Posts by mschroeder

-marases

Assuming you're using the PDO code I posted.

To iterate over the results of the query, the variable $rowset would contain a multidimensional array.

In theory your query should only return 0 or 1 rows, and to ensure this it should probably have a LIMIT 1 added to the end of it.

$sql = "SELECT * FROM users WHERE usrNAME = :user AND usrPASS = :pass LIMIT 1";

With that being said, to iterate over the results its just a matter of:

if( count( $rowset ) == 1 ){
     //We only have exactly 1 row returned.
     $_SESSION['id'] = $row[0]['id'];
}

If you need to iterate over multiple rows:

if( count( $rowset ) ){
    foreach( $rowset as $row ){
         //Do something for each row
         // echo $row['columnName'];
    }
}

-evstevemd

While I think session hijacking/fixation is a concern in the grand scheme of things, the sql injection that was present in this example initially was far easier to exploit even at a novice level. Regardless a nice link with a very easy to follow explanation of the topic and a way to reduce the risk.

Sessions is really the only way to persist data over multiple requests in php. So yes in my opinion sessions would be the best way to use it over multiple requests.

Unless you're familiar with configuring php and apache skip all of the trouble and download WAMP or XAMPP

There are others like this as well. They will install everything you need to get a fully functional php, apache and mysql environment in windows.

WAMP seems to have gone stale lately, but there is a community released version with all the latest and greatest link from their forums: http://sourceforge.net/projects/unofficialwamp2/files/

CAUTION: These installers are not designed to be used for live websites. They are really intended to speedup the setup of a development environment.

@arionyx

That design won't work because employee_id in that table can not be a primary key or even a unique index.

If it is set that way than 1 employee can only have 1 row in that table representing only one field and value combination.

@qazplm114477

Check out this article: http://www.codeforest.net/keyvalue-tables-and-how-to-use-them-in-php-and-mysql

It essentially validates your initial thoughts but also brings up some interesting points as to the shortcomings of this meta data design.

-Marais

Personally I like PDO because the code is portable across all databases that PDO supports. There is more info on PDO prepared statements: http://www.php.net/manual/en/pdo.prepare.php

<?php

/**
 * Takes a user's credentials and queries the database to ensure the user is
 * a valid user and is allowed to access our system.
 *
 * @param PDO $dbh
 * @param string $usr
 * @param string $pass
 */
function login( PDO $dbh, $usr, $pass) {
	$sql = "SELECT * FROM users WHERE usrNAME = :user AND usrPASS = :pass";
	$sth = $dbh->prepare( $sql );
	$sth->execute( array(':user' => $usr, ':pass' => $pass));
	
	$rowset = $sth->fetchAll();
	if( count($rowset) == 1 ){
		// Logged in
	} else {
		// Not logged in
	}
}

$dsn = 'mysql:dbname=testdb;host=127.0.0.1';
$user = 'dbuser';
$password = 'dbpass';

try {
    $dbh = new PDO($dsn, $user, $password);
} catch (PDOException $e) {
    echo 'Connection failed: ' . $e->getMessage();
}

login($dbh, $_POST['username'], $_POST['password']);

If you don't have PDO available to you, you can also use MySQLi which also supports prepared statements: http://www.php.net/manual/en/mysqli.prepare.php It uses a very similar syntax too.

I hope this helps, I'm more than happy to expand on it as necessary.

Besides the immediately glaring issues I see:

• The session isn't started in your code example e.g. session_start() isn't called.
• $_POST is not defined when you just load the form.

That query is also extremely vulnerable to SQL injection.
If you take the query: $sql = "SELECT * FROM users WHERE usrNAME = '$usr' AND usrPASS = '$pass'"; And a user submits admin'; /* into the user field and whatever they want for the password. This would make the resulting query SELECT * FROM users WHERE usrNAME = 'admin'; /*' AND usrPASS = 'none' That would effectively search for a user with the username "admin" and the /* would start a multi line comment that just ignores the rest of the query including the check for the password.

Now normally you'd have the obscurity of the attacker not being able to see the query you're running but if you do some reading on SQL injection you'll begin to understand what an attacker will look for and how they will go about attacking your inputs.

To reduce this you should look into using at the minimum sprintf to set specific variable types. As well as escaping quotes etc. e.g. mysql_real_escape_string (varies depending on your extension of choice)

If you wanted to take it a step further and I highly suggest it, start using prepared statements to handle this scenario.

