to all the computer geniuses...creating a website Watch

This discussion is closed.
Meeps
Badges: 0
#1
Report Thread starter 14 years ago
#1
hi there everyone. im creating a website using html (frontpage), i am not using SQL to link the webpages to databases (as i dont know how to make good links). I am really stuck on how to create a guestbook as a result. this is because i would not have anywhere to store the comments from users. The wizard on frontpage provides me with a template for data entry but does not help in telling me where and how to store any comments. i really tbh have no clue in how to do a guetbook! has anyone made a guestbook themselves before? anyone have any ideas on how create a working guestbook?

plz reply.

thanx for any help in advance.

p.s. if you have used mySQL can you tell me from where you learnt and what manuals you have used that allowed you to easily learn how use it. microsoft help is tbh PANTS. i crap at this sorta thing and i wish there was a book for learning about this and creating guestbooks in the 'Dummies Guide To'....lol, but there unfortunately isnt.
0
Meeps
Badges: 0
#2
Report Thread starter 14 years ago
#2
(Original post by piginapoke)
Creating a guest book involves persistence of data. Therefore, you need to have a mechanism of storing the data. You can't do this in plain HTML. You need to have the ability to run processes on the web server (example: perl, mySQL).
yeah i know, i was just wondering whethaer there was any way of just using plain html. have u used perl or mySQL. if have u got any good guides u can recomend for it.

i tried using access but that was really poor.
0
Nylex
Badges: 10
Rep:
?
#3
Report 14 years ago
#3
What stuff do you need to know about MySQL? If you want to know about SQL syntax (this isn't specific to MySQL; other databases use it as well), then this site: http://www.w3schools.com/sql/default.asp is good for basics.
0
AT82
Badges: 0
Rep:
?
#4
Report 14 years ago
#4
What ever you don't use frontpage it produces very nasty bloated HTML code that makes your website in accessable for a lot of people.

www.cutandpastescripts.com host bannerless/advertless guestbooks and they work quite well. It is totally free. The only other way of doing it would be to use MySQL/PHP or ASP. You can use a text file but MySQL/Php is far easier.

You can only use interactive front page stuff if your server has front page extensions installed. Frontpage is not standard and only serves to let people get into bad habbits.

1stpage2000 which is a freeware HMTL editor is far better. Dreamweaver is also good but expensive.
0
AT82
Badges: 0
Rep:
?
#5
Report 14 years ago
#5
(Original post by Meeps)
yeah i know, i was just wondering whethaer there was any way of just using plain html. have u used perl or mySQL. if have u got any good guides u can recomend for it.

i tried using access but that was really poor.

Access should work quite well if its coded correctly. I made this site purely in access

http://www.robertson-i.co.uk/shop/

I used SQL statement though rather than Microsoft's method.
0
Rich
Badges: 2
Rep:
?
#6
Report 14 years ago
#6
(Original post by amazingtrade)
Access should work quite well if its coded correctly. I made this site purely in access

http://www.robertson-i.co.uk/shop/

I used SQL statement though rather than Microsoft's method.
Hmm... why is your database file world-readable? I really shouldn't be able to just download it by making a standard HTTP request for it, not very secure really; especially not if you were actually taking transactions and storing credit card details etc...
0
Nima
Badges: 12
Rep:
?
#7
Report 14 years ago
#7
(Original post by rahaydenuk)
especially not if you were actually taking transactions and storing credit card details etc...
Trade isn't a thief.
0
AT82
Badges: 0
Rep:
?
#8
Report 14 years ago
#8
(Original post by rahaydenuk)
Hmm... why is your database file world-readable? I really shouldn't be able to just download it by making a standard HTTP request for it, not very secure really; especially not if you were actually taking transactions and storing credit card details etc...
It was just an assignment, at the time my tutor didn't know the exact URL path to the database, so I had to use a relative URL hence not being able to use private directories. However I have the path now so I can make it much more secure.

It dosn't really matter for this though if people to have access to it, it dosn't store real credit card numbers or anything.

