I want to store markdown-based messages in mysql database.
These messages must contain mentions of other users:
**Hello**, #username.
And how it is visible for user
Hello, #username
When user clicks on the #username - link must lead him to http://example.com/users/{id}
When it is stored in database - it must contain user id in some way, because username is not unique.
The question is: how to store message with additional content in markdown but do not show this additional content to user?
For example:
**Hello**, [#username][35].
Or
**Hello**, [#another username][123]
It this a good way to do it?
Related
I have web app (laravel 5.3, mysql) where users can comment any entity in project (almost every page contains something like chat)
I want to add possibility to mention other users inside message via '#' symbol ("Hello, #John, see here", for example).
When this message is posted to chat user named John must get notification about new message (via email, if he is offline).
Every message is connected to some page (/object/45, for example), so when email is sent user will know the page where he was mentioned.
The question is how to store this inside database?
message field has type text
In this example row would contain this data "Hello, #John, see here" (without quotes).
Problem is that there can be many users with name "John" so I can not not do simple:
select email from users where username = 'John' -- email is used as login
Also username can be something like #John Malkovich, so I have to parse string to find out, if "John" or "John Malkovich" was mentioned.
What is unique - user id.
So how to store this inside database?
Possible solution:
Hello, [user=34], see here - field in database
Parse string before displaying to web browser and replace this string with
Hello, #John, see here
but, obviously, no one can paste literal text '[user=123]' inside message, because it would be interpreted as userid.
P.S. Inside one message many users can be mentioned.
Maybe you could create something like <span value="user34">John Malkovich</span> and parse the value?
Or <span data-user-id="user34">John Malkovich</span> is probably better semantically.
Have absolutely no experience in this kind of stuff though, so don't take me too seriously ;)
I am populating a page with a list of items from DB (lets say main.htm - each item has a link, and opening a link will display the content of the item.
I am using ajax to open the items. For performance reasons, I have added data attribute of their ID to each item in main.htm. so if main.htm has 15 items listed, each item will have a data-id, e.g. item 1 has data-id =1, item 2 has data-id=2
and data-id will correspond to the ID column (primary key) in the Database.
Is this a bad practice, security-wise? if yes, why?
Or is it better practice to encrypt the numbers and instead of id, assign the encrypted id, such as xY4lf3K which would decrypt to 1000 in DB
This should not be an insecure way to go, just as long as you keep in mind to:
ALWAYS escape & validate user inputs (remember, a $_GET param is a user input, not only $_POST);
If the resource identified by the ID is for a specific user, check if that is the user accessing it.
Otherwise, no problems there.
When a new user account is created in our MediaWiki system, the admin specifies the desired user login name and the real name. I'd like to automatically fill the user page and also create a special page according to these rules:
Provided the login of the new user is "LOGIN" and the real name is "FIRST SECOND",
1) a new page should be created named "SECFIR" (i.e. 3 letters of surname and 3 letters of first name), containing just "#REDIRECT:[[user:LOGIN]]", i.e. redirecting to the user page;
2) the user page should contain "{{getuser|SECFIR}}"
Any suggestions?
Create a custom hook function (event handler) using http://www.mediawiki.org/wiki/Manual:Hooks/AddNewAccount - relatively straightforward PHP to do this
Same answer...
More at https://stackoverflow.com/a/8514696
I need to design database with frontend as HTML.
This is my first attempt to do this.
What I need is,
- User can input a word from HTML page, click submit
I will query the word to get a URL from database and user sees that webpage(pointed by URL).
Just enter word, submit and get the webpage displayed.
People suggested using JSP/Access. I am new to everything.
Can you please point out what exactly I need to do?
Thanks a ton.
Following is the way you need to approach
Step1:
Create an HTML page which can take an input from the users
Step 2:
After getting the data from the user, create a connection to the database and pass the searched string as an input paramater.
Step 3:
You will get a result set from a database
Step 4:
Iterate through the result set and display in the html page, if you require the url to be given for those url, so when user clicks So that he will be directed to those websites.
Sample Query:
Select * from table1 where url_Word like '%Search_String'
This will be the procedure that you need to follow to complete your work.
You do not need a database you need a text file. If this is a school project you need more information.
I want an auto username suggestion if a username is already used ,using mysql procedure
By User Name suggestion, do you mean you want a type-ahead autocomplete on a login form (i.e. once you type a few characters of your user name, the application will show all user names matching the supplied user name), or do you you mean a suggestion box that provides potential alternate user names if new user supplies an existing user name?
If you're looking for the first, I would recommend avoiding this. By providing a server-side autocomplete for user names, you are providing a simple way to access the names of all users in your system and reducing security (as people trying to access your site without permission will only need to determine a password instead of a user name and password).
If it's the second, one common approach is to append numbers at the end of an existing user name to provide a user name that does not exist. I would recommend doing this in a combination of MySQL and whatever server-side language you are using.
First, get all user names that start with the user name that was supplied (and already exists):
SELECT user_name FROM users where user_name LIKE #userName + '%'
Then, in your server side language, do the following (pseudo-code)
let user = username supplied (already exists)
let recordset = recordset from db call (above)
i = 0
alternateCount = 0
alternatesFound = new string[5]
while (alternateCount < 5 And i < 100)
potentialName = user + i
if (recordset does not contain potentialName)
alternatesFound[alternateCount] = potentialName
alternateCount++
end if
end while
What this does is attempts to insert sucessive numbers (1,2,3) etc. to the supplied user name until it finds 5 cases where the user name is unique. It also does a maximum of 100 iterations in case user1 - user99 is taken (you could increase this but a limit isn't a bad idea.