There isn't one answer to that question unfortunately. Drupal is built on php so ultimately if you plan to develop for drupal you need to know php. Drupal is also going to add its own layers of complexity to the programming as it provides the functionality for authentication, modular development, database access etc etc etc and this is all shrouded in drupal specific code.

PHP in its most basic of forms is far easier to learn, but to develop anything serious or anything along the scale or functionality of Drupal is going to require a vast amount of time, resources and knowledge.

If you don't already know php at any level you will have to start there.

If you provide a better understanding of what you want to conceptually create maybe we can point you in a more accurate direction. e.g. if you don't need the functionality drupal affords you than there is no reason to start with it.

Exactly as hielo wrote. Nicely laid out example.

You need to use a many-to-many join table.

Create a table like StaffGroups, with columns GroupId (key to group table) and StaffId (key to staff table).
So it allows for n staff members to be in n groups at any one time.

http://www.php.net/manual/en/mysqli.query.php

Demos in the manual. Try searching next time.

Depends on the functionality you want to implement and your skill level. Drupal is a beast of a system. But in comparison starting from scratch to effectively build all of the same functionality will be a massive undertaking.

Actually as of php 5.3 you are able to monkey patch core php code. Which is essentially replacing core functions at runtime.

Illustrated by this blog: http://till.klampaeckel.de/blog/archives/105-Monkey-patching-in-PHP.html

Your question has less to do with inheritance and more to do with visibility in php.
(http://www.php.net/manual/en/language.oop5.visibility.php)

Generally speaking:

• Public - When a method or variable is defined as public it can be called outside the scope of the class or by any class which inherits it.
• Protected - When a method or variable is defined as protected it can only be called from within the class it was defined or within any class which inherits it.
• Private - When a method or variable is defined as private it can only be called from the class which it was defined in.

I can elaborate if needed or provide some examples, but there is great beginner information already in the manual or on other tutorial sites.

I know this has been solved but I see some misconceptions that need to be clarified. I have developed with Zend for the last 2+ years. I develop almost purely on Zend these days and have several relatively large applications running on it.

------

I'm sort of messing around with frameworks myself. In fact, because of that, it's led me to a whole slew of new things I'd not done before. Firstoff, you should be comfortable with object oriented programming, because frameworks are almost all OOP.
Agreed

Secondly, I've messed with Zend and Code Igniter so far. If you aren't familiar with a command line or do not have access to one from whatever server you are using - I would stay away from Zend.
If you're referencing Zend_Tool then you're quite mistaken that you MUST use a command line. I create my code from scratch usually. The structures are well defined and you create everything as you would any other php file.

I got zend installed and working ok, but it's really, really deep. I googled good frameworks for beginners and Code Igniter kept popping up, so I tried my luck at that. It's far smaller and no command line is needed to use it. It's also far more portable than Zend seems to be.
To get either working and configured is a breeze. As for being portable, I fail to see why you came to the conclusion it is not portable. …

Do you want to hard limit it to x charachters, or do you want to split it up by the nearest word? Also, does the string contain any kind of formatting/html?

Hello iammirko. Both, hielo and mschroeder, are right, but you must "close" all your name, id, and that stuff with "" or '', and use style="" for styling your table... your html code must be:

<form action="CreateUser.php" method="post" name="form">
     <table class="CreateUser" style="cellpadding:4px; cellspacing:2px;">
          <tr class="TableHeading">
               <td colspan="2">Enter the infomation below</td>
          </tr>
          <tr class="FormContents">
               <td>Username</td>
               <td><input type="text" name="text" id="usrName" size="20px"/></td>
          </tr>
          <tr class=FormContents>
               <td>Password</td>
               <td><input type="password" name="password" id="pWord" size="20px"/></td>
          </tr>
          <tr class="FormContents">
               <td></td>
               <td align="right"><input type="submit" name="submit" id="Cu_Bt" value="Login"/></td>
          </tr>	
     </table>
</form>

Actually only the XHTML 1.0 spec (http://www.w3.org/TR/xhtml1/#h-4.4) requires attributes to be quoted. The HTML 4 spec (http://www.w3.org/TR/html4/intro/sgmltut.html#h-3.2.2) does not require them to be quoted unless they fail to meet certain criteria: In certain cases, authors may specify the value of an attribute without any quotation marks. The attribute value may only contain letters (a-z and A-Z), digits (0-9), hyphens (ASCII decimal 45), periods (ASCII decimal 46), underscores (ASCII decimal 95), and colons (ASCII decimal 58). We recommend using quotation marks even when it is possible to eliminate them. Just FYI.

