Jump to content
Larry Ullman's Book Forums

Larry

Administrators
  • Posts

    5413
  • Joined

  • Last visited

  • Days Won

    155

Everything posted by Larry

  1. Thanks again, Fred, for the interest! Unfortunately there's no change. I haven't spoken with the publisher about doing a new edition.
  2. Thanks for the nice words! I appreciate it. Everything I have should be in the repo to download, but if you could clarify what you mean by "script" and what chapter you're referring to, I can double-check. Cheers!
  3. Hey! First, just to be clear, you'd be going to the login.php page, not login.inc.php (which is an included file). In any case, to pull this off there are two options (off the top of my head): Use PHP to pass along the destination page. This would mean changing the login link so it adds ?dest=checkout to the URL (for the checkout page; for any other page you'd set this value accordingly). Then you'd update the login page so that on a successful login it redirects to that page. Use JavaScript to do a redirect to one page back in the history. The PHP route is better in my opinion, but requires a bit more programming effort.
  4. If I'm following your question correctly, I suspect the intent is you one one query to confirm that the email address isn't already registered. You'd print an error message if it is registered or continue with the registration--run the INSERT--if not.
  5. If the business name is optional, then it doesn't need to be in the main conditional. I would think your NULLIF() usage should work, it's just a question what false-ish PHP value will equate to a NULL-ish MySQL value. I don't know the answer to that but you ought to be able to figure it out with some experimentation.
  6. Hey Alexander. Thanks for you help with this! Please do just post them here and I'll correct them in the next release.
  7. Thanks for your question. This is not something I've ever covered in one of my books but what you want to search for is "responsive images": https://developer.mozilla.org/en-US/docs/Learn/HTML/Multimedia_and_embedding/Responsive_images
  8. Hmmm... I would think this line would never be true if you assign $bn a NULL value. if ($fn && $ln && $bn && $c && $s && $e && $p) { // If everything's OK. But I could be wrong. In any case, are you still having problems with this or is it working now?
  9. In your two code examples you have different assigned values for if the business name is empty. First you assign it to the PHP NULL and in the script you assign it to the PHP true. Then you use this value in the MySQL NULLIF() function. In either case you use the value in quotes, which might work, but probably isn't in your case. When you're testing this query directly you say it works, but I imagine at that time you're using a query with NULLIF('', ''), which is probably not the same as whatever PHP is doing. My suspicion is the PHP-generated values don't resolve to an equal comparison in the MySQL query. Specifically I would guess that the PHP NULL or true would get converted to 0 or 1 when put into a string and quoted. You can confirm this by printing out the query dynamically generated by the PHP script.
  10. Hey Jacques! There's not really enough information here for me to make any suggestions. I'd start with the standard debugging methods: print out the query being run on the database (i.e., an example of the dynamically generated query) and also have the database report any errors (do this in the PHP script itself).
  11. That means your query didn't run properly due to an error. I suspect it's because you can't return an array from a function like that (as an aside, that's not a good use of a user-defined function). If you start by printing out the value of $existing_Query you can confirm this.
  12. How the Stripe integration works has changed significantly since this edition was written. I'd look at Stripe's documentation for the proper JavaScript and PHP code to use in 2022. Sorry for the confusion!
  13. Sure, sure! So, simply put, if there's a problematic character in a value that could break syntax of the SQL query when you go to run it. For example, say a person's last name is O'Brien, then this query: INSERT INTO people (last_name) VALUES ('$last_name') becomes INSERT INTO people (last_name) VALUES ('O'Brien') That query won't run in the database because of a syntax error. To prevent this problem, PHP developed this thing called Magic Quotes, which automatically escaped problematic characters. But the mysqli_real_escape_string() function actually does a better job of that, as it'll have database-specific results. So what this escape_data() function did was run data through mysqli_real_escape_string(). However, if Magic Quotes was on, that'd result in a value being overly escaped, so that's what the IF clause was addressing.
  14. Ah, okay, thanks for the additional context. You should be able to update the code by just removing these three lines: if(get_magic_quotes_gpc()) { $data = stripslashes($data); } To be clear about that StackOverflow post, you don't need to sanitize input if you're using prepared statements. Since you're not using prepared statements here, failing to use mysqli_real_escape_string() will cause your query to break.
  15. Sorry, no. I had the answers in mind when I wrote the "Review and Pursue" sections at the end of each chapter but I never formally wrote down the answers in any place.
  16. Thanks for the nice words! I truly appreciate it. Yes, I'm still running these forums for a while longer... As for your question, what is the specific version of PHP you're using and what is the error message that comes from the escape_data() function usage?
  17. Hey! Good questions here! For question 1, there are two facets. First, the database needs to store the product+size+price combination, which is already supported. (I forget if the admin interface allows you to set different prices for different sizes or not.) Second, on the client-side (in the browser), you'll need to use JavaScript to make the magic happen. You'd use an event handler to watch for size changes and then update the price HTML accordingly. I think I'd be inclined to have the PHP script pull all the sizes and prices first, and store these in a JavaScript object. Then, when the size changes, the JavaScript uses that object to update the HTML. For question 2, with the current database structure you'd add a colors table and then a color column to the database, so you create a new SKU for each color. Hope that helps but let me know if you have additional questions.
  18. (Resolved over email...) The publisher has PPT slides available; there aren't sample tests or homework assignments.
  19. You've already done all the hard work. Kudos! You have the values you need, as an associative array. All you need to do now is pop those values into an INSERT query, something like $arr = json_decode($json, true); if (!empty($arr['isbn'])) { // Basic validation that data was returned... INSERT INTO books (ISBN, title) VALUES ('{$arr['isbn']}', '{$arr['title']}'); Although it'd be best if you use prepared statements or somehow sanitized the values before using them in the query.
  20. If you're concerned about a fake ID scenario AND such a query not affecting any rows is cause to stop execution of the code, you could run a SELECT query using the ID first to validate that it's real before running the UPDATE. That being said, doing all that seems to me like adding extra overhead to "solve" a problem that's not really a problem. The UPDATE query, like on a password change, should use the primary key, which is immutable, and therefore not user-provided. It's unclear how a fake ID would get into the mix.
  21. Thanks so much for the nice words! I really appreciate it. This is an excellent question! What you can do is just use mysqli_query() as the conditional. The function returns a false value if it didn't run (i.e., there's an error), which is a different thing than the query running but not affecting a change. https://www.php.net/manual/en/mysqli.query.php
  22. Thanks for your interest and sorry for the delayed reply. Right now there's no plan to update the PHP Advanced book. I've not even spoken with the publisher about it. Thanks again, though, for asking!
  23. If you just google "xampp mail server windows" you'll find plenty of tutorials on the subject. (I don't have XAMPP on Windows, so I don't know off the top of my head.)
×
×
  • Create New...