current community

your communities

more stack exchange communities

Stack Exchange
tour help

Tagged Questions

4
votes
4answers
451 views

Two while for the same query

If I have to loop results of a query echoing first all fields of a column, then echoing something not to loop, then fields of another column. So I'm using ...
3
votes
2answers
490 views

Protecting a database from bad data

I'm just getting into SQL injection and data sanitization and seeking some advice on my script to get started. I have made this simple program which allows the user to enter their name into a form and ...
3
votes
2answers
141 views

Updating necessary data using just one function

My objective is to update necessary data using one function instead of having different functions to update different fields. So, I've created one and I think this is not really elegant, efficient or ...
2
votes
0answers
33 views

Dynamically load data into bootstrap accordion navigation bar

I have made a bootstrap accordion navigation bar that loads data dynamically from a database with PHP. Here are the two tables that I use: ...
3
votes
1answer
36 views

Outputting results from a conditional row count across multiple tables

Follow up question for: Conditional row count across 4 tables After getting some excellent help from 200_success, i managed to output the SUM() total of my query ...
5
votes
2answers
80 views

Update of Classes for user registration and authentication

Old Post: Classes for user registration and authentication This post is an update of the old post of mine. This is the code after suggestions were implemented in the review. Do you think I could make ...
2
votes
1answer
82 views

User Data Security

I'm working on my site, and need help knowing what I need to do to improve the security of my login system. If you feel so inclined, I would love some help to tell me what the exact changes that I ...
1
vote
2answers
87 views

SQL Injection when not using variables

Do I still need to protect my code against SQL injection when I'm not using variables in SQL queries? Is this code still vulnerable?: ...
2
votes
1answer
99 views

SQL injection security

I wanted to know if this code is safe against SQL injection or not? Also do I need to mysqli_close if I already did the ...
12
votes
3answers
233 views

Prepared statements from security viewpoint

I've decided to go with OOP style and prepared statements, and so far I like it a lot more than the procedural style. It's much more understandable in my opinion. For this code review, I've just ...
1
vote
0answers
42 views

Pagination object oriented

This a little pagination script that I am writing "Object Oriented" and I have no idea how to set the current page equal to total page, if the current page is greater. I also would really like it if ...
3
votes
1answer
44 views

Blog engine or somesuch

Would someone tell how I can improve this piece of code? ...
1
vote
2answers
96 views

MySQLi-extension class (parameterized queries)

I've written some code today to be able to dynamically execute prepared statements/parameterized queries. I need a fresh pair of eyes to look through my code for eventual performance gains that can ...
6
votes
3answers
1k views

First PHP login system

This is my first attempt at a login system! I've only had roughly 2 days of experience with MySQL and PHP so far and this is what I came up with: ...
1
vote
0answers
52 views

Optimize web-scraping of Moscow grocery website

This code works fine, but I believe it has optimization problems. Please review this. Also, please keep in mind that it stops after each iteration of the loop ...
3
votes
3answers
80 views

Inline PHP IP access log

For a website, I've got some inline PHP, posted below. It's supposed to log traffic to the website, and it does its job fine. But at the end of the day, I'm not even close to a PHP developer, and ...
3
votes
2answers
86 views

Is there a “prettier” way of forming this query, or a more efficient way of joining the tables?

Yesterday I posted a question involving multiple nested queries. The queries pulled information from the database and created a directory listing of all employees. There are two many-to-many ...
0
votes
1answer
54 views

Would multiple joins boost performance, or are the nested queries an acceptable way to handle the situation?

I'm working on a directory that lists employee information. Each employee can belong to multiple departments and each employee can have multiple job titles. I have 5 ...
5
votes
2answers
312 views

Update PHP function GetSQLValueString

The old function was: ...
3
votes
1answer
73 views

UPDATE SQL with prepared stmt using only 1 variable

HTML form field names must be equal to SQL table field names. Changing only table name and allowed fields can be used in many other update pages. How can I improve this? ...
2
votes
2answers
89 views

Workaround for have 2 column with pseudo AUTO INCREMENT

This is the situation : the table order has a column with ID AUTO INCREMENT but (there is always a but) i can't use it because i don't want number order 1234567 after 5 years but i want 1/2014 , ...
3
votes
1answer
39 views

Are all these steps necessary with prepared statement?

Are all these steps correct and necessary? ...
4
votes
2answers
90 views

Does this generic query follow good OOP standards?