You don't have name="" attributes in your html form code.

<form action="CreateUser.php" method="post">
	<table class=CreateUser cellpadding=4px, cellspacing=2px>
		<tr class=TableHeading>
			<td colspan=2>Enter the infomation below</td>
		</tr>
		<tr class=FormContents>
				<td>Username</td>
				<td><input type=text id=usrName name=usrName size=20px></input>
				</td>
		</tr>
		<tr class=FormContents>
				<td>Password</td>
				<td><input type=password id=pWord name=pWord size=20px></input>
				</td>
		</tr>
		<tr class=FormContents>
				<td></td>
				<td align=right><input type=submit id=Cu_Bt value=Login></td>
		</tr>	
	</table>
	</form>

var Editor1 = FCKeditorAPI.GetInstance('editor1') ;
var Editor2 = FCKeditorAPI.GetInstance('editor2');
Editor2.InsertHtml( Editor1.GetHTML() );

http://php.net/manual/en/class.recursivedirectoryiterator.php

No framework is going to be easy or faster than any other at this point. Without learning any framework well enough to use it properly you'll slow yourself down.

Personally the only framework I use and like working with is the Zend Framework. But everyone is going to have their own opinion on this. Find one you're comfortable with and one that makes the most sense to you. Some are straightforward others try to implement a lot of "magic" functionality.

Ha! Talk about egg on my face. I read this on my phone and mistook the , for a semi-colon. I stand corrected.

This was already covered in: http://www.daniweb.com/forums/thread310238.html
Almost this exact question, with the exception the op there asked for a way to break a string down first then convert a numerical array into an assoc.

function toAssoc(array $array){
     //Temporary array to hold new pieces
     $temp = array();

     //Iterate over supplied array by key and value
     foreach($array as $k => $v){
             //Make sure the key is even using a bitwise operator for efficiency
	     if( ($k&1) == 0 ){
                     //If we have an even key, 0, 2, 4, 6, etc.
                     //Create an array item with key of the current value
                     //and value of next odd array item.
		     $temp[$v] = (isset($pieces[$k+1]) ? $pieces[$k+1] : '');
	     }
     }
     return $temp;
}

Usage:

$test = array('category_name:','c1','types:','t1');
print_r(toAssoc($test));
//Array ( [category_name:] =>c1[types:]=>t1 )

-hielo & robothy

You both had introduced a relatively well known performance no no in your codes.
You should never have a function call in your loops. for($i=0,$limit=count($arr); $i < $limit; ++$i) while($intIndex <= count($arrInput)) In both pieces of code, move the count() function calls outside of the loop initialization.
This is evaluated on every iteration of the loop. You can verify this with a code trace in xdebug.

-hielo

You can also remove the is_array check from your code by specifying the the parameter passed is of type array. Unfortunately besides object types and the array type there are no other function argument types you can use.

This is Very Normal Error This is Error Comes Due to the Full of Memory Means Your Computer's Memory is Full.You have to Remove the Temporary Files,Cookies,Browsing History and also Recycle Bin Form the Your Computer.You can Manually Delete it or You can Use any Software like the Ccleaner.It will Delete the all this things with the Single Click.

This has nothing to do with the ops original question. Period.
Besides those things all exist in storage (the harddrive) not in memory (ram).

Are you trying to paginate the content automatically, by x number of lines, or are you looking to insert some kind of tag or something (e.g. <!--break-->) into the content and have it split apart by that?

For starters a configuration file should only contain configuration values.
If you're working with OOP move the database initialization to some sort of database class.

In my opinion there are two approaches to this. You could make your database connection into a class and use the singleton pattern. Basically this pattern stores an instance of itself in itself. If it already has an instance it returns it, if not it creates a new database object, stores it and then returns it.

