Jump to content
Larry Ullman's Book Forums


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by Larry

  1. That's an excellent question! Depending upon what it means to be an "admin" user, I'd be inclined to not allow admin users to reset their password at all. If a password is forgotten, the admin should personally contact the site--who presumably knows the admin--who would manually help with the reset. Such an arrangement, while inconvenient, would prevent a hack attempt.
  2. It looks like this is most commonly caused by InnoDB settings: https://stackoverflow.com/questions/22637733/mysql-error-code-1118-row-size-too-large-8126-changing-some-columns-to-te/33655143 If you'd like to keep the current approach and aren't going to add like double the current number of columns, you can try that. If this is going to continue to balloon in size, you'll need to dramatically rethink how translated text is stored. An option would be to switch the rows and columns. You won't have the row size issue anymore but you'll need to select the one column for every row and then use that query to populate a PHP array, which is laborious. Alternatively you could store all the translations in one string, like in JSON format. Retrieval and usage shouldn't be too bad but updating the values will be effortful. There's a number of ways you could approach this but those are the first two that come to mind. Everything has its tradeoffs!
  3. So I believe the page gives that result if that "SELECT a.user_id, u.email, LEFT(u.first_name,1) AS icon, ..." query doesn't return exactly one row. There wasn't anything obviously amiss there upon first inspection. I would run the query manually using the mysql client to see why it's not returning a row. (You'll need to insert the token value into the query, of course.) Try removing various conditionals to see which is the problem.
  4. So you need to clarify which date_expires you're referring to by prefacing "date_expires" with the table name or alias. As you're probably referring to the access_tokens table, which has been aliased to "a", you'd change the conditional to "AND a.date_expires > NOW()". What you tried was close but a query only has one "FROM" clause and you added a second one as part of the "WHERE" conditionals.
  5. The code you have looks okay to me. If it's not working, I'd start by looking at the HTML source of the output to see if there's something useful there. Also, should you be using POST or GET?
  6. Ah, good question! There are two options: A. Use the current code but before the current session is destroyed, copy the lang ID to a new variable and then after the current session and cookie are destroyed, start a new session and store the lang ID in that using the variable. or B. Don't clear and destroy the session in this script, only remove those session elements that represent "being logged in".
  7. Hey! If you're talking about Script 10.3, it doesn't require that the email be updated. It uses the form values to "update" the email address in the database, but the form value could very well be the same as the current value.
  8. Sure thing! I answer what I was thinking in this thread: But if you want another hint before you see the answer, there's an outer conditional--isset()--and then an inner conditional--on gender. To make this one conditional instead of two nested ones, each condition must represent both of those tests (the original outer condition plus an original inner condition).
  9. I think what you're looking for is explained here: https://dev.mysql.com/doc/refman/8.0/en/time-zone-support.html#time-zone-installation Where you want to execute this command: mysql -u root -p mysql < file_name replacing "file_name" with a full path to the timezone SQL file.
  10. Thanks for your question! You could consider my "Effortless E-commerce" book, which goes through two fairly complete applications. Unfortunately I'm not too familiar with other books that do a similar thing but they may be out there. Good luck with your further studies!
  11. Thank you so much for the nice words and the continued support! Best wishes to you in your further studies!
  12. Ah, in theory, yes, but the latter version--without !empty()--would create PHP warnings under some circumstances, so the !empty() version is "safer" and more professional.
  13. I'm not sure what the hidden input is supposed to be doing but you can just change the SELECT menu to use the id and name of "id" and then the next page has access to the selected item.
  14. My theory is there may be something about how videos are served to and loaded from the browser that causes the double insert. But that's just a wild guess. You'll really need to do some detective work here. I'd start by making sure no other script in your application runs the same INSERT query. Unlikely, but best to rule out the obvious. Then confirm that you're actually getting duplicate inserts and not just making a mistake when viewing your data in the database. Then make sure you don't have duplicate references to the script. If you're still not finding it, then start playing with the script to see if you can isolate a cause. Do you get duplicates regardless of what browser you use? Do you get duplicates regardless of the video size?
  15. Thanks for the nice words! If you look at Script 12.9 on page 407, you can see sample code for restricting access to a page to logged in users. Also, Ch 18 fleshes out the whole concept more for you.
  16. If you use session_start(), that creates a PHP session with a session ID. Whether the visitor is logged in or not is actually an entirely separate concept, a concept that PHP on the server will have no awareness of. The concept of "logged in" is normally represented by storing meaningful data in the session. Think of session_start() as PHP providing a bucket for you to put stuff. That bucket is going to exist whether it's empty or full. Once the user logs in, your code starts putting stuff in the bucket.
  17. So this means your query isn't returning 0 rows. The likely causes are: The provided login details are actually incorrect. The provided details are correct but there's a mismatch in your comparison algorithm (e.g., the encrypted password is stored one way but the match is checked in another way). Neither of the above is true but you have a syntax error with your query.
  18. If assignments were to a subset of the class, then you'd want to create a more basic assignments, students, and student_assignments arrangement. But we're getting out of the range of what I know about how teachers work. I'd strongly recommend you talk to the target users and get the true sense of how they work and what they need. I'm just guessing!
  19. I would think you would have a table of classes, which creates a class ID. Then, depending upon the school structure, you could either create a classes-teachers table that creates the association or the teacher's ID gets pulled into the classes table directly. Assuming assignments are given to an entire class so you'd want to create an assignments table that maps the specific assignments created by a teacher to a specific class. Then there would be a table for tracking homework that includes the student ID, the assignment ID, and the data for that homework (date completed, grade). As a general rule, I try avoid creating a slew of INSERTs that just reflect "this is a thing that exists". And as you can tell, I design thinking about the relationships. Yes, the net effect is a teacher assigns work to every student, but what's actually happening is the teacher assigns it to the class and every student happens to be in that class.
  20. Hmmm...this is a tough one. There's only one INSERT query in this page being executed. So either this script is being run twice for each video view--which is possible--or the same query is being executed elsewhere in your application, which is easy to check.
  21. Thanks for your question and for the interest! Unfortunately there has not been any developments. I've not spoken to the publisher in a while and I'm not available to do it myself (I still need to complete the second edition of another book before I do anything). Sorry! Hope you are well as well!
  • Create New...