//Just set a cookie.
setcookie(‘test1cook’, ‘testval1′, time()+3600);

//Set a cookie and set it again.
setcookie(‘test2cook’, ‘testval2′, time()+3600);
//setcookie(‘test2cook’, ‘testval2redux’ time()+3600); will throw a parse error.

//Set a cookie unset it, and reset.
setcookie(‘test3cook’, ‘testval3′, time()+3600);
setcookie(‘test3cook’, ‘testval3′, time()-3600);
setcookie(‘test3cook’, ‘testval3reset’, time()+3600);

//Set a cookie and use the unset function.
setcookie(‘test4cook’, ‘testval4′, time()+3600);
unset($_COOKIE['test4cook']);

//Set a cookie and attempt to change its contents.
setcookie(‘test5cook’, ‘testval5′, time()+3600);
$_COOKIE['test5cook'] = ‘tesval5_overwritten’;

//Print before setting a cookie.
print ” “;
setcookie(‘test6cook’, ‘testval6′, time()+3600);

Run this script and then run the following directly after:

print ‘<br />test1cook = ‘;
print $_COOKIE['test1cook'];
print ‘<br />test2cook = ‘;
print $_COOKIE['test2cook'];
print ‘<br />test3cook = ‘;
print $_COOKIE['test3cook'];
print ‘<br />test4cook = ‘;
print $_COOKIE['test4cook'];
print ‘<br />test5cook = ‘;
print $_COOKIE['test5cook'];
print ‘<br />test6cook = ‘;
print $_COOKIE['test6cook'];

The results will look something like this on your browser:

test1cook = testval1
test2cook = testval2
test3cook = testval3reset
test4cook = testval4
test5cook = testval5
test6cook =

As you can see in number 2, directly reseting the cookie does not change it in fact it throws an error. It must first be unset as in number three. Simply using the “unset()” function does nothing as illustrated in number 4. Rewriting the cookie variable also does nothing. And, of course, outputing anything before a cookie is made will result in no cookie.

Now the results here deserve another looksee. Because if a subsequent script runs some of these lines there will be some changed results:

//Set a cookie and set it again.
setcookie(‘test2cook’, ‘testval2′, time()+3600);

//Set a cookie and use the unset function.
unset($_COOKIE['test4cook']);

//Set a cookie and attempt to change its contents.
$_COOKIE['test5cook'] = ‘tesval5_overwritten’;

With the same print statements as above run concurrently, note these results:

test1cook = testval1
test2cook = testval2
test3cook = testval3reset
test4cook =
test5cook = tesval5_overwritten
test6cook =

Notice that now there is no error on number 2.  On number 4 the cookie is shown as unset, and number five is overwritten where it was not in the first go round, because the cookie is not available in the same run in which it is created.

Interestingly enough, another running of the print statement nets the following.

test1cook = testval1
test2cook = testval2
test3cook = testval3reset
test4cook = testval4
test5cook = testval5
test6cook =

This shows that the changes to the cookie array in 4 and 5 were only within the script. They did not effect the information stored on the browser, which can only be changed by first destroying the cookie and then recreating it.

The FROM_DAYS() function can only be used for dates after the year 1582 (in most of Europe, but not England or Russia) because it was this year the Gregorian Calendar came into effect. The date adjustment made on that date is not taken into account in this function. This is meant to take the number of days since the date represented by 0000-00-00, or the first day anno domini. What is strange about it is that input less than 365 returns simply “0000-00-00”, but numbers of days after that will act properly. Example:

SELECT FROM_DAYS(367)

will result in the date “0001-00-02”.

Not sure why the function does not work for numbers less than 365. I tested the function for negative numbers as well, and there was no go there either. I suppose the creator of this function assumed that people would only be using it for dates after the Gregorian calendar was put into place. He is probably correct in this regard. Still, I was surprised to see it. Also, many examples on the web, especially the one on the oracle site for mySQL actually have incorrect output in their example when compared with the output I found in testing. Their results were exactly seven years off. Probably a typo.

The DAYNAME() function returns the name of the day of the week for a particular date. Example:

SELECT DAYNAME(’2012-05-15′)

will yield “Tuesday”. The function requires a parameter. Simply calling the function will not return the current day. To get the day today in mySQL the following will work:

SELECT DAYNAME(NOW())

The MID() function in SQL is used to extract a substring from a larger string. Syntax:

MID(column_or_string, beginning_position, length)

The column or string parameter is the string to be looked at. The beginning position is where to start. Each character position will have a number beginning with 1 (other languages in similar functions will often begin at zero). The length is optional; it tells how many characters, including the first one, are to be included in the substring to be extracted. The length parameter is optional. If left off, the beginning position through the remainder of the string will be the result. This function would be a good way to, for example, come up with the last four digits of a credit card number. For example:

SELECT MID(’1234567890654321′, 13, 4)

Will render: “4321″.

What a handy SQL function.

SELECT LEFT(‘string’, number_of_characters)

To get the 7 left-most characters from a specific column in every row of a table the following would work:

SELECT LEFT(name, 7) FROM fict_chars

It should be noted for this and for other functions that if the string is in single quotes that SQL will see it as a literal string. If it is not, SQL will see it as a column. Thus, had we used ‘name’, the result would have been “name” for each row, and not the actual name drawn from the specified column.

