Stuart
-
Posts
141 -
Joined
-
Last visited
-
Days Won
12
Posts posted by Stuart
-
-
I'm pretty sure it must be set to strict in order to receive that error message - certainly not a bad thing. It will either be set at runtime using something like:
ini_set('display_errors',1); error_reporting(E_ALL|E_STRICT);Or it will be set in your php.ini file which is often out of your control in shared hosting environments. I personally always develop with error reporting set to it's highest level to ensure I'm producing the best code possible. As far as I'm aware errors, notices and warnings continue to be generated with error reporting turned off which is just a waste of your servers resources. But in a live site you'd want to alter error reporting to prevent them from being shown on a live site which could provide valuable information to malicious users - I suspect the my_error_handler function Larry wrote for this book will take care of this live/development status and adjust error handling appropriately.
PS Almost forgot this - I once altered the error reporting level to strict on one of my first ever sites which mean't all errors we're being emailed to my inbox. After receiving 75000 emails in a matter of hours
- my advice is to develop on the highest level at all times!!-
1
-
-
Hi zabberwan,
It basically means that your database connection is not correctly setup/being passed to the mysqli functions.
If you post your actual code it will be easier to see what exactly the problem is. But a few things to check:
- Are you including your database configuration script?
- Is the name of the first argument you're passing to mysqli_real_escape_string the variable containing your database connection object?
- Have you accidentally created another variable with the same name as your database connection object elsewhere in your script?
If you put the following code on the line preceding the error you'll be able to see if the object exists when it is called:
var_dump($dbc); // Change $dbc to the first argument you're passing to the mysqli_real_escape_function
-
2
- Are you including your database configuration script?
-
The error only appears as of PHP 5 and only if you have error reporting set to strict. Team PHP decided that it should be good coding practice to explicitly set you timezone using date_default_timezone_set.
With regards to not using any datetime functions - this is only a guess but I presume at some point in the config that you will have defined a custom error handling function. Inside that function there will probably be references to functions that are either explicitly or implicitly calling datetime functions. For example it's quite likely that error_log would use some form of datetime functionality behind the scenes.
Therefore when you omit the closing brace causing an error, it throws a syntax error, your error handler is called and this results in the timezone related warning. I don't know if thats true but it seems logical and the only explanation I can think of...
-
1
-
-
The backtick is used to enclose query identifiers - a query identifier is basically either a table name, column name or function name. In general you can write your queries without enclosing your identifiers in backticks and they will function just fine, however it is considered best practice.
The reason this is best practice is that MySQL has a list of reserved words that cannot be used as identifiers unless quoted with backticks. In most cases you'd be unlikely to name your table or column after one of these words (e.g. NO_WRITE_TO_BINLOG) - however some are more common. The first time I encountered this problem was for a table called REFERENCES which I later found out to be a reserved word.
Something else I often now do is introduce a namespace into my database models e.g. prefixing all database tables with the value gs_ eliminates the issue of having table names with reserved words. The full list of reserved words can be found here: MySQL reserved words.
Finally regards single quotes these are used to denote a string value - for example you don't need to quote a value that should be an integer. But make sure it is an integer before using it in your query by typecasting the value:
$integer = (int)$_GET['integer'];
Single quotes may also be used in the SELECT part of your query to return a literal string - this is quite useful when using a UNION statement on mutliple queries to identify which query the results belong too.
-
1
-
-
Like Jonathon says you'll need to post the code for members.php but equally his first suggestion did pick up on a problem. The lines:
<?php - index.php
<?php - mysqli_connect.php
<?php - config.inc.php
would cause a syntax error.
-
1
-
-
Well the red cross means the image cannot be found at that URL - right click the image (red cross) and select open image in tab (or similar) and see exactly what URL is being requested. This will let you figure out whether its the PHP generating the URL that's incorrect or the file structure thats wrong.
-
1
-
-
The error just means that the file doesn't exist at the location you've specified.
Are those numbers actually the filenames you're using? Is the file you're trying to rename in the same directory as the executing script? Because thats just the filename and not a full path it's going to be looking in the /join directory for the file named 832740485 - also do they not have extensions?
