Paul Swanson

Do you have Safari configured to deny sites from setting cookies? I have FF set up to prompt me, and when I first visited your test site I had to accept the cookie. If cookies are not accepted, it's never going to work.

It partially works for me. I selected font-size small and color blue and it printed "the font size is...land the font color is..." and when I click the link it appears small and blue. View source and font-size is set to small and color to #00f. If I select the Customize Your Settings link and select large and gray, it prints "the font size is...smalland the font color is...00f" and the text appears large and gray when I click the link. View source shows font-size: large; color: #999. Select Customize Your Settings again, and select medium and red and it says "the font size is...largeand the font color is...999" and the link displays medium text in red. View source shows font-size: medium, color: #c00. It appears that the cookie is not displaying the updated values, but the value that was set previously. Also, you must select both the size and color. If you only select one, the cookie value for the omitted option is set to an empty string. This is tested using Firefox 14.0.1 on Windows 7.

Are you typing the address to the page in the address bar, or are you browsing to it? You should be typing //localhost/path_to/images.php (replace path_to with the names of any sub-folders that images.php might be in). The message you are getting regarding a shell script makes it sound like the script is not being run through the web server, which is required for php scripts.

You might have to ask your hosting service to execute that script for you. You could ask for telnet access, but I wouldn't expect them to allow it since it would make it easier for you to access other customer's folders on the same server.

I think that for your stated purposes, using document.write() will be fine. You could also use alert().

wurong, if that is your full script you are missing the piece where you make a database connection. Nothing would be printed because no row of data would be returned.

Found this in the user contributed notes on the PHP Manual page for session_start(): <?php if (!isset ($_COOKIE[ini_get('session.name')])) { session_start(); } ?>

Is your password field 41 characters long? The PASSWORD function in earlier versions of MySQL created a 16 character string, but later versions (I forget which version the change was made) create a 41 character string. Your version is definitely creating the longer string, so if your field is defined for less than that the string is getting truncated when it is inserted, and what is in the database won't match your query.

In the form input field, your code should be echoing $_POST['last_name'], not the escaped variable. It's the escaping that is adding the slash. Try this: <tr> <td><b>Last Name:</b></td> <td><input type="text" name="last_name" size="20" maxlength="40" value="<?php if (isset($_POST['last_name'])) echo $_POST['last_name']; ?>" /></td> </tr> Your form should re-fill the line with exactly what was typed into it. The escaped value is intended only for use in a database query. Once you retrieve it from the database, if you need to display it in a web page, you will need to use stripslashes() on it.

Maybe Dreamweaver isn't configured for PHP? Just guessing, as I don't use Dreamweaver. You might try a different IDE, such as Netbeans with the PHP plugin. Don't be put off by all the Java references. It's primary supported language is Java, but it supports many other languages. It's free. Many people use Dreamweaver for PHP, though, so if you're comfortable with it you can continue to use it.

I'm not Larry, but I think Fiddler is good. I believe it's Windows-only, and works with IE by default, but you can configure it to work with Firefox. http://www.fiddler2.com/fiddler2/ http://fiddler2.com/Fiddler2/addons/fiddlerhook/ It's free.

Milo, I believe in the example you provided, the % character is being used to represent the prompt in Terminal. In Edwards example, his prompt is Edward$. In Windows, the > character is normally used as the prompt (e.g., C:\>). You need to type what comes after the % character.

Sorry about the formatting. The forum software must convert all tabs to 8 spaces, and it compounds it when you preview the post. I think you can get one query to retrieve what you need.