Just because they look alike...

Generally I am a fan of SQL and how it works, but there is a function that I find irritating. Not because of what it does, but because of its name, “INSERT()”. Why, oh why would you give a function the same name as a statement that already exists? I am sure there is a story behind this and it probably goes back to family squabbles occuring in the 10th century AD, or at least to the 1970s when Chamberlin and Boyce first conceived RDBMS. Suffice it to say that it could cause confusion when quickly glancing over code or when newcomers are learning the language.

Just know that the two are different. The statement is the familiar, much used instruction to the database to add a row to a table.

INSERT INTO table (column1, column2, etc.)
VALUES(‘value1′, ‘value2′, ‘etc.’)

Meanwhile, the INSERT() function is designed to replace text within a string. It does this using the following syntax:

INSERT(‘string’, position, length, ‘inserted_string’)

The first parameter is the string to be operated upon. The position is where the insertion should begin. Length defines how many characters should be replaced. The fourth parameter is the string to be injected.

A simple example:

SELECT INSERT(‘Jane Porter was the heroine in Harry Potter.’, 32, 12, ‘Tarzan’)

Our result, “Jane Porter was the heroine in Tarzan.” Note that the character specified in the second parameter is over-written as are the subsequent 11 characters, 12 characters in all.

SELECT FIELD(‘string_to_match’, ‘string1′, ‘string2′, ‘etc.’)

Here is the field function in action:

SELECT FIELD(‘Scarlet’, ‘Melanie’, ‘Rhett’, ‘Scarlet’, ‘Ashley’, ‘Scarletta’)

This will return “3″. Though 5 contains “Scarlet”, it is not equivalent to “Scarlet”. Had position 5 also been equivalent to “Scarlet” the result would still have been only “3″. Later matches are ignored.

Both FIELD() and ELT() are a kind of test. They can be used when you are looking for one item out of a group of alternatives. The result can be cranked through a series of if/then statements or switch/case to determine a course of action. This is another place where some of the work done by the server can be taken on by the database.

Read more about SQL Functions.

My problem with the EXPORT_SET() function is that I was having trouble figuring out what I could do with it. So I investigated this aspect for an hour or two, surfing here and there I found nothing that would explain why you would ever want to use a function that basically returns an array of bits that comprise a number and lists them in reverse order. Obviously someone wrote this function for a vital purpose. I thought the purpose mignt be found in the name. EXPORT is a clue. After thorough investigation I see it has been used to port data between applications. A few thought experiments made me realize it could also be used in security as a means of encrypting data. I am sure there is more to it.

Be Secure...LOG OUT!

You know why it is important to log into your account on your various secure destinations.  First, you can’t access your info unless you do! But more importantly no one else can access the info unless he or she can get your user name and password.  So your account is safe right?

Wrong, there are devious ways of getting your user name and password. One easy way is through packet sniffing. I am convinced that packet sniffing is a routine operation around hotels, restaurants, etc. I have had my servers broken into TWICE while I was on vacation. Both times it was after I logged into an FTP account. Malware was installed both times and it was alot of work to get things straightened out, not to mention the fact that all that time spent trying to fix the problem put a damper on my vacations.

Well, there is no better learned lessons than those acquired in the school of hard knocks. I put my servers on SSH. That was just the start. I reviewed all php code and forms on the site. I created software to monitor changes to vulnerable pages and severely limited access to website code. Any suspicious onsite changes are logged and I am notified by email. That was two or three years ago, and I have been unassaulted since. However, without taking further precautions, I could still have been vulnerable to attack. In fact we are always vulnerable to attack, even with seemingly secure accounts especially if we go about getting into accounts while using publicly provided internet. Because through packet sniffing (someone watching the flow of traffic on a particular hub) doesn’t always need a password and a user name. They can simply piggy-back their way into your account by mimmicking your authentication process and headers. As long as your account is open a hacker could theoretically operate inside your account. The way to preclude or at least foreshorten this possibility is to LOG OUT!

I presume you are already savy enough to know that you must log out of accounts and close the browser on public computers so the next user can’t access your account.

For the user taking advantage of a “hotspot”, the best policy, especially in a public place is to make sure to have a secure connection (look for the green bar on the Url at the top of the page), know what you want to do when you log into your account, get your business done, and don’t forget to log out.

What to do? What to do? I could write an application that would change it to a different ad, maybe Chitika, when a Kindle browser shows up. In fact, I probably will do that for one or two of my sites, but so far Kindle web traffic is not high enough to worry about it too much. I have not seen too much traffic thus far from the fire, but it is sure to grow the way the item has been selling. On the other hand it seems to be a device more in tune with selling books, mags, music, and movies. The internet side will probably grow slowly. No doubt the situation can change as well.

In any case, I find Amazon’s approach interesting and also disturbing. Blocking ads on my websites is like stealing content from me. It is amazing how the big boys never play by the rules. The only way I can continue to create content is to get paid for doing so. Meanwhile I am sure the boys at Amazon think they are only tweaking Google.

It’s just one more development to react to.