logs archiveIRC Archive / Freenode / #php / 2015 / September / 26 / 2
Arnas
Alphos, after $recipe
Bad_Advice_Cat
Arnas, this one: http://php.net/manual/en/mysqli.prepare.php
Alphos
Arnas where did you put that die() ?
Arnas
Alphos, I also var_dumped $recipe and it's correct o.O
Alphos
"after recipe" is NOT clear
show us your code with the die()
hold on a sec
Arnas
R u kidding me? What's not clear?
http://pastebin.com/R53Vcnba
Alphos
Arnas the fact that you have $recipe on several places
Arnas
that's what "after a $recipe" means
well, obviously a first one, where I define it
Bad_Advice_Cat
mysqli can do prepared statement.
         

Alphos
Arnas what does $db->select() do ?
Arnas
executes select query
Alphos
the $db->select("SELECT *") is a bit awkward
Arnas
Alphos, how so?
laszlof
thats weird
Alphos
"select" twice
sorabji
adding $id directly into a query is weird
Bad_Advice_Cat
Indeed.
Alphos
using mysqli_real_escape_string() is weird
Bad_Advice_Cat
Indeed.
sorabji
why are you writing code like this Arnas ?
laszlof
->select("*")->from($table)->where([$foo => $bar])->execute();
Alphos
not dumping the queries is weird
Arnas
sorabji, because I started learning PHP like 1-2 weeks ago
http://pastebin.com/g2Snar08
sorabji
have you been made aware of prepared statements yet?
Arnas
sorabji, no
Bad_Advice_Cat
(Action) feels ignored
Alphos
/ignore Bad_Advice_Cat :p
Arnas !+pdo
php-bot
Arnas, PDO is PHP Data Objects, a database API that has a unified interface for many databases. You can learn how to use PDO here: http://wiki.hashphp.org/PDO_Tutorial_for_MySQL_Developers
sorabji
i can scroll back and see Bad_Advice_Cat telling you about them Arnas
         

Arnas
Alphos, I know about PDO, but atm I'm learning mysqli, I'll switch to PDO later
Bad_Advice_Cat
!+later
php-bot
"later"? best practices  like input validation, prepared statements, testing, coding style, and so forth  are important. Many people say they "just want it to work" and claim they will "fix it later." Though they might even be sincere, experience shows it almost **never** happens. Don't be that person! Do it right the first time!
sorabji
it's not worth learning though
like, complete waste of time
Arnas
sorabji, well, that's what the course was teaching me, so I'm learning it
Alphos
sorabji not entirely true
some features in mysqli may lack in pdo. but i'll admit i don't use them ;)
Arnas
can we get back to my problem please?
Alphos
(seeking resultsets, for instance)
sorabji
your problem is not using prepared statements
Bad_Advice_Cat
Arnas, can you make the Teacher aware of mysqli prepared statements then?
Arnas
sorabji, not that :)
sorabji
Alphos: fair enough. i've also never needed these extra features
Arnas: exactly that
Arnas
sorabji, if you can't help, please ignore my question
Alphos
Arnas it's certainly a factor
sorabji
this is helping
i don't know why you're insisting on writing vulnerable code
Bruce_dev
alright alphos, be my teacher for one more question if you may.
Bad_Advice_Cat
(you have a huge security flaw in your code)
Alphos
Arnas out of curiosity, why do you have a Database class ? what does it offer that mysqli doesn't ?
Bruce_dev shoot away :)
Arnas
Alphos, a constructor
Alphos
Arnas mysqli has one too, so that's not it
Arnas
Alphos, and it's easier to have all the functions in one class
Alphos
Arnas you mean, the way mysqli does ?
Arnas
the way I showed you before
Alphos
Arnas : yeah, you could definitely have that with mysqli too
Arnas
please, just help me with my code
Bruce_dev
Not saying I'm going to actually do this, but out of curiosity now. Say I am a player in the game, its not real time like runescape moving around in a 3d world or anything. But it is still real time in a sense I don't want the page to reload. So I as a player want to fight an NPC, my attack system is turn-based. I go to the NPC, click attack, and it brings up the fighting display.
Arnas
I'm just following the course and this is my extra project I've thought of
but I'm stuck at this problem atm
Bruce_dev
I have a button to "attack" (just keeping it super basic) and on the attack click, it will calculate the damage, and lower the NPC's hp.
Alphos
Bruce_dev server-side, yes
Bruce_dev
Instead of making an ajax call everytime I click the attack to process the new HP, turns used, and all that, would I want to do a websocket over ajax calls?
Alphos
don't put your game engine in the wild, or people WILL hack it, and they WILL set their attacks to always yield max instead of random
Bruce_dev
As I don't want to refresh the page every attack click.
Alphos
Bruce_dev wouldn't be ajax per se
Bad_Advice_Cat
Arnas, we're volunteering to help. - I can not speak for others, but I wouldn't want to help ON the Condition that it's Bad practice, or Old unsupported php.
Alphos
websockets are a different thing
ajax also relies on a req/resp cycle
Bruce_dev
websockets make it so you can communicate live time, instead of so many http requests
is what I read
Alphos
in effect, yes
Arnas
Bad_Advice_Cat, why is that bad practice? I'm just beginner
Alphos
but like ajax, they're still subject to lag and network latency
Bruce_dev
I see.
Alphos
they just don't require a complete req/resp cycle
sorabji
(Action) considers linking to bobby tables
Bad_Advice_Cat
Arnas, I identified bad practice in your code. That being the use of mysqli_real_escape_string, and $result = $this->link->query($query) or die($this->link->error . __LINE__); inside your code.
Alphos
sorabji : 327
sorabji
LOL
Alphos
(Action) MEMORIZED IT ! :p
Bruce_dev
so web sockets would be too hard core for that, but if its player attacking player, not and NPC, what about then?
Arnas
Bad_Advice_Cat, I'm just following the course
sorabji
Arnas: to bring you in the loop, http://xkcd.com/327/
Alphos
Bruce_dev : they wouldn't be too hardcore, they're probably the proper tool once again
Bruce_dev
mm sorry, I was getting mixed feelings from your end but I think i misread at first. My initial thought was that web socket would be good for that if the population on the site is big, if its a limited number I could get away with ajax/html5 or whatever to make http requests.
Alphos
player attacking player would be of the form "player A clicks on 'attack', a message is sent through the websocket to the server with the type of action and the target, the server captures the message, handles it as an event, calculates the result of the fight, signals back to player A, and sends an attack warning to player B"
Bruce_dev
I see
Alphos
Bruce_dev !+go
php-bot
Bruce_dev, [GO] Gross Overgeneralization. Everything that we tell you in ##PHP is what we consider "best practices". Of course, only YOU know your own requirements, so you may feel you need to do something we told you not to. Just don't say we didn't warn you.
Alphos
but still, i'd recommend not using plain old ajax for real-time games
Bruce_dev
Oh no, I'd rather use web sockets as it'd be good to learn
« prev 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 next »