TalkPHP - View Single Post

ReSpawN · 01-23-2008, 09:05 PM

Don't take up too much work at one time. ("Don't bite off more than you can chew")
I've learned from experience that if you take bite off more than you can chew, you'll end up not finishing the work or dropping it all together. Make readable, tidy scripts. Use spaces, enters, tabs and more important, invent your own style. Things like securing your scripts is something that you'll learn later on, but it's a good way to start.

One other thing hat you can do, is simply follow a LOT of tutorials or download pre-made guestbooks and try to rescript yours from scratch, using what you have learned from the other scripts.

I made it on the go, I haven't tested it, I haven't payed that much attention (chatting with girls, you know the drill) but I wish you luck. If you find a bug, try to fix it yourself, otherwise, just post it! Apologies in that case.

PHP Code:


			
<?php

    // Databse information
        /* Usally this is set in the config, later on included (include('config.php');) */
    $host = 'localhost';
    $username = ''; // Using a WAMP/XAMP server
    $password = '';
    $database = 'guestbook';

    // MySQL Connections
        /* In almost ALL scripts, mysql_connect and select_db (if not MySQLi) are
           called uppon in the header or otherwise in the top of the document, later
           killing it with mysql_close(); (if you're using a persistant connection).
           Again, this is either done in your config.php or in an advanced class or 
           document, designed to handle those things. */
    mysql_connect($localhost, $username, $password) or die ('<strong>MySQL Error:</strong> '.mysql_error());
    mysql_select_db($database) or die ('<strong>MySQL Error:</strong> '.mysql_error());

    // Recent information
    $yourname = addslashes($_POST['yourname']);
        /* Why use this if you already designated a variable called $username ? */
    $email = urlencode(addslashes($_POST['email']));
        /* Do NOT use upper capitals in your posts, you might confuse them and you
           end up exploring your own code searching for some minor bugs */
    $website = urlencode(addslashes($_POST['website']));
    $comment = htmlentities(addslashes(strip_tags($_POST['comment'])));
        /* Still haven't fully explored the precise method of filtering the message */
    
    $query = 'INSERT INTO entries SET    name = "'.mysql_real_escape_string($username).'",
                                        email = "'.mysql_real_escape_string($email).'",
                                        website = "'.mysql_real_escape_string($website).'",
                                        comment = "'.mysql_real_escape_string($comment).'"';
    mysql_query($query);

    mysql_close();
    
?>

</b>

01-23-2008, 09:05 PM	#8 (permalink)
ReSpawN The Frequenter Join Date: Nov 2007 Location: Netherlands Posts: 460 Thanks: 49	Don't take up too much work at one time. ("Don't bite off more than you can chew") I've learned from experience that if you take bite off more than you can chew, you'll end up not finishing the work or dropping it all together. Make readable, tidy scripts. Use spaces, enters, tabs and more important, invent your own style. Things like securing your scripts is something that you'll learn later on, but it's a good way to start. One other thing hat you can do, is simply follow a LOT of tutorials or download pre-made guestbooks and try to rescript yours from scratch, using what you have learned from the other scripts. I made it on the go, I haven't tested it, I haven't payed that much attention (chatting with girls, you know the drill) but I wish you luck. If you find a bug, try to fix it yourself, otherwise, just post it! Apologies in that case. PHP Code: <?php // Databse information /* Usally this is set in the config, later on included (include('config.php');) / $host = 'localhost'; $username = ''; // Using a WAMP/XAMP server $password = ''; $database = 'guestbook'; // MySQL Connections / In almost ALL scripts, mysql_connect and select_db (if not MySQLi) are called uppon in the header or otherwise in the top of the document, later killing it with mysql_close(); (if you're using a persistant connection). Again, this is either done in your config.php or in an advanced class or document, designed to handle those things. / mysql_connect($localhost, $username, $password) or die ('<strong>MySQL Error:</strong> '.mysql_error()); mysql_select_db($database) or die ('<strong>MySQL Error:</strong> '.mysql_error()); // Recent information $yourname = addslashes($_POST['yourname']); / Why use this if you already designated a variable called $username ? / $email = urlencode(addslashes($_POST['email'])); / Do NOT use upper capitals in your posts, you might confuse them and you end up exploring your own code searching for some minor bugs / $website = urlencode(addslashes($_POST['website'])); $comment = htmlentities(addslashes(strip_tags($_POST['comment']))); / Still haven't fully explored the precise method of filtering the message / $query = 'INSERT INTO entries SET name = "'.mysql_real_escape_string($username).'", email = "'.mysql_real_escape_string($email).'", website = "'.mysql_real_escape_string($website).'", comment = "'.mysql_real_escape_string($comment).'"'; mysql_query($query); mysql_close(); ?> </b> __________________ "Life is a bitch, take that bitch on a ride"*