Alternate to nested if statements (alternate posing of question)

Sample Data Sheet: https://docs.google.com/spreadsheets/d/1EIQcpzwdaoNSKEPu-F1NCUOtEjS6Ez0P73dmotClT7Q/edit?usp=sharing

The end goal is to have a Month + Year show up in a single cell, based on the first instance of “New Total” being >=0.

The sheet includes sample data, and the formatting we are interacting with.

In the purple box, I want the month + year to populate, based on the first instance of “New Total” being >=0. When the formula reaches the first instance of >=0 (March in the sample data), I want it to then pull “March” from cell Q2 and concatenate with “2019” from cell “S2”. The values of “New Total” are dynamic, and will change periodically. Right now, the sample data should result in “March 2019”, but tomorrow it might change so that “February” is the first >=0 instance.

Simplified:

Input: Row of Numbers, looking for the first instance of “New Total” being >=0.

Output: Pull Month + Year once “New Total” has found int >=0 in specified row. Display in specified cell.

Here’s how it was done with the nested IF statements:

=IF(G15>=0,E14&" "&G14,IF(J15>=0,H14&" "&J14,IF(M15>=0,K14&" "&M14, 

How can I check SQL statements?

I’m looking for the security of sql injection.

sql = select * from where field01 = '1' AND field = 'where' example01 ('sql', 'where') 
  • The above sentence is looking to check that ‘where’ goes in once and ‘and’ goes in twice.
  • Using the function, you can see that the reserved word ‘where’ has been entered once.
  • What I’m looking for is a library or concept built around it.

Do these libraries exist? ( Of course I know of regular expressions. )

Additional questions:

  • Does the prepared statement have the functionality I’m talking about?
  • Does the DBMS procedure have the functionality I’m talking about?

How can I check SQL statements?

I’m looking for the security of sql injection.

sql = select * from where field01 = '1' AND field = 'where' example01 ('sql', 'where') 
  • The above sentence is looking to check that ‘where’ goes in once and ‘and’ goes in twice.
  • Using the function, you can see that the reserved word ‘where’ has been entered once.
  • What I’m looking for is a library or concept built around it.

Do these libraries exist? ( Of course I know of regular expressions. )

Additional questions:

  • Does the prepared statement have the functionality I’m talking about?
  • Does the DBMS procedure have the functionality I’m talking about?

Possible SQLi with self-made prepared statements and real_escape_string?

My current assignment is to find a possible SQL injection in a PHP WebApp. While looking at the source code, I noticed that the way the script is handling prepared statments is weird.

$  query = db::prepare("SELECT password FROM vault where id=%s", $  _POST['id']); $  res = db::commit($  query); 

The interesting part from the prepare function looks like this:

    // escape     foreach ($  args as &$  value){         $  value = static::$  db->real_escape_string($  value);     }      // prepare     $  query = str_replace("%s", "'%s'", $  query);     $  query = vsprintf($  query, $  args);     return $  query; 

Now, looking around for ways to bypass this, I noticed that single quotes are escaped, obviously because of the real_escape_string function. Looking around here, I found the following post which states that setting %s in single quotes preemptively looks highly suspect. However, I still haven’t found any way how to exploit this, or if it is even exploitable.

Can anyone tell me, if there is anything wrong to escape and process user input like that? I know using the original mysqli/PDO prepared statement functions are a better idea, but given this isn’t my code, it would be great to find out what exactly is wrong here and why you shouldn’t do it like this.

Alternate to Nested IF statements

enter image description here

Goal here is to have the sheets search a row, then once it finds the first instance of >=0, return the cell value that contains the month+concatenate the value in the cell next to it (or any other cell of choice). I’ve confirmed I can do this with a series of nested IF statements, but am looking for something more efficient. I’m not too terribly familiar with writing my own scripts, but can if someone can give general direction.

