Jez

Static has always been around for many 100's of years, going way back before Michael Farraday found a method for containing power in some prototype battery device (why you have TV ultimately).The reason for this if you think of Atoms (the smallest things in the world), they rub against each other causing static electricity, that's all it is!There won't be any static in a cable TV line at all, since it's meant to be sheilded from outside intrusion, though sometimes the signal does get occasionally fragmented (I know allot about this since I am a network technician and a free software developer), the longer you have your cables for your ethernet, the more aparent the effects are for static to get into the signals and cause havoc with your network.The reason for stating being generated is because if you think an Atom has a Nucleus, which contains Protons and Neutrons, moving around the Neutrons are tiny little particles called Electrons (where do you think the word Electricity derives from?).That's your scientific answer.If you where to break an item down, take my guilty habbit as a good example a strand of smoking tobacco, if you where to keep splitting that up 1'000s of times, you'd eventually only be able to see it using a microscope right?It would if you kept reducing it's size become the smallest piece possible called an Atom, in the air there's literally 100's of atoms, containing even moisture, chemicals (chemicals logically don't have to be dangerous, they are just there, if you like Oxygen is a Chemical, it reacts with your body to allow you to live, it's like not all drugs are bad for you, infact the serious ones allow you to live a good life).Cable tv is all compressed, so you won't ever see static as the signal you're getting is entirely digital, you then need a decoder (STB or if it's integrated into your TV then that will serve this purpose), it sends out a signal under a compressed signal encoded by something called a 'codec' encode, decode is what it stands for.MP3 is a codec, MPEG-1, 2 and going all the way up to I think its 7, at University I did a research thing on security implementations using MPEG-6 because of XML data being coupled with it, good project did some quite funny things with it.Hope this clears things up.

