e_i_pi's Profile User Rating: *****

Reputation: 808 Master
Group:
Mentors
Active Posts:
1,725 (0.77 per day)
Joined:
30-January 09
Profile Views:
50,828
Last Active:
User is offline Mar 26 2015 04:38 PM
Currently:
Offline

Previous Fields

Country:
AU
OS Preference:
Windows
Favorite Browser:
FireFox
Favorite Processor:
AMD
Favorite Gaming Platform:
Playstation
Your Car:
Mitsubishi
Dream Kudos:
75
Expert In:
Databases

Latest Visitors

Icon   e_i_pi has set their status

Posts I've Made

  1. In Topic: check radiobox from database php

    Posted 22 Mar 2015

    View PostDormilich, on 23 March 2015 - 06:34 AM, said:

    you could also fix that typo instead

    Hint: have a look at the page source to see what you're outputting, and then check that against the syntax you should use.
  2. In Topic: PHP query wont run after clicking button

    Posted 17 Mar 2015

    Not sure what your original question is really, but here's some feedback on that PHP:
    <?php 
    
    include("config.php"); //including our config.php where is connecting to mysql... 
    session_start(); //starting session for profile.php (Dunno how to explain better) look little down 
    error_reporting(0); //without this we will always get some stupid notice that variable isn't defined.... 
    
    $submit = $_POST['submit']; //variable for submit button, in this variable we save button that player press in <input type='submit' name="submit" value='Login' />.... 
    $username = sanitize($_POST['username']); //variable for username, in this variable we save text that user type in <input type="text" name="username".... 
    $password = sanitize($_POST['password']); //variable for password, in this variable we save text that user type in <input type="password" name="password".... 
    
    if($submit) //if he press submit button 
    {     
        if($username && $password) //if he type both of username and password not just one of them 
        { 
            $query = mysql_query("SELECT name, pass FROM users WHERE name = '$username'"); //selecting user name and password, change it to your field names,  chage users to your table name, $username means username that he type... 
            if(mysql_num_rows($query) == 1) //if user exists 
            { 
                while($row = mysql_fetch_assoc($query)) //loop thought table that we select in mysql_query 
                { 
                    $dbusername = $row['username']; //setting dbusername as variable from table, change 'username' to your field! 
                    $dbpassword = $row['password']; //setting dbpassword as variable from table, change 'password' to your field! 
                } 
                if($username == $dbusername && $password == $dbpassword) //if username is same as one from table and if password is the same as one from table... 
                { 
                    $_SESSION['username'] = $dbusername; //setting session username to one from table, this is useful if you login, that restart your browser and than you go in url where is your profile.php... Anyway this is useful :D/>/>/>/> 
                    echo header('location: profile.php'); //redirecting user to his profile page (profile.php) 
                } 
                else echo "Wrong password!"; //else if user type wrong password he will get this... 
            } 
            else echo "Username doesn't exist!"; //if username doesn't exist in table user will get this 
        } 
        else echo "Type name and password!"; //else if user doesn't type all fields he will get this... 
    } 
    
    ?>
    

    Line 5 - As others have stated, don't switch off error reporting, not in dev, that's how you catch and resolve errors.
    Line 7 - Not checking for existence of variable $_POST['submit']
    Line 8 - Not checking for existence of variable $_POST['username']
    Line 9 - Not checking for existence of variable $_POST['password']
    Line 11 - While this is fine in terms of checking if $submit is not empty/false/etc, you may want to cross-check back to the value you're expecting
    Line 13 - Again, maybe a check on $username !== false && $password !== false would be better, so long as you set them to false in lines 8 and 9 when they don't exist or are blank
    Line 15 - mysql_* functions are deprecated, use mysqli_* functions, or PDOs. Also, you are wide open to SQLI attacks.
    Line 16 - What happens when there is more than one matching row? Best to check to make sure there is a unique constraint on the table column users.name, to ensure that there can't be two users with the same username.
    Line 23 - $username == $dbusername is entirely redundant, as $dbusername = $row['username'] = $username in all cases
  3. In Topic: Why is PostgreSQL not included in server solution stacks like XAMPP?

