I have had good progress in web programming

Lowyat.NET forums Advertisement

Lowyat.NET Kopitiam Garage Sales

Lowyat.NET Rules and Regulations FAQ Help Search Members Calendar

Welcome Guest ( Log In | Register )

Lowyat.NET -> Codemasters

Bump Topic Add Reply RSS Feed

2 Pages < 1 2Bottom

Outline · [ Standard ] · Linear+

I have had good progress in web programming

views

silverhawk	Dec 7 2020, 10:03 AM Show posts by this member only \| Post #21
I'm Positively Lustrous Elite 4,414 posts Joined: Jan 2003	QUOTE(FlierMate @ Dec 6 2020, 10:33 PM) How does blogging site (or simply any site with userbase) send activation link which would work? How to implement it from scratch theoretically, and how to implement with the help of frameworks, if any? You can download frameworks and see how it works. Or you can try to post your thought process here. How do YOU think it would work? QUOTE Can I store the data as a flat file instead of database table? Is it possible the flat file would be hacked despite being encrypted using my own method? Or does MySQL database provide better protection against malicious attack? If you think about it, all databases are flat files. You're asking the wrong questions here. Why would you want to use a file vs a database? Why are you worried about "being hacked"? Do you really know enough to know how to prevent being hacked? What makes you think your encryption method is good? Why not use well known encryption methods that are battle tested? QUOTE Which one do you recommend? Use my own markdown language or use HTML markup? Who is your target audience? What would be best for them? QUOTE 4) Generating blog page programmatically 5) Generating table of content programmatically This is where the fun begins. I have not think about it in details yet, but I hope it can be done anyway. Of course it can be done. Otherwise systems like wordpress won't exist QUOTE 6) Design of user's personalized homepage This is the most difficult part. Blogger.com, for example, allows user to drag-and-drop the UI elements up and down, and can choose to hide a particular UI element. What I am planning is to let users choosing background image, set the title and description, and maybe choice to set time zone and delete account. What you want is simple enough, want to show how you are going to do it and problems you're facing?
Card PM	Report Top Like Quote Reply

FlierMate	Oct 4 2021, 11:16 PM Show posts by this member only \| IPv6 \| Post #22
Casual Validating 483 posts Joined: Nov 2020	Just curious and want to do one like this (see picture below): It is actually from online newspaper portal where readers can react by clicking Like or Dislike without the need to login and whatsoever. Do you web developer expert know how to do it? PHP +AJAX? Or pure Javascript? And how to keep track the number of upvotes and downvotes? Database or text file? This is an interesting and small project to do. Can someone shed lights on these?
Card PM	Report Top Like Quote Reply

silverhawk	Oct 5 2021, 07:35 PM Show posts by this member only \| Post #23
I'm Positively Lustrous Elite 4,414 posts Joined: Jan 2003	QUOTE(FlierMate @ Oct 4 2021, 11:16 PM) Just curious and want to do one like this (see picture below): It is actually from online newspaper portal where readers can react by clicking Like or Dislike without the need to login and whatsoever. Do you web developer expert know how to do it? PHP +AJAX? Or pure Javascript? And how to keep track the number of upvotes and downvotes? Database or text file? This is an interesting and small project to do. Can someone shed lights on these? what steps/layers do you think are required first? Dont think about the language, just think of the steps.
Card PM	Report Top Like Quote Reply

FlierMate	Oct 5 2021, 10:15 PM Show posts by this member only \| IPv6 \| Post #24
Casual Validating 483 posts Joined: Nov 2020	QUOTE(silverhawk @ Oct 5 2021, 07:35 PM) what steps/layers do you think are required first? Dont think about the language, just think of the steps. Thanks for your question. I think I need to create two buttons, one for Like and another one for Dislike. The buttons have "onclick=" to fire an event in Javascript. The downvotes and upvotes are not just session or cookies, these are parmanent, so the number of likes and dislikes are probably to be stored in file or database table. But on second thought, who will use a database table just to save Upvotes & Downvotes two distinct value in such a small scale project? But then I am not sure if Javascript can actually open and write to file. Please enlighten me.
Card PM	Report Top Like Quote Reply

