
# ? Mar 2, 2009 02:06 |
|
Enable curl's verbose mode to see if it's actually returning any cookies to you.
|
# ? Mar 2, 2009 02:50 |
|
gibbed posted:Enable curl's verbose mode to see if it's actually returning any cookies to you. Turned out that although fopen likes the filename format, cURL wanted absolute file location. Works fine now. thanks for your suggestion.
|
# ? Mar 2, 2009 03:03 |
|
Halo_4am posted:Can anybody take a shot at explaining how to detect if the image uploaded is png/gif/tiff and act accordingly? code:
code:
MrMoo fucked around with this message at 04:23 on Mar 2, 2009 |
# ? Mar 2, 2009 04:20 |
|
I'm a PHP noob. I'm writing my first major PHP app right now, and I have what's most likely the single most popular question in this thread. However, search has been down since the dawn of time, so I can't find the answer (and it's not in the last couple pages). What's the best way to sanitize input? I've got some POST input coming into a PHP page, and I want to make sure it's clean. Googling "php sanitize" returns a billion different ideologies and theories. http://us2.php.net/manual/en/function.filter-input.php paired with FILTER_SANITIZE_STRING or FILTER_SANITIZE_SPECIAL_CHARS looks pretty nice, but I want to make sure that does a good enough job. Fangs404 fucked around with this message at 08:02 on Mar 2, 2009 |
# ? Mar 2, 2009 07:30 |
Fangs404 posted:I'm a PHP noob. I'm writing my first major PHP app right now, and I have what's most likely the single most popular question in this thread. However, search has been down since the dawn of time, so I can't find the answer (and it's not in the last couple pages). When I want to make sure it's safe to output to a browser, I use htmlspecialchars() When I want to make sure it's safe to put in a database, use prepared statements. php:<? //good idea to do some basic checks on $_POST['username'] and $_POST['age'] //to make sure it's the right length, age is actually a number, etc //and return a useful error message to the user $database = new PDO("connection;string"); $query = $database->prepare("insert into user (username, age) values (:username, :age)"); //PDO will automatically handle sanitizing it for us $query->bindParam(":username", $_POST['username']); $query->bindParam(":age", $_POST['age']); if ($query->execute()) { } else { } ?> fletcher fucked around with this message at 10:05 on Mar 2, 2009 |
|
# ? Mar 2, 2009 10:02 |
|
fletcher posted:When I want to make sure it's safe to output to a browser, I use htmlspecialchars() You may also want to consider input-time sanitization vs render-time sanitization - there are advantages and disadvantages with both. supster fucked around with this message at 10:16 on Mar 2, 2009 |
# ? Mar 2, 2009 10:13 |
|
I'm still a PHP noob, so this is probably a ridiculous question. I've googled and dicked around with the code for a long time now, and I can't really figure it out. It's starting to bug me a lot. So far, my script generates an array of URLs that point to XML documents. I'm trying to figure out a way to pull chunks of info out of each doc, and display them in html. For example, The array looks like this: Array ( [0] => http://example/1.xml [1] => http://example/2.xml [2] => http://example/3.xml => etc etc etc) I want to pull out the following elements (user info, one per doc) from each XML doc: <user> <uid>352</uid> <name>John Farfleton</name> <phone>415-555-1212</phone> <location>San Francisco, CA</location> </user> and then output a list of users, with their UID/name/phone/location to the browser. I really appreciate any help with this, if what I'm trying to do actually makes any sense.
