RE: [PHP-DB] Showing the next entry
Can you send the query and some code that you're using? You probably want to
loop like this:
while ($row = mysql_fetch_assoc($cursor)) {
echo $row{case_note} . br /;
}
Jos
-Original Message-
From: John R. Sims, Jr. [mailto:[EMAIL PROTECTED]
Sent: 17 May 2005 03:07
To: php-db@lists.php.net; php_mysql@yahoogroups.com
Subject: [PHP-DB] Showing the next entry
Hi All,
I have developed a script that allows me to select a students name from the
client table and display the call information from the case_note table, but
the report only shows the first available case_note for an individual. I
want this script to display all entries for the specific client in the
case_note table.
Can anyone point me in the right direction.
Keeping the faith in fatherhood
John
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Select
Hi, Instead of doing a SELECT *, specify the fields that you require. Allthough you may think the rows are exactly the same, one might be empty () and one null which is not the same. You are more likely to get the result that you need if you specify the fields: SELECT DISTINCT somedata, rev, andthis FROM rev ORDER BY rev By the way, having rev as a name for your table AND as a fieldname is confusing and not advisable. Rgds, Jos -Original Message- From: MIGUEL ANTONIO GUIRAO AGUILAR [mailto:[EMAIL PROTECTED] Sent: 17 May 2005 04:26 To: php-db@lists.php.net Subject: [PHP-DB] Select Hi!! I have this query in PHP: $items2 = mysql_query(SELECT DISTINCT * FROM rev ORDER BY rev, $link); I have three rows with the same data on it, and DISTINCT seems to be not working, since I got all the rows, any ideas of what is going wrong? -- MIGUEL GUIRAO AGUILERA Logistica R8 - Telcel -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Connection Question!
Hi, Okay lets say I own www.fred.com (which I don't but still) and www.getpaid2reademails.com (so I own two domain, lucky me!) Now I want to connect from getpaid to fred... Okay I have done this and achieved this but is it possible to reject this operation and deny connections outside of localhost? Also if this is possible what IP is checked, the actual servers as localhost or the user (different IP)? I hope you understand what I mean, just wondering on stricter security. J - Find local movie times and trailers on Yahoo! Movies.
[PHP-DB] Questions with formbuilder: is this the right list?
Hello, I have some questions about DB_DataObject and FormBuilder PK handling, should I post them here or do you know a better list? TIA -- Alessandro Pasotti ICQ# 245871392 Linux User #167502 -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php ** IMPORTANT NOTICE This communication is for the exclusive use of the intended recipient(s) named above. If you receive this communication in error, you should notify the sender by e-mail or by telephone (+44) 191 224 4461, delete it and destroy any copies of it. This communication may contain confidential information and material protected by copyright, design right or other intellectual property rights which are and shall remain the property of Piranha Studios Limited. Any form of distribution, copying or other unauthorised use of this communication or the information in it is strictly prohibited. Piranha Studios Limited asserts its rights in this communication and the information in it and reserves the right to take action against anyone who misuses it or the information in it. Piranha Studios Limited cannot accept any liability sustained as a result of software viruses and would recommend that you carry out your own virus checks before opening any attachment. GWAVAsigAdmID:291BEE7A646A53E578A7D30D06DCE4A3 ** IMPORTANT NOTICE This communication is for the exclusive use of the intended recipient(s) named above. If you receive this communication in error, you should notify the sender by e-mail or by telephone (+44) 191 224 4461, delete it and destroy any copies of it. This communication may contain confidential information and material protected by copyright, design right or other intellectual property rights which are and shall remain the property of Piranha Studios Limited. Any form of distribution, copying or other unauthorised use of this communication or the information in it is strictly prohibited. Piranha Studios Limited asserts its rights in this communication and the information in it and reserves the right to take action against anyone who misuses it or the information in it. Piranha Studios Limited cannot accept any liability sustained as a result of software viruses and would recommend that you carry out your own virus checks before opening any attachment. GWAVAsig -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] addslashes + stripslashes + mysql question
turn of magic quotes or test for it before using addslashes
Bastien
From: Petzo [EMAIL PROTECTED]
To: php-db@lists.php.net
Subject: [PHP-DB] addslashes + stripslashes + mysql question
Date: Mon, 16 May 2005 11:20:41 +0300
Hi,
My question is about the norlmal behaviour of PHP and MYSQL but I cant
explain it without a simple example. Thank you for reading:
I have the following code:
?php
print $t = $_POST['txt'];
print $t = addslashes($t);
@ $db = mysql_pconnect(xxx,xxx,xxx);
mysql_select_db('test');
$q = update ttable set ffield='$t';
mysql_query($q);
$q = select * from ttable;
$result = mysql_query($q);
$bo = mysql_fetch_array($result);
print $t = $bo['ffield'];
print $t = stripslashes($t);
?
