$insertSQL = sprintf("INSERT INTO contacts (date_created) VALUES (%s)",
GetSQLValueString('current_time', "date"));
instantly created a contact, which was very annoying.
This uses addslashes() to escape comments.
Drew discovered the bug while entering a comment in the PS shop. He is studying at Civil Engineering at WVU. Drew actually began his journey at YBD - http://www.crazyguyonabike.com/directory/?user=JGatlin - now that is pretty cosmic. :)
My name is Drew, or John depending on whom you ask. I'm currently "taking some time off" and touring throughout the southwestern United States -- I might venture into Mexico at some point in the next couple of months. Before I began this journey I lived in Austin, TX for most of my young life and attended Hendrix College in Conway, AR for a year and a half. In Austin I spent(/spend whenever I go back) a lot of time at the Austin Yellow Bike Project (YBP) and just recently got to know those over at Bikes Across Borders (BAB). In fact, I did my first tour with BAB in January of this year (2008) from Austin to Nuevo Laredo, Mexico. My experience with YBP led me to help start a bike project in Conway called Back In The Saddle Bike Collective in January 2007. The organization is currently thriving and operating out of two storage units and brings me much happiness. I'll continue working with them when I head back to school in the fall of 2008. For now, all I want to do is tour as long as possible. I expect I'll be able to keep it up at least until May, and I hope to be able to head into Mexico before it's all over.
0) concurrency issue, one contact_id was edited by 2 or more terminals
1) Better than having a new contact_id created everytime the contact_add_edit page is opened which was the behavior of the original program.
2) Still need to clean-up the code a little, and do a little bit more testing, but appears to be working nicely.
3) Still uses GET for initial setup, a todo to change.
4) Glad the bug was found, and now is fixed.
1) makes sign in button larger
2) changes "Current Shop" menu text to "Sign In" for normal user
3) takes all users after submitting contact to Sign In page rather than only new users.
Originally, deposits of $0 (amount > 0) would not be considered real deposits, however, there may be shops where only non-monetary transactions occurred (amount >= 0) which would be useful to record in an accounting program.
One caveat, if a monetary transaction is recorded, but the depositor only enters $0, the deposit will show "Difference: n/a", however this should be a cue since it should be obvious that a real world deposit of $0 would not be made at a bank.
1) Not necessary for a production site
2) Great for testing from the interface when a shop needs to be deleted, however, this can be done just as easily directly through the database.
1) Bots like to follow the delete link on demostrations and delete all the time-in entries.
2) YBDB adhers to open trust metrics that are common at bicycle collectives, bots really do not care about trust including bots from google, they love exploring every link though.
3) This functionality isn't really necessary since it is possible to make the sign-in time the same as the sign-out time if the person changes their mind about their visit.
1) updated information on how to ensure that passwords are hidden even wehn KeePass is opened.
2) added docker.txt which goes into details about sysadm of docker.
There are other things that can be done within the terminal to prevent tampering, e.g., read-only environment,
but the above protects the password from hacking, eavesdropping, and from regular users
in the shop, basically, only the sysadmin and bookkeeper should have remote access via the password.
So, YBDB, although on the internet will be confined to the terminal(s) you allow it to be on, and
the Point of Sale will be at the proper location .. at the front of the Community Bike Shop where people
walk-in/walk-out.
Jonathan Rosenbaum
Jonathan Rosenbaum