This is some more of it I have covered over the last few days: <?phprequire_once 'init.php';require_once 'header.html';if(array_key_exists('action', $_GET)){ switch ($_GET['action']) { case 'register': require_once 'inc.database.php'; if(array_key_exists('register', $_POST)) { foreach($_POST as $v) { trim($v); } if(strlen($_POST['username']) === 0 || strlen($_POST['email']) === 0 || strlen($_POST['password']) === 0 || strlen($_POST['password2']) === 0) { $error = 'You missed out some required fields, please try again'; } else { // now make true vars out of them: $username = mysql_real_escape_string($_POST['username']); $email = mysql_real_escape_string($_POST['email']); $password = mysql_real_escape_string(sha1($_POST['password'])); $password2 = mysql_real_escape_string(sha1($_POST['password2'])); $salt = md5($username.date('U')); // make up the remaining variables: $host_ip = $_SERVER['REMOTE_ADDR']; //creates the unix time stamp (entirely based on BST if its applicable! if(date('I') === '1'){ // if you check date('I') in the php manual, this outputs if you put echo infront of it 1 or 0 (bool value). 1 = BST = 1 kind of! $time = date('U') + 3600; // plus 1 hour if BST holds true! } else { $time = date('U'); } // process the registration further: // firstly by validating the username against a set criteria using regex's: if(preg_match('/^[A-Za-z](?=[A-Za-z0-9_.]{4,31}$)[a-zA-Z0-9_]*\.?[a-zA-Z0-9_]*$/', $_POST['username'])) { // i want a non regex function to do this! // if(preg_match('/^[A-Za-z](?=[A-Za-z0-9_.]$)[a-zA-Z0-9_]*\.?[a-zA-Z0-9_]*$/', $_POST['username'])) { if(strlen($_POST['username']) < 5) { $error = 'The username must be 5 characters or longer'; } else { // if the username is of alphanumeric chars of _. and a-z (uppercase allowed too), 0-9 then: $sql = "SELECT username FROM blog_users WHERE username = '$username'"; $result = mysql_query($sql); if(mysql_num_rows($result) > 0) { $error = 'Username is already taken, please try another'; } else { $sql = "SELECT email FROM blog_users WHERE email = '$email'"; $result = mysql_query($sql); if(mysql_num_rows($result) > 0) { $error = 'The email address you entered is already taken, please try a different email address'; } else { // now check the email address is a valid and then if the domain actually exists! if(filter_var($email, FILTER_VALIDATE_EMAIL)) { // now check if the domain exists: $split_email = split('@', $email); $host = $split_email[1]; // now use the dns checker function in php: if(checkdnsrr($host, 'ANY')) { if(strlen($password) >= 5) { if($password2 === $password) { // now process login with mysql database: $sql = "INSERT INTO blog_users (user_id, user_type, username, password, email, user_ip, register_date, last_logged_in, salt, active) VALUES (NULL, 'U', '$username', '$password', '$email', '$host_ip', $time, $time, '$salt', '0');"; $result = mysql_query($sql); if($result) { // send off email for verification of email address: } else { $error 'An unexpected error occured, please try again later'; } } else { $error = 'The password you entered does not match, please try again'; print_r($_POST); } } else { $error = 'Your password is too short, must be a minimum of 5 characters long and it can contain any value you want'; } } else { $error = 'Email domain does not exist, please try again'; } } else { $error = 'The email address you entered was not valid, please try again'; } } } } } else { $error = 'You entered some illegal characters in your username please try again!'; } } } else { $message = 'Please use the form below to register on this site:'; } break; case 'login': $message = 'Please use the form below to login to this site:'; // $error = ''; break; default: // if no other actions are present send user back like below: header('location: index.php?error=1'); break; } ?> <form id="<?=$_GET['action'];?>" name="<?=$_GET['action'];?>" method="post" action="<?=$_SERVER['PHP_SELF'];?>?action=<?=$_GET['action'];?>"> <p><?=(isset($message)) ? $message : '';?></p> <table> <tr> <td><label for="username">Username: </label></td> <td><input type="text" id="username" name="username" maxlength="25" size="27" value="" /><?=($_GET['action']==='register') ? '*':'';?></td> </tr> <?php // if register then show email: if(isset($_GET['action']) && $_GET['action'] === 'register') { ?> <tr> <td><label for="email">Email: </label></td> <td><input type="text" id="email" name="email" size="27" value="" /><?=($_GET['action']==='register') ? '*':'';?></td> </tr> <?php } ?> <tr> <td><label for="password">Password: </label></td> <td><input type="password" id="password" name="password" size="27" value="" /><?=($_GET['action']==='register') ? '*':'';?></td> </tr> <?php // if register then show email: if(isset($_GET['action']) && $_GET['action'] === 'register') { ?> <tr> <td><label for="password2">Confirm: </label></td> <td><input type="password" id="password2" name="password2" maxlength="25" size="27" value="" /></td> </tr> <?php } ?> <tr> <td colspan="2"> <input type="submit" id="<?=$_GET['action'];?>" name="<?=$_GET['action'];?>" value="<?=ucfirst($_GET['action']);?>" /> </td> </tr> </table> <p><?=(isset($error)) ? $error : '';?></p> </form><?phprequire_once 'footer.html';} else { header('location: index.php?error=1');} Basically the same script just far more robust for user authentication, just a register and login page still though, but the active column in my database will only read 1 when the user has verified their email address. Might work on a method for checking the whole email address but not sure of a method for going about doing that, this is quite an advanced script using regular expressions to stop users from entering certain values as their usernames. I can go over some of the details regarding this at some point but regular expressions are technically slower than conditions on strings, though they are far more robust than having say 10 lines of code for 1 row of code in a regular expression if you get my meaning. Hope you enjoy it, Jez.

Not too sure about a Xisto account, however you can just use 'mysql_real_escape_string($myinput)' and that would protect you against SQL injections, you see you have to understand by query a database with text (numeric data obviously is not subjected to this), mysql appreciates everything as a command, like SELECT, FROM AND WHERE are all commands. This allows the user if no SQL injection protection has been used to issue commands that could read from another database, by using mysql_real_escape_string() or prepare in PDO this sends in the requests as pure text and it's left entirely up to your SQL to actually perform the query, thus eliminating the potential for them to either read from another table, database, or even worse dropping a table or database even (if your privileges are not secure, when using the test database myself, I setup accounts that are only allowed to see certain tables, always think beyond the obvious is my key). A query can be any type of syntax, like an actual query where you're trying to find the value of something, creating a database, these are all technically in Database logic queries.

