Posts by ryantroop

1) Are you sure that you dont have error notification turned off in PHP?
2) Perhaps you need to free your current mysqli resource, as you may be getting an unfreed cursor state.
3) Users in line 50 is not users in line 79 :-/

As a note of concern, though... sanitize your data. It's very rare that you should allow direct POST values to be inserted into your database without cleaning it all up, even though "prepare" does protect against a lot of vectors of attack, doing some additional type checking and sanitizing before hand will save you headaches down the road.

with two insert statements.

So... a couple questions I guess...

If you have a form, why are you using AJAX?
What is trim()?
Have you used F12 tools to see if you are generating an error? If so, what is it?

I also don't understand your regex...
try using a too like: https://regex101.com/ to build your regexes. It looks like your regex is actually the cause of your script error, and why you are failing.

I doubt that you will need both multiline and * to be greedy when you already have + modifiers. Also, the * is outside the 'end of the line' marker... which is not right at all.

Yes, you are correct.

So instead, you could do something like
RewriteRule *.myloginpage.php$ http://www.mywebsite.org/index.html [R,L,NC]

Truth be told, I would have to tinker with it and figure it out myself, as I rarely have to do htaccess files.. you know.. do it once and you're usually done :-/

What I think the above will do is capture any URI that ends with myloginpage.php and redirect to your index.html instead.

So I re-read the above and the editor formatted something incorrectly above.

It should be:
RewriteCond %{HTTP_REFERER} *.twitter.com*.$ [NC]

Pretty much every rewrite I have seen uses some form of regex to capture the condition. (twitter.com) will look for the exact string "(twitter.com)" as far as I understand it.

Maybe try using a simple regex to meet your needs -
RewriteCond %{HTTP_REFERER} .twitter.com.$ [NC]

Also, while I don't ultimately know the needs of your rule, Im guessing your RewriteRule will need to be modified some, as I think you are going to end up having a url that looks something like http://mywebsite.org/http://mysebsite.org/index.html assuming that the incoming uri is http://mywebsite.org/myloginpage.php

If that is the case, simply change
RewriteRule myloginpage.php http://mywebsite.org/index.html [R,L,NC]
to
RewriteRule ^(.*)$ http://mywebsite.org/index.html [R,L,NC]

and that may solve your issue...

Looks good to me... if you have no records, and you have no limiter (where clause), you obviously have nothing in there.

You could also do "select 1 from stafftable limit 1" and it will probably be faster, but if your goal is to use the data (as yours appears to be), then the method you are using seems perfectly fine.

SCENARIO
Student tries to write code to solve their problem. When they cant figure it out on their own, they go to message boards to get help finding where they went wrong.

HINTS:
The student is you, bro :(
Show Some Code

Each user has a specific, unique, identifier, yes?

Pre-pend your root object with that decorator.

Ex:

UserData:{foo:1};

Can instead be:

1331UserData:{foo:1};

Then your code can look for said data by something like:

localStorage[userID + "UserData"];

Mind you this is all pseudo code so you'll still have to do some work.

Happy coding!!

Are you getting an error?

First look says no ending semicolon... Other than that, depends on the table and what values it expects. Try listing out the columns explicitly and see if that helps. I'm also assuming the first column is your id and you may be passing a blank string instead of the primitive null... Again, without an error, it's hard to say.

It is highly unlikely you will get a time stamp that perfectly matches another down to the millisecond. However, you can always do your query something like

select MIN(id) where date = 'mydate'

That way if you have an exact match, only the first id will be returned, and since it's first in the table they were obviously first to submit.

Did you try the var_dump? What values are in $_POST["start"]?

Your input name and the name in your post do not match.

When debugging things like this, it may help to use var_dump(), particularly in your case

var_dump($_POST);

and see what you get.

None of them alone will do much of anything.

Facebook will likely have the largest user base, and will also allow public display. Twitter is more of a social communication platform. Linked In would be sorta good for your b2b market.

Even if those are not your big 3 in your market, whatever one you decide to work with, you need to attract followers / subscribers and keep it relevant. Just having the page made does nothing for you.

You would likely need a second table that keeps track of the "state" of the record being read. Either that, or a column that flags a "read" state. Using a separate table, however, you can also relate a user id or other relevant information.

I am not 100% certain, but I do not think there is a built in way to lock a row. You may be able to be clever and use some sort of trigger, but that just goes back to having a read state anyway...

The article you refer to is talking about dirty reads, meaning you are updating a column in the same row you are reading, which usually would cause a deadlock (or a table lock) until the update is completed, and then give you a clean read of the updated material.

This would be used in something like the column that flags the row as read. However, I personally would not go this route...

The answer still is valid. It's the wrong tool for the job.

You're missing the point of python, imo. Your question is equivalent to "why can't I go to space in a jumbo jet?"

In theory, you can import a C or c++ module that will handle your memory management into your python script. I'm not entirely sure how that would work, but I'm sure it could be done.

