birbal
-
Posts
2,543 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Everything posted by birbal
-
you need to change that i had explained why it should not working. if after changing that part is showing error that means probably in other part of you code is not functioning as it should be. we need to see those errors
-
Where is the errors? you commented the isset() part. still issue is there same as i posted in the last post. is that your updated code?
-
How long did it take you to learn or Master JavaScript
birbal replied to SnakesBite101's topic in General
Even javascript language itself is evolving with time. So you have to make your mind as learner mind all the time. also it is the most misunderstood language. Who came from C family or any other strict language face some problems in understanding OOP in js. It took time when i need to understand inheritance in JS which is conceptualy far away from those strict language. JS is prototype based and C/C++ others are class based. most of us are used with class based language so it is quite different. Being experinaced in any programing languages and knowing the basic concepts will help you to alot as many of things in JS is common with any other languages. But that is not all. you have to know the differences too and other features too. most problemetic part in js is different browser implementetion. multi browser compatiblity makes it harder. It is up to you which learning process you can adopt well. Tutorials sites are for start up. if you study the manual or resources it will be in depth knowledge. you can find vendor specific resource in opera/mozilla developer network or w3's drafts. If you can ask the right question still you can find the good answer in google. none of classes will go through each and every thing/topic you still need to rely on those manual. that is what we most of us do. -
I almost forget MSSQL (due to lack of practice) but what i know about Mysql is it uses some fixed memory to load indexes at a time.as integer takes 4 bytes which is smaller than the characters it can load much rows at a time which can be checked. where if it is char types it needs to load that index buffer more times than integer. thus it slows it down. same set of value but they will be in different tables. how does it be base on same set of values? Still they have to load the indexes for both of tables to match.
-
Yes. in InnoDB a clustered index is set on primary key. it is the first priority. if any PK is not there its try to set clustered index on UNIQUE constarinted NOT NULL column. lastly if still it is not there it creates a invisible column for clustered index. For the same reason as above. you can not.
-
You can give a bot to access for guest viewing only. but you have to detect it as bots and also you have to detect that no real user can reach the content. detecting bots has many ways but none of them can give you 100% assurance.
-
i can't think of how can it be eliminated. can you explain it further? or any link to resource?
-
If you want to prevent user from executing include files safest option will be putting it in outside of web root. which means user cant reach by any means to execute it but your php script can reach it and use it. same with other files if you dont want to expose your file openly to public you can set them outside web root. then let a php scipts to decide if it should show the file or not. if it it need to show the file let php pull the file and serve it.
-
should beif(isset($_GET['cat_id'])) it is checking now that $_GET['cat_id'] is empty string or not. when it has value it still checks for empty string and execute the else part. you should check $_GET['cat_id'] is set or not. http://php.net/isset
-
not only cookie but also any kind of user inputs in query is vulnerable for SQL injection. $_GET,$_POST even $_SERVER['HTTP_USER_AGENT']. encrypting session will not protect from sql injection. it will defend against revealing the data if session resources in shared host environment, one user is being compromised. When its in secure connection cookies are being encrypted and passed in server most safest way is to using prepared statement. escaping has issues with multi-byte charset.
-
$sql_statement = "SELECT items.quantityFROM items LEFT JOIN ordersON items.CHECKOUT_ID=orders.CHECKOUT_IDORDER BY orders.ORDER_ID"; try this. it should work.
-
showing the error is always helpful to us to help you and locate the problem specificaly."SELECT items.quantity"."FROM items LEFT JOIN orders"when you concatenate it makes string like this"SELECT items.quantityFROM items LEFT JOIN orders"use spaces in between and you dont need to concatenate those.
-
escaping works on single byte charset well it has some issues in multi byte. utf-8 multi byte use hex values. prepare statment has not such an issue thus using it is safe with that. and also. hex values are genraly treated as string. if it is in character type column the each two digits of hex represent a character. if it is integer type it just represent the integer value of the hex represntetion.
-
use mysqli_real_escape_string() or other escaping functions. but most secure is prepared statement. this is a too vague. there is lot of things there to consider and depends on what your application suppose to do.. if you want to make much secure scripts its better to be stay updated with different attacks and maintain basic secure coding principals. http://owasp.org <=check this
-
bottom,top wont work with default positioning. you have to use relative,absolute or fixed position which is applicable to you.
-
problem in getting value from select option using ajax, php and mysql
birbal replied to newphpcoder's topic in PHP
firstly you should make error reporting enabled to report every level of error. you had disabled it. you have to tell us the error if anything is there. it will also help you to debug. suppressing the error is not good idea when you developing. it will make things harder. what is not working? what should be like working? you can't have same id on more than one element did you try dumping the responseText to see expected data coming or not? -
Which are the best online web development courses?
birbal replied to quynhminh2014's topic in HTML/XHTML
He is just spamming. it is now third time i see same posts like these. -
check the link you are clicking or just var_dump($_GET) in target page to see if that is there or not
-
http://www.oracle.com/technetwork/database/enterprise-edition/documentation/index.html
-
int type is faster with primary key when it compares or used in joins, than a varchar/char. it also save disk spaces. imagine you have multiple table connected to each other. if it uses character as foreign key it will take much more space than an integer overall.
-
do you really need the remember me system? it still needs a db trip to get authenticated everytime. so if it is usual login vs remember me, it is same from the prespective of db access. one thing it has advantage that user don't need to type their password. but most of modern browser has option to save password. and security of it are being managed by browser vendor.browser password also decrease any chance of any exploiting with cookies and overall user identity
-
session_set_save_handler() makes session safer when it stores data in database. in shared host the session data is stored in flat files usualy. and all of user/ other sites hosted on that server use same sources. so it is not safer that if that one is compromised your session data will be compromised. saving in db will make it more secure. but that does not makes secure from stealing session id from any user as justsomeguy already stated. you dont have to use session_regenerate_id() unless you want to regenrate id explicitly. when you star a session it checks that any of session cookie or propogated session id is there are not. if its there it resumes to it else it genrate new one. if you want to check against ip and user agent you have to store it in database. there is callback for reading session data in session_set_save_handler() in that function you have to check the ip an user agent and session id combo. when it matches make the data read. same with write callback. you should check the link jsg posted to get the idea. when you use to check integrety of session using $_SESSION['PREV_REMOTEADDR'] here it already read the data from the current activated session. you have to do the checking before it read. that is what for session_set_save_handler() for. it let you customize session behaviour