silverhawk	Oct 6 2021, 12:01 AM Show posts by this member only \| Post #25
I'm Positively Lustrous Elite 4,414 posts Joined: Jan 2003	QUOTE(FlierMate @ Oct 5 2021, 10:15 PM) Thanks for your question. I think I need to create two buttons, one for Like and another one for Dislike. The buttons have onclick to fire an event in Javascript. The downvotes and upvotes are not just session or cookies, these are parmanent, so the number of likes and dislikes are probably to be stored in file or database table. But on second thought, who will use a database table just to save Upvotes & Downvotes two distinct value in such a small scale project? But then I am not sure if Javascript can actually open and write to file. Please enlighten me. You could use something like sqlite, which almost all languages have a library for. You could use a flatfile and just increment the number stored in there, but you may run into concurrency issues (e.g. 2 users click at the same time). Javascript can open/write files (can be done on server side using nodejs), its really up to you how much you want to expose or what the mechanism to increase/write to the counter is.
Card PM	Report Top Like Quote Reply

meenn^P	Jan 19 2022, 08:36 PM Show posts by this member only \| IPv6 \| Post #26
New Member Probation 11 posts Joined: Jan 2022	About PHP login and signup: QUOTE 1) Login and Register. How does blogging site (or simply any site with userbase) send activation link which would work? How to implement it from scratch theoretically, and how to implement with the help of frameworks, if any? I have done a activation code generation, as below, is this acceptable? CODE $key = rand(100000,999999); $insertSQL = "INSERT INTO users(username,name, password ) values(?,?,?)"; $stmt = $con->stmt_init(); $stmt = $con->prepare($insertSQL); $stmt->bind_param("sss",$email,$key,$password); $stmt->execute(); $stmt->close(); $to = $email; $subject = 'Activation Code'; $msg = "Please click this link below to activate your account on yourdomain.com:\n\nhttps://yourdomain.com/phpdemo/activate.php?email=" . $to . "&key=" . $key; $msg = wordwrap($msg,70); mail($to, $subject, $msg); So, I receive link in e-mail like this: CODE yourdoamin.com/phpdemo/activate.php?email=XXX&key=XXX I see other platform has more complicated way used to activation link, but was my example above sufficient for small-scale application?
Card PM	Report Top Like Quote Reply

meenn^P	Jan 20 2022, 10:06 PM Show posts by this member only \| IPv6 \| Post #27
New Member Probation 11 posts Joined: Jan 2022	And this is my activate.php (portion of it): CODE if (isset($_GET['email'])) { $unameurl= $_GET['email']; if (isset($_GET['key'])) { $keyurl= $_GET['key']; $uname = mysqli_real_escape_string($con, $unameurl); $sql_query = "select * from users where username='". $uname ."'"; $result = mysqli_query($con,$sql_query); $row = mysqli_fetch_array($result); $key = $row['name']; if ($uname != $key) { if ($keyurl == $key) { $insertSQL = "UPDATE users SET name = '" . $uname . "' WHERE username = '" . $uname . "'"; $stmt = $con->stmt_init(); $stmt = $con->prepare($insertSQL); $stmt->execute(); $stmt->close(); alert2("Activated successfully."); } else { alert2("Invalid key."); } } else { alert2("User account has already been activated before."); } } } I think it is working anyway, but am not sure if this is the proper way of doing it. As you can see, my "users" table has username, name and password fields. The activation key is stored in "name" field initially, then once activated, it will replace "name" field the same value as "username" field. If the "name" field is still random number, means it is not yet activated. Clever?
Card PM	Report Top Like Quote Reply

malleus	Jan 20 2022, 10:19 PM Show posts by this member only \| Post #28
Look at all my stars!! Senior Member 2,060 posts Joined: Dec 2011	QUOTE(meenn @ Jan 20 2022, 10:06 PM) And this is my activate.php (portion of it): CODE if (isset($_GET['email'])) { $unameurl= $_GET['email']; if (isset($_GET['key'])) { $keyurl= $_GET['key']; $uname = mysqli_real_escape_string($con, $unameurl); $sql_query = "select * from users where username='". $uname ."'"; $result = mysqli_query($con,$sql_query); $row = mysqli_fetch_array($result); $key = $row['name']; if ($uname != $key) { if ($keyurl == $key) { $insertSQL = "UPDATE users SET name = '" . $uname . "' WHERE username = '" . $uname . "'"; $stmt = $con->stmt_init(); $stmt = $con->prepare($insertSQL); $stmt->execute(); $stmt->close(); alert2("Activated successfully."); } else { alert2("Invalid key."); } } else { alert2("User account has already been activated before."); } } } I think it is working anyway, but am not sure if this is the proper way of doing it. As you can see, my "users" table has username, name and password fields. The activation key is stored in "name" field initially, then once activated, it will replace "name" field the same value as "username" field. If the "name" field is still random number, means it is not yet activated. Clever? what happens in the event where none if your if statements passes? you do need to display an error right? you only display errors for the 2 inner most if statements, but not the outer 2. one thing that I noticed is, you have up to 4 if statements nested. how about instead of checking for positive cases, check for a negative instead. and if you get a negative, return right away. this way you only need to have 1 layer nested max your earlier code example makes use of parameterised statements. why don't you use that instead? instead of constructing the sql string manually? finally, is it really a good idea to use (or misuse) the name field for something that's not supposed to go there? try to imagine when you look at this again months or years from now. will you still remember why you put the activation key in the name field?
Card PM	Report Top Like Quote Reply