|
# ? Mar 3, 2009 08:32 |
|
php:<?php foreach ($urls as $url) { $content = @file_get_contents($url); // note the @ will supress error/warnings that would normally be outputted if ($content === false) { // failed to obtain content of xml } else { $xml = new SimpleXMLElement($content); $name = (string)$xml->name; // it might be $xml->user->name if user isn't the root element. // etc... } } ?>
|
# ? Mar 3, 2009 10:54 |
|
I just watched this talk by Rasmus on PHP optimization and thought it was pretty interesting, even if it was just 60 minutes of repeating what you already know or suspected. There are some cool notes and comparisons in there. Maybe some of you will find it worth watching. http://www.archive.org/details/simple_is_hard
|
# ? Mar 5, 2009 12:20 |
|
For my Web Development class we are creating projects for real world companies and organizations that will be put into production. We're currently researching tools to use for the project as we are allowed to use anything necessary to get the job done. Our project is to create a custom survey building tool along the lines of Survey Monkey. It will be used to create surveys, tests, and feedback forms, both internally and externally. Surveys will be taken by over 5000 employees and many more (request out for estimates) customers. It will be ran on an LAMP environment. We do not have to worry about log-in authentication, but will need to validate the user can access the current page and survey they are trying to access. No one in our group has used PHP previously, however we have used many other languages. I have fairly extensive database knowledge which will help quite a bit. Currently we are looking at using CodeIgniter as our Framework and building everything else ourselves. As of today we have approximately 7 working weeks to complete the project to be ready for deployment. A Google search turns up LimeSurvey as a possible tool to use. Has anyone used this product before? Are there any other FOSS solutions that I'm overlooking that would greatly simplify the project?
|
# ? Mar 5, 2009 20:45 |
|
oops figured out the problem.. was retarded.
KarmaticStylee fucked around with this message at 02:47 on Mar 6, 2009 |
# ? Mar 6, 2009 02:43 |
|
Ok, this is loving weird enough and long enough that I think it needs its own thread.
Fangs404 fucked around with this message at 08:50 on Mar 7, 2009 |
# ? Mar 7, 2009 08:29 |
|
First off, I'm a complete newb at PHP. Like, I started playing with it about 2 hours ago to solve a specific problem. I have an application I hacked up that queries my electric meter for the current power usage, and puts the information into a mysql database. I'm now working on a web page that will display this information as it gets updated I'd like to autorefresh this every time "ID" (the primary key for the table) changes, or at least every few second or so. code:
Can anyone point me to a method to do what I want to do? I'd love for it to be neat and use AJAX (which I also know nothing about) so the page isn't autorefreshing all the time. I can use that as I build out the page more to show historical usage, graph things, etc. Please go easy on this PHP newb. I appreciate the help.
|
# ? Mar 7, 2009 10:43 |
|
Golbez posted:When writing code for a single system (this will never be distributed) where the database is controlled and set (it will always be mysql as long as I work here), is there any reason at all to use database abstraction instead of simply mysqli? I'd personally use PDO or something and a SQL wrapper class to avoid using actual SQL statements in your PHP code (as they can be messy). $statement->select("whatever")->from("tablename") etc.
|
# ? Mar 7, 2009 12:57 |
|
haywire posted:I'd personally use PDO or something and a SQL wrapper class to avoid using actual SQL statements in your PHP code (as they can be messy). You really think that is less "messy" than "select whatever from tablename"?
|
# ? Mar 7, 2009 13:16 |
|
nitrogen posted:This is what I have so far. php:<?php mysql_connect(".", "..", "...") or die(mysql_error()); mysql_select_db("METERDB") or die(mysql_error()); $result = mysql_query("SELECT kwnowdsp, VrmsNowDsp FROM meter ORDER BY ID DESC LIMIT 1;"); $row = mysql_fetch_array( $result ); if ($_GET["ajax"] == "true") { // Simplified AJAX response ?> <p>Current Usage: <?php echo $row['KWUsage']; ?><br /> Current Voltage: <?php echo $row['VRMS-Usage']; ?></p> <?php } else { // Full synchronous response ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Meter</title> <script type="text/javascript" src="js/jquery.js"></script> </head> <body> <div id="info"> <p>Current Usage: <?php echo $row['KWUsage']; ?><br /> Current Voltage: <?php echo $row['VRMS-Usage']; ?></p> </div> <script type="text/javascript"> //<![CDATA[ setInterval(function() { $.ajax({ type: "GET", url: "<?php echo basename(__FILE__); ?>", data: "ajax=true", success: function(response) { $('#info').html(response); } }); }, 10000); // Every 10 seconds //]]> </script> </body> </html> <?php } ?> More jQuery help can be found here. I definitely think it's the way to go, especially if you're going to be doing charts. Zorilla fucked around with this message at 04:19 on Mar 8, 2009 |
# ? Mar 7, 2009 18:25 |
|
Thanks for your example, but it's not working; it's not refreshing. Remember, I'm a complete newb when it comes to this, how can I troubleshoot what the problem might be? Thanks again. I do have jquery installed in js/jquery.js; its a symlink to the real version I downloaded.
