Grab the users IP address, handy to add to login scripts if you want to tighten security… Or to just keep track…

$Users_IP_address = $_SERVER["REMOTE_ADDR"];

If the user is operating via a proxy server, the above code may not work. In this case use this simple function:

<?php

 function VisitorIP(){
    if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])){
        $TheIp=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else {
        $TheIp=$_SERVER['REMOTE_ADDR'];
    }

    return trim($TheIp);
    }

?>

In a nutshell, it makes a string safe to be entered into a database….

For example:

$email = '[email protected]'; // This could come from a form, etc.
$result = mysql_query("SELECT * FROM `userTable` WHERE `userEmail`= '".mysql_real_escape_string($email)."'");

This example checks to see if an email address is in the userTable. Without mysql_real_escape_string, the email entered via a form could be an attempt to SQL inject and delete or alter your database.

This is the most recent version of the script I’m using… Copy and Paste the code straight into a page and save it as yourfilename.php, and that’s about it…. You just need to change the name and e-mail address from mine to yours…

Once you’ve added or edited a database table, it’s good to check that the change/addition was made… then either move on or show an error, etc.

Here’s how to do it with mysql_affected_rows().

Note, if the same data was submitted, i.e. a form with values filled in from the database was submitted without the values being changed, then the ‘affected row count’ is likely to be ‘zero’, so you might trigger an error, when infact there’s no error, just nothing was requested to change

Great to use once you passed values from $_GET to $_SESSION and don’t want the $_GET values to stay in the URL…. Also good if you’re processed data from a form… process and reload page…

// Redirect / reload
 header('Location: /pathname/pagename/');            
 exit();

Using this script in an include just helps level the playing field…. ;-)

<?php
   if (get_magic_quotes_gpc())
   {
       function stripslashes_deep($value)
       {
          $value = is_array($value) ?
          array_map('stripslashes_deep', $value) :
          stripslashes($value);

          return $value;
       }

       $_POST = array_map('stripslashes_deep', $_POST);
       $_GET = array_map('stripslashes_deep', $_GET);
       $_COOKIE = array_map('stripslashes_deep', $_COOKIE);
       $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
   }
?>

Here’s a great little script that will back-up your database to a zipped .gz file and store it in a folder on your server….

Here’s another way to connect to the database:

There are several methods of connecting to a database, here’s one example:

// Set the database access information as constraints
DEFINE ('DB_USER', 'userName);
DEFINE ('DB_PASSWORD', 'passWord');
DEFINE ('DB_HOST', 'localhost');    
DEFINE ('DB_NAME', 'databaseName');   

Use DEFINE to set your login details, then:

// Make the connection
$dbc = @mysql_connect (DB_HOST, DB_USER, DB_PASSWORD) OR die ('Error: Check UN, PW, and host ' . mysql_error());

Connect using mysql_connect, then:

It’s a good idea to use $_SERVER['DOCUMENT_ROOT'] with includes as it makes life easier if moving a site onto a different development server… i.e.

<?php include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php'; ?>