TavoxPeru

Thanks for the info and the link.Best regards,

More articles with a lot of examples:

SQL Injection Attacks by Example,Steve Friedl's Unixwiz.net Tech Tips.

(more) Advanced SQL Injection,Chris Anley, Next Generation Security Software.

SQL Injection walkthrough, SecuriTeam.

PHP: SQL Injection - Manual, PHP Official Documentation. (New)

All of them are very complete.

 

Best regards,

Another article that i find relating Sql Injection attacks can be read at SQL Injection Attacks: Are You Safe?, this one is a bit older but may be can help.

Best regards,

Yes, it is very useful if you need an easy and fast way to start coding your web forms based on your database tables, then you must tune up if you want more complex web forms, especially for those form elements that you need to act as look up elements like combo or list boxes. One of the great things of this freeware is that it supports not only text or textarea elements, it also supports check boxes, radio bUttons and combo and list boxes but these 2 last ones are only for static elements -you must tune up as i say to perform lookup fields- all the other ones act as it should act, another thing is that it also support some error handling and data filtering.It supports MySql 3, 4 and 5 versions.Now, if you are interested in a more advanced database tool well take a look to this topic Fabforce Dbdesigner that i just post a few minutes ago.Best regards,PS: DbDesigner don't need to register to download it

fabFORCE DBDesigner is a complete visual database tool that helps you in all the process involved with the design, modeling, creation and maintenance of MySql databases. It is a must have freeware if you are a developer, it has a simple but complete interface, is very easy to use and comes with 3 plugins that will save you a lot of time:

Simple web front: To create a web front-end of your database very easy and fast.

HTML Reporter: Export all the metadata of your database to a single html file and create your data dictionary.

Data Importer: Allows you to import data from text files or from other databases.

The only bad thing is that it does not support MySql 5 databases directly but you can connect to this ones with ODBC's DSN files.

 

This is another great piece of freeware, and for me it is a must have tool.

 

You can find more information at DBDesigner Overview and if you want Download it right now.

 

Best regards,

I am hopefully about to attempt this on the news page of my new site.
Every bit counts as far as I'm concerned and not having "news" portion of my news page re-php and re-mysql everything where there is no chance seems like a waste.

I'm looking for good articles, information or tips on the process (if I fail to find any good information as I'm looking through now).

The way I see it right now, I have most of my page split up in header, content (some static html in here before dynamic contend and then a little more static html to close it off) and then a footer (using PHP includes to bring them all together).

So I want to include a static html representation of the actual news portion of the news page from say a cache directory (for the sake of not having too much junk in one place, and I might use this for other pages as well), and only update that cache when I make a new news post from the administration section (which I am building soon, have done several before).

The news has pagination (if too many news posts on a single page it spans to multiple ones) though this isn't necessary and I may consider removing this feature to simplify things.

But yeah, I would basically instead of generating the news content from PHP/mySQL, in the admin section take a very similar approach but instead write the data to my static html cache page.

How does that sound (and is there anything I need to consider aside from what I have mentioned already)?

Any help is greatly appreciated!

You are lucky, yesterday searching for some information related to how to implement Form's Inline Edition i read an article about this, it's a bit older but i think it could help you, you can read it at Use Cache to Speed up webserver, this article includes a PHP/MySql example of this technique, and also, in the same page you can find a simple way to implement inline edition with Ajax.

Best regards,

it's nice, but I don't want to register to download this little tool . Do you happen to know another site where I could download this tool (or maybe you can give the direct link for downloading the program since you've already registered )

Well, i can give you a direct link to downloading it but i don't think it is legal and don't think that if you register to download it you will get a lot of spam, the only emails that i receive from them are when a new version is available to download, nothing more.
So, if you still don't want to register let me know to upload the software and send you the direct link to download it.

Cheers,

Thank you for your link although ic no problem with my link by my checking now. When you have a problem with PHP coding in PHP4 then let me know, I might be able to help you out. I examined PHP Designer 2005 making a simple PHPBB. As far as I'm concerned PHP Designer 2005 supports PHP5 for some degree in lexical structure. PHP4 and PHP5 have not very different grammar or lexical structure which gives the convenient use of PHP Designer 2005. PHP Designer 2005 surely has PHP grammar structure checking figure. I wonder what institute gives PHP assignment. I thought every CS classes are basicly related to C,C++ and JAVA only pretty much. Thank you for your information. PHP Designer 2007 is not a freeware although there is free trial which makes you able to use it for a while like a month unless you use PHP Designer 2007 personal edition - which is really not enough to do anything except practicing PHP coding maybe due to its opaque license - for personal use only. Thus, not an old news.
--
Have a nice day!

