[Search MySQL All Columns]

Do you get an error message?

 

Also can you post the context which this query is executed? as in the code surrounding the SQL in the PHP script.

[What to choose from asp.net, php and ruby on rails]

I've never used Ruby on Rails or ASP.NET so I couldn't compare PHP to them.

But what I can say is, PHP has never let me down.

 

Every project I've worked on I've managed to get the job done with PHP.

[CSRF token validation]

Hi guys.

 

I'm writing my own MVC framework and I've written a CSRF token validation class to help prevent CSRF attacks.

This is my first attempt at writing a CSRF token validation class and I just wanted to get some feedback.

 

I've looked at how others have done it and sort of stuck to the general route that most people take when writing something similar.

 

<?php

// Security measure.
if (!defined('BASE_PATH')) { exit(); }

class CSRF
{
private static $tokens = array();
private static $session_name = 'csrf_data';

/**
 * Loads CSRF token data from session into $tokens array.
 *
 * This method is called in the index.php file before a controller is loaded.
 *
 * @return void
 */
public static function init()
{
	$session_name = self::$session_name;

	// Move CSRF token data from session to class field.
	if (isset($_SESSION[$session_name])) {
		self::$tokens = unserialize($_SESSION[$session_name]);	
		unset($_SESSION[$session_name]);
	}
}

/**
 * Saves the CSRF data to a session.
 *
 * @static
 * @return void
 */
private static function save() 
{
	$session_name = self::$session_name;
	unset($_SESSION[$session_name]);

	$_SESSION[$session_name] = serialize(self::$tokens);
}

/**
 * Creates a new token.
 *
 * @static
 * @param string $name
 * @return string
 */
private static function generateToken($name)
{
	$token = md5(uniqid(rand(), true));

	self::$tokens[$name] = $token;
	self::save();

	return $token;
}

/**
 * Validate a token by its name.
 *
 * @static
 * @param string $name
 * @param string $token The CSRF token included with the form data.
 * @return bool
 */
public static function validateToken($name, $token)
{
	if (!isset(self::$tokens[$name])) {
		return false;
	}

	return ($token == self::$tokens[$name]);
}


} // End of CSRF class.

[Have I been conned?]

I wouldn't host anything with iPage, they caused me nothing but grief.

Same goes for JustHost and 1&1 Internet. Don't use any of them.

[What should I use to replace frames?]

wow, ok, thanks alot. I would have carried on using tables but you've made me think twice.

[What should I use to replace frames?]

What alternative is there to tables?

 

Floating Divs? I prefer to use tables as they work in almost every browser.

 

I have a lot of issues with floating divs, i'd switch to them however if Internet explorer was never invented.

 

however..

 

<html>
<head>
  <title>My Website</title>
  <style type="text/css">
     .center, body, #container {
        text-align: left;
        margin-left: auto;
        margin-right: auto;
     }
     #container {
        width: 900px;
     }
     #sidebar {
        float: left;
        width: 150px;
     }
     #content {
        float: right;
        width: 750px;
     }

  </style>
</head>
<body>
  <div id="sidebar">
     <a href="?go=home">Home</a><br /><br />
     <a href="?go=page-1">Page 1</a><br />
     <a href="?go=page-2">Page 2</a><br />
     <a href="?go=page-3">Page 3</a><br />
  </div>
  <div id="content">
  <?php
  $default = "content/home.php";
  if (isset($_GET['go'])) {
     switch ($_GET['go']) {
        case "page-1": include("content/page1.php"); break;
        case "page-2": include("content/page2.php"); break;
        case "page-3": include("content/page3.php"); break;
        default: include($default);
     }
  } else { include($default); }
  ?>
  </div>
</body>
</html>

[What should I use to replace frames?]

You could do something like this:

 

<html>
<head>
  <title>My Website</title>
</head>
<body>
  <table width="100%" border="0" cellpadding="2" cellspacing="3">
     <tr>
        <td id="sidebar">
           <a href="?go=home">Home</a><br /><br />
           <a href="?go=page-1">Page 1</a><br />
           <a href="?go=page-2">Page 2</a><br />
           <a href="?go=page-3">Page 3</a><br />
        </td>
        <td id="content">
        <?php
        $default = "content/home.php";
        if (isset($_GET['go'])) {
           switch ($_GET['go']) {
              case "page-1": include("content/page1.php"); break;
              case "page-2": include("content/page2.php"); break;
              case "page-3": include("content/page3.php"); break;
              default: include($default);
           }
        } else { include($default); }
        ?>
        </td>
     </tr>
  </table>
</body>
</html>

[Basic Php System: View/edit/delete/add Records]

Good call -- doing the searching within the MySQL query makes a lot more sense than the way I posted above.

 

Thanks. Yeah it will do, saves you having to fetch all the records and preg_match them.

 

When you have your results, if you want to highlight the criteria in the results you could do something like..

 

while ($row = @mysql_fetch_array($results, MYSQL_ASSOC))
{
  $field = $row['field_name'];
  $field = str_replace($_POST['search_criteria'], '<font color="#336699">'.$_POST['search_criteria'].'</font>', $field);

 echo $field;
}

[Basic Php System: View/edit/delete/add Records]

I've recently built a search function into my website.

 

This works for me.

 

$criteria = strtoupper($_POST['search_criteria']);

SELECT * FROM `tbl_name` WHERE UPPER(`field_name`) LIKE '%'.mysql_real_escape_string($critera).'%'

 

I've converted the search criteria and table field values to uppercase to make the query case insensitive.

[Displaying data on a weekly basis]

ah true.

[Displaying data on a weekly basis]

Hello,

 

I have a table with fields date,day,and some data for each day.

I want to display the data on a weekly basis, (ie from Monday to Friday) along with options for next week and

previous week.

 

Could someone help me with this?

 

Why not get a twitter account and build/download a script to display your latest tweets?

[html problem]

I'd recommend using Notepad++, it just makes things easier.

Also, when u save a file in notepad, you're better off typing "name.html" including the quotes.

If you install notepad++, you can simply right click on your html file and select "Edit with Notepad++".

 

Alternatively, open notepad and drag your html file icon into the window to open it.

[Google doesn't use the "keywords" meta tag]

I know for a fact they use the meta description, the extract of text that google has used for some of my websites are the Meta Description tags.

Still, Google isn't the only search engine.

[Your web hosting provider?]

JustHost isn't bad. Its better than other web hosts i've used such as Streamline and 1&1 Internet.

You get free advertisement credit for google, yahoo & bidvertiser.

 

My package has unlimited/unmetered bandwidth & space and is about £6-7 per month.

[New '.co' domain]

Anyone else heard about the new .co TLD being released on 20th July?

 

Already preordered one, going to get some more tommorow. £20 a pop but its worth it.

 

The cheapest pre-ordering price I've found so far is heart internet which is £20, others like 123-reg charge £30.

 

So if you're interested in preordering one, i'd go with heart internet on price unless you can find a better deal.

[Php Tutorial. Registry system for objects]

Some of the code in the examples is cut off at the top.

 

You can find the full version by copying & pasting an extract of the tutorial above into google.com.

[IE8 compatability issues]

Like many others, i despise IE. However, i dont dismiss it when building a site.

If i add something to a web page that works in firefox, chrome, opera & safari but i cant get it to work in IE, i take it out.

Compatibility is my number 1 priority.