current community

your communities

more stack exchange communities

Stack Exchange
tour help

Tagged Questions

4
votes
4answers
451 views

Two while for the same query

If I have to loop results of a query echoing first all fields of a column, then echoing something not to loop, then fields of another column. So I'm using ...
3
votes
2answers
490 views

Protecting a database from bad data

I'm just getting into SQL injection and data sanitization and seeking some advice on my script to get started. I have made this simple program which allows the user to enter their name into a form and ...
0
votes
0answers
59 views

Optimizing Laravel Eloquent Multiple Joins

The following is readable SQL for Eloquent that I have created that works. The down side is that it looks more like a 1:1 with SQL and I don't think I'm using the full potential of Eloquent. I thought ...
2
votes
1answer
54 views

UserDAO with CRUD functionality for my UserRepository

This is my first attempt at creating a DAO. I would like to get some feedback regarding the following aspects if possible: Code readability Efficiency Usability I also would appreciate any other ...
0
votes
1answer
72 views

Did you like my product?

I have the following MySQL query which selects product details and whether the viewing user likes them. I feel like it could be more efficient and that there is a more practical approach than using a ...
4
votes
2answers
149 views

Injections and query

I made a class that connects to my DB and inserts some values. Is it secure or how can I protect this further from injections? The object declaration will come from variables with POST from a form, ...
2
votes
4answers
1k views

Multi column search

I have 4 text columns, a mix of Varchar and Text. I need to find rows in a table where all words searched for are present across the 4 columns. The 4 columns are: name type keywords description ...
-1
votes
1answer
91 views

Is this shopping site safe from SQL injection attacks? [closed]

Please verify security from SQL injection attacks. homepage.php ...
10
votes
4answers
697 views

Is this function vulnerable to SQL injection?

I've this function to list products from database by category. I'm using prepared statements but wouldn't this make it pretty pointless to use them? ...
2
votes
2answers
131 views

Submit form data to MYSQL table with PHP execute

I have written code to send a simple email submission form to a sql table so that I can manage the data. I would like feedback on whether or not the code that I have written is efficient and secure. I ...
4
votes
2answers
381 views

Is there a PHP security exploit with $_POST in my code?

I posted this question here. And an answer stated that I should not do: $table_name = 'survey_'.$_POST['surveyid']; because It is easy for a hacker to ...
2
votes
1answer
57 views

Two script completing the same task, which is the best way?

I have the following two methods of completing the same task, however I'd like to know which is the preferred method and WHY? Or if there are any suggestions to complete the task in an even better, ...
2
votes
1answer
125 views

Website for updating a div

I've built a web site that uses AJAX to update a div. Most of the data displayed in the div is drawn from a MySQL database. All the pages are PHP. I've tried to follow best practices. I put all the ...
6
votes
1answer
64 views

Removing image records if no physical file exists

I have a working script that selects image fields in all tables and empty their values if the physical file doesnt exist. ...
5
votes
1answer
35 views

Updating number of article views - potential concurrent access issue?

I have articles on my website (built in PHP) and when an article is viewed the number of views is recorded back in the database. The SQL code snippet of my load ...
5
votes
2answers
1k views

Is this PHP/sqlite code safe?

I am a 3rd year computer science undergraduate. One of my university lecturers has developed his own page for students to submit work. It came up that one student was accused of hacking (sic) by the ...
5
votes
1answer
99 views

System for inputting and monitoring worker shifts

I've been building a system for inputting and monitoring shifts for casual staff, who work across multiple sites with the ability to generate accounting information. I've had some help from Stack ...
3
votes
1answer
144 views

Increase security of sign up form code

Does my PHP look secure enough for a sign up form? ...
2
votes
3answers
226 views

Remove vulnerabilities from query on public website [closed]

I think that the following query is preventing against SQL injection, but what other measures do I need to take to ensure my queries are 100% safe from any malicious attacks? ...
4
votes
1answer
104 views

Make this MySQL query more elegant &/or efficient

I have created a MySQL query that works, but I feel there must be a better way. The query will be used by a PHP script whose purpose is to assign conditions & subconditions to new participants in ...
8
votes
2answers
561 views

Comparing data in 2 tables on different servers with CHECKSUM

So I've had a problem where I need to compare data in 2 different tables on two different servers. Now, I know MySQL supports CHECKSUM TABLES, but from my testing ...
2
votes
1answer
1k views

Converting entire table to JSON data. Is there a better way?

Building a 'card' database: I'm simply learning to take input data and store to database. Incorporating JSON, PDO, SQL, and enforcing my general coding skills through PHP, hopefully. ...
2
votes
1answer
472 views

Too many queries. Better way to do this? [closed]

What would be the best way of doing this? This way seems like it'd generate far too many queries: http://pastebin.com/0iWMugWu Basically, fetch fields from a database and then fetch the images that ...
2
votes
1answer
147 views

Correct use of my JOIN and arrays to fetch the data?

After learning a lot about programming, I've decided to write some code pertaining to scripting and use of different functions. I've come to a point where I'd like others to verify my code for ...
3
votes
4answers
164 views

Are these two scripts secure enough from exploits?