This is what I have managed to come up with. Will actually explain it once I have it working and then show you what happens and when. It's actually not overly complex, using some set logical flow I have adapted on illustrating how to use one form and conditionally show form elements based on a users intentions. Not so sure it's entirely secure, but it does work for what it does (albeit not much), looking at briefly aswell with regular expressions, their allot of fun but very precise logic for evaluation of either user input strings, or if you have access to a Nix based platform (Unix/Linux) then you can use Grep or even Find with regex's (their abbreviation in the software (in general development world). This is more like just remind myself on how I did something though, but thought I would show you what I am up to, finally here's my logic: <?phprequire_once 'init.php';require_once 'header.html';if(array_key_exists('action', $_GET)){ switch ($_GET['action']) { case 'register': $message = 'Please use the form below to register on this site:'; // $error = ''; break; case 'login': $message = 'Please use the form below to login to this site:'; // $error = ''; break; default: // if no other actions are present send user back like below: header('location: index.php?error=1'); break; } ?> <form id="<?=$_GET['action'];?>" name="<?=$_GET['action'];?>" method="post" action="<?=$_SERVER['PHP_SELF'];?>?action=<?=$_GET['action'];?>"> <p><?=(isset($message)) ? $message : '';?></p> <table> <tr> <td><label for="username">Username: </label></td> <td><input type="text" id="username" name="username" maxlength="25" size="27" value="" /></td> </tr> <?php // if register then show email: if(isset($_GET['action']) && $_GET['action'] === 'register') { ?> <tr> <td><label for="email">Email: </label></td> <td><input type="text" id="email" name="email" maxlength="25" size="27" value="" /></td> </tr> <?php } ?> <tr> <td><label for="password">Password: </label></td> <td><input type="password" id="password" name="password" size="27" value="" /></td> </tr> <?php // if register then show email: if(isset($_GET['action']) && $_GET['action'] === 'register') { ?> <tr> <td><label for="password2">Confirm: </label></td> <td><input type="password" id="password2" name="password2" maxlength="25" size="27" value="" /></td> </tr> <?php } ?> <tr> <td colspan="2"> <input type="submit" id="<?=$_GET['action'];?>" name="<?=$_GET['action'];?>" value="<?=ucfirst($_GET['action']);?>" /> </td> </tr> </table> <p><?=(isset($error)) ? $error : '';?></p> </form><?phprequire_once 'footer.html';} else { header('location: index.php?error=1');} Should make some sense, but I will be explaining it fully in the days or weeks to come, it's essentially a user register and login form twined together. Thanks, Jez.

I actually have my own server.It's actually setup on a dynamic host IP address from my ISP, broadcasting to a service I subscribe to called afraid.org, I won't put a link in to this website (hope by doing that this is not technically spam?)When I can maintain my own services on my web server and install all the things I want to install without having to pay any hosting bills, other than having to pay for my domain (of which I have 3 running on my host 1 of which is a friends site I develop on and then my 2 own domains, my company and my own personal blog, which all run unfortunately as a name based virtual host in apache, due to I only have 1 public facing IP address), power supply for the actual electricity bill (which is not getting any cheaper lol) and also of course my ISP broadband package (which the upload speed is of 1mb I believe for the lowest package (not ace I know, but it's alright for now)).I do love developing my own applications though and love to get into the technical logic of how applications work.If there's anything you do have though I will of course ask about it.Thank you for such a nice reply and I look forward to adding posts in the months to come, already working myself on a multi used form in PHP/HTML, trying as best I can at the moment to keep my code maintainable.So would love to offer help/suggestions to others on this forum.All the best,Jez.