from a HTML form I send variable:
' \ \' \\ \\\
after addshashes it becomes:
\' \\ \\\' \\
after that it gets in the database
but after I get it out it becomes:
' \ \' \\ \\\
(without the backslashes!)
and ofcourse after stripslashes it gets messed-up:
' ' \ \
So my question is if this is a normal behaviour for PHP+MYSQL or it may
vary
indifferent conficurations or versions of both php or mysql.
It's not a bad thing to be like that but I wonder if my code will behave
the
same at most systems.
Thank you very much
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsigAdmID:D8E9019DA2421EF16B6F98046B509684
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsig
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] php line error. .
'Yemi Obembe wrote: just care to know how php does the line counting when it echoes error messages like: parse error: unexpected '}' on line 129 1. does the line counting includes empty lines yes. 2. are externally included files (using include(), require() etc) also line counted(sic)? no. (but the line with the include() call counts normally 3. are d parts of the file that are not in php (i mean that are not contained within the php delimeters) also counted? yes. in short, it's the line number of the script as if it were a plain text file. cheers, -- - Martin Norland, Sys Admin / Database / Web Developer, International Outreach x3257 The opinion(s) contained within this email do not necessarily represent those of St. Jude Children's Research Hospital. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php ** IMPORTANT NOTICE This communication is for the exclusive use of the intended recipient(s) named above. If you receive this communication in error, you should notify the sender by e-mail or by telephone (+44) 191 224 4461, delete it and destroy any copies of it. This communication may contain confidential information and material protected by copyright, design right or other intellectual property rights which are and shall remain the property of Piranha Studios Limited. Any form of distribution, copying or other unauthorised use of this communication or the information in it is strictly prohibited. Piranha Studios Limited asserts its rights in this communication and the information in it and reserves the right to take action against anyone who misuses it or the information in it. Piranha Studios Limited cannot accept any liability sustained as a result of software viruses and would recommend that you carry out your own virus checks before opening any attachment. GWAVAsigAdmID:DD28CD8AE59761E4E0C23AE2EB03BE38 ** IMPORTANT NOTICE This communication is for the exclusive use of the intended recipient(s) named above. If you receive this communication in error, you should notify the sender by e-mail or by telephone (+44) 191 224 4461, delete it and destroy any copies of it. This communication may contain confidential information and material protected by copyright, design right or other intellectual property rights which are and shall remain the property of Piranha Studios Limited. Any form of distribution, copying or other unauthorised use of this communication or the information in it is strictly prohibited. Piranha Studios Limited asserts its rights in this communication and the information in it and reserves the right to take action against anyone who misuses it or the information in it. Piranha Studios Limited cannot accept any liability sustained as a result of software viruses and would recommend that you carry out your own virus checks before opening any attachment. GWAVAsig -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] INSER INTO not working!
Acctually my problem was in that I was using the name of the table in
uppercase rather than in lowercase. So MySQL was looking for table REV
instead of rev. So for MySQL, REV and rev are very different tables!!
Regards,
Miguel Guirao
-Original Message-
From: Constantin Brinzoi [mailto:[EMAIL PROTECTED]
Sent: Jueves, 12 de Mayo de 2005 05:11 a.m.
To: Mihai Frisan
Cc: MIGUEL ANTONIO GUIRAO AGUILAR; PHP
Subject: Re: [PHP-DB] INSER INTO not working!
