Feelay 0 Report post Posted March 2, 2008 (edited) Hey! Is there anyway to make the following: Mysql don't care if the users character is small or big. If I type Feelay instead of feelay, in my message when I want to write to myself, mysql thinks that I wrote to someone else. I want to be able to write both Feelay and feelay and send to the same user. Is that possible? This is the code I am using atm: /*if($user['to_user'] != $userfinal){die("You are trying to view another users posts! Thats impossible!");}*/ (I have made it as a comment, because it is unusable atm). Edited March 2, 2008 by Feelay (see edit history) Share this post Link to post Share on other sites
pyost 0 Report post Posted March 2, 2008 Just convert both $user['to_user'] and $userfinal to lowercase with the strtolower() function Share this post Link to post Share on other sites
Mordent 0 Report post Posted March 2, 2008 (edited) I'd say it's something to do with the character collation. From the little I know about SQL databases, some are case sensitive (the problem I think you're having) and others are case insensitive. In phpMyAdmin you can look at the collation there, and it should be one that has "_ci" (case-insensitive) on the end. Hopefully I'm not talking complete garbage and this'll help solve your problem. EDIT: Just convert both $user['to_user'] and $userfinal to lowercase with the strtolower() function Or you could do what the guy who beat me to the reply said. After thinking about it, I'd say that one's got the disadvantage of thinking two people with differently capitalised names are the same person, but then again so would altering the case-sensitivity of the database, and you probably wouldn't want two users to have the same username except for capitalisation anyway... Edited March 2, 2008 by Mordent (see edit history) Share this post Link to post Share on other sites
sparkx 0 Report post Posted March 2, 2008 I agree with Pyost. The only way to really do that is to make both lowercase before checking it. On my website I do this with both my username and password field (because md5 is changed completely on case).As for a reply to Mordent, you could simply put all of your letters into lowercase before you insert them into the database, then when you take them out just ucfirst() and be done. However if someone wants to have caps in their name such as: JohnD it would look like Johnd (which might annoy the user). Two ways around this (and possibly a three):1: Slow but more secure. If you run a while MySql array for each user and strtolower on each name and check it when someone registers you can make sure there are no two users with the same name. This can be slow however if you have more then about 500 users.2: Fast but insecure. You insert two fields into MySql one with actual name and one with lowercase name then just check the lowercase one on register. However if you want to make it so users can change their name you need to remember to update both fields in the database or you will have some serious problems.3: Not sure but I think you can make MySql be case insensitive similar to str_replace and str_ireplace. If so just do a normal check.Back to freelay...Your if is quite simple to fix just type in strtolower() around both $user['to_user'] and $userfinal.Example (unchecked) /*if(strtolower($user['to_user']) != strtolower($userfinal)){die("You are trying to view another users posts! Thats impossible!");}*/ Thanks,Sparkx Share this post Link to post Share on other sites
Feelay 0 Report post Posted March 2, 2008 (edited) Isn't there any solution that is 50% fast, and 50% secure ? And 100% easy :)The thing sparkx said is right.. because maybe a user would like to be named "JohnnyD" or whatever.. Edited March 2, 2008 by Feelay (see edit history) Share this post Link to post Share on other sites
TavoxPeru 0 Report post Posted March 3, 2008 Hey! Is there anyway to make the following: Mysql don't care if the users character is small or big. If I type Feelay instead of feelay, in my message when I want to write to myself, mysql thinks that I wrote to someone else. I want to be able to write both Feelay and feelay and send to the same user. Is that possible? This is the code I am using atm: /*if($user['to_user'] != $userfinal){die("You are trying to view another users posts! Thats impossible!");}*/ (I have made it as a comment, because it is unusable atm).Yes it is possible, the most simple way is to change the character collation of your string fields, your table and database to be case insensitive, for example the following sql code use for all character fields and for the table itself to be latin general case insensitive: CREATE TABLE `his_postlistermain` ( `id_his` smallint(5) unsigned NOT NULL auto_increment, `sender` varchar(100) collate latin1_general_ci default NULL, `subject` varchar(100) collate latin1_general_ci default NULL, `message` text collate latin1_general_ci, PRIMARY KEY (`id_his`)) ENGINE=MyISAM DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;Best regards, Share this post Link to post Share on other sites