Sorry wanted to edit this post that really made no sense what I first put forward lol.Apologies I will boil it down to as minimal points for you to understand better what I am trying to explain.Linux is just purely an OS right?You may think if you've been using Windows or OSX up until now, which includes all these nice apps (short for applications, hopefully I am not sound patronising, just want to educate you a bit in how an OS really works) right?The apps are not part of the OS, the apps are what talks to the OS (in Linux this is reffered to as the Kernel), that is all Linux is, is a kernel.There's all sorts of flavours of Linux out in the digital world, which have the Linux Kernel (the actual OS), which does nothing else but handle requests by the actual applications, and carries out whatever they require right?In a nutshell i would say if you havent ever used Linux before I would go for the LiveCD, that is what I first did when I wanted to play around with it, but did not want to adjust my hard drives to accommodate for it.I won't go too indepth with the actual install as this can be as simple or as complex as you want it to be, even for the higher end devleoper systems like say Solaris, which is an Open source operating system that Sun Microsystems used to own before Oracle took them over, is quite a high end developer Operating system, you'd have to do some tweaking to get it working the way you want it to.With Ubuntu (the one I'd advise you use) the Desktop edition of it, would be the best, that way you can really have a play around with it, I would go for the LiveCD version if you haven't used any flavours of Linux before.That way you can see if you actually like Linux.Hope this is alot better than my first post on this thread, went far too much into the technical advances of the Linux OS.Finally best of luck with it!

Yes I 100% agree with that comment! If the guy B can put his ideas across to guy A, who is the BLEEP yea? Then guy A can actually put across what guy B said, as long as someone like you puts it in thier evaluation of this is some kind of test work? I would put it in my evaluation (you are doing evaluations I hope on your work? If so complain to the people making up the project that they should make you evaluate the group, what I did at University, where you basically project your thoughts of how prople behaved during the project). If enough of you praise guy B for his input and guy A for maybe delivering it (he sounds the great candidate for doing business development work to be honest, or at least a project managers job to be honest), then it's perfectly fine. You just need to know how to work with those 2 people and bring guy B up get his confidence up! YOU COULD ACE THIS ONE REALLY!

That is true in some respects I will grant you that! However if you're a games designer/developer they're an invaluable tool to educate yourself, if all you have been doing throughout your own life is playing video games in your spare time (providing you have good written and spoken communication skills from school and the like), your best job will probably be actually games development which is a really lucrative business to be in. You could get work at EA Sports (stands for Electronic Arts), I was with a guy who played alot of games at University during his spare time, when he'd got his other Uni work done at Leeds Uni in the UK and he found himself a job designing games at EA Sports. Now he's earning more than me, I am incredibly jealous, but good for him is all I say he deserves it I think!

I don't know what it's like here now it's been a good few years since I left school now, but their emphesis should be completely on your education. I mean my father being a head of department at a teacher training faculty at a University, he had to retired due to physical health complaints, but he still works very part time, where he does the ob 1 or 2 jobs a year external verification for a few examining bodies still and invigulates for a few exams for local schools etc (probably why I myself love to work and becoming a tutor myself at a University once I pass my PGCHE Post Graduate Certificate in Higher Education). However when they do give you a telling off it's really for your own good to be brutally honest with you, when they tell you to do this, yes your encouraged to speak your mind but when it's required to do so. I for one worked in a work place once where they where incredibly strict about timing, if I was 15 minutes late for work, which I did slip into a bad habbit with sleeping etc, which I have now sorted out I am glad to say. All the excuses in the world, complaining etc will simply not work, the best way is to bite your tounge (can fully appreciate your troubles though on a sympathy angle), but to them all they will say is make better effort to get their much earlier, do everything in your power, to be honest there's not many excuses you can make, all they will say is get up earlier. This is of a different angle, there was a topic (was not using my analytical brain at this point to be really honest), there was a bullet point I was not sure about with a lecture a tutor was giving and I missed the lecture for, through no fault of my own. I asked the guy (a Dr John Elliot a PhD Docter Artificial Intelligence & computer science) and all he told me when I asked him, was pointing at an angle towards the main building at the University all he said was, what is that? The library I answered. He then said just simply go there and read up on it. No excuses that's all they simply don't usually have the time to go through small things like that. They're not stupid (or at least should not be stupid), they know if you're mucking up and if you're being a model worker. Hope that helps