Please, take into consideration that in Postgresql you have to quote
table name if there are capitals in the name. Thus, if the table name is
REV then you have to quote it like:
$sqlstring = INSERT INTO \REV\ (revision) VALUES ($revision);
Aurel
On Thu, 2005-05-12 at 11:09 +0300, Mihai Frisan wrote:
Hi,
try $sqlstring = INSERT INTO REV (revision) VALUES ($revision);
Mihai
MIGUEL ANTONIO GUIRAO AGUILAR wrote:
Hi list,
I'm trying to store a data into a two-column table (id, revision).
ID is auto_increment. My table is called REV. I'm using this query:
$sqlstring = INSERT INTO REV VALUES('',$revision);
Using that same query in mysql command line works pretty good and the row
is added to the table, but is not working from my PHP page.
I echo the $sqlstring variable for troubleshooting and it is correct.
I'm using mysql_query($sqlstring, $link);
Any ideas??
--
MIGUEL GUIRAO AGUILERA
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsigAdmID:04E590DF442906DF47024583032E9F69
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsig
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] addslashes + stripslashes + mysql question
You have the string ' \
With addslashes it becomes '\ \\
When you insert it into the database
it goes into a query like this
update table set field=' '\ \\ '
But that inserts into the field only ' \ ,
in other words the original string.
It is a normal behaviour and you should
omit the stripslashes function.
Hope it helps
Firan Corneliu
On Mon, 2005-05-16 at 11:20 +0300, Petzo wrote:
Hi,
My question is about the norlmal behaviour of PHP and MYSQL but I cant
explain it without a simple example. Thank you for reading:
I have the following code:
?php
print $t = $_POST['txt'];
print $t = addslashes($t);
@ $db = mysql_pconnect(xxx,xxx,xxx);
mysql_select_db('test');
$q = update ttable set ffield='$t';
mysql_query($q);
$q = select * from ttable;
$result = mysql_query($q);
$bo = mysql_fetch_array($result);
print $t = $bo['ffield'];
print $t = stripslashes($t);
?
from a HTML form I send variable:
' \ \' \\ \\\
after addshashes it becomes:
\' \\ \\\' \\
after that it gets in the database
but after I get it out it becomes:
' \ \' \\ \\\
(without the backslashes!)
and ofcourse after stripslashes it gets messed-up:
' ' \ \
So my question is if this is a normal behaviour for PHP+MYSQL or it may vary
indifferent conficurations or versions of both php or mysql.
It's not a bad thing to be like that but I wonder if my code will behave the
same at most systems.
Thank you very much
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsigAdmID:CC56700AFAAA2AE5B633970BC499478F
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsig
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] novice on table design
Addresses should definitely have their own table. Have you considered using Postgres? It allows for table inheritance in much the same way that inheritance works in OOP. You could have a parent table (like a parent class) for People, and child tables (just like child classes) for Employee, non-Customer, and Customer. This is the preferred approach, but few other RDMBS solutions support this (or much SQL 99 at all). If you're not using Postgres, another way to do this would be to create a many-to-many relationship between your People tables, so that an address ID is related to a person ID. Visio balks at using a non-unique foreign key because this is bad design. A key must be unique by nature, and indexing is much faster the column is guaranteed to have unique values. If you go with your original approach, make a combined key on both the type and foreign key fields. Hope this helps, Jeremy Tony Yau wrote: Hi Tony, Miguel yes that was my intention at first, but to absorb all three, Shop, Employee, and Customer (and there may be 2 more to come) into an Address table would be inefficient both in storage space and search time,..no? having this compound keys at a separate Address table is essentially the same idea, but I know it doesn't 'feel' right, for a start in Visio I can't put a link to the Address table (because fkey can't be a foreign key to both Shop and Employee)!!! Apart from that, the tables are efficient, searching would be much quicker for non-address info. Tony Tony S. Wu [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] actually, no, Shop, Employee, and Customer are not distinct. in your instance they are the same type of entry. don't distinguish them by tables, rather use a column to hold some sort of an ID for each type. of course you'll end up with a table with many columns, and many of them will be null depending on which type an entry is. but