Enter things from the database using functions. Is it safe?

I have a simple question. I'm not too good at programming yet but is this safe and correct? Currently I am using functions to grab the username, avatars, etc. Looks like this: try { $conn = new PDO("mysql:host=". $mysql_host .";dbname="

Does my rspec test fail because of the mysql timestamp format?

I have an rspec test that keeps failing and the only thing I can think of that might be causing the problem is that the format of created_at the test is generating is a mysql timestamp, which isn't being translated properly in the application itself.

Create a form for POST in MySQL using PDO correctly?

I'm trying to use a PDO Wrapper Class and in general for proper security against SQL injections as good practice. Trying to learn the clean bare essentials for filling out a form to POST into MySQL. So, at one point my form was inserting data into th

How to prevent the execution of tags and scripts in HTML?

This question already has an answer here: How to prevent XSS with HTML/PHP? 8 answers I am using prepared statements from Mysqli. This takes the input as text and submits it as text, preventing SQL injections. The problem arises when I read text from

ClassNotFoundException with Maven and Java

I make a little desktop application and I use the MySQL connector to work with databases. Previously I have added the MySQL connector to the classpath. After, i have added the mysql connector dependency : <dependency> <groupId>mysql</groupI

How to distribute the ranking using MySQL Query and PHP

I have to distribute ranking to the 5000 students in an exam. Ranking is based on the score and the time taken (in seconds) to obtain that score. For example is 5 students have same score, then taken will be the criteria to calculate their ranks othe

SELECT MAX () and the corresponding field in the same row

Here's my table A orderID groupID nameID 1 grade A foo 2 grade A bar 3 grade A rain 1 grade B rain 2 grade B foo 3 grade B bar 1 grade C rain 2 grade C bar 3 grade C foo Desired result: rain bar foo I need nameID of max(orderID) from each grade. I ca

PHP implodes does not work with single quotes?

I've searched for about the last hour regarding this issue, but its becoming quite annoying... Anyways, I'm trying to insert data into a mysqli db, i've done this numerous times before but for some reason I cannot figure out what is going wrong... <?

Concat multiple lines and columns in a single line mysql

I have a table containing data in following format id | name | age ---------------------------- 1 | John | 24 2 | Sam | NULL 3 | Ron | 32 4 | Harry | 44 now i want to fetch this into one row like 1:John:24,2:Sam,3:Ron:32,4:Harry:44 I have tried group

The only int variable will not be _POST

And I again I have to deal with PHP and MySQL :) So, I've got a mysql table and want to have "add" feature. So I can edit my table from browser easily. So far I have done nearly everything but the problem is that variable consisting "number

How can I optimize this SQL query with a large IN clause?

I have a fairly complicated operation that I'm trying to perform with just one SQL query but I'm not sure if this would be more or less optimal than breaking it up into n queries. Basically, I have a table called "Users" full of user ids and the

PHP Echo a multidimensional array

I have a multidimensional array that when i use print_r looks like this: Array ( [car] => Array ( [72] => Camry [62] => Lexus [55] => honda [44] => toyota ) [Job] => Array ( [70] => Bookstore [73] => Cafe ) [City] => Array ( [68

Data of some Facebook users does not fit in the mysql database

I have a strange, but definitely serious problem regarding fetching data from some Facebook users who authorize my App and use it (normally by the way). Around 3000 users have used the App so far, but only 600 are showing up in the users table. How c

MySQL + Django: No obj.id after save ()

Using Django and MySQL. I save the model and no id appears. Seen some similar issues with PostgreSQL and with bigintegerfields, but neither of those seem to apply here. Any ideas? The client does receive a primary key in the id field in the database

Multiplication of MySQL row data

I would like to be able to multiply all the prices for example from my database then multiply the total by 10. The code below do the addition not multiplication <?php $d = $_GET['d']; $con = mysql_connect("localhost","username",&quo

Update of MySQL Conundrum

I have a table called Advert_images. In this table, I may have several records for each advert_id. Each record in the Advert_images table has a unique field called "image_id". e.g. image_id advert_id main --------------------------- 1 1 0 2 1 0

Importing 8GB mysql dump takes a lot of time

I've got an 8GB MYSQL database dump of InnoDB tables created with mysqldump. I import the data with: mysql -uroot -p my_db < dump.sql An 5 GB dump of the DB was imported within an hour. The 8 GB dump takes 50 hour and counting. When I inspected the p

Why should not you use mysql_fetch_assoc more than once?

Some people say you should not use mysql_fetch_assoc more than one time, why is that? e.g.: I want to display two tables one with users who paid for membership, other with users who did not, so instead of querying database 2 times I query it one time

MySQL - autoincrement to guid

I have a table with an auto-increment ID field as shown below. +------------+-------------------------------------+ | company_id | name | +------------+-------------------------------------+ | 1 | International Client | | 2 | Oracle | | 3 | test | |

Get all secondary records in a one-to-many relationship

I am running a query for my application, that is really making me wish I used ORM. My table are structured as follows: tabs id name sort fields id label tabid As you can assume there is a one-to-many relationship between fields and tabs. What I would

Using mysql AND / OR commands with FROM_UNIXTIME

Trying to select a query in php/mysql to get "Upcoming Items" in a calendar. We store the dates in the DB as a unix time. Here's what my query looks like right now SELECT * FROM `calendar` WHERE (`eventDate` > '$yesterday') OR (FROM_UNIXTIME(

Strange results of MySQL

I was wondering, why does the query select * from (select * from users join users a) b cause the Duplicate column name error? While the inner query returns a result set with duplicate columns, postfixed with _1, the outer one reveals a column from th

How to store non-English characters?

Non-english characters are messed up in a text column. Arabic text looks like this: نـجـÙ- سـهـيـل How to store non-english characters correctly?You should consider using utf8 to store your text. You can do this at the database creation: C

MySQL / PHP update request with dates not updated

Bit of a strange problem here... I've got an update query that isn't working, and I can't for the life of me work out why! My table has two three fields - 'id' (int, auto increment), 'date' (date), and 'amountraised' (decimal). Part of the app I'm de