Optimising program with tons of if statements Java

I have a program that will ask the user to input their grades for 4 different sections of a project, then tell them what their total mark is, what grade they got and how many marks away they were from the next grade. I managed to make a single loop for all inputs rather than having a loop for each individual one, but there are still quite a lot of if statements to determine what grade they got and how far away they were from the next one, and I can’t figure out how to optimise it since I’m still very new to Java.

import java.util.Arrays; import java.util.InputMismatchException; import java.util.Scanner;  public class PortfolioGrade {      public static void main(String[] args) {         // TODO Auto-generated method stub         String[] words = new String[]{"Analysis", "Design", "Implementation", "Evaluation"};         int[] marks = new int[words.length];         for(int counter = 1; counter <= words.length; counter++) {             System.out.println("Enter your mark for the '" + words[counter - 1] + "' part of the project: ");             while(true) {                 try {                     Scanner reader = new Scanner(System.in);                     marks[counter - 1] = reader.nextInt();                     if(marks[counter - 1] < 0 || marks[counter - 1] > 25) {                         System.out.println("Please input a number between 0 and 25.");                         continue;                     }                     break;                 } catch(InputMismatchException e) {                     System.out.println("Please input a valid integer.");                 }             }         }          int totalmark = Arrays.stream(marks).sum();         String grade = null;         String nextgrade = null;         Integer marksaway = null;          if(totalmark < 2) {             grade = "U";             marksaway = 2 - totalmark;             nextgrade = "1";         } else if(totalmark >= 2 && totalmark < 4) {             grade = "1";             marksaway = 4 - totalmark;             nextgrade = "2";         } else if(totalmark >= 4 && totalmark < 13) {             grade = "2";             marksaway = 13 - totalmark;             nextgrade = "3";         } else if(totalmark >= 13 && totalmark < 22) {             grade = "3";             marksaway = 22 - totalmark;             nextgrade = "4";         } else if(totalmark >= 22 && totalmark < 31) {             grade = "4";             marksaway = 31 - totalmark;             nextgrade = "5";         } else if(totalmark >= 31 && totalmark < 41) {             grade = "5";             marksaway = 41 - totalmark;             nextgrade = "6";         } else if(totalmark >= 41 && totalmark < 54) {             grade = "6";             marksaway = 54 - totalmark;             nextgrade = "7";         } else if(totalmark >= 54 && totalmark < 67) {             grade = "7";             marksaway = 67 - totalmark;             nextgrade = "8";         } else if(totalmark >= 67 && totalmark < 80) {             grade = "8";             marksaway = 80 - totalmark;             nextgrade = "9";         } else if(totalmark >= 80) {             grade = "9";         }          System.out.println("Your total mark was " + totalmark + ".");         System.out.println("You got a Grade " + grade + ".");         if(grade == "9") {             System.out.println("You achieved the highest grade!");         } else if(marksaway == 1) {             System.out.println("You were " + marksaway + " mark away from a Grade " + nextgrade + ".");         } else {                 System.out.println("You were " + marksaway + " marks away from a Grade " + nextgrade + ".");         }     } } 

UNION SELECT after LEFT JOIN and a JOIN statements in MySQL

I have four tables – reports_new, repuser_new, clients, users and the following query:

    SELECT DISTINCT rep.*     FROM `reports_new` rep     LEFT JOIN `repuser_new` ru     ON ru.`id_rep` = rep.`id`     JOIN `clients` c     ON c.`id` = rep.`id_client`     WHERE ru.`id_user` = '1' and rep.`name` LIKE 'urgent'     ORDER BY rep.date DESC 

EDIT: Without making any modifications prior to the WHERE clause, would it be possible to use UNION (or a better approach) after the LIKE statement in order to SELECT from a fourth table called users and ORDER the results BY rep.date DESC?

How to avoid too many if else statements

I am writing a simple app using matlab app designer, My code works but I want to make it better. I have too many if else conditions. How can I avoid this?

