Posts by ryantroop

Im not sure what you are asking..

If the column is varchar, what is being passed in as the value? Is it NULL? A number? Are you getting a SQL error? Have you tried doing a var_dump on $r and seeing what is actually in there? Are you sure buy_temp has a valid "option" column?

So many points of potential failure, it's hard to debug from what you have given...

I had a typo on line 10. It should read :

var myFriends = [
{firstName: "Bertrand", lastName: "Michel"}, 
{firstName: "Michel", lastName: "Bertrand"}, 
{firstName: "Henri", lastName: "Michel"}, {}
]; //this is an array of objects
var myFamily = {lastName: "Michel"}; //this doesnt have to be an object, but whatever.. in fact, you don't even use this?
var myFamilyMembers = []; //this is an empty array
var oObj; //declare outside to save cycles
for (var i=0;i < myFriends.length;i++) { //iterate through the array
    oObj = myFriends[i];  //set oObj to be the member of the array by index
    if (oObj.lastName && oObj.lastName == "Michel")  //check the value directly (I think you mean here oObj.lastName == myFamily.lastName)
        {
              myFamilyMembers.push(oObj);
         }
console.log(myFamilyMembers); //Im not sure you want to do this with each pass, but whatever floats your boat...
}

I encourage you to read the comments, and follow along with what the code is actually doing. You are misunderstanding the types of loops presented.

You are confusing an iterative loop (for loop) with an object lookup loop (for-in loop). They are not interchangable in any way, and will give completely different results. Example..

for (var i = 0; i < 10; i++) //this says, as long as i is less than 10, continue doing this
{ 
    console.log(i); //write the value of i to the console
}

for (var c in oObj) //walk through the object oObj, and let the variable c represent the "name" of the parameter
{
  console.log(c); //write the name of …

In your example, myFriends is an array of objects. (Ln. 1)
Your iteration is for object notation on Ln. 8. the for ... in construct only works on "objects" that have properties. Now, since everything in javascript is an extension of a root "Object" (other than primitives) your code does not fail. All you have done is map the variable "friend" to be a reference to a property of an "array object" that you are then iterating through. You are lucky that you are not getting any errors, as you are trying to reference a property that simply does not exists in the properties of an array, and the JS VM should have considered this a problem.

Here is what you are trying to do...

var myFriends = [
{firstName: "Bertrand", lastName: "Michel"}, 
{firstName: "Michel", lastName: "Bertrand"}, 
{firstName: "Henri", lastName: "Michel"}, {}
]; //this is an array of objects
var myFamily = {lastName: "Michel"}; //this doesnt have to be an object, but whatever.. in fact, you don't even use this?
var myFamilyMembers = []; //this is an empty array
var oObj; //declare outside to save cycles
for (var i=0;i < myFriends.length;i++) { //iterate through the array
    oObj = myFriends[iLup];  //set oObj to be the member of the array by index
    if (oObj.lastName && oObj.lastName == "Michel")  //check the value directly (I think you mean here oObj.lastName == myFamily.lastName)
        {
              myFamilyMembers.push(oObj);
         }
console.log(myFamilyMembers); //Im not sure you want to do this with each pass, but whatever floats your boat...
} …

You cannot, in any fast way, compare objects directly in JS.

The only way to check values is to iterate through the object and compare values directly for what you are looking for (or, as you pointed out, simply check the value directly). Since all an object really is on the inside is a giant hash map, lookups like this are very fast - as long as you know the key.

Your example is a little vague on what you are trying to accomplish. What is your end goal, and maybe someone can point you in the right direction.

To iterate, in case that was your question, you would do something like this:

//I am looking for "two"
var oObj = {a: "one", b:"two", c:"three"};
for (var cParam in oObj)
{
    if (oObj[cParam] == "two")
        {
              console.log("Found!");
              break;
         }
}

likely because you are passing limit twice, once as a const int, and then trying to cast it as an int when it is clearly a const int.

My C++ is not the best, but Im pretty sure you can't do what you are doing :-/ You stronly type for a reason, and it's not so you can not use it.

Your Q2 will come when you fix your code in Q1.

May just be a preference thing.. but making tables on the fly like that is probably not a good idea (and resource heavy), and then you iterate through your table list with each request...