    Posted 15 Mar 2015

    You can always install PostgreSQL yourself and hook into it with PHP. It's just the format of the connection string, and perhaps a couple of configuration options (such as running a "SET SCHEMA MySchema" query on connection) that differentiate it from MySQL use from a PHP application. If you need a GUI front end for the DB, download and unpack phpPgAdmin to a directory you can navigate to via localhost.

    I agree that PostgreSQL should be an option in a standard stack though. EasyPHP say that PostgreSQL is coming soon, but they've been saying that for 2 years at least. I ended up using EasyPHP and hooking phpPgAdmin in myself without too much trouble - it just came down to placing the phpPgAdmin files in their own directory, and then adjusting an HTML file in EasyPHP to navigate to phpPgAdmin.
  4. In Topic: Javascript doubt in && and ||

    Posted 15 Mar 2015

    View Postbaavgai, on 15 March 2015 - 07:38 PM, said:

    No. It is NOT order of precedence. Rather, it is how boolean expressions work and it's important to understand.

    When you say conditionA || conditionB, if conditionA is true, then evaluation stops.

    Shenanigans!

    While the above statement is true, it only covers one group of cases, that is, where conditionA is true. When you look at the entire truth table (given below), you can see that the Javascript results match the OoP (Order of Preference) results, NOT the LTR (left-to-right) results in cases 2, 4, or 7, where A happens to be false:

    Values     LTR Results     OoP Results     Javascript
    A B C      (A || B)/>/> && C   A || (B && C)   A || B && C
    = = =      =============   =============   ===========
    F F F       F               F               F
    T F F       F               T               T
    F T F       F               F               F
    F F T       T               F               F
    F T T       T               T               T
    T F T       T               T               T
    T T F       F               T               T
    T T T       T               T               T
    
    


    While the Javascript engine might be smart enough to determine when to stop processing, it does in fact follow OoP when processing boolean statements, which ties back into the OPs problem.
  5. In Topic: One Count minus another Count

    Posted 12 Mar 2015

    And here's an alternative...

    SELECT
    	COUNT(CASE WHEN ID = "John" THEN Views ELSE NULL END)
    	- COUNT(CASE WHEN ID = "Mike" THEN Views ELSE NULL END)
    FROM User
    
    

My Information

Member Title:
= -1
Age:
40 years old
Birthday:
June 24, 1974
Gender:
Location:
Australia
Years Programming:
4
Programming Languages:
HTML, XML, jQuery, PHP, SQL, MySQL, VBA, VBScript, PostgreSQL

Contact Information

E-mail:
Private
Website URL:
Website URL  http://www.artofwar.cc/

Comments

Page 1 of 1
  1. Photo

    cupidvogel Icon

    09 Jun 2012 - 11:30
    Ha ha, I really liked your "if(navigator.appName == 'Microsoft Internet Explorer')" theme!
  2. Photo

    Duckington Icon

    04 Apr 2012 - 00:57
    It's not live yet, still developing and then going into beta test. I haven't actually decided on a name yet, so no domain for it.
  3. Photo

    modi123_1 Icon

    13 Mar 2012 - 06:56
    Ha.. well good luck with it.. it's always a good butt of a joke.
  4. Photo

    RudiVisser Icon

    08 Mar 2012 - 15:20
    You know, I only just worked out what your avatar is. Love it!
  5. Photo

    RudiVisser Icon

    06 Sep 2011 - 00:37
    Thank you very much :-D
  6. Photo

    RudiVisser Icon

    06 Sep 2011 - 00:37
    Thank you very much :-D
  7. Photo

    e_i_pi Icon

    05 Sep 2011 - 22:15
    Ah thank you :) I'm a fan of minimalism, so I wwanted something nice and simple, plus you just can't go past red and black!
  8. Photo

    no2pencil Icon

    05 Sep 2011 - 19:52
    Love your avatar!
  9. Photo

    Sayid Ahmed Icon

    13 Jul 2011 - 14:02
    thanks for the add.
  10. Photo

    Dormilich Icon

    17 Feb 2011 - 13:25
    just wanted to congratulate for the funny thread title "OOP, PDOs, pain, tears".
Page 1 of 1