jimfog

It's not a great idea to use globals in object definitions like that. I'm not familiar with backbone enough to verify this, but I suspect that the code which defines that variable is not executed before the code that uses it.

What is the alternative to globals in object definitions?

What you suspect is wrong...the code which defines the variable is directly above from the code that uses it.

This code is in lines 6-16...in this jsbin http://jsbin.com/silajo/74/ ....(and is being used in line 25)I do not understand where is the problem....

Anyway I asked the question cause I think we are dealing here with javascript principles and not principles specific to backbone.

the only part that is missing in the code above is the fetch() part...

a while loop specifically that will fetch the data from the database...

the question is where the while loop should be placed.

Just take a look here http://php.net/manual/en/mysqli-stmt.fetch.php in the first example.

I need to stress one more thing...

if there are no rows at all...then fetch() will return NULL.

The above check though must be done and if indeed NULL is returned, exit from the function using return....the code will look like something like this:

   if($stmt->fetch()==NULL)          {return;}          else{             while($stmt->fetch())            {                echo $staffID.','.$Bookfrom.','.$startDate;//these refer to data coming from the database            }           }

As you might expect though...the above returns nothing(when we have one row)...cause fetch() is used twice.

How I could write the code such a check for NULL is done and at the same time results for 1 row are returned.

there is another slight problem...I do not want to create a separate topic about it.

This condition must contain the presence of global variable.

Take a look at this http://jsbin.com/silajo/74/ at line 25...the variable is package...and it is produced by parse function at line 9(all of this of course is Backbone code)

at a backbone collection.

The problem is that I get a message package is not defined....which means I cannot make package available to the User model.

How I could overcome this?

If the error is in validation of data sent by the user then you definitely need to inform the user about it, whether or not you think they're a hacker. The errors you don't show are parse and runtime errors of the code which may give a clue as to how the code works.

Why I would want to inform the hacker?

To let him know if he succeeded or not?

And as a result try more to achieve his goals.

Is there more than 1 row? You're using fetch twice. It will return null if there are no more rows.

Ι cannot believe it...you are right...there is only one row and it had not crossed my mind that var_dump(stmt->fetch()) was considered a second call to fetch

Take a look at this prepared statement...:

if($stmt=$connection->prepare('SELECT Bookfrom            FROM appointments,users            WHERE users.email=(?)            AND appointments.bookedfor=users.user_ID AND not deleted'))       {            $stmt->bind_param('s',$email);            $stmt->execute();             if($stmt->errno!==0)                 {printf("Error-execution failed-GET appt_failed: %s.n", $stmt->error);                 return false;                 }            $stmt->bind_result($Bookfrom);            $stmt->fetch();            var_dump( $stmt->fetch());            $stmt->close();            return;       }     if(!$result)        {        printf("Errormessage for result: %sn", $connection->error);        return false;        }

I get no error messages.

The query is correct...I have checked it many times...it does produce a result/row.

Despite the above though....var_dump($stmt->fetch() gives NULL.

I am running out of ideas...

Take a look at this fiddle https://jsfiddle.net/fiddlehunt/andwu6Lf/ from lines 2 to 10...in tha JS pane.

You see an object which contains two objects.

I want the second object(e-mail) to be there if a specific condition is met-depending the value of a variable.

So..can a conditional be placed inside an object.

The result must be another object or none.

I guess you would want to cover the possibility that your Javascript validation code has an error, but admittedly a server-side validation error probably indicates someone who has disabled Javascript or a hacker. You might send back a generic "input validation error." You could even count these errors and terminate the session if there are too many of them.

With what you say above you you shed light to a very important aspect.

I would say it this way also...if a point has reached where server validation errors appear that might indicate hacker activity...there is no point in informing the hacker about this or that error...I would just log the errors somewhere...and agree with your suggestion that I could terminate the session if there are many errors.

I will consider it.

Yes.

 

But you're not paying attention to what I am saying. I am saying text / language / etc I prefer to keep in the front end / UI realm. Not in the backend API, where there is nothing to know other than business logic. Did it fail? Yes / No. and What failed. boom done. Leave the UI / messaging to the front end.

 

 

That is just a suggestion, and an technical decision you need to decide.

I understand now what are you talking about and as you say...it is a decision I will take.

Yes, but what I'm saying is that you obviously DO implement a scheme to return various messages from the server. Now maybe the client-side validation is supposed to catch all the validation errors, so if the server sees a validation error that might indicate a validation code bug or perhaps a hacker. You would still want to return an error message although it might not be as informative as the client-side validation.

 

If the input is suspicious you should also report it to a admin log.

In the end...what do you propose after all.cause as you said the error might indicate a hacker....

showing nothing to the user(which might be a hacker) and report it to a log?

Do you want to support users who have Javascript turned off? Some error messages will always need to come from the server, such as "Login failed."

No...I do not want to support users that have JS off.

Secondly..the error messages I am talking about here have nothing to do with login...they are related with validation.

For example....it is a booking app...and the user is called to select from a drop menu some services...in this case I want to validate in the server if the services chosen are indeed contained in the database...if not send a message in the client informing them

I do not understand...

If errors appear in server-side validation should I inform the user about it or not(by sending messages to the client)?

It's optional if you want your front end messaging to be tied to your backend (ie. returning an error message).

Of course it is optional...but I think server side validation is needed nowadays...and the errors that might arise from it I think they should go to the client and inform the user cause front-end checks might be bypassed.

I am in the process of writing server validation code in which errors(if found) are sent back to the client with json_encode.