You should really be providing the full path to the filename - here's the basic example from the PHP manual:
rename("/tmp/tmp_file.txt", "/home/user/login/docs/my_file.txt"-
1
-
-
You've also got an if-else-else statement for confirming the passwords, which is not allowed.
Are you sure about that - it just looks like an if-else statement nested inside the if block of another if-else statement:
if(!empty ($_POST['pass1'])) { if($_POST['pass1'] != $_POST['pass2']) { $errors[] = 'Your new password did not match the confirmed password.'; } else { $np = mysqli_real_escape_string($dbc, trim($_POST['pass1'])); } } else { $errors[] = 'You forgot to enter your new password.'; } -
No worries, have just noticed the typo in my post </value> instead of </textarea> - have amended in my post but can't change the value in the quoted text for anyone referencing this post in the future.
-
1
-
-
Hi itisgregory,
Can you post your code please (and PHP/MySQL versions) it could be so many things it's impossible to say without seeing your code.
-
First two things are:
1) Is that path to the required file definitely correct?
2) One line 23 you've misspelt a function name:
$row = @mysqli_fetch_arrary ($r, MYSQLI_NUM);
Should be...
$row = @mysqli_fetch_array ($r, MYSQLI_NUM);
Check those first and let us know if it fixes things.
-
Hi Kobena,
You'll have to provide some more information on exactly what you're trying to do along with the source code you can't get to work - as your posts a little vague at the moment. I can't remember anywhere in this book that has a comments section unless you're talking about forum posts. The premise for allowing an edit of a comment would be exactly the same as a single string in a text input - the only difference is that you supply a value to a textarea differently than to a text input. E.g.
Text input:
echo '<input type="text" value="' . $value . '">';
Textarea:
echo '<textarea name="comment">' . $value . '</textarea>';
If that's not the issue that you're encountering then, like I said you'll need to supply source code and post your software versions as per the forum guidelines.
-
1
-
-
Like Larry said you're not actually echoing out the value of $id. Everywhere else on your form when you've broke back into PHP tags to print it e.g.
value="<?php echo $main_row['variance'] ?>"
But when you've tried to print the value of $id you've simply done:
<input type="hidden" name="dailydelivery_id" value="' . $id . '"/>
That line is outside any PHP tags and therefore being treated as HTML only. Change to:
<input type="hidden" name="dailydelivery_id" value="<?php echo $id; ?>"/>
-
1
-
-
No worries Larry - and just to be clear I wasn't talking in terms of technical question - if I can get to grips with it in 3 months with no OOP knowledge then I'm sure it'll be a breeze for you. I just mean in terms of app/feature planning and UI design etc... Also is the JS book coming before the Yii book?
-
I've taken on a series of iOS projects for my business over the last 6 months - I'm not hugely experienced yet (3 apps currently all in the final testing stage) but it looks like this is what I'll be spending the majority of my time on for the foreseeable future so if you wanted to run any ideas or questions by me regarding iOS capabilities/features or ideas for the app feel free - always happy to help.
-
I've worked with CodeIgniter once to fix the problems in another developers work - my only suggestion would be to use the absolute URL by calling:
base_url();
and then concatenating the rest of the string on - I know Firebug is returning 200 in the NET tab but frameworks can be funny things sometimes. If that doesn't work then I'm not too sure.
-
1
-
-
In general, where possible you should try and let the database do as much work as possible and this will be more efficient the majority of the time. That said now you've explained exactly what you plan on doing it discounts the single statement option. Overall in terms of performance I doubt there's any significant difference (depending upon the quantity of updates you require) the only real consideration is what is best practice. I'll briefly give my opinions on the three techniques - only my opinion other people may think differently.
1) Extracting the value back into your PHP script and then using that in a subsequent query is probably the simplest in terms of logic - so if you're still relatively new to PHP and MySQL it might be the best option for you. However in terms of lines of code this option would entail writing the most and having two round trips to the database server.