My blog : silverbluewater.blogspot.com

You are right, a few months ago i installed the php designer 2007 profesional and forget about it, now i wanna run it and surprise, the software dont run because it was a trial but i still use php designer 2006 that is free and runs perfectly. So, next move, uninstall version 2007, download version 2007 personal edition, install it and take a try.

best regards,

If you are a web developer that uses Php and MySql and want to create web forms for your Database in an easy and fast way, well you can do it with this nice freeware, the only thing you need is to register to the site, download the software and install it in your Pc.

Web form generator generates all the Php code that you need in seconds.

More information at Web Form Generator

Best regards,

This is a very cute search engine, i will start using it more often, it's very fast and the design is simple but complete. BTW, i never look more than 50 results instead i make a new search with more search terms.Best regards,

Another way to prevent Sql Injection attacks is by using the mysql_real_escape_string() php function if you use the mysql php extension or the mysqli_real_escape_string() php function if you use the mysqli php extension, both functions do the same thing, escapes special characters in a string for use in a SQL statement and are very helpful, i use it always, and as you i code a little function and included it in every page that works with databases.

 

Visit MySQL - SQL Injection Prevention to see a good explanation with examples of this issue.

 

Best regards,

Have you found yourself needing a PHP sofware which is solely for PHP designing of the code?

 

There's the solution called 'PHP Designer 2005'.

 

I had examined PHP Designer 2005(I'm not sure it was 2.0 version or not) before and although it may had a little bug, it was such a great program which gives great convenient of use to PHP programmer.

 

I strongly recommend you to use it than notepad or any other commercial PHP code designing program.

 

Link to PHP Designer 2005 2.0 http://forums.xisto.com/no_longer_exists/

That's old news, why don't try to use the new version instead, PHP Designer 2007, is more complete and it is an excellent software.

 

Best regards,

This method won't really work. I did the same thing before. I believe you have a server side coding to handle the database part right?
1. You need to post the changes back for every row, adding or removing, cause if not, any changes you've applied on the table, doesn't reflect the actual database, until you post it, but if the user simply close the page, or internet line disconnected, the changes is gone. I would suggest (i'm actually using this method), next to every row there's a "Delete" button, and a "Add Row" button on the page. If the delete is press, then a confirmation box, then posting of data back to the server to perform the deletion, then reload the data back into the page. With this method, you can also check the permission, in case someone try to post the delete command, even though the delete button is not there, you can still block the changes from the server side script. Adding new row, is simply unhiding a row with input boxes preplanted there, once save, again the result is posted back, and the page reload.

2. Another way to do this is to use ajax, while the user is adding or removing data on the table, you can use ajax to do send the changes back to the server at the same time without reloading the page, much like gmail or other ajax enabled page.

Yes, i have a server side coding to handle all the database part. Now, i'm not sure which method i can implement, basically because i'm not an expert ajax developer -just start learning it- so the second method can wait, the first method you suggest i already have it, and it is the main part of my work but i want to add and implement this kind of functionallity to my work.

Thanks for your reply and best regards,

Thanks for posting that example form. I am looking for an example form that I can use that is similar to what I've been seeing on new registration forms lately. Basically, after entering a username, it puts a checkmark to the right side of it after I click on the next field to let me know that it is okay. Likewise, this is done after I type a password in the first and second confirmation box to let me know I typed it the same both times. If anyone can show me an example of this, that would be great! thanks

For your question related with the user verification, it is developed with a combination of Php, Ajax and MySql, yesterday i read at the tizag website a very simple tutorial on how to use Php, Ajax and MySql to achieve this kind of work, don't think that because it is simply it is not complete, you will be surprise with the quality of it.
So, don't waste time and read it at: Ajax Tutorial

For your second question, i think that it is done with javascript only, simply by coding the onchange or the onblur methods of the input boxes, for example if the validation is done only in the second password textbox you can code something like this:

<html><head><title>Passwords Check</title><script type="text/javascript">function check_pwds(){	var p1=document.getElementById("pwd1").value;	var p2=document.getElementById("pwd2").value;	if (p1==p2) alert("passwords ok");	else alert("passwords not ok");}</script></head><body><form name="b"><input type="password" name="pwd1" id="pwd1" value="" /><input type="password" name="pwd2" id="pwd2" value="" onblur="check_pwds()" /></form></body></html>

Well, i hope it helps you a bit, as you see it is a very very simple example because i'm a bit busy

Best regards,

I need help on how to have a mysql value as a JS var.
please post any hints/tips/how to do it. I had been doing it where the JS var = php var for the db data. That's not working it seems.