with this approach, you can easily associate with an address table. Tony S. Wu [EMAIL PROTECTED] On May 14, 2005, at 4:49 AM, tony yau wrote: Hi Miguel, Thanks for the reply. the non-customer is actually a Shop, so Employee, Customer and Shop are distinct enough to have their own tables. Now they all have an Address, and the problem is how do I allow multiple addresses for each these 'people' (without using a lookup table) tony. Miguel Guirao [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED] The schema of your table is wrong, is you do bnormalize it you will find out that you need two tables for this approach. One table for your people and another one for the n addresses of your people. If you keep your current schema, you will have as many rows for one person as many addresses for that person you have, and you will be duplicating many fields. So you must split your tables, one for your people and another for your people's addresses. -Original Message- From: tony yau [mailto:[EMAIL PROTECTED] Sent: Viernes, 13 de Mayo de 2005 09:27 a.m. To: php-db@lists.php.net Subject: [PHP-DB] novice on table design Hi all, I have the following tables EmployeeCustomernon-Customer Address ======= pkey pkeypkey pkey number type type ... payrate grantcapital I need to allow the three types of people to have n addresses, so I've added a type to distinguish the 3 types of people and their respective pkey onto address table. Address = pkey ... type(either Employee, Customer or non-Customer etc) fkey(the pkey of Employee, Customer or non-Customer etc) I know this design looks awkward but it does have the advantage of having less tables otherwise. BUT somehow it doesn't feel right. Can someone points me its pros and cons. thanks all. Tony Yau -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php ** IMPORTANT NOTICE This communication is for the exclusive use of the intended recipient(s) named above. If you receive this communication in error, you should notify the sender by e-mail or by telephone (+44) 191 224 4461, delete it and destroy any copies of it. This communication may contain confidential information and material protected by copyright, design right or other intellectual property rights which are and shall remain the property of Piranha Studios Limited. Any form of distribution, copying or other unauthorised use of this communication or the information in it is strictly prohibited. Piranha
[PHP-DB] addslashes + stripslashes + mysql question
Hi,
My question is about the norlmal behaviour of PHP and MYSQL but I cant
explain it without a simple example. Thank you for reading:
I have the following code:
?php
print $t = $_POST['txt'];
print $t = addslashes($t);
@ $db = mysql_pconnect(xxx,xxx,xxx);
mysql_select_db('test');
$q = update ttable set ffield='$t';
mysql_query($q);
$q = select * from ttable;
$result = mysql_query($q);
$bo = mysql_fetch_array($result);
print $t = $bo['ffield'];
print $t = stripslashes($t);
?
from a HTML form I send variable:
' \ \' \\ \\\
after addshashes it becomes:
\' \\ \\\' \\
after that it gets in the database
but after I get it out it becomes:
' \ \' \\ \\\
(without the backslashes!)
and ofcourse after stripslashes it gets messed-up:
' ' \ \
So my question is if this is a normal behaviour for PHP+MYSQL or it may vary
indifferent conficurations or versions of both php or mysql.
It's not a bad thing to be like that but I wonder if my code will behave the
same at most systems.
Thank you very much
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsigAdmID:129B9C771A29296C3736A815B807EA1C
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsig
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] problems with a script. .
John R. Sims, Jr. wrote:
Martin; I have taken your advice and read both of the articles, but
unfortunately I have not been able to find what needs to be changed. As I
mentioned, I am very new at this.
Could you possibly look at the script and point me in the right direction?
[snip]
/head ?php
// Set the page title and include the HTML header.
$page_title = 'Wireless Neighborhoods';
include_once ('include/header.html');
$db_connection = mysql_connect ('db.wireless-neighborhoods.org', 'scfn',
'scfn75') or die (mysql_error());
$db_select = mysql_select_db('scfn') or die (mysql_error());
// If the form was submitted, process it.
if (isset($submit)) {
$query = insert into case_note values ('0', '$id',NOW(),
NOW(),'$cmanager', '$location', '$purpose', '$present', '$subject',
'$note');
if (@mysql_query ($query)) {
à
àecho 'A Case Note has been added.';
} else {
à
àecho 'The case note could not be added.' . mysql_error();
}
}
?