<?php
/**
 * Establishes a database connection and utilizes a singleton pattern
 * implementation to ensure only one instance exists during execution
 */
class Database
{
	/**
	 * Stores an instance of the database class
	 * @var Database
	 */
	private static $__instance;
	
	/**
	 * Setups the database
	 * Can only be called from within this class
	 */
	private function __construct(){
		//Read in configuration file
		//Establish database connection
		//Store connection in this object
		//etc etc		
	}
	
	/**
	 * Returns a new instance of the Database class OR
	 * returns the instance stored in the static variable
	 * 
	 * @return Database
	 */
	public static function getInstance(){
		if( !self::$__instance ){
			self::$__instance = new Database();
		}
		return self::$__instance;
	}
}

In your code you would use it like this:

<?php
class Users
{
	public function dbTask(){
		$db = Database::getInstance();
		//$db->query() or something
	}
}

This is probably the easiest and most straightforward method to establish a single database connection for the entire execution of your application. However, it also creates a …

If they are logged into your site, you can use the session or the cookie you are using to make the connection between their account and whatever link is incoming. If they are not logged in or do not have an account, provide them with a quick login/registration process and then immediately add whatever they clicked on to their account.

On a tangent instead of using siteid=[integer] I'd probably be more inclined to use a hash with a unique salt, so that a user couldn't just visit your URLs in order, by changing the siteid to the next number. Salting the hash would ensure that unless they guessed the salt, they could not replicate your hash either. This is assuming that the site ids are auto-incrementing integers of course.

<?php
/**
 * Explodes the supplied string by the supplied delimiter
 * and reassembles based on each even key getting the next odd value
 *
 * @param String $string
 * @param String $delimiter
 * @return Array
 */ 
function toArray($string, $delimiter){
	$pieces = explode($delimiter, $string);
	$temp = array();
	foreach($pieces as $k => $v){
		if( ($k&1) == 0 ){
			$temp[$v] = (isset($pieces[$k+1]) ? $pieces[$k+1] : '');
		}
	}
	return $temp;
}

print_r(toArray($string,'-abs43;'));
//Array ( [category_name:] => c1 [types:] => t1 )

At 100 iterations the difference is in the ten thousandths of a second.
At 10000 iterations its about 30% faster.

If you know for sure your array will ALWAYS have an even amount of value, removing the isset check and the ternary operator ( ?: ) will make it just over 50% faster.

While I'm sure this can be done with the very old mysql extension, mysqli makes this very easy. This is taken from the php mysqli::commit documentation. http://www.php.net/manual/en/mysqli.commit.php

<?php
$mysqli = new mysqli("localhost", "my_user", "my_password", "world");

/* check connection */
if (mysqli_connect_errno()) {
    printf("Connect failed: %s\n", mysqli_connect_error());
    exit();
}

$mysqli->query("CREATE TABLE Language LIKE CountryLanguage");

/* set autocommit to off */
$mysqli->autocommit(FALSE);

/* Insert some values */
$mysqli->query("INSERT INTO Language VALUES ('DEU', 'Bavarian', 'F', 11.2)");
$mysqli->query("INSERT INTO Language VALUES ('DEU', 'Swabian', 'F', 9.4)");

/* commit transaction */
$mysqli->commit();

/* drop table */
$mysqli->query("DROP TABLE Language");

/* close connection */
$mysqli->close();
?>

I know I've posted this before, but this scribd slideshow covers how to really optimize to the best of your abilities this particular functionality in mysql.

http://www.scribd.com/doc/2569355/Geo-Distance-Search-with-MySQL

If you have access to the physical server, you could also check out the Spatial extensions for mysql.

http://dev.mysql.com/doc/refman/5.0/en/spatial-extensions.html

can you put var_dump($perm); in your code prior to the case statement and post the output here? I'm going to guess either perm is not being set or is not what you expect it to be.

Hi,

I am trying to print different messages based on what is selected. The selections are stored in a database as $perm, and the options are low, intermediate and high. I am using switch, however i only get the first case printed:

$low = "Low";
$int = "Intermediate"; 
$high = "High "; 

switch($perm) {
     case $perm == $low: echo "Low perm <br>"; break;
     case $perm == $int: echo "Intermediate perm <br>"; break;
     case $perm == $high: echo "High perm <br>"; break;
     default: echo "No information has been provided. ";
}

I have tried giving the options numerical values, however, when i retrieve the results they are still strings so comparint $perm == 1, 2, or 3 just prints the default message. Any help appreciated.

switch($perm) {
     case 'Low': 
         echo "Low perm <br>"; 
     break;
     case 'Intermediate': 
         echo "Intermediate perm <br>"; 
     break;
     case 'High': 
         echo "High perm <br>"; 
     break;
     default: 
         echo "No information has been provided. ";
}

For new code, strtotime really should be avoided. While we are a considerable amount of time away from Y2k38 and I really don't think you would run into an issue, if your script would ever need to process a date after 2038, maybe like the end date of a 30yr mortgage or something, strtotime will fail. This has been addressed in the DateTime object built into PHP since 5.2.