meenn^P	Jan 20 2022, 11:09 PM Show posts by this member only \| IPv6 \| Post #29
New Member Probation 11 posts Joined: Jan 2022	First of all, really thanks for your code review, it is a really helpful reply. QUOTE(malleus @ Jan 20 2022, 10:19 PM) what happens in the event where none if your if statements passes? you do need to display an error right? you only display errors for the 2 inner most if statements, but not the outer 2. Yes, I just checked, if missing email or key in the URL, it displays a blank page. I was so careless.... QUOTE one thing that I noticed is, you have up to 4 if statements nested. how about instead of checking for positive cases, check for a negative instead. and if you get a negative, return right away. this way you only need to have 1 layer nested max If check for negative case with one if..then condition, means only one error message? e.g. Activation failed QUOTE your earlier code example makes use of parameterised statements. why don't you use that instead? instead of constructing the sql string manually? Good eye. My parameterised statements yesterday was modified from online tutorial. But I wrote the code in activate.php myself (hence, don't know to apply parameterised statement here). The time I wrote my activate.php, not much online examples of e-mail activation in PHP. QUOTE finally, is it really a good idea to use (or misuse) the name field for something that's not supposed to go there? try to imagine when you look at this again months or years from now. will you still remember why you put the activation key in the name field? You're right, it is certainly confusing to use "name" field for activation key. The problem is then everytime need to refer to source code to find out... If I host my this phpdemo example (Login & signup) in local Exabytes, my activation mails were delivered successfully, but if I host it on Godaddy, my activation mails would be rejected as spam because containing activation link. Not sure if Godaddy has bad reputation for abusing PHP mail service.
Card PM	Report Top Like Quote Reply

malleus	Jan 21 2022, 09:27 AM Show posts by this member only \| Post #30
Look at all my stars!! Senior Member 2,060 posts Joined: Dec 2011	QUOTE(meenn @ Jan 20 2022, 11:09 PM) If check for negative case with one if..then condition, means only one error message? e.g. Activation failed not really. it's more like CODE if (!isset($_GET['email'])) { //show error message 1 return } if (!isset($_GET['key'])) { //show error message 2 return } . . . this way you return early on errors. and you keep your if statement nesting down
Card PM	Report Top Like Quote Reply

flashang	Jan 21 2022, 10:05 AM Show posts by this member only \| Post #31
Getting Started Junior Member 116 posts Joined: Aug 2021	my personal opinion and habit : 1) Login and Register. (Activation) Every register user status set to 'Pending', System send activation link with ?id=system generated serial number After user click activation link, update status to 'OK' 2) Storing of user account information and blog articles Prefer use database to store info. No encrypt because you may need to search articles. 3) Formatting of blog articles Markdown. If possible, use standard markdown, easier for future extension / upgrade. 4) Generating blog page programmatically 5) Generating table of content programmatically 6) Design of user's personalized homepage You may draft your design, how you want to make it work before coding.
Card PM	Report Top Like Quote Reply

silverhawk	Jan 21 2022, 12:36 PM Show posts by this member only \| Post #32
I'm Positively Lustrous Elite 4,414 posts Joined: Jan 2003	QUOTE(meenn @ Jan 20 2022, 10:06 PM) If the "name" field is still random number, means it is not yet activated. Clever? To be honest.... no. It is stupid. Much better to have a specific "activation_key" column, and would also be better to have a "status" column as well. Consider that activation keys might be needed again if they forgot their password, and password resets can be done by anyone. You don't want to lock out an account just because someone did a "forgot my password" request.
Card PM	Report Top Like Quote Reply

« Next Oldest · Codemasters · Next Newest »

2 Pages < 1 2Top

Add Reply Options

Change to:

0.0208sec

0.54

5 queries

GZIP Disabled
Time is now: 26th May 2022 - 04:49 PM

All Rights Reserved © 2002- 2022 Vijandren Ramadass (~unite against racism~)

Powered by Invision Power Board © 2022 IPS, Inc.