[snip]
It looks like you are using register_globals on your development
machine. You'll likely find it easier to write safer/cleaner PHP
scripts if you don't rely on this.
http://us2.php.net/register_globals
though register globals itself isn't strictly a security issue, it is a
convenience that can cause unwanted/undue variable namespace pollution.
I'd recommend you disable it on your development machine ( in your
php.ini configuration file ) and then you'll have to set about changing
any variables that are coming from get/post - e.g.
if (isset($submit)) {
becomes
if (isset($_POST['submit'])) {
and the likes.
It's odd that your PHP 5 installation has this enabled - the default
changed to it being off in PHP 4.2.0, and certainly hasn't changed back.
cheers,
--
- Martin Norland, Sys Admin / Database / Web Developer, International
Outreach x3257
The opinion(s) contained within this email do not necessarily represent
those of St. Jude Children's Research Hospital.
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsigAdmID:A00631876AE75ABACF5876E2D91276D2
**
IMPORTANT NOTICE
This communication is for the exclusive use of the intended recipient(s)
named above. If you receive this communication in error, you should
notify the sender by e-mail or by telephone (+44) 191 224 4461, delete
it and destroy any copies of it.
This communication may contain confidential information and material
protected by copyright, design right or other intellectual property
rights which are and shall remain the property of Piranha Studios
Limited. Any form of distribution, copying or other unauthorised use
of this communication or the information in it is strictly prohibited.
Piranha Studios Limited asserts its rights in this communication and
the information in it and reserves the right to take action against
anyone who misuses it or the information in it.
Piranha Studios Limited cannot accept any liability sustained as a
result of software viruses and would recommend that you carry out your
own virus checks before opening any attachment.
GWAVAsig
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP-DB] Connection Question!
If you mean database access that is simple, just create a user that has access only from localhost (and of course remove the others). For mysql just do the query : GRANT ALL PRIVILEGES ON your_database.* to 'user'@'localhost' identified by 'password'. If you mean http access then you can configure a firewall depending on the os you have or work with apache's .htaccess On Tue, 2005-05-17 at 16:32 +1000, JeRRy wrote: Hi, Okay lets say I own www.fred.com (which I don't but still) and www.getpaid2reademails.com (so I own two domain, lucky me!) Now I want to connect from getpaid to fred... Okay I have done this and achieved this but is it possible to reject this operation and deny connections outside of localhost? Also if this is possible what IP is checked, the actual servers as localhost or the user (different IP)? I hope you understand what I mean, just wondering on stricter security. J - Find local movie times and trailers on Yahoo! Movies. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB]Emisor de respuesta automática: [PHP-DB] Showing the next entry
We need to see your script or at least the portion where you do the query to the database. In general, you need to concatenate your different case-note for a given student as the while cycle goes thru your fetch statement for such a given student. -- MIGUEL GUIRAO AGUILERA - Mensaje original - De: John R. Sims, Jr. [EMAIL PROTECTED] Fecha: Lunes, Mayo 16, 2005 6:06 pm Asunto: [PHP-DB] Showing the next entry Hi All, I have developed a script that allows me to select a students name from the client table and display the call information from the case_note table, but the report only shows the first available case_note for an individual. I want this script to display all entries for the specific client in the case_note table. Can anyone point me in the right direction. Keeping the faith in fatherhood John -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php ** IMPORTANT NOTICE This communication is for the exclusive use of the intended recipient(s) named above. If you receive this communication in error, you should notify the sender by e-mail or by telephone (+44) 191 224 4461, delete it and destroy any copies of it. This communication may contain confidential information and material protected by copyright, design right or other intellectual property rights which are and shall remain the property of Piranha Studios Limited. Any form of distribution, copying or other unauthorised use of this communication or the information in it is strictly prohibited. Piranha Studios Limited asserts its rights in this communication and the information in it and reserves the right to take action against anyone who misuses it or the information in it. Piranha Studios Limited cannot accept any liability sustained as a result of software viruses and would recommend that you carry out your own virus checks before opening any attachment. GWAVAsigAdmID:58DF45836421CA73BB6821B8B0D98013 ** IMPORTANT NOTICE This communication is for the exclusive use of the intended recipient(s) named above. If you receive this communication in error, you should notify the sender by e-mail or by telephone (+44) 191 224 4461, delete it and destroy any copies of it. This communication may contain confidential information and material protected by copyright, design right or other intellectual property rights which are and shall remain the property of Piranha Studios Limited. Any form of distribution, copying or other unauthorised use of this communication or the information in it is strictly prohibited. Piranha Studios Limited asserts its rights in this communication and the information in it and reserves the right to take action against anyone who misuses it or the information in it. Piranha Studios Limited cannot accept any liability sustained as a result of software viruses and would recommend that you carry out your own virus checks before opening any attachment. GWAVAsig -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Connection Question!
