I have a table called settings, when I would change or enter data into the form it did not change the data in the table. In addition on form an image upload file is not running, There may be the wrong code below.
(Solved by me)
Maybe someone can help me Related to this.
What you are doing here is tottaly in secure and your data can be hacked / manipulate really fast.
Why dont you use a framework like codeignighter there are about 100 easy frameworks that will help you manage database a lot easyer.
Are you sure that you are updating the wrond ID? where id = 1, seems to be not dynamic.
Please post your error http://www.w3schools.com/php/func_mysql_error.asp
I know it is not so related to your question, but you should see these light frameworks:
http://kohanaframework.org/
https://github.com/ElbertF/Swiftlet
http://ellislab.com/codeigniter
You're not checking the return status of of your query, so if it's not working you wouldn't know. Do this:
mysql_query("UPDATE settings SET site='$name',keywords='$keys',descrp='$desc',email='$email',fbpage='$fbpage',twitter='$twitter',gplus='$gplus',disclaimer='$disclaimer',template='$template' WHERE id=1")
or die(mysql_error());
Note: mysql_*() is deprecated: you shouldn't use it. Use mysqli_*() or PDO instead.
Also: You are susceptible to an SQL Injection attack. You should escape your input variables with mysql_real_escape_string() (or the equivalent if you switch to mysqli), or consider moving to prepared statements.
Related
When dynamically building SQL queries you often see something like this:
WHEN 1=1 AND title="Example" AND ...
The purpose of the 1=1 is to be able to keep appending AND-statements without having to check if any previous statements exist. Thereby avoiding something like this happening:
WHEN AND title="Example" AND ...
I quite often come across a related issue when building the the attributes/search-query for a GET request. I don't want to keep checking if I need to prepend the attribute with '?' or '&'.
So my question is, is there any 'safe' way for me to add an initial attribute that won't interfere with any potential software on the server side. Assuming I do not have full knowledge of the backend.
Something like:
http://example.com?1=1&title=example
http://example.com?null&title=example
http://example.com?i-am-useless&title=example
Or is this allowed?
http://example.com?&title=example
Is there perhaps a simpler way to solve this?
Make sure the URI-string you want to add parameters to already ends in a '?'. Then for every key-value pair, add 'key=value&' to it. Optionally you can then in the end delete the last character from the resulting string. - Reddit user omepiet
Is the parameter spelled "adress" or "address"?
Here's the API doc: http://developer.eventbrite.com/doc/venues/venue_new/
Where it says:
address The venue adress (line 1).
I ask this question because I'm porting some code, and it looks like we have been using "adress" and from looking at various github repos, it looks like this is considered one of the "inconsistant" variable naming issues related to this API.
I know the misspelled parameter is working.
I want to use the API correctly if I can, and would like to use "address" and just want confirmation that the it will indeed work, and that "adress" only works to be backwards compatible.
Thanks in advance!
Great question!
I fixed the 'adress' spelling typo, but the older spelling of this input label is still allowed (in order to ensure backwords compatibility with existing apps).
We don't have any plans to drop support for the older, misspelled attribute name - but, if you are revisiting old code, it won't hurt to fix the typo on your end as well.
The change should help ensure that the venue object's schema / attribute names remain consistent on input and output.
The auto_complete_for dealio from script.aculo.us is great an all, but is there a way for me to selectively disable the fact that it always auto-selects the first item in the list?
The problem is that, if I want to type my own entry that is new, and novel, I don't want the first item in the list to be auto-selected. The reason is because when I TAB out of the field, it selects, and fills the text box with that first item.
I got around that, somewhat, by making the first item in the list the same as what I'm typing, but that's not perfect either, because the auto_complete list doesn't always update with every keystroke, depending on how fast I type. I've tried setting the list refresh rate to the lowest value (1 millisecond) but no go.
What I really want is an option in "auto_complete_for" that doesn't select that first item at all - the same way that Google Instant doesn't automatically select the first suggested search phrase - you have to arrow-down to select one.
Maybe I can do this via an HTML option that I'm missing?
Looking at the source, there doesn't appear to be an option for that, but I bet if you changed line 284 of controls.js to this.index = -1; it would do what you want.
Otherwise, it might be time to look for a different autocomplete widget.
