Friendlist

[Jordan Palmer]

Hello..

 

I was asked on MSN to update a friend list for someone, I'll think Danny696 was the original author, I've simply changed the look, and added too it

 

Nothing major, Got asked and thought I'd share..

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

I doubt we need screen shots so I'll give them a miss..

 

 

Enjoy =)

[Joshua]

Shouldnt you at least MRES the $_POST['comment'] bit other than than the tiny preg replace :P

[Joshua]

You fixed one of mine so............=P

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

[rulerofzu]

LMAO get a room :P

Anyhow....

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

 

For 4 fields :D

Good job all round...dont know whats changed but good job.

[Joshua]

shrugz friendslist isnt exactly a big table so select * isnt overkill ><

just removed a few slow operators, added an extra secure $_GET function for $_GET['f'] few other nic nacs nothing major

[rulerofzu]

Yeah it isnt a big table....just a bad habit using *

[Jordan Palmer]

I hadn't edited the $_POST[]; or $_GET[]; as danny had already. But thanks :)

[CrazyT]

Fail again....

[...]

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

[...]

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

[...]

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

[...]

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

[...]

And alot more.

[Magictallguy]

If you're going to use sprintf() operators, make sure you actually wrap the code in sprintf().

[jds137]

I received this error message: What shall I do?

"QUERY ERROR: You have an error in your SQL syntax; check the

manual that corresponds to your MySQL server version for the right

syntax to use near '%u)' at line 1

Query was SELECT * FROM `friendslist` WHERE (`fl_ADDED`=%u)"

[jds137]

Let me clarify what I found: Magic's works just fine, its the next one I added that has the error. Great job on them both

[Danny696]

Yup, 'twas mine, i remeber, noone else did $donator = TRUE;

[Zero-Affect]

You lot do realise there is no reason to restrict yourselfs to MCC generic versions right?

The friends/Enemy list i created about 8 month ago on one of my games consisted of 2 user table columns and no extra tables. Simple to do specially if i did it when i was still in the middle of learning a lot to do with exploding variables, I used the same method on my Ignore user script also.

No idea which would be the quicker though, but the code is beautiful :love:

I do love how people stick to Generic MCC methods specially when trying to be unique.

[Joshua]

MTG i recently discovered it's faster to use the operators w/o the need of using sprintf that slows down the query

So I ask, why use sprintf when you can just %%u%%? achieve the same results and it runs faster.

[Jordan Palmer]

Yup, 'twas mine, i remeber, noone else did $donator = TRUE;

I'm hoping you don't mind me editing and posting..

 

@Jd; Magic didn't post one? :/

 

@Zero; I'm fully aware off this, However I was asked to edit it, All I did was edit, post...:)

[jds137]

Yes, I just realized that. See what I get from lack of sleep. lol

[Joshua]

for the problem with the ( %u ) bit

just add ' ' around %u

[Jordan Palmer]

Well I got bored so I kinda updated it again >.< This time it's the actual code and should be fully secure, but i've been in bed all day so I *might* off missed something. Post if you do receive an error.

 

You're unable to view this code.

Viewing code within this forum requires registration, you can register here for free.

[Joshua]

$_POST['f'] = abs(@intval($_POST['f']));

 

then further down...

 

"'.mysql_real_escape_string($_GET['f']).'

 

really ? :P

[Jordan Palmer]

Fixed. Thanks...As I said it's not been a good day so today I officially have an excuse to get things wrong lol

[Joshua]

lol =p

[iSOS]

MTG i recently discovered it's faster to use the operators w/o the need of using sprintf that slows down the query

So I ask, why use sprintf when you can just %%u%%? achieve the same results and it runs faster.

You're missing the point, you're using "sprintf()" operators without sprintf() itself, have you tried it?, I'm pretty sure you're going to receive errors.

[Joshua]

They arent entirely sprintf operators, and yea i have tried it, works fine.

[iSOS]

Well I've just tried and as expected received errors, You're adding an extra parameter to "mysql_query" with no function to handle it, I don't understand how that could work :S

Lol, Maybe it does work for you guys but I sure as hell don't see the logic in this.

[Joshua]

slap a ' ' around the %u op

I've done about 15 diff pages not using sprintf( to define %u/%s etc

and they all work 100% :P

The logic being on a test done by someone else

 

with sprintf and %% load time was 1.8

w/o sprint f and just %% load time was .7

w/o either load time was .2

So i went for the middle one >,<