Jump to content

Gilbert

Members
  • Content count

    49
  • Joined

  • Last visited

  • Days Won

    1

Gilbert last won the day on April 25

Gilbert had the most liked content!

Community Reputation

1 Neutral

About Gilbert

  • Rank
    Newbie

Profile Information

  • Gender
    Male
  • Location
    Schenectady
  1. Gilbert

    can a select statement return more than one value

    Thanx justsomeguy - I think what you're basically saying is that I did it correctly - that I have the right idea. I'm not sure I follow you on the 'validation' part because I'm getting the information from a database and asking the user to click on one of the options in the combo box list. Where is the validation needed? I think I'm missing where a user could inject malicious code. Thanx....
  2. Hi all, I am populating the <options> of a <select> statement from a database using php. I'm setting the value of the options to the 'workerID' and setting the innerHTML to the worker name, reading both of these values from the database table 'workers'. The 'input' button runs the php and I have the workerID as a value, but then I have to access the table again matching the workerID in a where clause to get the first & last name of the worker. It seems kind of redundant to do it this way - the question is, is there any way to pass along the worker name (which you just looked up) along with the worker ID, to the php function, or is this a normal way to do this. I thought of making the 'value' attribute a combination of ID and name, and then separating it in the php function to use, but I was wondering if there was an easier way that I am missing. I am just trying to cut down on traffic to the server. It would seem like there would be a better way to do this. Here is my code - thanks for your help!! <div id="chooseWorker"> <?php if ($_SERVER["REQUEST_METHOD"] == "POST") { $chosenWorker = ($_POST["mySelect"]); include "phpConnection.php"; $sql = "SELECT firstName, lastName FROM workers WHERE workerID = '".$chosenWorker; $result = $conn->query($sql); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $_SESSION["adminFirstName"] = $row["firstName"]; $_SESSION["adminLastName"] = $row["lastName"]; } } } else { return "Worker not Found"; } } ?> <h3>Please choose a Worker</h3> <form method="POST" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> <select name="mySelect" size="12"> <?php include "phpConnection.php"; $sql = "SELECT * FROM workers ORDER BY ranking"; $result = $conn->query($sql); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $fullName=$row["firstName"] . " " . $row["lastName"]; ?> <option value="<?php echo $row['workerID'];?>"><?php echo $fullName;?></option> <?php } // end while } // end if ?> </select> <input type="submit" value="Submit"> </form> <div> <button>cancel</button> </div> </div>
  3. Gilbert

    Need help to see what's wrong error 1064

    How so justsomeguy? Don't you need to UPDATE after you INSERT INTO? I learned my sql from MS ACCESS, but I realize mySQL has some different syntax. In Access the insert into doesnot update the table until you say 'update'. Have I written it wrong? A little more help, please. Thank you.
  4. I'm still a bit fuzzy on how to go about checking every page. Can you give me a typical example of how to check if a user has permission to view it. I came up with the following code but got stymied as to how to break off gracefully and return to whereever. Is this the right approach to start with - where do I go from here? Or am I not seeing the whole picture? Thank you!! <?php session_start(); $pageLevel = "4"; if ($pageLevel > $_SESSION["userUserLevel"]) { // userUserLevel is a single string digit created at log in echo "You do not have permission to view this page"; // where does it echo to? return; // where do I return to? } ?> <!DOCTYPE html> etc
  5. Hi, I have a goDaddy account and I'm learning to import data. I've had success with a couple of uploads, but I get an error message and I don't understand what I need to do to get rid of it. My code is below, along with the error message I get and the excerpt from the mySQL documentation. Can anyone offer some advice about how to proceed and what may be the problem? The query works and updates the table with the info perfectly, but I think I should find out what this error is b/4 I incorporate into my website. Thanks a million! SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO"; SET time_zone = "+00:00"; CREATE TABLE IF NOT EXISTS `myUsers` ( `UserID` char(8) NOT NULL, `firstName` varchar(24) NOT NULL, `lastName` varchar(24) NOT NULL, `viewPref` varchar(16) NOT NULL, `pagePref` varchar(48) NOT NULL, PRIMARY KEY (`UserID`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ; INSERT INTO `myUsers` (`UserID`, `firstName`, `lastName`, `viewPref`, `pagePref`) VALUES ('sak20007', 'John', 'Smith', 'mobile_phone', 'about.html'); UPDATE; #1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1 Error: 1064 SQLSTATE: 42000 (ER_PARSE_ERROR) Message: %s near '%s' at line %d
  6. Thank you very much! I appreciate you helping me get this basic stuff under my belt from the start so I can do it right. Gil
  7. OK thank you very much. I have the log in in php and at the same time I set a $_SESSION var called userLogStatus to 'loggedIn' - so I have to check that global in php when each page opens. Or do you suggest I copy 'userLogStatus' to a sessionStorage to make it more accessible for checking. Would that compromise my security by being in the browser? Thanx, Gil
  8. Hi all, I'm trying to control where a visitor enters my website. I only want a visitor to open my homepage, pass security and then continue, like a menu-driven app. I know you can enter a domain name and a slash and go to that page in the website like 'amazon.com/tools' will bring up the tool page. Is there a way to prevent this from happening? Can it be turned off or on according to a security level imposed? I only want higher level users to see pages like 'checkswritten.html' or 'incomelevel.html' and not a casual user type in 'myDomain/incomelevel'. anybody can see the links in <a href> or where buttons take you so they could learn all your pages and go directly to them. Do you need to invoke security precautions on every page? Thank you for responses, Gil
  9. Hi all, I'm trying to wrap my head around the idea of the window object and the document object relationship. I've read some really good explanations in stackoverflow and others. I have a pretty good grasp of it so I tried an experiment. If the window object opens in the browser, and then the document object opens in the window, then if I change the document, will the window object remain the same. I tried make 2 simple html's - in the first I set a variable like window.myVar = "myValue";. I was able to change the value with a button so it was working fine, and then I used an <a> href to change to a different document. I tried to reference the window.myVar but it came back 'undefined'. If you change documents in a window, does the document always come with a new window, or am I doing something wrong here? Like I said, I've read a lot about the window and document object, but I couldn't see that this was addressed. Thank You for any response....
  10. Gilbert