|
# ? Mar 7, 2009 20:06 |
|
haywire posted:I'd personally use PDO or something and a SQL wrapper class to avoid using actual SQL statements in your PHP code (as they can be messy). SQL abstraction layers in PHP are completely pointless. I can't think of any reason to use them except if you have some mortal fear of COBOL-like syntax or if you're trying to kill your script performance. Once you get to any level of complexity, COBOL begins to look like a less "messy" language. php:<? $statement->select("whatever")->from("tablename")->as('t')->join('left','butt')->as('b') ->on('b.butt_id','t.butt')->on('b.butt_id','null',-1)->where('b.butt_butt','1') ->group('b.butt_butt')->order('b.butt_id') ?> Internet Headache fucked around with this message at 20:19 on Mar 7, 2009 |
# ? Mar 7, 2009 20:17 |
|
nitrogen posted:Thanks for your example, but it's not working; it's not refreshing. Open Firefox's error console. Clear the errors and watch what comes in when you refresh the page. I never tested my example, so it could be full of typos. Ignore "Error in parsing value for property 'filter'" if you see it. jQuery just does that sometimes for some reason. Also, on the line that says url: "<?php echo basename(__FILE__); ?>", is the resulting output correct? i.e., if your page is index.php, does that line say url: "index.php" when you view source? edit: I just found and fixed a missing comma, so yeah, full of typos. All it takes is something like this for Javascript to completely stop, so if something isn't working, check for fatal errors first. Zorilla fucked around with this message at 23:22 on Mar 7, 2009 |
# ? Mar 7, 2009 23:16 |
|
Zorilla posted:Open Firefox's error console. Clear the errors and watch what comes in when you refresh the page. I never tested my example, so it could be full of typos. Ignore "Error in parsing value for property 'filter'" if you see it. jQuery just does that sometimes for some reason. Rock on, I'm closer. It refreshes once, but then quits. NOthing in the error console when it does. EDIT: I got it working by removing the ajax test at the top, and just using the jquery bits at the bottom. As I progress with this project, I'm sure I'll have more stupid questions. I appreciate your patience so far. nitrogen fucked around with this message at 03:45 on Mar 8, 2009 |
# ? Mar 8, 2009 03:34 |
|
nitrogen posted:Rock on, I'm closer. It refreshes once, but then quits. NOthing in the error console when it does. Oops, I used setTimeout when I should have used setInterval. I was cribbing from old code of mine where I was calling setTimeout recursively to get something to run on an interval instead (needed to reset the timer when the user clicked something). This is why it was only updating once. I'll change my example. When you said you got rid of the ajax test, you mean the line that says if ($_GET["ajax"] == "true")? If so, I'm not sure I'm following. The idea was to call index.php?ajax=true, and it would return just the part inside <div id="info">, and then only that section would get updated. Zorilla fucked around with this message at 04:25 on Mar 8, 2009 |
# ? Mar 8, 2009 04:18 |
|
|
# ? May 16, 2024 06:07 |
|
supster posted:You really think that is less "messy" than "select whatever from tablename"? SQL abstraction can be useful when applications need to insert clauses dynamically, assuming it's smart enough to let you define clauses in an arbitrary order. php:<? // Select all invoices in the past thirty days if the user is an administrator, // or select invoices on which the user is designated a manager otherwise $select = new Select(); $select->fields("invoice.id, customer.name"); $select->from("invoice"); $select->innerJoin("customer", "invoice.customer = customer.id"); $select->where("invoice.datecreated > ?", $thirty_days_ago); if ($user_is_not_administrator) { $select->innerJoin("invoice_manager", "invoice_manager.invoice = invoice.id"); $select->where("invoice_manager.manager = ?", $user_id); } ?> DaTroof fucked around with this message at 18:48 on Mar 8, 2009 |
# ? Mar 8, 2009 18:25 |