Cheers,
Silverfox

Well, when i need this kind of functionallity what i do is:

<script type="text/javascript">var Js_StringVar ="<?php echo $php_StringVar; ?>";var Js_NumVar =<?php echo $php_NumVar; ?>;</script>

I don't post any code for date/time vars because until now i don't need it in my code, but i think that it will be something similar.

Best regards,

Hi everybody, i have a problem with a form where i want to add or remove elements from it dynamically, i'm working on an invoice form, like the following:

<form name="a" > <table id="header_data"> <tr>   <td width="20%">Nro.</td><td ><input type="text" size="20" value="val_1"></td> </tr> <tr>   <td width="20%">Date</td><td ><input type="text" size="20" value="val_2"></td> </tr> <tr>   <td width="100%" colspan="2">	 <table >		<tr>		  <th >#</th><th >product</th><th >Quantity</th><th >Price</th><th colspan="2">Total</th>		</tr>		<tr>		  <td ><input type="text" size="20" value="v_1"></td>		  <td ><input type="text" size="20" value="v_2"></td>		  <td ><input type="text" size="20" value="v_3"></td>		  <td ><input type="text" size="20" value="v_4"></td>		  <td ><input type="text" size="20" value="v_5"></td>		  <td ><input type="button"  onclick="appendRow()" value="Add"></td>		</tr>	 </table>   </td> </tr> <tr>   <td width="100%" colspan="2" align="center">	 <input type="submit" value="Save"><input type="button" onclick="window.close()">   </td> </tr> </table></form>

In this form the values are obtained from a database (edit mode) or are entered by the user (add mode), of course there is a case that some data are obtained from the database always like the product description if i use a select input but for simplicity i dont code it.

So if the user wants to add a new row he will click the Add button, but i also want to let the user to remove some row by pressing another button.

To dynamically ADD ELEMENTS i have this code that works:

function appendRow(){var tbody=document.getElementById("table_id").getElementsByTagName("tbody")[0];var tr = tbody.getElementsByTagName('tr')[0];var c = tr.cloneNode(true); tbody.appendChild(c);}

How do i do to let users to remove rows and the elements inside it from the table????

Best regards,

Well thanks Everybody For the reply,
I found The solution on the mysql dev forums..
well its the following - We need to specify a Field Tag in the Order By Argument with its first element to ne the column id

SELECT DISTINCT data.id, data.nameFROM dataWHERE category = 2 AND id IN(1957,1923,1921,6628,6377,6360,1942)ORDER BY FIELD(id,1957,1923,1921,6628,6377,6360,1942)

Well i'm not too far for the solution, and as i say in my previous post, you can use any expression with the ORDER BY clause, in this case, you are using the FIELD function.

Every day we know something new.

Best regards,

Thanks all for the help!

 

I haven't gotten far enough to start trying to implement but I will have more important hurdles like this to overcome so I am sure I'll ask another question sometime down the ways.

 

Also an off topic question, how do I set a timezone? Like I want it to show my timezone not the server timezone. How do I do that? I couldn't figure it out earlier.

I agree with vizskywalker timezones are very nasty to manipulate or configure, one way is by using javascript by using the local time used by the user, now if you would use PHP5 you can set the default timezone by using the date_default_timezone_set() php function in your scripts or by using the date.timezone ini setting in your php.ini file. Also take a look to the Appendix I, List of Supported Timezones that are referenced on the PHP manual.

 

Best regards,

well i would like to recieve the results in the same order a supplied in the IN Argument, ho would i do it
Please help

SELECT DISTINCT data.id, data.name FROM `data` WHERE category = 2 AND id IN(1957,1923,1921,6628,6377,6360,1942)

To order the results you use the ORDER BY clause of the select statement but i don't know if it is possible to do what you want, I know that is possible to use expressions with the ORDER BY clause and to be honest i dont think this will work but test the following:

SELECT DISTINCT data.id, data.name FROM data WHERE category = 2 AND id IN(1957,1923,1921,6628,6377,6360,1942) ORDER BY 1957,1923,1921,6628,6377,6360,1942

And tell us if it works.

Best regards,

This is a html+css template i took off the net for my college end sem project. I wanted to use this template for my ASP .NET application. There is a slight problem with the navigation button when clicked, please download the attached file and guide me to a solution if you can. Open succlogin.html and then navigate through the buttons. The following htmls are linked together:

succlogin.html
succunibase.html
succstudbase.html
succprof.html
accabt.html

Also please tell me if this template can be used with ASP .NET 2005.