Now I hope you're working on a version of php > 5.2 as there really is no reason to be on anything less.

$date = new DateTime("{$startdate} {$starthour}:{$startmin}");
$date->modify("+{$hour} hours +{$minute} minutes");
echo $date->format('Y-m-d H:i:s');

Except count() is approximate when used on innodb tables, possibly all transactional table types. Just something to keep in mind.

PDFTK (http://www.pdflabs.com/tools/pdftk-the-pdf-toolkit/) could solve most if not all of your difficulty. The only caveat being its a command line utility so you have to interact with it in that fashion. Which would also require server access to install it.

it sounds like your solution would be rather simple though, start with a single pdf file that represents each section of the order form. User selects which sections they need and that in turn is passed to pdftk which takes the files for only those sections, merges them down into a single temporary pdf and then pushes that pdf to the user's browser with a header, or even takes the user to a page that has an embedded pdf control and they can save the pdf or print it from there.

Depends on your PHP and programming knowledge.

Personally I don't think starting your first project with a limited amount of PHP and utilizing a framework is the best approach. I imagine the complexity and learning curve of the framework will be overwhelming, although I could be wrong.

Frameworks heavily use OOP so without a solid foundation in OOP concepts in PHP the framework will add a second layer of complexity to your learning. But, once you have learned the framework, which ever you choose, and feel comfortable with it, it does speed up your development process.

You spend less time building the foundation for every application and can just jump into the business logic.

Best of luck with the endeavor.

Your first example would require returning a potentially massive data set from the database simply for a count so I wouldn't suggest that.

I've seen the second one mentioned when dealing with massive datasets as well. Usually in conjunction with a set of triggers that when an row is inserted automatically increment the count and when a row is removed automatically decrement the count. This would be best stored in a separate table that contained only count values in my opinion.

Your other option would be the COUNT() function. Although with out benchmarking it I don't know if it would be any faster or slower than your first proposal.

Personally I prefer the Zend Framework. Have used it for numerous large projects and I'm very happy with the results.

There are a lot of very informative threads on this topic on this very forum. But I'll elaborate on my previous statement.

Hashing is not encryption. SHA1 and MD5 are hashing algorithms. You pass them data and they generate a unique hash from that data. There is no magic function that turns the hashed value back into your data. However, MD5 has proven to be an ineffective hashing algorithm for quite some time, due to collisions e.g. two unique strings that generate the same hash. There have also been breakdowns in the SHA1 algorithm to my understanding. Both of those algorithms should be avoided in my opinion in lieu of better algorithms such as sha-256, sha-512, whirlpool etc.

Salting a hash means to append or prepend (or both) some form of trivial data to make the hash more complex. So lets say our salt is 'a1b2c3d4f5' and our user chooses the password of 'test'. When you hash just the password of 'test' => (a94a8fe5ccb19ba61c4c0873d391e987982fbbd3), you've created a hash that probably exists in a rainbow table (a database of strings and their hashes) because the hashed string is so common. If you append or prepend the salt to it. The string that gets hashed is now: 'a1b2c3d4f5testa1b2c3d4f5' => (c297373704eebdd3154872d23a7eb1a27f751e99). So our 4 character string is now a 24 character string of mostly gibberish. Essentially if your database was compromised the theory is by salting your hash with nonsense you've created a more secure hash that an attacker won't be …

You want to filter input and escape on output.
You could also add another layer of filtering to the output if you by chance needed the data in a different way than how it is stored in the database.

e.g. If the data in the database is a validated and filtered html string and you just want the plain-text representation in a particular scenario, you could then filter it coming from the database and remove any html, then escape that output to the user.

These are some articles that explain why this is the golden rule:
http://terrychay.com/article/php-advent-security-filter-input-escape-output.shtml
http://en.wikipedia.org/wiki/Secure_input_and_output_handling

This also has some good information:
http://phpsec.org/projects/guide/

In the short and simple, you don't.

sha1 is a hashing function not encryption. It is designed to only work in one direction. e.g. 'dog' => 'e49512524f47b4138d850c9d9d85972927281da0'

If you require the ability to decrypt an encrypted string then you will need to use an encryption package like openssl or mcrypt.

In your case to send a plain-text password you could store it to a variable prior to hashing it. Then you could send the unhashed string to the user.

If the value of $day-$month-$year evaluates to a string like 'd-m-Y' or any other combination of php date formats then yes you could.