I am trying to convert over to MySQLi and wanted expert advice. Is the enclosed code 100% OOP. Also, how secure is the code against attacks? I know nothing is 100% secure, but how good/safe is it? ...
3
votes
1answer
144 views

Increase security of sign up form code

Does my PHP look secure enough for a sign up form? ...
4
votes
1answer
109 views

Help me shorten my URL shortener

I am working on a website, and due to some reasons, they want my code to be as short as possible. I have, from my side, tried everything to shorten this code. So if possible, can you all also help me ...
0
votes
2answers
711 views

PHP starting OOP MySQLi singleton

this is my first post on the whole StackExchange network, so I might make some mistakes. And I'm also spanish spearker, so I'll probably have mistakes in my writting too.. Context: I'm starting with ...
11
votes
2answers
471 views

A take on DB Abstraction - PHP / MySql

It's a little bit more code but i wanted to show the full class. I highlight the points i'd like input after the source. I've cut comments since they where not in english and translated the important ...
2
votes
2answers
80 views

Critiques and possible improvements for this DB abstraction class

I'm trying to code a simple and scalable PHP framework for my own use. Could you please offer some critiques or mandatory improvements for these 2 classes? ...
3
votes
1answer
1k views

PHP Register Page ( MYSQLI )

I have a website written in PHP but the whole script is old so today I started upgrading from Mysql to Mysqli. So here's my register page. I still have to add account confirmation and send mail part ...
3
votes
2answers
470 views

Some questions about correct use of Mysqli (Connection, query)

I'm beginner PHP developer and it's my first time using mysqli. I've no idea about if i use a correct implementation of the connection and query because some people defend this method and some others ...
6
votes
2answers
509 views

Minimalistic mysql db class

I am really just looking to make sure I am not making any weird mistakes that could hurt me in the long run or if something seems odd in the way I imagine it to work. This code does work for the way I ...
1
vote
1answer
194 views

How can I make this code safer against XSS attacks?

I'm not sure what I'm doing wrong, but I run the code using a Web Vulnerability software and I get a lot of XSS attacks against the code. Is there something I could do better? ...
-3
votes
1answer
145 views

A short MySQLi library that should solve SQL injection risks. Feedback? [closed]

I keep seeing SQL injection ready code posted on SO and I just can't believe people don't escape they SQL input variables. It should become a reflex but nobody's doing it. So... I decided to share a ...
3
votes
3answers
152 views

Improve Speed of RPI Calculation

It currently takes about 10 minutes to process ~16k teams and ~81k games. I could soon have ~17k teams with ~160k, and multiple sports. I run this as a cron job overnight and store the results in a ...
1
vote
2answers
85 views

MySQLi Code Review for methods and functions used

I made my first script of MySQLi. I have just learnt it from 3rd party website. So, I am not sure i am using functions which are not deprecated or outdated. I should start to practice good scripts to ...
7
votes
1answer
648 views

MySQLi DB library - quality/security review?

This libray was written quite some time ago, and it has so far been used in all sorts of small-ish projects. I'm about to base a more complex, security (Access Control) related, open-source project ...
2
votes
1answer
148 views

Could really use some feedback on this registration code in php

I was hoping someone could give me some feedback on my code. I am still new to php and I'm sure I have messed up somewhere. The code pasted is for a registration page where users will submit their ...
0
votes
1answer
76 views

(Procedural)(Snippet) MySQL to MySQLi. Any advice?

This is what i had before (using the MySQL api) ...
0
votes
1answer
57 views

Is declaring a property as `public` insecure?

I posted a question few weeks back, on making a PHP Login Script. Most of you guys told me not to use global variables and especially for something like MySQLi ...
1
vote
2answers
154 views

Prepared Statements Function

Hello, CR :) I've finally finished my universal query preparation function. Sorry about my previous post, I wasn't aware of the rules before. Anyway, here is a working function. Any suggestions to ...
3
votes
2answers
176 views

Can this class be improved?

I have this class whose code I pasted in full. The CredentialsManager class is not shown here as all it does is return the DB connection variables. My question is ...
3
votes
1answer
1k views

mysqli wrapper class

I made the following class to wrap mysqli for PHP using prepared statements. It seems to work well, but I was hoping to get opinions (on overall structure, ...
4
votes
1answer
4k views

Better way of handling data returned from fetch_assoc() (mysqli)

So I connected to the db, pull the data using fetch_assoc() (fetch_all(NUMB) is not available on the machine we are working with else this would be less of an issue). So I get the returned data and ...
3
votes
1answer
852 views

Creating a database class in PHP with MySQLi

I am creating a database class in PHP but I feel that there's something wrong with my code. Is there any suggestion to refactor this? I feel like there's something wrong and missing in this code. ...
2
votes
2answers
92 views

Username verification class

Everything in this code is completely working, but I still feel that this code needs to be refactored. any suggestions? ...
2
votes
2answers
91 views

Inserting data in the database through POST

My code here is completely working, but I feel like I destroyed or didn't follow the DRY rule, what suggestions can you give to me for this code?? ...
2
votes
2answers
1k views

PHP-Mysqli example secure?

I'm just writing my first PHP-Mysqli sample (think about a Wiki 0.0.1) and I would like to ask you if this example is secure or not or if there are any other problems/suggestions you might recommend? ...
4
votes
2answers
237 views

Am I on the right track? PHP/MySQL

I have the following table called info: info_name | info_value name | Susan desc | Human I'm trying to print Susan without knowing that ...

1 2