Just by reading your code, trying to figure out what you intend to accomplish is difficult...

That said.. without knowing what your scipt is sending (or the var_dump($_POST)) it's impossible to figure out why you are getting the multiple updates. Since you are iterating through all permutations each time you send a request, I would assume your data is not correct coming to your code, and it is working quite admirably and doing exactly what you told it to.

also, for inline onclick handlers, you don't need "javascript:" anymore. Most browsers know it's javascript (of course, Im assuming you're writing HTML/4+, so YMMV).

Once you return something in JS (and most other languages) any data further down is ignored. So, your scoped "name" function returns with firstName + lastName, and the rest is forgotten.

I cannot think of any way to do what you want without making a new method

Instead...

function person(first, last, age, eye) {
    this.firstName = first;
    this.lastName = last;
    this.age = age;
    this.eyeColor = eye;
    this.name = function() {
        return this.firstName + " " + this.lastName
        }

    this.capitalize = function() {
        return this.firstName.charAt(0) + " " + this.lastName.charAt(0);
        }
    };
}

var myFather = new person("John", "Doe", 50, "blue");
document.getElementById("demo").innerHTML = "My father is <b>" + myFather.name() + "</b>";

document.getElementById("demo2").innerHTML = "His captial letters are <b>" + myFather.capitalize() + "</b>";

However, if your intention is to make chainable methods then you will need to change the way you think in terms of script.
Instead, think of the object as a container (or a class) that has mutable characteristics that have built in getters and setters (unless you decide not to do that, in which case you will also have to change your syntax a bit).

example of chainable methods:

var foo = function()
{
  this.Data1 = null;
  this.Data2 = null;
  this.bar = function(value)
  {
    //do something to my data
    this.Data1 = value;
    return this;
  }

  this.bar2 = function(value2)
  {
    //do soemthing to my data2
    this.Data2 = value2;
    return this;
  }
}

//I can now do...
var myFoo = new foo();
myFoo.bar("hi").bar2(22);
document.getElementById("whatever").innerHTML = myFoo.Data1 + …

The only way to dynamically size an iframe is to let the frame load and at the end of the onload event make a call to the parent that returns the content's scrollHeight and scrollWidth.

You can do it the other way (by querying downward) but in my experience you get some serious timing issues with the layout because you can't guarantee that the CSS is applied when the iframe considers itself "loaded"

You will also have to set the actually height and width attributes on the iframe, as it will not accept CSS modifiers.

All the best security flaws are implemented with the best of intentions.

Tomorrow, your C# stack could blow up because a major vulnerability in .NET surfaces. Likewise, the years and years of unstructured code that is poured in from the open source community to manage and update PHP is bound to have loop-holes. Windows gets patched regularly for all their security updates, and Linux kernals are just as open to problems.

Your question comes down to this:

As Im walking down the street, which do I need to be more worried about?
A brick falling on my head and killing me?
The sidewalk giving way and I fall into a sink hole and killing me?
Someone robbing me and then killing me?
A heart attack, with no help, thus killing me?

The reality is - you can't ever really know until that crap happens. Code defensively to be pro-active, and keep up to date on latest threat vectors. You alone will likely never be able to manage all the possible attacks and vulnerabilities available to attack a web platform. You can mitigate much of it, though, and that comes with learning best practices, and thinking about what the most nefarious of users will do to destroy your system.

There are also a number of tools available to automate attack vectors and see if you have any insecurities. On top of that, you can write your own tools to verify you are not having an issue with …

You can do that in two ways -- in PHP you will know it's empty because your result set will be empty. That's probably the simplest and most straight forward way. You can use something like mysql_num_rows.

To do it with pure SQL, you can do aggregate functions like Count() to get the number of results in the set (but if nothing comes back, you're still stuck with an empty set). You can use something like

SELECT FOUND_ROWS();

and that will return the count for you (even if it's 0). However, you will then be writing code that expects that result set on top of the result set you just returned, which is rediculous. FOUND_ROWS() is more for procs that fill temp tables and does some sort of data massaging (in my opinion).

ehhh...

