[Is there going to be a new edition of 'PHP Advanced and Object Oriented programming' book?]

Thanks again, Fred, for the interest! Unfortunately there's no change. I haven't spoken with the publisher about doing a new edition. 

[Is there a script for the table 'transactions' in DATABASE banking?]

Thanks for the nice words! I appreciate it. Everything I have should be in the repo to download, but if you could clarify what you mean by "script" and what chapter you're referring to, I can double-check. Cheers!

[Redirect]

Hey! First, just to be clear, you'd be going to the login.php page, not login.inc.php (which is an included file). In any case, to pull this off there are two options (off the top of my head):

• Use PHP to pass along the destination page. This would mean changing the login link so it adds ?dest=checkout to the URL (for the checkout page; for any other page you'd set this value accordingly). Then you'd update the login page so that on a successful login it redirects to that page. 
• Use JavaScript to do a redirect to one page back in the history. 

The PHP route is better in my opinion, but requires a bit more programming effort. 

[Multiple queries modifying register concern]

If I'm following your question correctly, I suspect the intent is you one one query to confirm that the email address isn't already registered. You'd print an error message if it is registered or continue with the registration--run the INSERT--if not. 

[Form Validation for Optional Values]

If the business name is optional, then it doesn't need to be in the main conditional. I would think your NULLIF() usage should work, it's just a question what false-ish PHP value will equate to a NULL-ish MySQL value. I don't know the answer to that but you ought to be able to figure it out with some experimentation. 

[{NEW} in page 124 needs correct format]

Hey Alexander. Thanks for you help with this! Please do just post them here and I'll correct them in the next release. 

[Rendering different image sizes to different devices.]

Thanks for your question. This is not something I've ever covered in one of my books but what you want to search for is "responsive images": https://developer.mozilla.org/en-US/docs/Learn/HTML/Multimedia_and_embedding/Responsive_images

 

[Form Validation for Optional Values]

Hmmm... I would think this line would never be true if you assign $bn a NULL value.

if ($fn && $ln && $bn && $c && $s && $e && $p) { // If everything's OK.

But I could be wrong. In any case, are you still having problems with this or is it working now? 

[Form Validation for Optional Values]

In your two code examples you have different assigned values for if the business name is empty. First you assign it to the PHP NULL and in the script you assign it to the PHP true. Then you use this value in the MySQL NULLIF() function. In either case you use the value in quotes, which might work, but probably isn't in your case. 

When you're testing this query directly you say it works, but I imagine at that time you're using a query with NULLIF('', ''), which is probably not the same as whatever PHP is doing. My suspicion is the PHP-generated values don't resolve to an equal comparison in the MySQL query. Specifically I would guess that the PHP NULL or true would get converted to 0 or 1 when put into a string and quoted.

You can confirm this by printing out the query dynamically generated by the PHP script. 

[Form Validation for Optional Values]

Hey Jacques! There's not really enough information here for me to make any suggestions. I'd start with the standard debugging methods: print out the query being run on the database (i.e., an example of the dynamically generated query) and also have the database report any errors (do this in the PHP script itself).

[Fatal error: Uncaught TypeError: mysqli_num_rows(): Argument #1 ($result) must be of type mysqli_result, bool given]

That means your query didn't run properly due to an error. I suspect it's because you can't return an array from a function like that (as an aside, that's not a good use of a user-defined function). If you start by printing out the value of $existing_Query you can confirm this. 

[Stripe]

How the Stripe integration works has changed significantly since this edition was written. I'd look at Stripe's documentation for the proper JavaScript and PHP code to use in 2022. Sorry for the confusion!

[Difference Between Mysqli_Real_Escape_String And Escape_Data()]

Sure, sure! So, simply put, if there's a problematic character in a value that could break syntax of the SQL query when you go to run it. For example, say a person's last name is O'Brien, then this query:

INSERT INTO people (last_name) VALUES ('$last_name')

becomes

INSERT INTO people (last_name) VALUES ('O'Brien')

That query won't run in the database because of a syntax error.

