Anti-QSL Injection. I'm sure it could be better, so any improvements are welcome.

This class is a simple authentication scheme which makes it easy to add authentication to any page by including one class and adding one table to your MySQL database.

The following functions are employed by this authentication class:

auth()

this is the default constructor; it automatically checks for the POST vars "username" and "password", it also checks to see if the user passed the GET variable "logout", which would prompt it to set the authentication status to un-authenticated.

is_authorized()

Checks the SESSION variable "authorized" and returns true or false depending on that variable.

mysql_bind()

This is automatically called by the constructor each time the class is instantiated and $_POST['username'] and $_POST['password'] are present. It queries the db for a valid username and MD5 encoded password.

user_create($username,$email,$password)

Creates a user, if the username is available, and creates an MD5 hash based on username, password and date, to be used in the "activation" of the account.

user_activation_message($username)

Sends the custom activation message to the email address for the username specified

user_activation($activation_hash)

Checks to see if the activation hash is valid, if it is, the activation_hash variable is set to NULL, thus signifying that the account is active.

user_password_change($username,$password_old,$password_new)

Quick and easy way to change the user's password with one function call.

user_logout()

Sets the authorization status in $_SESSION['authorized'] to FALSE

is_username_available( $username )

Returns TRUE or FALSE depending on whether or not the username is free.

I use this method for keeping my sql templates away from my code.

You can extend upon the idea, as I have done in the past, by placing SQL handing classes between your scripts and the template library.

Things to note here:

The lesser userd heredoc string method. The reason this is used is to keep the SQL clear and well laid out, and not as messy as using quotes.

vsprintf() is a very handy function if you don't want to hard code the number of parameters to interpolate your string with.

The use of sprintf templates offers you additional security. For example, only allowing numbers to be placed where a %d falls. This, of course, shouldn't be the only security on user supplied variables, but comes in extra handy for debugging purposes.

Regarding the TODO in there, it would take a check of the number of % placeholders there are in the template. One caveat is remembering to remove the count of %%'s that appear (the literal percentage).

When you need to perform an action on a single row of data, many people turn to cursors. Cursors come with a lot of overhead in the database engine and can be confusing. Here's a way to get the same results without the overhead in a much simplier way.

Well after searching the internet for something similar to this, I didn't come up with anything...so I made my own! This simple script will track your members' time spent on your website. Please feel free to give comments/suggestions/feedback.

How to connect to your mysql serve

I made this script to delete any unneeded files from the server that weren't being used by the database. Of course you can expand this a lot more, but I cut it down a little to put it up here.

This is my MySQL database class that I use for all of my sites. Some included features are:
- Get execution time
- Error reporting (screen and email)
- SQL stats

This is a little function that you can use to print out results of a query. It will dynamicly generate the table for you (like phpMyAdmin). This is a nice little checker that is fast. It beats logging into phpMyAdmin and typing in your query there.

I will use the config.php and class.mysql.php files from MySQL DB Class with Extras, so please look at those also.

This is a cool function that lets you save MySQL query data to an Excel spreadsheet. This is good for taking a backup or if you want to change a lot of information fast, then re-upload it.

I will use the config.php and class.mysql.php files from MySQL DB Class with Extras, so please look at those also.