Python was designed to remove the complexity of coding, and pointers were one of the first things to go. However, this does not mean python cannot communicate with hardware or any of the other things that you can accomplish with C or c++. It just needs to be done within the rules of the language.

What exactly are you thinking you can't do with python?

Right tool for the job. I can bash a nail in using a wrench, but if the job calls for a hammer I should probably use a hammer.

Granted, most languages will allow for cli commands, but what if you're writing in C# for distribution to windows users and you don't want to force them to also install python?

As learning exercises, learning to read/write to a file or pointer is also very necessary for real life work.

What works for you doesn't always work for others, and other people may have a long way to go to have the same experiences you did.

You will need a for loop and an understanding of modulus, and a little bit of good old fashioned logic.

Good luck!

Uhhh... This is PHP. Nothing looks wrong with the query.

What other PHP script do you have to execute and prepare the statement?

Yes its possible. Without knowing more about the site, or it's markup, it's impossible to give a more detailed answer.

Change is slow. Just because Tesla open sourced all of their tech, it didn't change the industry and suddenly every new car is electric.

Also, having used both eclipse and vs, they have their own quirks and unique feel. People aren't just going to abandon what they know because something else is now free. Aka the old adage: You can't teach an old dog new tricks (because they're stubborn old farts :P)

The server super global should also have the port number for the request, $_SERVER["SERVER_PORT"], but the way you are checking is the only way I can think of on the receiving end of a request.

You can always htaccess it up and force all connections over https :/ but I'm guessing that won't really solve your problem.

Edit: I think the value for $_SERVER["HTTPS"] will be a 1 or 0

remove the space in the delimiter (right now you have ", " so change it to ",") and you should be good to go.

I suppose a simple question is can you actually connect and run anything using the mssql commands? It's been a while for sure, but last time I did PHP to mssql I had to go through ODBC...

It's a bit lengthy to post everything, but this thread should start you off in the right direction:

http://www.doomworld.com/vb/doom-editing/10766-wad-file-format/

You will likely have to convert the binary jpg into something usable by the file format, or just have the jpg as an asset of some sort.

You may want to read up on bubble sorts:

http://en.m.wikipedia.org/wiki/Bubble_sort

And either use a standard bubble sort, or consider the variations. Also, read about them and consider if they are the right tool for the job.

Depending on if you have learned recursion or not, out if you can make the sort a while loop instead, it may make your life easy with limited data such as this.

Try taking the single quotes out from your select.

You appear to be selecting the string literal 'images_path' on line 6

The purpose was to encourage him to try on his own, giving a place to start.

I admit, I answered on my phone and didn't think to look what forum I was in... But answering this kind of question by doing the work for him hardly teaches anything. :/

Also... I do not believe your solution is at all correct to answer his problem. You may want to reread his request.

a function that outputs all the words ending in a "s", in a sentence sent to it as a parameter.

Done!!

No... Seriously. Why not try first, then get some feedback?

If you are in a computer science course, I hope you know what a function is. At that, you should know the parameter is what is passed into the function.

You will likely be returning an array of strings which, depending on the language you are using, can be as simple as a regex, quite ironically, as complex as a regex

right click disabled or not, if someone wants to steal your images or video, they will. watermark your own stuff, sue when you find someone using your work.

Is that not what you are seeing?

Since you are returning a tuple, perhaps wrapping the values of the return in parentheses will have the desired effect? The commas are just short hand to unpack the tuple anyhow, but you may be inadvertently returning just jelly_beans.

If you have the skills for the job and you match the company culture, I don't think you have anything to worry about.

Just remember the company has to fit you just as much as you fit it. If they pass you over for being a woman or older, you probably didn't want to work there anyway.

On the plus side, pretty much every company is looking for female programmers so they don't look like Facebook or Google right now :D

If you are running locally, take a look at your event log (event viewer) in your control panel > admin tools > event viewer. Look for the error and see if you can get more info from there.

Just a thought... where are you located vs where your server is located?

If you are in (just a shot in the dark here) Asia, but the server is in the USA, the date function will use the server's local time, not your time. Is this perhaps the problem?

You will find that posting your code along with the problem will get responses. We can't possibly know what your problem is with what you have written.

I don't use jQuery often, but as I understand it JSON-P is designed to wrap a JSON object in a callback function as part of the response. If you were to trace the ajax call (through the browser debugger), I bet you would see that you are getting something that looks like ?({"data":"content"}); where "?" is trying to be a function (which it clearly is not).

Maybe someone with more experience with jquery can chime in?

In the schema example they use an anchor tag instead of link, but otherwise it's the same.

... I've only used schema once and basically made a template page for the types so I never had to do them again...

I think it makes sense that the URL is a thing that belongs to your person...

I had considered a similar structure to that, but I think Im gonna stick with bit maps instead. More flexibility, I feel, in terms of changing days and frequency on the fly.

Ill keep working through it... since no one else is really biting on this Im guessing this was a fairly simple question and no one is wasting time with it :-P

So.. solved it is!

I'm not sure I follow.. Are you suggesting that the trigger updates the frequency?