What are you trying to connect to? Do you have a webservice on the second domain? Is it a database - and if so, which? -Original Message- From: JeRRy [mailto:[EMAIL PROTECTED] Sent: 17 May 2005 08:33 To: php-db@lists.php.net Subject: [PHP-DB] Connection Question! Hi, Okay lets say I own www.fred.com (which I don't but still) and www.getpaid2reademails.com (so I own two domain, lucky me!) Now I want to connect from getpaid to fred... Okay I have done this and achieved this but is it possible to reject this operation and deny connections outside of localhost? Also if this is possible what IP is checked, the actual servers as localhost or the user (different IP)? I hope you understand what I mean, just wondering on stricter security. J - Find local movie times and trailers on Yahoo! Movies. -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] Re: Select
Miguel Antonio Guirao Aguilar wrote: Hi!! I have this query in PHP: $items2 = mysql_query(SELECT DISTINCT * FROM rev ORDER BY rev, $link); I have three rows with the same data on it, and DISTINCT seems to be not working, since I got all the rows, any ideas of what is going wrong? Without knowing how many fields you have and what they are, no. But you should realise that DISTINCT looks at _all_ selected fields in a record, so if you have an auto_increment id field in amongst those selected, all the records will be different. David -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] Select
distinc needs a field select distinct(name) from table bastien From: MIGUEL ANTONIO GUIRAO AGUILAR [EMAIL PROTECTED] To: php-db@lists.php.net Subject: [PHP-DB] Select Date: Mon, 16 May 2005 19:26:20 -0700 Hi!! I have this query in PHP: $items2 = mysql_query(SELECT DISTINCT * FROM rev ORDER BY rev, $link); I have three rows with the same data on it, and DISTINCT seems to be not working, since I got all the rows, any ideas of what is going wrong? -- MIGUEL GUIRAO AGUILERA Logistica R8 - Telcel -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP Database Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP-DB] multiple queries, one transaction
I would like to get the itemID number (autoincrement) of the last
insert.
(Insert order, get last orderID number and use it elsewhere.)
I'm having trouble understanding how to do a transaction in mysql/php
Code below:
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die
('Error connecting to mysql');
$dbname = 'mail';
mysql_query(BEGIN); // starts the transaction
mysql_query($query) or die('Error, insert query failed');
mysql_query($query2) or die('Error, select query failed');
$query = INSERT INTO orders (orderDate) VALUES ('2005-05-17');
$query = SELECT max ordered FROM orders;
mysql_query($query) or die('Error, insert query failed');
mysql_query($query2) or die('Error, update query failed');
mysql_query(COMMIT); // ends the transaction
mysql_close($conn);
?
thx
[PHP-DB] Re: sql injection attack, protection from
* Mayo [EMAIL PROTECTED]:
I'm new to PHP and would like to make certain that I have the basic
protection for the site:
Use double quotes to contain variable
This depends entirely on the variable type expected by MySQL; int and
floats don't necessarily need quotes. However, it's typically a good
practice.
Use mysql_escape_string so that query is considered part of the WHERE
clause.
If you're on PHP =4.3.0, use mysql_real_escape_string().
