Larry

I'm skeptical about the idea of storing the password and username (i.e., the login info) in a cookie, in a hashed version or not. I'd be inclined to do this... When the user logs in, if the "Remember Me" box is checked, add a random hash to a column in the users table. Then, when they return, the system can check for that stored hash. For added security, you could also store the hash of the username (or whatever) in a cookie, but I wouldn't store the password. You should also salt the hashes, to be safe.

Floydian is definitely correct. I prefer things to be consistent, so would rather there always be a terminating slash. This would also make hits reporting more reliable.

I've heard good things about Dreamhost (http://www.dreamhost.com/), but have no personal experience with them and know no particulars.

Yes, absolutely. Thanks for your interest in the book!

Okay, here's what seemed to work for me. You'll need to tweak it accordingly: <IfModule mod_rewrite.c> RewriteEngine on RewriteBase / # Add slashes to the end of everything, if not present: RewriteCond %{REQUEST_URI} !\.[^./]+$ RewriteCond %{REQUEST_URI} !(.*)/$ RewriteRule ^(.*)$ http://localhost/$1/ [R=301,L] # Redirect about/ and about/X to about.php?get=X: RewriteCond %{SCRIPT_FILENAME} !-d RewriteCond %{SCRIPT_FILENAME} !-f RewriteRule ^about/$ about.php RewriteRule ^about/([A-Za-z\+\-]+)/?$ about.php?get=$1 </IfModule> Let me know if I missed something or if it's not working. Also, to apply this to multiple scripts, you could do: RewriteRule ^(about)|(contact)|(blog)/$ $1.php RewriteRule ^(about)|(contact)|(blog)/([A-Za-z\+\-]+)/?$ $1.php?get=$2 That's untested but should work.

You want to download MySQL Community Server 5.5.11 (that's the current version as I write this). Download either the 32-bit or the 64-bit Installer, depending upon what version of Windows you're using.

Okay, the easy solution is to change the XML, if that's an option. If not, I think you're either going to have create a custom data renderer or convert the raw XML to a more usable format.

Compression of PHP scripts is something built into PHP (and enabled or not enabled, depending upon the host). If you're looking to optimize, you may want to consider applying Smush.It to your images. You'll see this linked as part of YSlow!

Just to confirm, WHAT is saying that you need to compress your files? What browsers are you testing this in? On what OS? Can you provide a URL for others to test?

I couldn't even begin to provide an answer without knowing some specific details, such as the operating system in use, the directory structure, the URLs, etc.

I don't think it's possible to set a cookie that never expires. If you set no expiration date, then the cookie only lasts as long as the current browser session. It's just a cookie with a long expiration. And I agree with Jonathon about the need. I've never felt that they are all that necessary, but some people still expect them, I guess.

Yeah, that code is supposed to address Magic Quotes being on. Unfortunately, and quite stupidly, I define the escape_data() function in the chapter but don't actually use it in the code!

That's okay. It's when people post in the forum and then email that's annoying. As for your issue, kudos for validating the XML output. I believe the solution is to change this: XMLDataList=event.result.kettle; to XMLDataList=event.result.kettles.kettle; And/or set the showRoot property on the Tree to false. I don't have the time at this moment to test these myself, but I'm fairly sure it's one of those changes that will do the trick.

Thanks for the nice words on the book. I'm glad you like it. As for this question, I'm trying to remember the answer. With test mode on, I was getting a transaction ID of 0: $data['x_test_request'] = 'TRUE'; When I didn't use that, I believe I was getting valid transaction IDs again.

Well, I'm not sure why your function above isn't working, but when I searched "php xml to array", I came across this page: http://gaarf.info/2009/08/13/xml-string-to-php-array/ On that page, Rasmus Lerdorf posted a link to his code for converting XML to an array: http://codepad.org/5CrZpqeh

As for the first question, you can use preg_match(), but you can also use ctype_alpha(), which may be easier: http://www.php.net/manual/en/function.ctype-alpha.php

Well, I'm glad you figured it out and thanks for letting me know. Yes, Flex is pretty good stuff. Glad you think so, too!

What you're seeing isn't really a hack attempt in the sense that it's not trying to break your site but rather get those links to be displayed on your site. So, yes, I'd call it random spam. You could choose to ignore it, or if it happens a lot and it bothers you, you could add a check to your contact code that if the contact submission "a href" or "link=", it gets automatically deleted.

When you say you made the variable bindable and such, could you share some of the actual code (not all of it, but the most relevant parts)?

Okay, I'll take a look at this and see what I can figure out.

What's the end goal here? Because the XML data and a multidimensional array are really equivalent. What's the purpose of transforming the XML to the array in the first place?

Sorry for not getting back to this sooner. Couldn't you just create a master array in JavaScript that lists the hierarchy of DIVs so that knowing the current DIV would be an easy way to know what the next and previous DIVs were?

As for the second article, I'll start by saying these two articles just remind me that for a while there everyone wanted to make their own framework! My second thought is it's written for PHP 4, so I don't know how useful the actual code will be, considering the serious changes to objects in PHP 5. My third thought is the article is too long to read and review it!

Well, I cheated: copy and paste! Thanks for helping!

DEFINE ('DB_USER', 'rafter1_hardrocks'); DEFINE ('DB_PASSWORD', 'fastpaddle'); DEFINE ('DB_HOST', 'localhost'); DEFINE ('DB_NAME', 'rafter1_whitewater');