 function buttonpush3Act(app, event)         a3= app.StrokeLengthmmEditField_13.Value;         b3=app.StrokeLengthmmEditField_12.Value;         c3= app.StrokeLengthmmEditField_11.Value;         d3=app.BuildingDimensionmmEditField_6.Value;         e3=app.BuildingDimensionmmEditField_5.Value;         f3=app.BuildingDimensionmmEditField_4.Value;         g3=app.orPreconfiguredrefnumEditField.Value;         h3=app.orPreconfiguredrefnumEditField_2.Value;         i3=app.orPreconfiguredrefnumEditField_3.Value;         j3=app.ActuatorTypeNumberEditField.Value;         k3=app.ActuatorTypeNumberEditField_2.Value;         l3=app.ActuatorTypeNumberEditField_3.Value;           %reset message field         app.OutputMessageEditField_2.Value= "";         % avoid missuse of the ┬┤result┬┤button         if(a3==0 && b3==0 && c3==0 && d3==0 && e3==0 && f3==0 && g3==0 && h3==0)             app.Actuator1EditField.Value= '';             app.Actuator2EditField.Value= '';             app.Actuator3EditField.Value ='';             app.OutputMessageEditField_2.Value ='';              %check for pre configured actuators            elseif((j3== k3 == l3 || j3== k3 || j3== l3 || k3 == l3) && (j3 > 0 && k3 > 0 && l3 > 0)) %avoid having more than one LA40             app.Actuator1EditField.Value= '';             app.Actuator2EditField.Value= '';             app.Actuator3EditField.Value ='';             app.OutputMessageEditField_2.Value =" ERROR2: Unsupported configuration";              %check if special actuators present         elseif((j3 == 40 && k3 ~= 40 && l3 ~= 40) || (j3 ~= 40 && k3 == 40 && l3 ~= 40) || (j3 ~= 40 && k3 ~= 40 && l3 == 40))             % a rotation to to catch la 40 and define it as ref4             dataLa40 = [j3,k3,l3];             ref4 = dataLa40(1)             for r= 1:length(dataLa40)                 if dataLa40(r) == 40;                     ref4 = dataLa40(r);                 end             end             if (ref4 == dataLa40(1))                app.Actuator1EditField.Value = "ref4";             elseif(ref4 == dataLa40(2) )               app.Actuator2EditField.Value = "ref4";             else(ref4 == dataLa40(3))                 app.Actuator3EditField.Value = "ref4";             end              %  if act1== ref4 what if act2== ref4 what if act3== ref4 what           %check for rule D           elseif((a3 ~= b3) && (a3~= c3) && (b3 ~= c3) && (a3 > 0 && b3 > 0 && c3 > 0))              data= [a3,b3,c3];             ref2= data(1)             ref3=data(1)             ref1=data(1)             for j = 1:length(data)                 %largest stroke length                 if data(j)>ref2;                     ref2=data(j);                 end             end             for k = 1:length(data)                 %smallest stroke length                 if data(k)<ref3;                     ref3=data(k);                 end             end              for m = 1:length(data)                 %stroke length in the middle                 if ref3<data(m) & data(m)<ref2;                     ref1=data(m);                 end             end              if (ref2== a3)                 app.Actuator1EditField.Value= "ref2"  ;             elseif(ref2==b3)                 app.Actuator2EditField.Value= "ref2"  ;             else(ref2==c3)                 app.Actuator3EditField.Value= "ref2"  ;             end             if(ref3==a3)                 app.Actuator1EditField.Value= "ref3"  ;             elseif(ref3==b3)                 app.Actuator2EditField.Value= "ref3"  ;             else(ref3==c3)                 app.Actuator3EditField.Value= "ref3"  ;             end             if(ref1==a3)                 app.Actuator1EditField.Value= "ref1"  ;             elseif(ref1==b3)                 app.Actuator2EditField.Value= "ref1"  ;             else(ref1==c3)                 app.Actuator3EditField.Value= "ref1"  ;             end             % elseif((a3 == b3) || (a3 == c3) || (b3 == c3))             %check for rule C         else(((a3 == b3) || (a3 == c3) || (b3 == c3)) && (a3 > 0 && b3 > 0 && c3 > 0))              data_list= [d3,e3,f3];             ref2= data_list(1)             ref3=data_list(1)             ref1=data_list(1)             for n = 1:length(data_list)                 %largest Building Dimension                 if data_list(n)>ref2;                     ref2=data_list(n);                 end             end             for p = 1:length(data_list)                 %smallest Building Dimension                 if data_list(p)<ref3;                     ref3=data_list(p);                 end             end              for q = 1:length(data_list)                 %Building Dimension in the middle                 if ref3<data_list(q) & data_list(q)<ref2;                     ref1=data_list(q);                 end             end                if (ref2== d3)                 app.Actuator1EditField.Value= "ref2"  ;             elseif(ref2==e3)                 app.Actuator2EditField.Value= "ref2"  ;             else(ref2==f3)                 app.Actuator3EditField.Value= "ref2"  ;             end             if(ref3==d3)                 app.Actuator1EditField.Value= "ref3"  ;             elseif(ref3==e3)                 app.Actuator2EditField.Value= "ref3"  ;             else(ref3==f3)                 app.Actuator3EditField.Value= "ref3"  ;             end             if(ref1==d3)                 app.Actuator1EditField.Value= "ref1"  ;             elseif(ref1==e3)                 app.Actuator2EditField.Value= "ref1"  ;             else(ref1==f3)                 app.Actuator3EditField.Value= "ref1"  ;             end              %check for eqaul building dimentions             if(((d3 == e3) || (d3 == f3) || (e3 == f3)) && (d3 > 0 && e3 > 0 && f3 > 0))                 app.OutputMessageEditField_2.Value ="Use channel assignment or config. tool";                 app.Actuator1EditField.Value= '';                 app.Actuator2EditField.Value= '';                 app.Actuator3EditField.Value ='';              else                 app.OutputMessageEditField_2.Value ="ERROR2; Fill the required fields";                 app.Actuator1EditField.Value= '';                 app.Actuator2EditField.Value= '';                 app.Actuator3EditField.Value ='';              end         end          %should be out of main loop, independent         if(a3 == 0 ||b3 == 0 ||c3 == 0 ||d3 == 0 ||e3 == 0 ||f3 == 0 ||j3 == 0 ||k3 == 0 ||l3 == 0 )             app.OutputMessageEditField_2.Value ="ERROR2; Fill the required fields";             app.Actuator1EditField.Value= '';             app.Actuator2EditField.Value= '';             app.Actuator3EditField.Value ='';         end     end 