My problem has to do with how these errors are going to be displayed in the HTML...

take a look at this HTML:

   <div class="form-group">                    <label>Name:</label><br>                    <input id='name' name="nameinfo"  type="text">                    <p class="fillname"></p>                    <input type="hidden" id="origin" value="backend">   </div>

Here is the server code related with the above-if the user has not filled the above field:

   if($name=='')    {   $noname='you have to put a name';        echo json_encode($noname);    return;    }

How am I going to display the the above message inside <p class="fillname"></p>-my intention as to where the error message I want it to appear?

I did my job with in_array after all..thanks

If you're trying to check if the arrays have the same elements in the same order then the first thing you can do is check their lengths. If they have different lengths then the arrays are not the same and you don't need to loop at all.

No...the check must be performed either way...let me explain it better.

Suppose the first array has two names in it,james and john...

I want to check if in the second array these names or one of them(if the array has only one member) are present in it.

The first array will always have 2 members in it...the second might have one or two in it.

1. .If the second array has one member than it must be checked if this member are james or john...and output true if yes
2. If the second array has two members it must be checked that both of these are james and john...if one of them is not then output false.

To say it differently I want to check the choices the user made with the ones found in the database...as a validation algorithm.

Do you need to search every element of array1 for every element of array 2?

I am trying to use a while loop to compare 2 arrays...something like this:

    $i=0;    while($i<count($serviceslist))        {       if(($serviceslist[$i]["serviceID"])!==($content['services'][$i]))        { echo 'hi';}       $i++;        }

There is a problem though....there are time where the 2 arrays are not equal in size.

The service list array might have 2 members and the content array might have 1 member.

At such a case when $i=1 then I get an undefined offset warning...something to be expected of course since

the second array has only one member(in this example).

How I could compare the 2 arrays and still take into consideration that these may not be of equal size?

Some code adjustment is needed here.

Well if you give message "your username of 'usename', and 'password' of 'password' which should have been 'god' was incorrect please try again!" Then yes i would worry.What sort of error message we talking about? Server error OR custom error messages, give example.

custom error messages...in this case:

This is not a number.

 

 

I assume after the loop you'll be returning true, otherwise the person calling the function is going to get a value that always evaluates to false.

Υes I fixed that...

Look at what it does:

while (i < col.models.length) {  i++;  var st=s.getTime()/1000,en=e.getTime()/1000;  if((st==tfrom)&&(en==ttill))  {    $('.pack_check').html('blabla...').css( "color", "red" );    return false;  }  else  {    $('.pack_check').html('');    return;  }}

The loop will continue as long as i is less than col.models.length. First, it increments i. Then it gets s.getTime and e.getTime. Then it compares those with tfrom and ttill, and either way it will return and the loop ends after the first run.But even if those return statements were gone, it would still be doing the same thing every time through the loop. The data it works with is s.getTime, e.getTime, tfrom, and ttill. None of those variables change inside the loop, the only variable that changes inside the loop is i, and you don't use i anywhere else in the loop. So you could run that loop 100 times and it's going to do the same thing 100 times: get s.getTime and e.getTime, and compare them with tfrom and ttill. None of those values changes during the loop, it will always use the same values. That's why the loop is not necessary, there's no point to doing the exact same calculations and comparisons with the same values over and over.

 

You are right in what you say...the way the loop is now it is rather useless...

So...take a look at this:

   while (i < col.models.length) {                 var s=new Date(col.models[i].attributes.start);                 var e=new Date(col.models[i].attributes.end);                 var st=s.getTime()/1000,en=e.getTime()/1000;                   if((st==tfrom)&&(en==ttill))                   {                                      $('.pack_check').html('bla blah').css( "color", "red" );                      return false;                                        }                    i++;                 }

Τell me what you think now..as I said before...the logic is that the loop searches through an array and when something is found(if condition) the loop stops.

If nothing is found then the loop ends-after it has searched through all the array.

Yes you are right...I misled you...my app cannot work without JS.

I do not intend to make the app work with PHP

That loop goes through an array.This array might have 3 elements(for example)...each element is an object and 2 of the object's attributes are start and end.

The logic is this:

If some of these attributes meet a condition(see the if statement) then the loop must stop.

There may be a case where the condition is not met,in such a scenario the loop will just end.

So why do you say that there is no reason in repeating the instructions.

The loop is there to find something(that is why is there the if condition) in the array.

Οκ...Ι understand but I need to say that maybe this question is in vein.

My app cannot work with javascript...and the submissions which are made by ajax..are made by pressing the submit button on a dialog box created

by jquery UI.

So on this case,js is the only alternative.

The way the app is made I cannot make it to run with PHP only.

I am using a loop to iterate through an array and break from it when an IF statement is satisfied...

In the code you will see...when the IF statement is satisfied I use return to exit from the function and from the loop...and after that I use break.

I think break though is redundant...you tell me for sure:

    compare_dts:function(col){                 var tfrom=$('#timesfrom').val(),ttill=$('#timestill').val();                 var i=0;                 var s=new Date(col.models[i].attributes.start);                 var e=new Date(col.models[i].attributes.end);                 while (i < col.models.length) {                 i++;                 var st=s.getTime()/1000,en=e.getTime()/1000;                   if((st==tfrom)&&(en==ttill))                   {    $('.pack_check').html('blabla...').css( "color", "red" );                      return false;                        break;//does this have to go away?                                                          }                   else                   {$('.pack_check').html('');                    return}                 }                    },

As the code currently is...there is no problem,I want to be sure anyway though.

The purpose(anyway) is that when this IF condition is met the functions returns false.