First, Im not sure why you are wrapping a select in a transaction. May just be my not following your logic, or maybe me being naive, but Im pretty sure transactions are meant to make sure everything went smoothly on inserts or updates before committing changes. You are doing neither of those things, and therefore do not need a transaction.

In MySQL, the @ symbol represents a user defined variable - which means it is actually accessable outside the stored procedure as long as the session remains open. Do not use them unless you know why you are using them.

What your proc is doing is this ->

CREATE DEFINER=`root`@`localhost` PROCEDURE `usp_GetProduct`(IN `iProductCategoryId` INT)
--create this procedure. it will take in 1 int variable called iProductCategoryId
--note, if the procedure already exists you will have to delete it before saving
BEGIN
  --start the procedure
  DECLARE ResultStatus INT default 0; --make a variable for an int. default 0 does nothing if I remember correctly. If not ignore my correction
  --here, give your default.
  set ResultStatus = 0;
  DECLARE ErrorCode INT;
  set ErrorCode = 0; -- because you never declare it, it likely wasnt working...
  DECLARE exit handler for sqlexception  --take care of SQL error
  BEGIN
    -- ERROR
    #set ErrorCode = -999;
    rollback; -- totally not necessary
  END;

  DECLARE exit handler for sqlwarning
  BEGIN
    -- WARNING
    #set ErrorCode = -888; 
    rollback; --totally not necessary
  END; 

  START TRANSACTION; --not necessary
   SELECT --just a select, result set 1
     P.iProductId AS ProductId,
     P.vProductName …

Glad it all worked out for you. So it was the no SQL after all

I don't use phpmyadmin, So maybe someone who does may be able to help with debugging... The query looks fine, so all I can go on is assuming that it compiled without error, that your data types match, And that your query does actually return data when run inside the stored procedure. All this things true, the only other things I can think of is that your user does not have insert rights, that you must explicitly commit the insert, or some other quirk with how you are set up.

Sorry, but I think I can't help without actually connecting to the database with something like MySQL workbench and trying to run the stuff manually

may sound silly, but can you try without the () surrounding your select?

insert into `product_attribute` (`product_id`, `attribute_id`, `language_id`, `text`)
SELECT a.`product_id` 
        ,b.`attr_id`
        ,b.`lang_id`
        ,b.`attr_value`

FROM     `product` a 
        ,`batch_attr_detail` b
        ,`batch_attr_set` c

WHERE c.`batch_attr_id` = @`batch_attr_id`
  and c.`batch_attr_id` = b.`batch_attr_id`
  and a.`product_id` between @`start_product_id` and @`end_product_id`

Other than that, I am not familliar with the program you are using to manage your SQL, and with that I am not familliar with some of your syntax -- that doesn't mean it's wrong, though.

you may also want to comment out the insert, and just see if your select is in fact returning any data. If not, you may have to modify your select syntax. I don't often (in fact, never) do macros like you are, where I have a.'foo' instead it's a.foo. Again, however, that may be due to the SQL manager you are using, and less a syntax issue.

It would really help to see the whole declaration, so we can see the incoming variables.

At first glance, it looks like you're doing something funny with your vars by using quotes...

@'foo' should be @foo, And in MySQL, I have found more success just avoiding user declared variables and just using the VARs passed in.

Of course, your mileage may vary...

I think what priteas is trying to get across to you is that you need to change your thinking.

Consider it this way: "only display the box when there are images to display."

That way, you are not trying to "fix" something post render or mid build.

That... looks very unfamilliar to me in terms of creating and running procedures... try this instead:

delimiter //
drop procedure if exists GetEvents//
create procedure GetEvents(IN iVal1 int,
                           IN iVal2 int)
begin

select * from myTable where Col1 = iVal1 and Col2 = iVal 2;

end//
delimiter ;

then to call...

you will likely need to use mysqli->multi_query()

because of this, you will likely have to manually sanitze your incoming data, using mysql->real_escape_string() on each parameter.

Of course, from there, it's just using the PHP/MySQLi interface and going from there...

You seem to be familliar with how to connect, etc.. so I spared you that bit. If you need any other help, show some new code and we can go from there.