Just a question on my own logic here needed really. I have written parts of an application a register and a login script done in PHP, here's the purpose of it. It's called say login.php, has a GET super global variable, with the key called action and it's value is either 'login' or 'register' with the actual heading of the page changing on a tanery operator (eventually anyways) to make it so I don't have to change any of the logic right, should I need to change what the action is, for maintainable code basically right? Here it is anyways: <?phpini_set('display_errors', 1);require_once 'header.html';// now set out some logic for different conditions maybe?if(isset($_GET['action'])) { switch ($_GET['action']) { case 'register': break; case 'login': break; } }?> <h2>Register</h2> <p><?=(isset($message)) ? $message : '';?> </p> <form id="register" name="register" method="post" action="<?=$_SERVER['PHP_SELF'];?>"> <table> <tr> <td><label for="username">Username: </label></td> <td><input type="text" id="username" name="username" value="" /></td> </tr> <tr> <td><label for="email">Email: </label></td> <td><input type="text" id="email" name="email" value="" /></td> </tr> <tr> <td><label for="password">Password: </label></td> <td><input type="text" id="password" name="password" value="" /></td> </tr> <tr> <td><label for="password2">Confirm: </label></td> <td><input type="text" id="password2" name="password2" value="" /></td> </tr> </table> </form><?php require_once 'footer.html';?> When I come to amend the form elements like password2 won't be needed for example in the login action, would I just put say a tanery operator like with the (<condition here>) ? true statement : false statement ; <terminate command> to show either the element or not like so <?=($_GET['action'] === 'register') ? '<input type="password" id="password2" />' : '' //display nothing if actions value is not register, are you with me still? I mean that will work obviously but it's just I am questioning if I can improve this, any thoughts?

Hi there I am Jez.Been professionally working in PHP for the last 3 or so years, well since I got out of University in 2007 doing a Bsc(hons) 1st class degree in Computer Science.Been centered around application based programming though, especially in the field of Ecommerce web development.Happen to know quite allot about the fundamentals of the web and what it actually consists of, being a web developer I feel I should know as much as possible and hope to pass this onto you great people.Just think from what I have seen this forums great, I hope to make a good contribution in the coming weeks, one thing I won't do on this forum is accept work of my own from here, I will give advice but will not do the work for you, as that is what I get paid to do for work.That is the whole point in learning is it not?Yes looks like I am going to have allot of fun here, take care everyone,Jezza!

They only differ if the mysql server is on a seperate node to the php parser. As the HTTP server won't have a clue about what to do with MySQL connections, it's left up to PHP. You could replace in that instance say mysqluser@192.168.0.1 say if the mysql host is on a seperate computer this time 192.168.0.1. Or if you're like me and have a FQDN working on a local network, then you'd use something along the lines of databasehost.mydomain.com Or incase of MySQL mysqluser@mysql.mydomain.com, but you would need to allow for 3306 (which allot of hosting plans block anyways), I could open it up on my own server but prefer not to! Just thought I would give you a heads up on the comparison to the localhost var in the mysql_connect, quite essentially it's just where the mysql server is located compared to the PHP parser. You do not need to escape out of parsing with PHP at all, all you'd need to do on occasion is use mysql_real_escape_string($foo); This puts in what you want, also what you put in your logic is making your code (if you're opening it up to the public, if not then ignore this), your actually opening up your code for SQL injection attacks. When a hacker gets into your text boxes or creates some form of XSS attack (cross site scripting), and inject code into your variables potentially wiping your database off completely, reading data from it, that they should not be doing. mysql_real_escape_string() sends the variable in as a piece of text not a command like escaping out of parsing in PHP alone will make you prone to XSS attacks and not using mysql_real_escape_string leaves you open to SQL injection attacks. Just thought I would give you a word of warning. Very good tutorial though, but I would never use it for a productional system, you might want for instance to start thinking about using MySQL based sessions, trying to work out a set of logic for saving instead of filesystem based sessions, using MySQL saved sessions, so instead of a file the row in the database is the session and does go no where near the file system. It's a good idea when one uses hosting based solutions, they want to keep track of users actions or maybe even have a cluster of mysql servers.