I'll gladly appreciate it if you could review my code below and let me know if they are sufficiently secure. My main website and these scripts will use same database, so I need to make sure they are ...
2
votes
1answer
573 views

Converting looped row in table from datetime to string [closed]

I am trying to pull out the whole column for row[3] in the following script. Everything works, but unfortunately, the code is only pulling out the last row's data from the whole page while everything ...
3
votes
1answer
1k views

Codeigniter active record - prepared statement assistance

I understand that I should use prepared statements to prevent sql injection. Unfortunately, having read the php docs on the matter I am none the wiser. Here is one of my simple active record sql ...
2
votes
2answers
425 views

My simple CMS system - security and code obscurity?

I'm working on a simple CMS with the intent of making it as secure as possible (a personal challenge) and the code as clean as possible. I think I've a long way to go so I would appreciate any input, ...
1
vote
1answer
209 views

PHP Pagination for 1,2,3… vs 1,2,3,4,5,etc

I am having an issue where I am doing a query and it is coming back with about 100 pages, I was hoping to have it come back with 1,2,3...30,31...99,100 instead of 1,2,3,4,5,6,7,8,etc. please see below ...
2
votes
2answers
241 views

Storing Hierarchical Data in a Database

in a extension tho this post Pages system PHP/SQL I've created this class/script to handle Multi-dimensional Menus wich data it's stored in a DB... I need some feedback and new ideas... (all of this ...
0
votes
1answer
176 views

DB Query within foreach, non-elegant code in general?

I'd like a general opinion on my piece of code (which does exactly what I want it to do). I feel like I'm using bad practices, like a DB query within a foreach loop, or grabbing the lowest value in a ...
1
vote
1answer
2k views

Multiple input fields from php table

To summarize from a previous question, the user selected a starting date, an ending date, and a region. From these choices, an array of weeks and regions are created, and users enter values ("points") ...
4
votes
3answers
577 views

OOP how to show query

Here you go OOP :) ...
3
votes
2answers
208 views

Review some of my code

I'm working on a simple CMS. It's working quite ok, but I think my code can be improved a bit~ so i'm reaching out to you experts. I work with a section.php, which is included from the index.php with ...
-3
votes
1answer
145 views

A short MySQLi library that should solve SQL injection risks. Feedback? [closed]

I keep seeing SQL injection ready code posted on SO and I just can't believe people don't escape they SQL input variables. It should become a reflex but nobody's doing it. So... I decided to share a ...
3
votes
2answers
127 views

Querying a database with PHP

I'm new to PHP programming. I would love some feedback on this simple code I wrote which queries a database based on some arguments supplied by a user and returns an HTML table displaying the data. ...
0
votes
1answer
235 views

PHP/SQL session managment

I have this class that I've been working on for the past 2 or 3 days, now it's working I just want to know what you think about it, what other methods should I add, are the basic security checks ...
0
votes
1answer
68 views

Is this a safe way of using HTTP query parameters to build a SQL query?

Is it? And maybe theres a better way to do this? ...
4
votes
2answers
63 views

SQL - query syntax

I need advise whether my database structure is correct and what is the appropriate query syntax that can be used. Table1 ...
3
votes
1answer
104 views

Performance on PHP sql queries

I'm barely learning PHP and MYSQL so I don't know much about performance, I've wrote this script to fetch and format content from my DB, it also counts how many result are and separate them in to ...
4
votes
1answer
126 views

Code Reiview for an PHP PDO Queries? is there a better way to do it?

so this is my code for a equipping an item in my game dev't: ...
-1
votes
2answers
174 views

Is my PHP code free of SQL injection vulnerabilities?

Could you have a quick look over my code to see if its safe from SQL injection etc.. and suggest any amendments? ...
0
votes
2answers
797 views

php script to retrieve enum values from sql table

I have an sql table with multiple fields and 4 of them are enums. I wrote a script that runs thought the table and retrieve the enums and put them in a 2 dimension array. Unfortunately this script is ...
0
votes
2answers
81 views

Delete matching ID and insert new data

Delete all matching ID Insert new data function add_date($id,$date) { ...
2
votes
1answer
112 views

How can I improve this PHP code which builds an SQL query?

How can I write this PHP code better? It puts together an SQL query string from user input. The task is to return search results based on one or more text fields. The user can determine if partial ...
-1
votes
1answer
207 views

Connects to database but cannot get table [closed]

I use this php code to connect to my databse and retrieve the table food. I am able to connect to the database but no retrieve the table. I get this as a result: ...
3
votes
2answers
2k views

PHP SQLQuery class

I created a PHP class to handle building SQL query strings. I need advice on how to make the code more efficient. ...
5
votes
1answer
754 views

PHP Login Authentication with BCrypt

So I have a php authentication script and everything works fine. But I'm very unsure about the way I programmed it (i hardcoded some stuff) and I was hoping stack could look through this and point out ...
4
votes
1answer
256 views

Please review my PDO Database wrapper

The subject is this small project - PHP/MySQL Database wrapper The three main goals of this projects are: Easy way to map database columns to object properties Simple solution to insert or update ...

1 2