Feelay 0 Report post Posted March 5, 2008 I have tryed that mysql case instasetive thing. but it is still not working :Sthis is the if-statement I am using: if($userfinal == $user['to_user']){I have also tryed:if($userfinal = $user['to_user']){But then, nothing happened. It didn't block the user from viewing someone elses posts. Share this post Link to post Share on other sites
Mordent 0 Report post Posted March 5, 2008 I have tryed that mysql case instasetive thing. but it is still not working :Sthis is the if-statement I am using: if($userfinal == $user['to_user']){I have also tryed:if($userfinal = $user['to_user']){But then, nothing happened. It didn't block the user from viewing someone elses posts.Pass as to why the first one doesn't work, but the second is because "=" isn't a way of comparing two variables. It sets the first one ("$userfinal") to the second ("$user['to_user']"), which then comes back as "true" (or so I believe), so it carries on with the code you've put in the brackets. The first code segment - with the "==" in it - is the correct syntax, so it's something to do with another aspect of the code. As I'm not exactly a veteran PHP programmer, I suppose I'll let someone else field the rest of this one. Share this post Link to post Share on other sites
TavoxPeru 0 Report post Posted March 6, 2008 I have tryed that mysql case instasetive thing. but it is still not working :S this is the if-statement I am using: if($userfinal == $user['to_user']){I have also tryed: if($userfinal = $user['to_user']){But then, nothing happened. It didn't block the user from viewing someone elses posts.I'm a little confuse now because from your first post: I want to be able to write both Feelay and feelay and send to the same user. Is that possible? This is the code I am using atm: CODE /*if($user['to_user']!= $userfinal){ die("You are trying to view another users posts! Thats impossible!"); }*/ So, if you want that in the case that Your table and fields are case insensitive if you write Feelay, FEELAY, FeELAy or whatever, all of them always will be evaluated as the same thing.Your table and fields are case sensitive if you write Feelay, FEELAY, FeELAy or whatever, all of them always will be evaluated as different things.The code: if( $userfinal != $user['to_user']){Always will be FALSE. if($userfinal != $user['to_user']){Always will be TRUE.And the post made by Mordent is correct, you miss one equal sign in your code. Best regards, Share this post Link to post Share on other sites
Feelay 0 Report post Posted March 6, 2008 (edited) I have tried all theese stuff.!=, ==, =. None of them works. And Between When i used the !=, the code was like this if($userfinal != $user['to_user']){echo "error.. or whatever";}else{blabla} But as I said. none of them works :SAnd btw. I am trying to make Them _ic.. but they still don't work. they are _ic already.. Edited March 6, 2008 by Feelay (see edit history) Share this post Link to post Share on other sites
TavoxPeru 0 Report post Posted March 8, 2008 I have tried all theese stuff.!=, ==, =. None of them works. And Between When i used the !=, the code was like this if($userfinal != $user['to_user']){echo "error.. or whatever";}else{blabla} But as I said. none of them works :SAnd btw. I am trying to make Them _ic.. but they still don't work. they are _ic already..Well, it is very strange so can you send me or post your code and your table definition to check it.Best regards, Share this post Link to post Share on other sites
Feelay 0 Report post Posted March 8, 2008 (edited) Code -|- <?phpsession_start();$nuser=$_SESSION['user'];$auser=$_SESSION['admin'];if($nuser){$userfinal=$nuser;}elseif($auser){$userfinal=$auser;} if(isset($userfinal)){require "database.php";$username = $_GET['messageid'];$user = mysql_query("SELECT * FROM messages WHERE message_id = '$username'");$user=mysql_fetch_assoc($user);if($user['to_user'] != $userfinal){die("You are trying to view another users posts! Thats impossible!");}else{if($user['message_read'] == 0){mysql_query("UPDATE messages SET message_read='1' WHERE message_id='$username'");}echo "<h1>Title: ".$user['message_title']."</h1><br><br>";echo "<h3>From: ".$user['from_user']."<br><br></h3>";echo "<h3>Message: <br>".$user['message_contents']."<br></h3>";echo '<form name="backfrm" method="post" action="inbox.php">'; echo '<input type="submit" value="Back to Inbox">'; echo '</form>';}}else{ echo"You must be logged in to view this page!";}?> Table -|-message_id | Int | 11from_user |Varchar| 65to_user |Varchar| 65message_title |Varchar| 65message_contents |Varchar| 65message_read |Int| 11 Edited March 8, 2008 by Feelay (see edit history) Share this post Link to post Share on other sites