Page 1 of 1

Is forum information efficent when stored in a database?

Posted: Tue Oct 07, 2008 7:38 pm
by 8ennett
As you can see I am currently developing a highly efficient web application as a practice app yet the procedures, method and structure rival that of the muliti-thousand dollar app http://www.mafiadeath.com including fully functionable module integration.

I am looking for people who are currently willing to freely beta test this app upon completion (excluding regular and daily processes unless themselves vulnerable) to test the security and vulnerbilitiy's of the site to avoid any unwanted complications in the future. The site itself will run purely from session variables (I know, a lot of DB runtime) and custom functions, and thus far has not used a single class, although this is probsably relative in the future.

Basically, all i am looking for in this post is to find out wether forum posts/replies are more efficient stored in a MySQL db or created as individual .php files with unique indentifier $_GET protocols. Any suggestions or hints would be of great use to me.

Also, here is the current structure of my BBCode format, eg includes latest news posts.

Code: Select all

 
if ($_SESSION['TheMob']['news'] == 'Yes'){
    opendb();
    $result = mysql_query("UPDATE userlist SET news='No' WHERE id='".$_SESSION['TheMob']['id']."'");
    closedb();
}
?>
</style>
<script src="../../Scripts/AC_RunActiveContent.js" type="text/javascript"></script>
<table width="673" border="1" cellpadding="0" cellspacing="0" background="modules/admin/images/tablebg.png">
  <tr>
    <td width="669" height="30" align="left" valign="middle" background="images/standardhead.png" bgcolor="#000000"><span class="style2">|<span class="style3">News</span></span></td>
  </tr>
  <tr>
    <td align="center" valign="top" bgcolor="#000000">&nbsp;<br />
      <?php
      opendb();
      $result = mysql_query("SELECT * FROM news ORDER BY newsid DESC LIMIT 0,10") or die(mysql_error());
      if (mysql_num_rows($result) > 0) {
      echo "<table cellpadding=10 border=1>";
      while($row = mysql_fetch_assoc($result)) {
      ?>
      <table width="600" border="1" cellpadding="0" cellspacing="1" bgcolor="#000000">
        <tr>
          <td colspan="2"><table width="600" border="0" cellspacing="0" cellpadding="0" bordercolordark="#0033FF" bordercolorlight="#0066FF">
            <tr>
              <td align="left" valign="middle" bgcolor="#000000"><?php echo $row['subject']; ?></td>
            </tr>
          </table></td>
        </tr>
        <tr>
          <td width="200"><table width="200" border="0" cellspacing="0" cellpadding="0" bordercolordark="#0033FF" bordercolorlight="#0066FF">
            <tr>
              <td width="200" align="center" valign="top" bgcolor="#000000"><img src="users/images/<?php echo $row['user']; ?>.jpg" width="100" height="100" /><br />
                <a href="users/<?php echo $row['user']; ?>.php"><?php echo $row['handle']; ?></a></td>
            </tr>
          </table></td>
          <td width="399" align="left" valign="top"><table border="0" cellspacing="0" cellpadding="0" bordercolordark="#0033FF" bordercolorlight="#0066FF">
            <tr>
              <td width="399" bgcolor="#000000"><?php $row['message'] = bbcode($row['message']); echo $row['message']; ?></td>
            </tr>
          </table></td>
        </tr>
        <tr>
          <td align="left" valign="middle"><?php echo $row['date']; ?></td>
          <td align="right" valign="middle"><?php if (($_SESSION['TheMob']['premium'] == 'Admin') || ($_SESSION['TheMob']['premium'] == 'Mod')){ echo '<a href="modules/admin/delnew.php?id='.$row['newsid'].'">Delete</a>'; } ?></td>
        </tr>
      </table>
    <?php
      }
      echo "</table>";
      }
      else {
        echo "No news found!";
      } 
      closedb();
      ?></td>
  </tr>
</table>
 

Code: Select all

function bbcode($str) {  
    $str = htmlentities($str);  
  
    $simple_search = array(  
                '/\[b\](.*?)\[\/b\]/is',  // Bold
                '/\[i\](.*?)\[\/i\]/is',  // Italic
                '/\[u\](.*?)\[\/u\]/is',  // Underline
                '/\[url\=(.*?)\](.*?)\[\/url\]/is',  // String Url
                '/\[url\](.*?)\[\/url\]/is',  // Plain Url
                '/\[align\=(left|center|right)\](.*?)\[\/align\]/is',  // Text alignment
                '/\[img\](.*?)\[\/img\]/is',  // Unsized image
                '/\[img\=(.*?)x(.*?)\](.*?)\[\/img\]/is',  // Sizeable image
                '/\[font\=(.*?)\](.*?)\[\/font\]/is',  // Change font
                '/\[size\=(.*?)\](.*?)\[\/size\]/is',  // Change size
                '/\[color\=(.*?)\](.*?)\[\/color\]/is',  // Change colour (US)
                '/\[colour\=(.*?)\](.*?)\[\/colour\]/is',  // Change colour (UK) 
                '/\n/is', // New line (automatic)
                '/\[quote\](.*?)\[\/quote\]/is', // Quote without name
                '/\[quote\=(.*?)\](.*?)\[\/quote\]/is', // Quote with name
                '/\[youtube\](.*?)\[\/youtube\]/is', // Unsized Youtube video
                '/\[youtube\=(.*?)x(.*?)\](.*?)\[\/youtube\]/is', // Sizeable Youtube video
                );  
  
    $simple_replace = array(  
                '<strong>$1</strong>',  
                '<em>$1</em>',  
                '<u>$1</u>',  
                '<a href="$1" rel="nofollow" title="$2 - $1">$2</a>',  
                '<a href="$1" rel="nofollow" title="$1">$1</a>',  
                '<div style="text-align: $1;">$2</div>',  
                '<img src="$1" alt="" />',  
                '<img src="$3" alt="" width="$1" height="$2"/>',  
                '<span style="font-family: $1;">$2</span>',  
                '<span style="font-size: $1px;">$2</span>',  
                '<span style="color: $1;">$2</span>',  
                '<span style="color: $1;">$2</span>',  
                '<br />',
                '',
                '',
                '<object width="425" height="350"><param name="movie" value="http://www.youtube.com/v/\\1"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/\\1" type="application/x-shockwave-flash" wmode="transparent" width="425" height="350"></embed></object>',
                '<object width="\\1" height="\\2"><param name="movie" value="http://www.youtube.com/v/\\3"></param><param name="wmode" value="transparent"></param><embed src="http://www.youtube.com/v/\\3" type="application/x-shockwave-flash" wmode="transparent" width="\\1" height="\\2"></embed></object>',
                );
I was rather impressed with this for a beginner lol

Re: Is forum information efficent when stored in a database?

Posted: Sun Oct 12, 2008 3:44 pm
by 8ennett
8ennett wrote:Hmm