2) The single query won't quite work anymore now you've explained exactly what you want to do. Ideally you'd combine the first query I wrote into an update statement but unfortunately you can't reference the table that you're updating inside the select statement of a sub-query.
3) This option would allow you to let the database do all of the work which in my opinion is generally best practice. It would involve less code than option 1 but an extra database query to set up the initial variable - however these wouldn't be round trips as no processing would be required inside PHP. I've never seen an example but I assume you could send all three statements at once using mysqli_multi_query. (Have since checked and you can)
The procedure for 3 would now (in quasi-code) be:
- Set up the variable in MySQL
- Calculate the value using the first statement I provided and assign this using SELECT... INTO
- Run the update query using the MySQL variable as the update value
Hope that all makes sense
-
1
- Set up the variable in MySQL
-
Just remove the single quotes around the array names when you're combining the three arrays. The quotes make the elements a string which you can't pass to a foreach loop
-
1
-
-
Hi HartleySan,
You can use functions inside preg_replace however not in it's default implementation. PREG_REPLACE has a special modifier 'e' which when placed after the pattern causes references in the replacement element to be evaluated as PHP code. Here's an example from the PHP manual:
<?php preg_replace("/(<\/?)(\w+)([^>]*>)/e", "'\\1'.strtoupper('\\2').'\\3'", $html_body); ?>I've never had cause to use it but thats the premise.
-
1
-
-
Have you changed the include path to the script? So would become something like:
include('../mysqli_connect.php');-
1
-
-
So presumably the table called sv doesn't have a column called venue_id - pop into PHPMyAdmin and check spelling, capitalization etc of the column in question.
-
1
-
-
It just means that the query is wrong - could be syntax error, wrong column name etc... Post the query and also echo out the mysqli_error to figure out the problem:
echo mysqli_error($dbc);
-
1
-
-
The error in your statement is random comma before the where clause - the following should be syntactically correct:
$sql= 'UPDATE joinmembersarea SET password = "NOT NULL" WHERE registration_date < DATE_SUB(NOW(), INTERVAL 5 MINUTE)';
Aside from that I'd be setting a BOOL flag to 1 to indicate the user is now banned/blocked.
$sql= "UPDATE joinmembersarea SET banned = '1' WHERE registration_date < DATE_SUB(NOW(), INTERVAL 5 MINUTE)";
-
1
-
-
To answer your question - yes it is possible with a regular expression and its relatively straight forward - also depending on what you want to do with the values after you might be able to just do it client side with jQuery because it would be extremely simple.
$('li [id="2"] > li').length;If you wanted to use regex the starting point would be extracting the list with an ID of 2 and then creating sub-expressions to grab the li elements. Then use preg_match_all to extract them and apply PHP's count to the relevant branch of the returned array. If you're having no luck getting it working post your regex and we can try and help you out.
-
1
-
Altering Echo Formatting According To Chapter 16
in PHP 6 and MySQL 5 for Dynamic Web Sites: Visual QuickPro Guide (3rd Edition)
Posted
<?php if (empty($error)) { echo '' ; } else { for ($error = 1; $error < count($error); $error++) { print $error; } } ?>You're overwriting the names of variables. You can't have an array called $error and then create your counting variable also called $error, because when you go to print the error from the array it will be referring to the counter variable. I'd also probably use a foreach loop rather than a for loop:
// Initialise errors array $errors = array(); // Conduct validation if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $trimmed['first_name'])) { $fn = mysqli_real_escape_string($dbc, $trimmed['first_name']); } else { $error[] = '<p>Please enter your first name.</p>'; } // Other validation code goes here if (empty($errors)){ // Insert user into database } else { foreach($errors as $error) { echo '<p class="error">' . $error . '</p>'; } }Finally I'd also recommend looking into using JavaScript/JQuery validation for your site to improve the user experience. You're site looks really good and I find server side validation can be clunky in terms of UX and does decrease conversion rates. That said using a jQuery plugin is not a substitute for server side validation. For security purposes all data should be validated server side as client side controls are easily bypassed. Aside from UX improvements it will also reduce the amount of processing done by your server.