If your requirements are too far away from the available plugin, then I guess there is no point in tinkering around. Its best to write your own JS code.
You might want to consider this: https://github.com/laktek/jQuery-Smart-Auto-Complete
or this : https://github.com/reinh/jquery-autocomplete
I'll add another alternative that works great with Rails 3:
http://github.com/crowdint/rails3-jquery-autocomplete
I recently implemented auto complete for more than a field for Rails 2.0.2.
The plugin I used is:- https://github.com/david-kerins/auto_complete . Not sure if it supports Rails 3.
I have also encountered issues on implementing the above scenario and have posted questions( Implementing auto complete for more than one field in Rails ; Implementing a OnClick kind of functionality and formatting wrt Rails Partial-Views ) on stackoverflow for the same, I have been lucky on getting things working for me based on my requirement.
Kindly refer to these questions, they might have relevance to your requirement.
I'm building a site that shows changes in deals that we have in our db. For example, if a deals status changes from pending to win, I want to show it, and if the value goes up or down, I want to show it, that kind of thing. Also, if you open the overview page, I want it to show the history of changes. So I need some kind of change logging, to be able to look in the past. How do I do this?
It is a rails project, but I think that's irrelevant.
I doubt there is any generic solution to this problem.
You can roll out your own. Start by considering all objects that need change logging. How many types are there? How often do you expect changes to occur? This will help you estimate the potential number of changes throughput you'll need to be dealing with. If there aren't too many, just stick them into database. If you are generating a lot, try storing to comma-separated-value file.
I have implemented a similar system before. I had 3 types of changes: 1) property value change, 2) adding of a value to a list, 3) removing value from a list.
I used the following format, stored in a log file:
//For type 1)
1,2011/01/01 00:00:00,MyObject,myProperty,oldValue,newValue
//For type 2)
2,2011/01/01 00:00:00,MyObject,myListProperty,addedValue
//For type 3)
3,2011/01/01 00:00:00,MyObject,myListProperty,removedValue
This captured most information I needed. The value parts were just some user-readable summary of the changed/added/removed property value.
Paper Trail Gem
Since you're on Rails, take a look at the PaperTrail gem. It does exactly what you're looking for and is beautifully built. You'll just need to add in a callback so that your overview page knows that a change occurred. But for the history of a model, just use the built-in PaperTrail functionality.
Seems my appreciation for the Entity Framework is taking a serious hit. The "MS almost got it right, but they just missed it because of something L-A-M-E" thought is coming up. Until today everything has been fine. For some unknown reason, it won't compile anymore with Error 2048. I've read up on this and I've seen how you need to map all three operations. Why is this even necessary? What I if I don't need a delete function and only need insert and update? I tried mapping a dummy SP to my delete function. If that fixes my problem, however cheezy, fine. Only problem is, it just created more problems.
Here's what I have. I'm writing a simple newsletter app in MVC. I have entities for a publication, issue and article all generated from my DB (SQL 08). I set up the the relationships in my DB and they translated fine to my EDMX. I made some SPs to insert and update my issues and article. I added them to the EDMX and mapped them accordingly. I don't need a delete function for any of them and I don't need anything for the publication entity. Why is the compiler forcing me to map all functions? IMO, this a MAJOR, MAJOR PROBLEM with EF4 and I can't believe MS would release it with this kind of crap coming up.
The other strange issue is I've tried mapping sp's to entities in another project and configured with only insert and update and they compile fine. Why is the compiler inconsistent?
I would rather not resort to having to use the Imported Functions. Is that my only option? If that's the case it eliminates the ability to the SaveChanges method. Come On MS!!! Fix this!!!!!!!
After much digging and side by side text comparison, I think I have found the solution.
The SP in question was set up like
CREATE PROCEDURE updateArticle
(
#ArticleID INT,
#Content TEXT
)
where it should have been something like
CREATE PROCEDURE updateArticle
(
#ArticleID INT,
#IssueID INT,
#Content TEXT
)
Now, I still don't know why EF4 even requires this since I'm not updating the issueid and the error message lends little help in diagnosing the problem. My SP doesn't even use the IssueID, but EF needs it regardless. Hopefully this will help someone down the road. MS still could do a better job regarding the need for this.