    sessionStorage vs Global Variables

    Thanx justsomeguy - I think I've got it now. I've got to read very carefully what is being referred to - the window or browser or page or site. Thanx
  11. Gilbert

    sessionStorage vs Global Variables

    I think I understand your point - The following excerpts are from thew3 JS tutorial under jsScope, but I think I read 'web page' as 'web site' in the first one, which would support your answer. But down further are two other excerpts which are confusing me. It says that HTML global variables belong to the window object and remain until the window is closed. The last line of the 3rd quote is what I was basing my hypothesis on. Please set me straight if I'm reading this wrong. Thanks for all your help. In the end, I have nothing against sessionStorage - I'm just trying to understand the scope thing (actually I use Listerine) (chuckle, chuckle) Global JavaScript Variables A variable declared outside a function, becomes GLOBAL. A global variable has global scope: All scripts and functions on a web page can access it. Global Variables in HTML With JavaScript, the global scope is the complete JavaScript environment. In HTML, the global scope is the window object. All global variables belong to the window object. The Lifetime of JavaScript Variables The lifetime of a JavaScript variable starts when it is declared. Local variables are deleted when the function is completed. In a web browser, global variables are deleted when you close the browser window (or tab), but remain available to new pages loaded into the same window.
  12. Hi, I tried a couple of searches and couldn't find a post that compared these 2 forms of storage. I was using sessionStorage in my script to remember information from a Db, but as I was reviewing variable properties and scope, I said to myself Why should I involve sessionStorage when I can just assign the info to a global variable which is accessable to the whole website and goes away when you leave the website, just like a session variable. Is this correct? Are the global variables not as reliable or something? What are the differences, similarities; and what can you recommend to me about this. Thanx a million!
  13. Gilbert

    php is concatenating 2 values in its return

    Thank you very much - great explanation! I have programmed in 'normal' languages for some time now, but I have to start thinking in abstracts more with asynchronous stuff going on. I appreciate all the help from good, experienced coders like yourself. Gil
  14. Gilbert

    php is concatenating 2 values in its return

    Thank you. I think I have it straight, but I just came up with another fly in my ointment. I can't figure what's wrong here - I get 'undefined' when I look at 'goodInput'. I have followed the w3 examples doing an xmlhttprequest specifying a callback function; usually w3 will put the responseText into a 'demo' element and assign it with innerHTML So I took it one step further and thought why can't you cut out the middleman and use a 'return' to send back the responseText and assign it to a variable. I am checking for valid input and am only going to get one response back so it seemed logical (to me). I have tested a similar function with a callback and it worked well, but with 4 more lines needed for the callback. Here's my code for the calling function and the xhr function; is it possible to do it this way? The userInput I enter is in the correct form and should return as is. // userInput is from a prompt input box and passed to this function // not worried about security here - just functionality function validateInput(userInput) { var sendMe = "userID=" + userInput; var goodInput = loadPHPwithReturn("checkUserInput.php", sendMe); return goodInput; // goodInput is either = to the input or 'BadEntry" which I deal with on return } //Load an XMLHttpRequest with Return of Response Text function loadPHPwithReturn(url, sendMe) { var xhr = new XMLHttpRequest(); xhr.onreadystatechange = function() { if (this.readyState == 4 && this.status == 200) { return this.responseText; } }; xhr.open("POST", url, true); xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xhr.send(sendMe); }
  15. Gilbert

    php is concatenating 2 values in its return

    Absolutely correct - it works like a charm - Thank You very Much!! I've been a little hazy on which to use where. I know return is supposed to send back a value whereas echo sends back a string maybe with html in it. Do I have that correct? And can you add anything to that so I can get it straight in my head. Thanx again, Gil
×