$result=mysql_query('SELECT * FROM users WHERE
username='.mysql_escape_string($_GET['username']).'');
I'm pulling prices from a database and sending the item ID which has 4
characters (1001, 1002, etc.)
Is the following unnecessary with mysql_escape_string?
if (preg_match(/^\w{4,4}$/, $_GET['username'], $matches))
$result = mysql_query(SELECT * FROM items WHERE
itemID=$matches[0]);
else // we don't bother querying the database
echo itemID not accepted;
It's *always* better to filter your data before placing it in your
database. Check to see if the data is of the correct type and/or falls
within the correct range of values allowed for the field it will occupy.
Doing this will help keep your data normalized and prevent headaches
later on.
By the way, if you want some best practices for escaping data before
placing into a database, the manual page for mysql_real_escape_string
has some examples:
http://php.net/mysql_real_escape_string
--
Matthew Weier O'Phinney | WEBSITES:
Webmaster and IT Specialist | http://www.garden.org
National Gardening Association| http://www.kidsgardening.com
802-863-5251 x156 | http://nationalgardenmonth.org
mailto:[EMAIL PROTECTED] | http://vermontbotanical.org
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] multiple queries, one transaction
Thanks, the $orderId = mysql_insert_id($result) was what I was looking
for.
But in the long run, I'm still concerned about how to group several
queries into one transaction. As for example when one wants to make
multiple inserts with one submit.
Ex: User wants to input inventory. He's going to put in 11 new jeans
sizes 28-38
You create a loop inserting the following
itemType:jean
itemDesigner:Antik
itemSize:$i
This should all be one transaction. I would like to do this with
php/mysql.
Thx
-Original Message-
From: Jason [mailto:[EMAIL PROTECTED]
Sent: Saturday, May 17, 2003 1:30 PM
To: 'mayo'
Subject: RE: [PHP-DB] multiple queries, one transaction
You could always use $orderId = mysql_insert_id($result) to pull the
autoinc
id that was created from your insert statement...
But I think your question revolves more around how do I do a query
then
how do I pull the id back
So to answer what I think your asking...
I write my queries like this:
$query = INSERT into orders(
orderData)
values(
'$orderData');
$result = mysql_query($query);
$orderId= mysql_insert_id($result);
Hope that helps.
-Original Message-
From: mayo [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 8:27 AM
To: php-db@lists.php.net
Subject: [PHP-DB] multiple queries, one transaction
I would like to get the itemID number (autoincrement) of the last
insert.
(Insert order, get last orderID number and use it elsewhere.)
I'm having trouble understanding how to do a transaction in mysql/php
Code below:
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die
('Error connecting to mysql');
$dbname = 'mail';
mysql_query(BEGIN); // starts the transaction
mysql_query($query) or die('Error, insert query failed');
mysql_query($query2) or die('Error, select query failed');
$query = INSERT INTO orders (orderDate) VALUES ('2005-05-17');
$query = SELECT max ordered FROM orders;
mysql_query($query) or die('Error, insert query failed');
mysql_query($query2) or die('Error, update query failed');
mysql_query(COMMIT); // ends the transaction
mysql_close($conn);
?
thx
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] multiple queries, one transaction
Well, for something like this you would need one row for each item.
I just did a db for a clothing store (with cold fusion)
itemID: 1001 // autoincrement
itemTypeID: 1 // number -- refers to jeans
itemDesignerID: 5 // number -- refers to designer Antik
itemSize: 32 // number -- refers to waist size
itemColor: 7 // number -- referes to color blue
each item must have its own row
itemID:1002 and 1003 could be the same designer, color and size but it
refers to a different item
I see there is a way to do consider all querys and to fail the entire
procedure if one query fails. It's a BEGIN and COMMIT statement.
mysql_query(BEGIN); // starts the transaction
mysql_query(COMMIT); // ends the transaction
I'm just not certain how it's used.
Thx
-Original Message-
From: Jason [mailto:[EMAIL PROTECTED]
Sent: Saturday, May 17, 2003 2:43 PM
To: 'mayo'
Subject: RE: [PHP-DB] multiple queries, one transaction
I see what your saying.. you can join together select queries, but I
don't
know how to join insert queries...