Awaiting your replies
Thanks in Advance
Regards
Dhanesh

It is very strange your situation, i just download your code to test it and i see what you say, then i view the index.html and indexabt.html files to see what happens and it displays correctly, so, i copy/paste this last file 3 times and edit the contents according to your files and i view that all of them displays correctly, i dont know why you got that weird situation, why you don't do this????

The only thing i notice with the ones i create is that the text of the links exceeds the width of the tab so i decide to modify the font-size -i set this property to 12px- and the text links, i use University and Student instead of UniBase and StudentBase.

I attach the new files i create if you want to download them.

I think that this template can be used without any problem with ASP, you only need to add all the server-side code to the pages and rename it accordingly.

Best regards,

I'm not sure this is the right place to post this.
But I'm working on a project and I need to know how to implement a timer.

Like how would I make a delay between what the user says to do and the execution?

Sorry if I'm not making sense.

But what i was thinking is like.

User Tells system to do something => System delays it using some formula for let's say like 512 Seconds => System Finishes what user said to do.

Any tips on how to implement this?

The best way to do this is with a combination of javascript and php, in your php script if you wish you can set the initial time with the php time() function and the amount of seconds of your timer, then you simply add a javascript counter function inside the body tag of your document, check out this general counter:

<script type="text/javascript">	var myTime = 20;	function countDown() {		if (myTime == 0) {			// tasks to process when the time is over		}		else if (myTime > 0) { 			myTime--;			setTimeout("countDown()",1000);		}	}	countDown();</script>

Best regards,

I've spent 2 hours searching but nothing found. Is there a way to get the classid right from the ocx file?

Since a few years i dont programming with VB, so, my apologies PureHeart because the path that i told you from where to search is partially wrong, the correct place to search for the CLSID of an ocx file is located at

 

HKEY_LOCAL_MACHINE\SOFTWARE\Classes

 

inside there search for the ActiveX control by using it's file name as the parameter, for example if your ocx is named MyOcx.ocx, Then, simply go to

 

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MyOcx\CLSID

 

and get the value from there.

 

In case you dont know this, generally the ocx's files are located at %WINDIR%\System32 folder.

 

Sometime ago i use an application for this situation, some system tool called Activex Pad or something like that.

 

Finally take a look for this good article: Dynamic web pages with ActiveX and VBScript.

 

Best regards,

The problem is that I'm not the author of that control (Microsoft is). Do you know how to get the class id of any control store in an ocx or dll file.

You find that information on the Registry, i don't remember exactly where but i guess that it is located under the HKEY_LOCAL_MACHINE\SOFTWARE\Classes hive, inside there you will find lots of keys so you probably have to dig a lot until you find it, try to use the search function located under the Edit menu to perform this search. Also pay attention to the Interface key located under this hive because inside it you can also find the information.

 

Best regards,

When i changed the cpanel theme I get this error

Theme change is in progress...

 

It might take about a minute. Please wait. Thank you for your patience.

 

If your browser does not automatically redirect you, please close this window and open it again to access control panel.

Error!! Missing WHM Remote Access Key.

 

Now please go to http://forums.xisto.com/no_longer_exists/, there is the same message

 

Thank You.

I still got the same error, not only when i try to change the cPanel theme, this also occurs if you want to change the cPanel's Language. And the Fantastico problem hasn't resolved yet.

 

Maybe the Asta's support team forgot these problems.

 

Best regards,

Okay, MySQL was installed, as per the guide on php.net, and all of the config done. This was done on a Windows computer with IIS 5 on XP. The comand line will not let me login! The program groups' own shortcut doesn't work! Will any one help?

May be you can't login because the server isn't started yet. You must start the mysql server before you can do anything on it, so, to start it you can use a command line, a batch file, the services console or even the run command:

With the Run command: Click on the Start menu, then select Run... and type net start mysql and press enter in the opened dialog.

With a batch file: Create a new batch file with any text editor, name it filename.bat, and inside it type the following:

@echo off

cls

net start mysql

exit

Using the services management console: Simply press the start button located on the toolbar or right click the mysql service and select start.

Using a command shell: simply type net start mysql on the opened window.

After your server is started you can login to it by using a shell window, type the next command on it and press enter:

 

>mysql -uuser -ppwd

 

replace user with your user name -maybe root- and pwd with its password.

 

Best regards,