How to connect to your mysql serve

MySQL 5.x Stored Routines, PHP Session Values, a little CSS oh my! Complex to set up but easy to impliment. Geared toward security, simplicity (of use) and convenience.

This routine will get an image stored in a SQL database (IBM Informix shown here) as a BLOB and return it to the screen.

To place this on an HTML page simply add

I have an MD5 hashed version as well, but can't share that...(So you can have encrypted id's passed)

Have fun,
Jeremy

This is a quick and dirty function for preventing SQL Injection, the function is designed to clean any variable that will be concatenated into an SQL query. Apostrophes and Double-Quotes are changed to entities in order to ensure that encoding does not become an issue when the content is pulled back into a page. I'm looking for criticism here, I want to know if this is secure or not.

This class is a simple authentication scheme which makes it easy to add authentication to any page by including one class and adding one table to your MySQL database.

The following functions are employed by this authentication class:

auth()

this is the default constructor; it automatically checks for the POST vars "username" and "password", it also checks to see if the user passed the GET variable "logout", which would prompt it to set the authentication status to un-authenticated.

is_authorized()

Checks the SESSION variable "authorized" and returns true or false depending on that variable.

mysql_bind()

This is automatically called by the constructor each time the class is instantiated and $_POST['username'] and $_POST['password'] are present. It queries the db for a valid username and MD5 encoded password.

user_create($username,$email,$password)

Creates a user, if the username is available, and creates an MD5 hash based on username, password and date, to be used in the "activation" of the account.

user_activation_message($username)

Sends the custom activation message to the email address for the username specified

user_activation($activation_hash)

Checks to see if the activation hash is valid, if it is, the activation_hash variable is set to NULL, thus signifying that the account is active.

user_password_change($username,$password_old,$password_new)

Quick and easy way to change the user's password with one function call.

user_logout()

Sets the authorization status in $_SESSION['authorized'] to FALSE

is_username_available( $username )

Returns TRUE or FALSE depending on whether or not the username is free.

If you've ever wanted to build an application that can both find the distance between two zip codes, and find zip codes within a specific radius of another zip code, then this is the snippet for you.

I've tried to build this before using PHP4 and MySQL 4 and have found it to be painfully slow for a one-user connection over a Local Area Network (LAN). So, before you continue reading, I must make it abundantly clear that this method requires PHP 5 and MySQL 5.

This is because in PHP5, we will need the MySQL-Improved interfaces, and in MySQL 5, we will need functions and procedures.

Using functions and procedures in MySQL puts the weight of the calculations on MySQL, where they will run hundreds of times faster than if PHP were to attempt to do the work. In addition, using functions and procedures is still hundreds of times faster than carefully crafted SQL statements (one benchmark took over 10 seconds using a WHERE clause, while the function + procedure method took around .12 seconds--note the dot).

Since I am not a mathematician by trade, I found the necessary calculations using Google.

For the "Great Circle Distance" formula, I used Meridian Word Data's website. For the radius finder, I used another that unfortunately I do not have off the top of my head right now. I will look for it again and repost it for proper accreditation.

For the zip code database, I am using the free zip code database from CFDynamics.

Below, you will find the database and table schema, the functions and procedures, and also a demo PHP script to see all of this put into action. As a courtesy, you may download a dump of this database from my website. It's uncompressed size is 3.4M, and it's compressed size is 537K. The checksum is available here.

Please leave me comments, suggestions, questions, and/or rants about this snippet. I feel this is a very useful bit of code, and hope that others out there may find as much use from it as I will be.

When ByteMyCode was crashing because of the traffic load, we started optimizing MySQL. The server had a load of >50 but the processor was all tied up in IOWAIT. We realized that the database was the source of the bottleneck so we increased all of the cache sizes. Now, it is really fast.

Pagination Class , I think everyone knew now what's it does and means

NT: This class written by my friend have phun!

This is a mysql php pager class that I found online somewhere and modified.

Anti-QSL Injection. I'm sure it could be better, so any improvements are welcome.