P.S Just out of interest how did you know the location of my database?
0
capslock
Badges: 1
Rep:
?
#9
Report 14 years ago
#9
(Original post by bono)
Trade isn't a thief.
rahaydenuk was merely pointing out the security issues involved.
0
AT82
Badges: 0
Rep:
?
#10
Report 14 years ago
#10
The site I am currently working will have a secure database and I have also used MD5 for login encrytion.
0
Rich
Badges: 2
Rep:
?
#11
Report 14 years ago
#11
(Original post by amazingtrade)
P.S Just out of interest how did you know the location of my database?
By guessing the common ones. I think I tried db.mdb, dbase.mdb and then database.mdb. You'd be amazed how many sites do that and forget to change permissions, but then Windows doesn't really have such a clear and easy-to-use file permissions system as *nix. I originally thought your admin password might have been stored in the database, which obviously would've been an even larger security flaw, however it appears you've hardcoded that into a page or something as it's not responding to SQL-injection (unless you've taken action against that, which is unlikely since you do not parse your quantity values, which in itself doesn't appear to be a problem since they are passed into a CDbl function which acts as a form of an inadvertent security wrapper on potential SQL injection strings).
0
Rich
Badges: 2
Rep:
?
#12
Report 14 years ago
#12
(Original post by capslock)
rahaydenuk was merely pointing out the security issues involved.
Yes, I think our dear bono got the wrong end of the stick there... I wasn't accusing AT of anything other than lax security. This would then have the potential to be exploited by malicious users, AT would have the info anyway, so if he wanted to be malicious, he wouldn't need to hack his own site to do it.
0
Nima
Badges: 12
Rep:
?
#13
Report 14 years ago
#13
(Original post by rahaydenuk)
Yes, I think our dear bono got the wrong end of the stick there... I wasn't accusing AT of anything other than lax security. This would then have the potential to be exploited by malicious users, AT would have the info anyway, so if he wanted to be malicious, he wouldn't need to hack his own site to do it.
I was only joking
0
AT82
Badges: 0
Rep:
?
#14
Report 14 years ago
#14
(Original post by rahaydenuk)
By guessing the common ones. I think I tried db.mdb, dbase.mdb and then database.mdb. You'd be amazed how many sites do that and forget to change permissions, but then Windows doesn't really have such a clear and easy-to-use file permissions system as *nix. I originally thought your admin password might have been stored in the database, which obviously would've been an even larger security flaw, however it appears you've hardcoded that into a page or something as it's not responding to SQL-injection (unless you've taken action against that, which is unlikely since you do not parse your quantity values, which in itself doesn't appear to be a problem since they are passed into a CDbl function which acts as a form of an inadvertent security wrapper on potential SQL injection strings).
Yeah I have hard coded it into a page so its fixed. I never thought anybody would actually view the site other than me and my tutor so security wasn't an issue. Also that site was the first server side website I have ever made so I am quite proud of it now. If I was to do it again I would make an include file for the connection string to make it easier to update and also make sure the database is in a private directory. Also calling it a common name wasn't such a good idea.

The other big thing I would change is the use of style sheets, stylesheets would have worked much better for the navigation rather than images.

I am hoping in six moths time I will be pretty good at server side programming as I am improving all the time.
0
AT82
Badges: 0
Rep:
?
#15
Report 14 years ago
#15
(Original post by piginapoke)
Hmm the pages on your site look like edited frontpage output
Wich pages? The actualy design isn't too clever as I didn't use stylesheets, I really wish I had done that now, however the marking was purely on the ASP code and what server side functionality the site has, that is why the design was rather laxture. Also I should not have put that silly flash intro on the front page.
0
AT82
Badges: 0
Rep:
?
#16
Report 14 years ago
#16
(Original post by piginapoke)
Just a gag, I thought the JS functions looked familiar.
Yes thats awful dreamweaver JS code. If I did that site professional there is no way I would have left them in, I would have just used stylesheets. It was 3 months ago since I have made that site and my standards have improved since then, the part time job as a CSS based web developer helped a lot.
0
AT82
Badges: 0
Rep:
?
#17
Report 14 years ago
#17
(Original post by piginapoke)
I envy you artsy types. I initially wanted to be a web developer after I graduated but I'm shocking at anything artistic or design-y.
Thanks. I'm ok I'm quite good at photoshop and stuff like that, the only bad thing is I can't draw people.

I am not much good at large database type projects that invovle systems anyalsys and essesentialy just the logic, however this why people study computing at places like Oxbridge to that kind of stuff.

Anyway I have a 9:00am lecture so I am up at 7:00am I better get of the damn computer. Good night all.
0
Baron
Badges: 1
Rep:
?
#18
Report 14 years ago
#18
(Original post by amazingtrade)
Thanks. I'm ok I'm quite good at photoshop and stuff like that, the only bad thing is I can't draw people.

I am not much good at large database type projects that invovle systems anyalsys and essesentialy just the logic, however this why people study computing at places like Oxbridge to that kind of stuff.

Anyway I have a 9:00am lecture so I am up at 7:00am I better get of the damn computer. Good night all.
i got a 9:00am lecture to, but i dont have to get up until 8:00am

cya at
0
X
new posts
Latest
My Feed

See more of what you like on
The Student Room

You can personalise what you see on TSR. Tell us a little about yourself to get started.

Personalise

Were you ever put in isolation at school?

Yes (232)
27.46%
No (613)
72.54%

Watched Threads

View All