Side note: if I recall, when I started getting back into PHP a while ago, PDO had awful support for stored procedures. THe only interface for them was with mySQLi, unless you were using PDO with a TSQL server (which is microsoft, not mySQL/whoever owns it now). Anyone know if PDO is now a good interface for mySQL and stored procedures?

While I don't agree with your use of an anonymous function to attach an anonymous function to a node to alert the value (... yup, that sounds right), it seems that you are trying to get the text value of the first node. So, you are looking for the innerText(for those browsers that support it), and a fallback of innerHTML. The below should catch that for you. Not totally sure that syntax will not error out on browsers that don't support innerText, so you may want to clean it up some.

<script>
    function Test() {
        var rows = document.getElementById("filetable").rows;
        if (rows.length > 0) {
            for (var i = 1; i < rows.length; i++) {
                (function (i) {
                    var temp = rows[i].cells[0].childNodes[1];


                    var obj = rows[i];
                    obj.ondblclick = function () { alert(temp.innerText || temp.innerHTML); };
                })(i)
            }
        }
    }

    window.onload = function () { Test(); }
</script>

for sure, this is broken:

public function get_validator(){
        return $this->response_code;
        return $this->response_msg;
}

once you return out of a method, you're done. It does not continue to process.

Other than that.. not sure what you are not understanding... If you get a response from your class, take the value and pass it to a method or instantiation of your message class... ??

So... a couple questions I guess...

If you have a form, why are you using AJAX?
What is trim()?
Have you used F12 tools to see if you are generating an error? If so, what is it?

I also don't understand your regex...
try using a too like: https://regex101.com/ to build your regexes. It looks like your regex is actually the cause of your script error, and why you are failing.

I doubt that you will need both multiline and * to be greedy when you already have + modifiers. Also, the * is outside the 'end of the line' marker... which is not right at all.

Yes, you are correct.

So instead, you could do something like
RewriteRule *.myloginpage.php$ http://www.mywebsite.org/index.html [R,L,NC]

Truth be told, I would have to tinker with it and figure it out myself, as I rarely have to do htaccess files.. you know.. do it once and you're usually done :-/

What I think the above will do is capture any URI that ends with myloginpage.php and redirect to your index.html instead.

So I re-read the above and the editor formatted something incorrectly above.

It should be:
RewriteCond %{HTTP_REFERER} *.twitter.com*.$ [NC]

Pretty much every rewrite I have seen uses some form of regex to capture the condition. (twitter.com) will look for the exact string "(twitter.com)" as far as I understand it.

Maybe try using a simple regex to meet your needs -
RewriteCond %{HTTP_REFERER} .twitter.com.$ [NC]

Also, while I don't ultimately know the needs of your rule, Im guessing your RewriteRule will need to be modified some, as I think you are going to end up having a url that looks something like http://mywebsite.org/http://mysebsite.org/index.html assuming that the incoming uri is http://mywebsite.org/myloginpage.php

If that is the case, simply change
RewriteRule myloginpage.php http://mywebsite.org/index.html [R,L,NC]
to
RewriteRule ^(.*)$ http://mywebsite.org/index.html [R,L,NC]

and that may solve your issue...

Are you getting an error?

First look says no ending semicolon... Other than that, depends on the table and what values it expects. Try listing out the columns explicitly and see if that helps. I'm also assuming the first column is your id and you may be passing a blank string instead of the primitive null... Again, without an error, it's hard to say.

You will need a for loop and an understanding of modulus, and a little bit of good old fashioned logic.

Good luck!

remove the space in the delimiter (right now you have ", " so change it to ",") and you should be good to go.

It's a bit lengthy to post everything, but this thread should start you off in the right direction:

http://www.doomworld.com/vb/doom-editing/10766-wad-file-format/

You will likely have to convert the binary jpg into something usable by the file format, or just have the jpg as an asset of some sort.

You may want to read up on bubble sorts:

http://en.m.wikipedia.org/wiki/Bubble_sort

And either use a standard bubble sort, or consider the variations. Also, read about them and consider if they are the right tool for the job.

Depending on if you have learned recursion or not, out if you can make the sort a while loop instead, it may make your life easy with limited data such as this.

Try taking the single quotes out from your select.

You appear to be selecting the string literal 'images_path' on line 6

Is that not what you are seeing?

