Larry
Administrators-
Posts
5413 -
Joined
-
Last visited
-
Days Won
155
Larry last won the day on March 31 2022
Larry had the most liked content!
About Larry
Recent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
Larry's Achievements
-
Hey! First, just to be clear, you'd be going to the login.php page, not login.inc.php (which is an included file). In any case, to pull this off there are two options (off the top of my head): Use PHP to pass along the destination page. This would mean changing the login link so it adds ?dest=checkout to the URL (for the checkout page; for any other page you'd set this value accordingly). Then you'd update the login page so that on a successful login it redirects to that page. Use JavaScript to do a redirect to one page back in the history. The PHP route is better in my opinion, but requires a bit more programming effort.
-
TinkerBell started following Larry
-
If the business name is optional, then it doesn't need to be in the main conditional. I would think your NULLIF() usage should work, it's just a question what false-ish PHP value will equate to a NULL-ish MySQL value. I don't know the answer to that but you ought to be able to figure it out with some experimentation.
-
{NEW} in page 124 needs correct format
Larry replied to Alexander Luz Sperandio's topic in The Yii Book
Hey Alexander. Thanks for you help with this! Please do just post them here and I'll correct them in the next release. -
Thanks for your question. This is not something I've ever covered in one of my books but what you want to search for is "responsive images": https://developer.mozilla.org/en-US/docs/Learn/HTML/Multimedia_and_embedding/Responsive_images
- 1 reply
-
- 1
-
In your two code examples you have different assigned values for if the business name is empty. First you assign it to the PHP NULL and in the script you assign it to the PHP true. Then you use this value in the MySQL NULLIF() function. In either case you use the value in quotes, which might work, but probably isn't in your case. When you're testing this query directly you say it works, but I imagine at that time you're using a query with NULLIF('', ''), which is probably not the same as whatever PHP is doing. My suspicion is the PHP-generated values don't resolve to an equal comparison in the MySQL query. Specifically I would guess that the PHP NULL or true would get converted to 0 or 1 when put into a string and quoted. You can confirm this by printing out the query dynamically generated by the PHP script.
-
Hey Jacques! There's not really enough information here for me to make any suggestions. I'd start with the standard debugging methods: print out the query being run on the database (i.e., an example of the dynamically generated query) and also have the database report any errors (do this in the PHP script itself).
-
How the Stripe integration works has changed significantly since this edition was written. I'd look at Stripe's documentation for the proper JavaScript and PHP code to use in 2022. Sorry for the confusion!
-
Sure, sure! So, simply put, if there's a problematic character in a value that could break syntax of the SQL query when you go to run it. For example, say a person's last name is O'Brien, then this query: INSERT INTO people (last_name) VALUES ('$last_name') becomes INSERT INTO people (last_name) VALUES ('O'Brien') That query won't run in the database because of a syntax error. To prevent this problem, PHP developed this thing called Magic Quotes, which automatically escaped problematic characters. But the mysqli_real_escape_string() function actually does a better job of that, as it'll have database-specific results. So what this escape_data() function did was run data through mysqli_real_escape_string(). However, if Magic Quotes was on, that'd result in a value being overly escaped, so that's what the IF clause was addressing.
-
Ah, okay, thanks for the additional context. You should be able to update the code by just removing these three lines: if(get_magic_quotes_gpc()) { $data = stripslashes($data); } To be clear about that StackOverflow post, you don't need to sanitize input if you're using prepared statements. Since you're not using prepared statements here, failing to use mysqli_real_escape_string() will cause your query to break.