Thank you!

 

All imported now. All the help from all round has been appreciated. No doubt I'll be back for more.

 

Actually, why am I only able to access PHPMyAdmin on the server itself and not on any locally networked PC?

Don't worry. Found it.

http://www.heidisql.com/download.php

 

So infinitely much better than PHPMyAdmin. By fuck I hate PHPMyAdmin.

 

(have to allow remote connections from wherever you intend to use the app, obviously)

Does it show text in text-fields when browsing now?

MySQLFront did, and was wonderful, but obviously defunct (and not working with newer versions of MySQL). I haven't upgraded my Heidi for a while now.

No :((

Actually, it might do now, I have an old version.

A bug thread said they were working on it as the MySQLFront way was "too unstable". I'd rather have the option for unstability :C

Well, the database is all going well and I'm finding it extremely useful.

 

Managed to get the fid thing semi working by mounting the network folder as my N:\ drive and found that I can stick a few lines in the Firefox prefs file to give expections to certain sites for local access.

 

Since it's only going to be used on 4 computers at uni, and the only 4 with this local access, then it's no hassle to sort Firefox for these 4 computers. It is, I think, 4 clicks to open each fid but that's better than the usual 11 or more, especially when the network is often a bit sluggish.

 

My supervisor was also suitably impressed and would like to use it for everyone in our groups data since it's a far easier way to keep things collated. Definitely was worth doing it then.

 

Right, down to the important part. I have a problem(ish). When pulling a row from the database I use the "id" to determine the row. Is it possible to use any other unique field to determine which one I want? For example the "code" (eg: AT025). In MySQL (PHPMA) Do I need to make the field a Primary or Unique or Indexed field or something?

 

I'd like to pull the record using the address bar like I do with the "id" field.

 

(http://domain/full.php?id=5)

 

eg: http://domain/full.php?code=AT025

 

Coding that is fine, but it doesn't pull the record out. I'm assuming it's because it's not indexed?!

It should be simple, just change the WHERE clause in SQL statement to say WHERE code = rather than WHERE id =... unless I'm mis-reading you.

It seems you are reading me right because I'd already tried that but it didn't work. Don't know the error as I'm on the bus but I'll post when I get home.

 

Also
Matt: Thanks for whatever change you made to the lite mode because this here text entry box is now the right size in Iris!

I got this error:

Warning: mysql_fetch_array(): supplied argument is not a valid MySQL result resource in C:\wamp\www\fullc.php on line 29

I changed :

$tableid = $_GET['id'];

to

$tablecode = $_GET['code'];

and

$query  = "SELECT * FROM nmr WHERE id=$tableid";

to

$query  = "SELECT * FROM nmr WHERE code=$tablecode";

Yes.


No, but correctly indexing tables improves performances.

I can't remember your database structure (if you shared it), but you would make id your Primary key, and code could be either Indexed or Unique Indexed.
(Afaik, Unique is a constraint that prevents you INSERTing non-distinct code values, but doesn't affect SELECTing.)

Depending on other queries, you may benefit from adding other indexes/indices also - missing or incorrect indexes is a common cause of slow performance in database [web] apps.





Nope - just to be clear - indexes affect how queries run, but not what they return. (Analogy: The index in the back of a book doesn't change what a book contains, but can speed up your searching for something.)

If you're doing the parameterized queries that Matt suggested before, you will need to use %s for this instead of %d, as the latter means decimal integer and your code looks to be a string.

If code/$tablecode is a string, it needs to be quoted.


Except, if you simply wrap single quotes, I'll come and do:
http://domain/full.php?code=AT';DROP TABLE nmr;'

And kill all your data.
(well, I wouldn't, but an evil person might)


Unless of course you're just not showing the bit where you sanitize it, in which case I'm still going to shout at you - examples that don't use/show proper database sanitization mean that anyone who just copies and pastes the example will have code with bugs and security holes, which makes it easier for evil people to do bad things. :@

Right. Quoting made it work. Thanks.

 

I still need to sort out protecting my database.

 

I may just password protect the site (fail)

Depends how much you trust the rest of your group/etc?


Even if you trust them absolutely, I'd still getting into the habit of parametrising queries.

(Not sure about PHP, but with CFML the param-ing queries can further help performance as well, since it can cache one query execution plan for many queries, which is often more efficient.)



Oh, and whilst I'm thinking about it... since this is important data, you are backing up your database, right?

(Can be as simple as an automated mysqldump then zip the output and move somewhere.)

Aye. I've been taking a backup every so often. But automated would be far more useful.

 

I also handwrite each entry in my lab book :D

Well there's an assortment of examples you could use on the mysqldump manual page:
http://dev.mysql.com/doc/refman/5.1/en/mysqldump.html

Some of them rather complex, but there's some simple ones there too.

Ok! I shall have a look at that. Thanks again.

Another question (yay) :

I want an input box where I can stick my 'code' (AT052 etc), click "Go to entry" and it takes me to fullc.php?='AT052'. This one I assume is painfully easy and really does show my lack of knowledge, or more so, what to search since I've been searching lots.

Found plenty of form code for sticking a URL in a box and going to it but I want to stick part of the URL in a box.

Ended up with this:

<form name="openlocation">
<input type="text" name="code" value="AT">
<input type="button" value="Go To" onClick="document.location = "fullc.php?="'document.openlocation.code.value';; ">
</form>

(Which clearly doesn't work)

I think you've got jQuery up and running? If so, you can do:

<input type="text" id="code" value="AT"/>
<button type="button" onclick="location.href='./fullc.php?code='+$j('#code').val();">Go To</button>

If not, it's slightly longer but not too bad:

<input type="text" id="code" value="AT"/>
<button type="button" onclick="location.href='./fullc.php?code='+document.getElementById('code').value;">Go To</button>

Yay, nearly there. Just the 'code' needs to be in single quotes in the final URL.

 

Though that now seems to have broken somehow :@

No no no no no - put the single quotes around the variable in the SQL query, not inside the code variable itself!

Otherwise you're just making things much more complicated for yourself.