Since you are returning a tuple, perhaps wrapping the values of the return in parentheses will have the desired effect? The commas are just short hand to unpack the tuple anyhow, but you may be inadvertently returning just jelly_beans.

If you have the skills for the job and you match the company culture, I don't think you have anything to worry about.

Just remember the company has to fit you just as much as you fit it. If they pass you over for being a woman or older, you probably didn't want to work there anyway.

On the plus side, pretty much every company is looking for female programmers so they don't look like Facebook or Google right now :D

Fyi, you can spoof origination. It's only a stop gap. If you are worried about data, encrypt it. If you can't, let the big boys take care of it for you and use alternative methods. Most cc processors will allow everything from repeat billing to single small payments through their API, and they take care of everything you don't want any business with.

That's a bit of security through obscurity.

To what end are you planning on doing this?

Rewrites are good for looking professional. There is little security to it. It's basically a redirect. Even if I show you that you are posting to mysuperlockeddownphpscrupt.php you won't be able to do much to it if I code proactively (rejecting requests that don't originate from your server, making sure you sanitize data, prepare SQL, etc...). The only other way you can get burned besides SQL injection attacks that is within your control is to keep your passwords locked up and strong. If someone gets root access, all the .htaccess hackery in the world won't help you.

I dont use jQuery at all, but from what I am seeing you can probably just change that setTimeout to a setInterval?

Just make sure that the interval length is the same as the amount of time it takes for the animation to finish.

I do not believe SERVER_NAME includes the protocol (so, no, it should not show http://http://)

I believe you are looking for:
$_SERVER['SERVER_NAME']

DOCUMENT_ROOT will give you a local path on the host machine, which will begin with a drive letter and not a protocol (like http/s).

DOCUMENT_ROOT is more appropriate when doing includes where you will be traversing a file system, not when making calls over a network.

in reality, depending on how you have configured your server, you probably don't need $_SERVER['SERVER_NAME'] and you can probably use a relative path instead.

I believe, since you did mysqli_fetch_array() you are getting a 0 index result. If you want to use the column name, use mysqli_fetch_assoc() instead, or change this line:

$xml+='<zip>' . $row['zip'] . '</zip>';

to

$xml+='<zip>' . $row[0] . '</zip>';

and that should work.

Try this..

function seo_title(cIncoming)
{
  var cNew = "";
  cNew = cIncoming.replace(/[!@#$%^&*()_+=,\.<>\/\\\[\]\{\}]/g , ""); //build a regex for unwanted chars add whatever else you need...
  cNew = cNew.replace(/ /g, "-");
  return cNew;
}

the above is not tested. The Regex is probably off due to escaping issues, but see what you get :-P

First, your notation seems a bit.. off? If that is supposed to be a JSON object to be parse into javascript, it's broken the moment you put = in there.

You also don't actually have a cat 1 anywhere, but you have doubled on cat 3

It seems you have a problem parsing in part due to bad notation, and in part too much complexity.

Whatever you are getting your output from, you need to clean that up first.

JSON notation is always a key:value pair and you can start with an empty object.. the structure should be more like the following, I believe...

var myArrayOfObjects = [{"cat":1, "attr":{"attr1":"val1", 
                                          "attr2":"val2",
                                          "attr3":"val3"
                                         }
                        },
                        {"cat":2, "attr":{"attr1":"val1",
                                          "attr2":"val2"
                                         }
                        ];

and so on and so forth...

Obviously, this can get very messy, long, and difficult to read. Especially since you are making duplicate values, and its all in an array... I question the need for such deep object creation, but I have done it in the past for ease of access to data types, so who am I to really question (right)?

That said, since you are doing an array of objects, your iteration is going to get a little messy, but it's totally doable since you know the structure and what you are expecting.

Since the whole thing is encapsulated in an array...

var Object;
var Category;
var Attributes;
var Attribute, Key, Value;
for (var i=0;i < myArrayOfObjects.length;i++)
{
  //do stuff for each object
  Object = myArrayOfObjects[i];
  //from …

How are you calling settdelete(trankey)?

Also, you may want to check support for .ico as a valid image type in firefox...