To prevent this problem, PHP developed this thing called Magic Quotes, which automatically escaped problematic characters. But the mysqli_real_escape_string() function actually does a better job of that, as it'll have database-specific results. So what this escape_data() function did was run data through mysqli_real_escape_string(). However, if Magic Quotes was on, that'd result in a value being overly escaped, so that's what the IF clause was addressing. 

[Difference Between Mysqli_Real_Escape_String And Escape_Data()]

Ah, okay, thanks for the additional context. You should be able to update the code by just removing these three lines:

    if(get_magic_quotes_gpc()) {
        $data = stripslashes($data);
    }

To be clear about that StackOverflow post, you don't need to sanitize input if you're using prepared statements. Since you're not using prepared statements here, failing to use mysqli_real_escape_string() will cause your query to break. 

[Cannot change session id when headers already sent]

Kudos for solving it!

[Difference Between Mysqli_Real_Escape_String And Escape_Data()]

Thanks for the nice words! I truly appreciate it. Yes, I'm still running these forums for a while longer...

As for your question, what is the specific version of PHP you're using and what is the error message that comes from the escape_data() function usage? 

[Change price based on size]

Hey! Good questions here! 

For question 1, there are two facets. First, the database needs to store the product+size+price combination, which is already supported. (I forget if the admin interface allows you to set different prices for different sizes or not.) Second, on the client-side (in the browser), you'll need to use JavaScript to make the magic happen. You'd use an event handler to watch for size changes and then update the price HTML accordingly. I think I'd be inclined to have the PHP script pull all the sizes and prices first, and store these in a JavaScript object. Then, when the size changes, the JavaScript uses that object to update the HTML.

For question 2, with the current database structure you'd add a colors table and then a color column to the database, so you create a new SKU for each color. 

Hope that helps but let me know if you have additional questions. 

[Taking a array and trying to load it in to a mysql database]

You've already done all the hard work. Kudos! You have the values you need, as an associative array. All you need to do now is pop those values into an INSERT query, something like

$arr = json_decode($json, true);
if (!empty($arr['isbn'])) { // Basic validation that data was returned...
  INSERT INTO books (ISBN, title) VALUES ('{$arr['isbn']}', '{$arr['title']}');

Although it'd be best if you use prepared statements or somehow sanitized the values before using them in the query.

[Chapter 9 Update Password]

If you're concerned about a fake ID scenario AND such a query not affecting any rows is cause to stop execution of the code, you could run a SELECT query using the ID first to validate that it's real before running the UPDATE.

That being said, doing all that seems to me like adding extra overhead to "solve" a problem that's not really a problem. The UPDATE query, like on a password change, should use the primary key, which is immutable, and therefore not user-provided. It's unclear how a fake ID would get into the mix.  

[Chapter 9 Update Password]

Thanks so much for the nice words! I really appreciate it. 

This is an excellent question! What you can do is just use mysqli_query() as the conditional. The function returns a false value if it didn't run (i.e., there's an error), which is a different thing than the query running but not affecting a change.

https://www.php.net/manual/en/mysqli.query.php

[Is there going to be a new edition of 'PHP Advanced and Object Oriented programming' book?]

Thanks for your interest and sorry for the delayed reply. Right now there's no plan to update the PHP Advanced book. I've not even spoken with the publisher about it. Thanks again, though, for asking!

[Contact page - Chapter 12]

Cool solution and thanks for sharing that!

[when i tried to run the user registration example program, I got some error. please help]

If you just google "xampp mail server windows" you'll find plenty of tutorials on the subject. (I don't have XAMPP on Windows, so I don't know off the top of my head.)

[when i tried to run the user registration example program, I got some error. please help]

From there error messages, you have two issues to resolve. The first is you haven't configured a local mail server. The second is your error handling script still references the $e_vars variable, which it no longer has defined as an argument. 

[when i tried to run the user registration example program, I got some error. please help]

There are two issues here. One is that there's an error going on in the script. The second is the error handling isn't working properly. For the latter, you don't mention what version of PHP you're using, but I expect the warning in the box applies: https://www.php.net/manual/en/function.set-error-handler.php

Remove the last parameter from the my_error_handler() definition, as well as the use of that $e_vars variable within it. 

Once you fix that, you should properly see the actual error that's happening on the page.