<?php
$day = 'd';
$month = 'm';
$year = 'Y';

$format = "$day-$month-$year"; // d-m-Y
echo date($format); // 31-08-2010

If the value of $day-$month-$year evaluates to an actual date string like '31-8-2010' then no you can not feed that to the date function.

You would need to use strtotime or the DateTime object. I would suggest the later as it is compatible with dates after 2038, among countless other benefits.

<?php
$day = '31';
$month = '8';
$year = '2010';

$format = "$day-$month-$year"; // 31-8-2010
echo date('d-m-Y', strtotime($format)); // 31-08-2010
echo strtotime($format); // 1283308069 or something

<?php
$day = '31';
$month = '8';
$year = '2010';

$format = "$day-$month-$year"; // 31-8-2010
$date = new DateTime($format);
echo $date->format('d-m-Y'); // 31-8-2010
echo $date->getTimestamp(); //1283308069 or something

Hopefully this helps.

Can you describe your database a little more in depth, this seems overly complex for what you're trying to do and I think it has to do with how the database is structured.

$row = mysql_fetch_array( $result );

after that line, add:

print_r($row);

this will probably make a mess out of the table layout, but paste the output from that function here. That should indicate whether the problem is in the row array or not.

Output should be something like:

Array
(
    [tradeID] => xxxx
    [Date] => xxxxx
    [teamA] => xxxx
    ....
)

Can you do a print_r($row) and post the output from 1 iteration of the loop?

Your echo statement is correct.

<?php
$row['teamA'] = 'irish';
echo "<img src='/images/bar_".$row['teamA'].".jpg'>";

yields

<img src='/images/bar_irish.jpg'>

Is it failing to display for all iterations of your loop or is it only on particular ones? I assume you've omitted the loop to simplify the code posted.

That echo statement works for me without any issue. Can you post what you are getting errors and/or output when you run it?

I'd say a lot of people is very open to interpretation. In my experiences with this it is very easy to get an ip or domain blacklisted and difficult to get it unlisted.

If you're looking for mass mailing capabilities and it needs to be built in php than using SMTP and a queue of sorts to send n emails every x mins is probably the best way to handle this. CRON would be unavoidable if you want something that is actually done in measured increments.

Perhaps look into a variety of mass mailing services which will obviously handle this for a cost, pay by email, pay by subscriber etc. In my experiences with these types of services, their deliverability rates are exceptional and they provide so much more beyond just sending emails. Most of these services have API's and will offer you a developer account to integrate their api into your system. From within your system, have a common mailing interface and provide your users with various adapters that they can choose from with SMTP being a fallback if the user does not wish to pay for a service.

iContact, MailChimp and StreamSend all come to mind but there are probably hundreds if not more, services like these.

You're probably looking for a multi-byte function.
http://php.net/manual/en/function.mb-substr.php

how could it display php tags? its a scripting language and when you echo it it automatically executed.
Post your exact output if issue is still not solved.

-vib
That is not true. When you use something like file_get_content() it does not parse/execute what it reads in. If you included the file then yes it would execute any php in that file.

-Gigs
This appears to me like you're trying to use it for some kind of template system? Where your output has a series of echo statements and you've already set some variables that should be replaced.

ob_start();
include ('lol.php');
$content = ob_get_contents();
ob_end_clean();

echo $content;

That code will include lol.php which will execute any php statements within it and then capture the content to a variable which you can then use at a later time. Is this more what you're trying to accomplish?

How would I build a web page similar to an online banking page that has a running account balance, only I want to make each line editable. If a specific line was edited the total would then change up through the top. (transactions are sorted by date order)

How do you break up a sql table in 50 line increments? So it only shows you 50 lines on one page with the ability to click on the previous 50 items, etc etc until you reach the first/oldest transaction?

- Pagination. Search these forums and you'll find a lot of coverage of the topic.

I can pull back full tables, but breaking them up in sections is hard. I also cant figure out where to do the "running total" math.

- Look up the Mysql SUM() function. Then apply your where clauses so you're only selecting the transactions you want. That will give you a running total. Apply limit clauses in conjunction with your pagination and you would have the running balance on that page of transactions.

If someone could give me some specific functions I could study, or a strategy using the various technologies I would be very very grateful. (I have read beginner books on SQL, Javascript, PHP, AJAX, HTML/CSS and now am reading an advanced book on PHP.)

- There are no specific functions that jump out at me that would make this any easier for you. Get a solid understanding of …