Also, in javascript:

var String1 = "a" + " string";

is the same as 

var String2 = "a".concat(" string");

d'oh!

It also may be a scoping issue.

Try this instead:

<script language="javascript">
var xmlhttp = null;  //make it global
if (window.XMLHttpRequest)
  {// code for IE7+, Firefox, Chrome, Opera, Safari
  xmlhttp=new XMLHttpRequest();
  }
else
  {// code for IE6, IE5
  xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
  };

if (xmlhttp)
{
  xmlhttp.onreadystatechange=function()
  {
  if (xmlhttp.readyState==4 && xmlhttp.status==200)
    {
      document.getElementById("teh").innerHTML=xmlhttp.responseText;
    }
  }
};

function showTeh(str)
{
  if (xmlhttp)
  {
    xmlhttp.abort();
    xmlhttp.open("POST","inc/getTeh.php?q="+str,true); //this still looks like a GET not a POST
    xmlhttp.send(); //because POST params are sent here
  };
}
</script>

Of course, at this point you may want to just clean up the whole instantiation of an xmlhttp object and make it a pseudo-class or a singleton of sorts, but that's for another lesson :-P

See if the above helps.

Ryan

What is the code on the php side?
can you paste the contents of getTeh.php so we can see what the server is expecting?

If not, do you have this code available somewhere so someone can debug it?

You seem to be doing a post, but sending a get.

Line 19 and 20, try:

xmlhttp.open("POST", "inc/getTeh.php", true);
xmlhttp.send("q="+str);

unless you are in fact doing a get, in which case, change line 19 to:

xmlhttp.open("GET", "inc/getTeh.php?q="+str, true);

good luck!

Ryan

The only "good" way of doing what you are saying is to use header redirects.

the database connection will only fire if your logic tells it to. There is nothing wrong with keeping those processes separated, and in general that is good practice (the db connection is created by a function call from an included file that is in a private directory).

however, the "PHP" way of doing things is what I did above. It is by no means the only way, and certainly may not be the right way for tour particular application.

if you are expecting high volume and you are worried about random hits to the db, you will need to code defensively to protect against that. You apparently know your stuff. Go with what you know works :)

You can have PHP and HTML intermingle, so the form can post to the page that it is resident on, then simply re-render..

<?php
//input.php
if (isset($_POST['formdata']))
{
  //do some input cleaning/error checking/sql stuff here
};
?>
<html>
<head>
<title>My page and form!</title>
</head>
<body>
<form action="input.php" method="post">
<input type="text" name="formdata" /> <!--you can do some error checking stuff with php and have elements display if there is an errror defined in the script... -->
<input type="submit" value="Submit" />
</form>
</body>
</html>

the "placeholder" attribute (while not supported in all browsers) is a fancy way of giving a "hint" to the user as to what is supposed to go into the field. A place holder is usually something like "First Name" or "Phone Number" so when the user clicks the field, they know what they are supposed to type there. The value there ("First Name", etc..) is not the actual value of the field. If you want a default value passed in, you will need to set the value of the input, but then your placeholder would not be visibile unless the value is empty.

If you you want the GET to be passed to the form, instead of:
placeholder="<?echo ($_GET['message']);?>"
use
value="<?echo ($_GET['message']);?>"

Hope that helps!

Ryan

ahh my mistake I misread your question.

Yes, you can have both in the same file. PHP is quite good at this.

You simply need to check the $_POST vars coming at the top of the file, and process things as needed.

You can check
isset($_POST)

and that will let you know if something is coming in for an update, otherwise you can run the script normally.

so..

if (isset($_POST) && $_POST['search'] != '')
{
  //run update sql
}
else
{
  //show form? do whatever...
}

//you can even do the rest of the page here, and still show the page after the update :)

Line 20 says action='search.php' where your script Name for the processing page seems to be Update.php
Try changing it and see if that helps.

I don't know how to do it in JQuery, but the XMLHTTPObject has an abort method. Im sure you can look into jquery's version of that method.

Also, look into using the Date() object to get a random number instead of Math.random() as it's possible (however unlikely) that you get the same result twice.

function onLoad()
{
  makeDisable();
}

<body onload="onLoad();">
...
</body>

Should do the trick...

Ryan