Jump to content

son

Members
  • Content Count

    1,024
  • Joined

  • Last visited

Everything posted by son

  1. I post this here as a database issue/decision... Working on this project where I am also tidying up a lot of data that was placed in many different places (some even offline, mostly contact data for customers). At the moment I am collating all the data in one mySQL table. Afterwards I will create a mini web admin interface to access the data, change details and/or delele as necessary. However, one thing came up: Mailchimp is used to send newsletters which obviously means that there is another place with contact data where some might match the ones in central database. And there might b
  2. son

    TIMEDIFF returns empty set

    Thanks for new reply. Will leave it as it is as there will never be an instance where the start and end would be on separate days... Son
  3. son

    TIMEDIFF returns empty set

    Actually, had a play around with this and seems I cannot undo the automatical insertion of current timestamp when I make changes made to a row. This is not useful as the timestamp will never be the current one and would only mess up my data, so will leave it in separate fields as it is... Son
  4. son

    TIMEDIFF returns empty set

    Query works now, thanks:-) However, had to change the time fields in query though as otherwise negative difference coming up. I want to add up several time differences to a total of used slots. Query now: "SELECT TIMEDIFF(ender, starter) AS timediff FROM table1"; which works. What you said regarding date: I have a separate field for DATE and then the two TIME columns. But now you got me thinking and I wonder if it was an idea to loose the DATE column and just add DATE bit to the two TIME columns. Would that make sense? Guess it would enable me to loose one column and I could still extrac
  5. Have table1 to hold date as DATE and a start and end time as TIME as I need to calculate difference between the start and end time for various dates (which all hold varying times). However, using TIMEDIFF on my columns 'starter' and 'ender' which hold the TIME components simply returns an empty set SELECT TIMEDIFF('starter','ender') FROM table1; Do you have any ideas? Have posted below the formatting used in columns just in case the issue lies there... Son 2010-09-09 09:30:00 11:00:00
  6. son

    Security

    Sorry for delay in responding. Caught a nasty bug... Thanks for feedback. Will look into this. Very helpful:-) Son
  7. son

    Security

    I implemented the changes to the area, but just now thought if it might also be an idea to log the IP addresses of users just in case some dodgy entity finds a way in. Would tha be a good idea and if so, should I do this only for the login or any updates entered? Really would like to do all I can to avoid issues with security etc. Son
  8. son

    Security

    Thanks for your feedback Ingolme. Whilst no home address etc will go for your advice and have them enter password to change password and email address. Will also check for https. Might also consider the two email option. Appreciate your input:-) Son
  9. son