The idea is to limit the number of rows for less cluttered tables and faster seek times. Adding events in date slots, if that is your suggestion, seems counter productive...

so.. Im having trouble wrapping my noodle around this...

my initial thought:

-- events
create table Events
(
  id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
  Title VARCHAR(512) NOT NULL,
  Description TEXT NULL,
  StartDate DATETIME NOT NULL,
  EndDate DATETIME NULL
);
create index StartDate_OnEvents  On Events (StartDate);

create table EventFrequency
(
  id INT NOT NULL AUTO_INCREMENT PRIMARY KEY,
  EventID INT NOT NULL,
  Frequency INT NULL Default 0, -- 0=once, 1=weekly, 2=weekday, 4=weekend, 8=daily, 16=Monthly, 32=Yearly, 64=First Weekday Match
  OriginalDayOfWeek INT NOT NULL, --1-Sunday, 2-Monday, 4-Tuesday, 8-Wednesday, 16-Thursday, 32-Friday, 64-Saturday
  OriginalDay INT NOT NULL,
  OriginalMonth INT NOT NULL,
  OriginalYear INT NOT NULL
);

Of course, I doubt I will need original day, weekday, or year, but it's there for the sake of being there.

However, the thought is then to query EventFrequency where Month = passed in, and return all event IDs where Frequency > 0 (the original event will be handled from the first table directly). After that, further processing can be done based on the bit map and set the date as necessary (I suppose this is where original day would come in based on the frequency...)

Is this the way to go for indefinite duration? Am I missing something glaring? I am not entirely sure how to handle leap years in this case... though I would assume post processing logic server or client side can handle this.

I dunno.. any thoughts?

Thanks!

Ryan

I believe he is attempting to demonstrate.

Fyi, you can spoof origination. It's only a stop gap. If you are worried about data, encrypt it. If you can't, let the big boys take care of it for you and use alternative methods. Most cc processors will allow everything from repeat billing to single small payments through their API, and they take care of everything you don't want any business with.

That's a bit of security through obscurity.

To what end are you planning on doing this?

Rewrites are good for looking professional. There is little security to it. It's basically a redirect. Even if I show you that you are posting to mysuperlockeddownphpscrupt.php you won't be able to do much to it if I code proactively (rejecting requests that don't originate from your server, making sure you sanitize data, prepare SQL, etc...). The only other way you can get burned besides SQL injection attacks that is within your control is to keep your passwords locked up and strong. If someone gets root access, all the .htaccess hackery in the world won't help you.

As I understand it, you need to use the ODBC driver to connect PHP to mssql. I may be a bit behind on that info, but I would be curious to see if you are connecting at all.

hotmail may be actively rejecting the message. Are you setting your "from" in the headers? Are you getting a bounceback?

If you have malformed headers, some mail services will actively reject the mail as spam. Also, if the server itself is not configured to identify itself when sending email, some servers will reject the mail as well (so, if you are using a home server or an oddball company).

You would be better served (after you get this up and running) to look into PEAR or some other non php mail() system, either using SMTP or a service that is configured appropriately. The mail() function is incredibly inneficient, hard to maintain, and (as I was taught) it is a last resort when more common systems fail.

I dont use jQuery at all, but from what I am seeing you can probably just change that setTimeout to a setInterval?

Just make sure that the interval length is the same as the amount of time it takes for the animation to finish.

He is using it to suppress errors.

I agree with the posters on the other site, you have a lot of wonkey going on. Im not sure why you are allowing users to dynamically allocate tables, let alone entire databases. But, meh, to each their own. Im sure you have your reasons.

What stands out to me on the area marked "this is where it breaks" is you do not properly quote your variable in the SQL syntax.

$SQLstring = "SELECT * FROM $TableName";

Everywhere else you wrap $Foo as '$Foo' but here you did not.

Not sure if that's your problem, but it is a start.

I would encourage you to rethink your plan of attack here, unless you know you can trust the source of the incoming data - and even then, it's a bit hokey. You don't sanitize anything... you have a lot to work on to make this a working bit of code, I feel...

Good luck!!

Ryan

Im in total agreement that security through obscurity is a fools errand.

I agree, more iterations would not hurt. 10 is a bit weak, but that was demonstrative in nature.

Regardless of that, though, I am curious what your plan of attack would be.

Without having root access to the server, and getting the global salt, how would you deconstruct the hash? Even assuming you got a database dump, and you had the "pepper," you have no way of knowing how many passes were used to create the hash, nor the salt that made it. On top of that, there is little chance of knowing the method of merging the two together.

So, without root access to the server, and seeing the process (which defeats the whole thing anyway), I don't see how you would be able to create a single table that would be able to access ALL the passwords.

I do not mean to be difficult. I am genuinely interested as this is an area I have very limited exposure to, and don't often get called upon to increase my knowledge in the area.

For the record, so you and others are not taking my proposed process as a challenge, I do employ bCrypt for hashing passwords in all but a handful of my projects.