From what I know, which isn't that much, If you feel like you need to
multiple queries to do a single task, you should relook how your setting
up
your code/db.
Your example, for example :), you shouldn't need to do a loop to
accomplish
that task, rather you'd just have a qty table in your database that you
add
+n to when you add inventory.
There are times when a loop is necessary, and that is ok, but for the
most
part there are usually a few ways around doing multiple queries that
should
at least be looked at :)
Hope that helps... if it doesn't, e-mail me off of the list with your
actual
situation, I may be able to help
J
-Original Message-
From: mayo [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 10:39 AM
To: 'Jason'; php-db@lists.php.net
Subject: RE: [PHP-DB] multiple queries, one transaction
Thanks, the $orderId = mysql_insert_id($result) was what I was looking
for.
But in the long run, I'm still concerned about how to group several
queries into one transaction. As for example when one wants to make
multiple inserts with one submit.
Ex: User wants to input inventory. He's going to put in 11 new jeans
sizes 28-38
You create a loop inserting the following
itemType:jean
itemDesigner:Antik
itemSize:$i
This should all be one transaction. I would like to do this with
php/mysql.
Thx
-Original Message-
From: Jason [mailto:[EMAIL PROTECTED]
Sent: Saturday, May 17, 2003 1:30 PM
To: 'mayo'
Subject: RE: [PHP-DB] multiple queries, one transaction
You could always use $orderId = mysql_insert_id($result) to pull the
autoinc
id that was created from your insert statement...
But I think your question revolves more around how do I do a query
then
how do I pull the id back
So to answer what I think your asking...
I write my queries like this:
$query = INSERT into orders(
orderData)
values(
'$orderData');
$result = mysql_query($query);
$orderId= mysql_insert_id($result);
Hope that helps.
-Original Message-
From: mayo [mailto:[EMAIL PROTECTED]
Sent: Tuesday, May 17, 2005 8:27 AM
To: php-db@lists.php.net
Subject: [PHP-DB] multiple queries, one transaction
I would like to get the itemID number (autoincrement) of the last
insert.
(Insert order, get last orderID number and use it elsewhere.)
I'm having trouble understanding how to do a transaction in mysql/php
Code below:
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die
('Error connecting to mysql');
$dbname = 'mail';
mysql_query(BEGIN); // starts the transaction
mysql_query($query) or die('Error, insert query failed');
mysql_query($query2) or die('Error, select query failed');
$query = INSERT INTO orders (orderDate) VALUES ('2005-05-17');
$query = SELECT max ordered FROM orders;
mysql_query($query) or die('Error, insert query failed');
mysql_query($query2) or die('Error, update query failed');
mysql_query(COMMIT); // ends the transaction
mysql_close($conn);
?
thx
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
RE: [PHP-DB] multiple queries, one transaction
There is a function that gets the last auto increment value for an ID
field!!
-Original Message-
From: mayo [mailto:[EMAIL PROTECTED]
Sent: Martes, 17 de Mayo de 2005 10:27 a.m.
To: php-db@lists.php.net
Subject: [PHP-DB] multiple queries, one transaction
I would like to get the itemID number (autoincrement) of the last
insert.
(Insert order, get last orderID number and use it elsewhere.)
I'm having trouble understanding how to do a transaction in mysql/php
Code below:
$conn = mysql_connect($dbhost, $dbuser, $dbpass) or die
('Error connecting to mysql');
$dbname = 'mail';
mysql_query(BEGIN); // starts the transaction
mysql_query($query) or die('Error, insert query failed');
mysql_query($query2) or die('Error, select query failed');
$query = INSERT INTO orders (orderDate) VALUES ('2005-05-17');
$query = SELECT max ordered FROM orders;
mysql_query($query) or die('Error, insert query failed');
mysql_query($query2) or die('Error, update query failed');
mysql_query(COMMIT); // ends the transaction
mysql_close($conn);
?
thx
--
PHP Database Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