    Security

    Hi there, Have coded a simply members login area where members can change their email address, password (to logon to area), phone number and upload some text info. Nothing fancy really (no file upload etc). Now am concerned to make the area as secure as I can and whilst you need to be logged in to access any of the pages within the area I wonder what else I can do. I have three main questions. 1. On lots of large websites you have to enter your password to change details. Would it be good advice to do this for all four update pages (email address, password, phone, information)? Or
  10. Thanks for all the feedback. Very helpful. The external scripts are sitting in admin folder, web root and there is a folder created in web root with two files inside... Son
  11. Thanks Ingolme. You might have just pointed me in the right direction. However, not sure how they managed to login into password protected area where this files sits. All files have test right at the top to check if user is logged in... In addition, the site security scan did not pick up on any of the dodgy scripts and host says that this is because file sat there for years apparently. However, I can for once not see how it sat there for all this time not doing anything till recently and why a security scan would not pick up dodgy scripts just because they were for a while on the site. Does th
  12. Thanks for your feedback. Will check the access logs. However, unfortunately we are not entirely sure when it happened. Seems to have gone on unnoticed for some time. There is a security service installed which was offered by host when we discovered a number of strange things happening and were able to correct some that were obvious. However, the scans come back each day saying that the files are all okay which sort of confuses me as they are obviously not. In addition when you say scripts often lack 'security validation and checking and allow attackers to replace or upload files' can you
  13. Is it possible that a hacker can place phycial files and create new folders on a web server without ftp access? If so, how can I find out if the hack came via ftp or via a weak script? Son
  14. Thanks for this. Could only think in vague PHP-terms to solve this and it is great to have the confirmation that I am not missing a more direct way of achieving this. Will have a go now:-) Son
  15. Thanks for pointing this out. Have setup a new table now with three fields: combination ID, item ID, category ID. As I have lots of data sitting in the item table wondered if there is a good way to extract the info to the new table? It would need to transfer each itemID/categoryID combination to the new table. For example 'itemID (1), categoryIDS (1,2,3)' would become 'itemID (1), categoryIDS (1)', 'itemID (1), categoryIDS (2)' and 'itemID (1), categoryIDS (3)'. The category ids are in field as a comma-separated list without spaces... Son
  16. Hi there, I have created one table that holds category names (catTable) and one table (itemTable) that has a field with comma separated list of category ids that are relevant for individual item (setup as VARCHAR). I tried 'SELECT catName FROM catTable WHERE catId IN (SELECT itemCatId from itemTable WHERE itemID = $itemID)' in WHILE loop that displays the individual items which should also show all names of relevant category names. It does not work and shows only first category rather than whole list. I suppose the WHERE IN function is probably incorrect, but am not sure if I nee
  17. Apparently cookies are enabled and this is should not be the issue. What about iPhone? Are there any current issues known with iPhone Safari? This is the device where the issue occurs. Whilst before it apparently worked sometimes and then not, it looks now like it might be a permanent issue with the device/browser. Thanks, Son
  18. Hi there, I have build a website that relies on sessions to keep a language variable alive, so users can navigate through one language. I was told that on one day last week this did not work. Each time the user clicked onto different link in navigation it reverted back to default language. I just tested session variable and it works fine. What could be a reason that this does temporarily not work? Does not really make sense to me... Son
  19. son

    Fatal error: Out of memory

    Thanks for info. Very helpful:-) Son
  20. What do you mean by "prepared statements". Am not sure what this is... Son
  21. son

    Fatal error: Out of memory

    Thanks Ingolme. Unfortunately, it is a hosted site with no access to php.ini or is there another way to implement this (locally in script not possible, is it?)... Son
  22. Have a form that is used to update, create or delete entries in db. All form fields sticky, but instead of echoing post data I echo values from variables. If update/delete form displays current db values in form field, if new entry they are empty to start off with, but will be sticky for those submissions where the field entries are filled out okay whilst others are not. My issue now is that upon db submission I use: $idesc = escape_data($_POST['idesc']); which now causes the text to be escaped when there is an issue with another form field which is not what I want. What would be best? To m
  23. son

    Fatal error: Out of memory

    I use image_destroy(), so not sure if that is the issue. Paste code below... function resize_image($opts){ $src = isset($opts['source']) ? $opts['source'] : ''; $dest = isset($opts['dest']) ? $opts['dest'] : ''; $w = isset($opts['w']) ? intval($opts['w']) : 0; $h = isset($opts['h']) ? intval($opts['h']) : 0; if ($src == '') { return; } if ($w == 0 && $h == 0) { return; } if ($dest == '') $dest = $src; // resize in place // open the image$extVar = explode('.',$src);$ext = strtolower(array_pop($extVar)); switch ($ext) { case 'jpg': case
  24. Have issue with image upload script. The error is as follows: Fatal error: Out of memory (allocated 56360960) (tried to allocate 19712 bytes) and image file that caused this is 514KB. The entry in db is okay. I checked with local settings on hosted server: max_file_uploads -> 20upload_max_filesize -> 40Mmemory_limit -> 90Mpost_max_size -> 8M As lowest value post_max_size is 8M which is 1024 KB am confused. The image is only half as big. My script runs through the creation of three sizes when uploading an image (thumbnail, medium and large version). The large version sits
×
×
  • Create New...