Q : Loops along with If-statements & else if statements | Rental Car Calculator Project (WHOLE DAYS ONLY)

At the prompt: “System.out.print(“What vehical would you like to rent?\n”); ” I can not figure out why when a number that is not 1-3 is entered it will not repeat the loop as I want OR display any input I’ve entered for the system.print

Second, I can not figure how to make an if statement only allowing the user to enter 1 or 0 when prompted: “System.out.println(“If there are any customer press 1 else press 0″);” Without making an error in my loop for summary data or counts.

package inter;  import java.util.InputMismatchException; import java.util.Scanner;  public class Inter { public static void main(String []args){ int count=0; int days; double DailyFee=0, NontaxTotal, CarType, Total,FullTotal=0; boolean F1 = false, F2 = false; Scanner in=new Scanner(System.in); System.out.println("If there are any customer press 1 else press 0"); int cus=in.nextInt();      while(cus!=0){         while(F1 == false) {             F1 = true;             count++;             System.out.print("What vehical would you like to rent?\n");             System.out.println("Enter 1 for an economy car");             System.out.println("Enter 2 for a sedan car");             System.out.println("Enter 3 for an SUV");             CarType = in.nextInt();             try {                 CarType = in.nextInt();                 if (CarType <= 0 || CarType >= 4) {                     System.out.print("Number must be 1-3\n");                     System.out.println("Please enter 1 for an economy car");                     System.out.println("Enter 2 for a sedan car");                     System.out.println("Enter 3 for an SUV");                     CarType = in.nextInt();                     F1 = false;                 } else {                      if (CarType == 1) {                          F1 = true;                           DailyFee=31.76;                 } else if(CarType == 2) {                         F1 = true;                           DailyFee=40.32;                 } else if(CarType == 3) {                         F1 = true;                           DailyFee=47.56;                 }                 while (F2 == false) {                     F2 = true;                     try {                          System.out.print("Please enter the number of days rented. (Example; 3) : ");                         days = in.nextInt();                          if (days <= 0) {                             System.out.println("Number of days must be more than zero");                             F2 = false;                         } else {                             days = in.nextInt();                             double x=days;                             NontaxTotal = (DailyFee * x);                             Total = (NontaxTotal * 1.06);                             FullTotal+=Total;                         }                     } catch(InputMismatchException ex) {                         System.out.println("Answer must be a number");                         F2 = false;                         in.next();                         }                     }                 }             } catch (InputMismatchException ex) {                 F1 = false;                 System.out.println("Answer must be a number");              }         }      }     in.close();     System.out.println("Count of customers : "+count);     System.out.printf("Total of the Day : $   %.2f",FullTotal); } 

}