You might try something like this: $query = " SELECT event_id, event_year, vehicles.*, users.user_id, first_name, last_name FROM event_entries, vehicles, users WHERE event.event_year = '2012' AND event.user_id = users.user_id AND vehicles.vehicle_id IN (event_entries.selected_vehicles) AND vehicles.user_id = users.user_id ORDER BY event.event_year DESC, last_name ASC"; $r = mysqli_query ($dbc, $query); if ($r) { // no errors in query, begin table echo <<<EOT <table> <tr> <th>Event Year</th><th>Exhibitor</th><th>Vehicle</th> </tr> EOT; while ($row = mysqli_fetch_array ($r, MYSQLI_ASSOC)) { echo <<<EOT <tr> <td>{$row['event_year']}</td> <td>{$row['last_name']}, {$row['first_name']}</td> <td>{$row['year']} {$row['brand']} {$row['type']}</td> </tr> EOT; } // end while loop echo '</table>' . "\n"; } // end $r conditional You might need to fiddle a bit with the IN (event_entries.selected_vehicles) part.

thara is right, you have to create the uploads folder. I have a different edition of the book, but there is a step in the 4th edition that instructs you to create the directory. The move_uploaded_file() does the actual moving, and will return true if successful, or false if it fails.The reasons for failure could be that it was not provided a valid filename, or if the file could not be moved due to permissions or a path error. If the destination folder already has a file by that name, it will be overwritten. Check out the User Contributed Notes on the manual page.

In your first query, there are no quotes around $ln, which is a string and should be quoted. You had: $q = "SELECT customerID, cardholdersaddress FROM llphorders WHERE customerID = $id AND cardholdersaddress = $ln"; What you need to do is add single-quotes around just $ln: $q = "SELECT customerID, cardholdersaddress FROM llphorders WHERE customerID = $id AND cardholdersaddress = '$ln' "; That will tell MySQL that you are submitting string data to that field. Without the single-quotes, MySQL will assume you are submitting numeric values, which won't fit the datatype and the query will fail. You correctly had the single-quotes in your second query: $q = "UPDATE llphorders SET cardholdersaddress='$ln' WHERE customerID= $id LIMIT 1"; Curly braces wouldn't help in this case. You weren't getting a PHP error, the problem was with the syntax of the SQL query.

Paul, you are correct in that you could give the argument $parent a different variable name and it would still work. This has to do with variable scope, an important concept to learn. It is discussed in a sidebar in the PHP and MySQL book in the chapter that discusses creating your own functions. A variable defined in a function lives only within that function, and is separate from variables defined outside the function (unless they are global variables). In the example you provided, $parent will take on the value that is passed to it when the function call is made.

Use one of the output control functions: http://www.php.net/manual/en/ref.outcontrol.php. It sounds like you want to use ob_clean() to erase the current buffer, but if you also want to turn off buffering, use ob_end_clean().

mysqli_num_rows will report a boolean false if the query fails. Looks like in your case it is because you don't have quotes around the variable $ln in the first query.

Max, that's just how the javascript date object works. It doesn't zero-pad minutes (or seconds). For some reason, it does produce a 2-digit day of the month. To zero-pad minutes and seconds, you can create a simple function. Look at the W3Schools example here.

I believe the default with newer versions of MySQL is now to only allow lower-case table names. You can change that by adding the following to my.ini: # added to support upper-case letters in tablenames lower_case_table_names=0 That solved a problem with not being able to create table names with upper-case letters for me using MySQL 5.0.8 dev client on Windows 7. You will have to stop and restart MySQL for the changes to take effect, of course. I was going to suggest that your query may be failing because it appears that you are quoting SurveyID and QuestionID, which I would have expected to be integers, not strings.

The error message is telling you that $stmt isn't an object. Find out if there is an error in the prepare function call by adding this below that function call: echo $mysqli->error; Check the PHP Manual for details: mysqli::$error

Not a comment on the security, but I question whether using an email address to hash a password is a good idea. What if the user wants to change their email address? I would use something that won't change, like the timestamp from when they registered, or the username.

Excellent, Paul! Glad you got it working.

Hi Max, JavaScript is NOT reading the POST array, since that is sent to the server and JS is all happening on the client side. JS is getting the values by referencing the form elements when the function calculate() is called: function calculate() { 'use strict'; ///// This is where the form element values are read by JS ///// // For storing the order total: var quantity = document.getElementById('quantity').value; var price = document.getElementById('price').value; var tax = document.getElementById('tax').value; var discount = document.getElementById('discount').value; ///// snipping off the last part of the function ///// } The function is not called until the onsubmit event occurs. onsubmit() is a method of the object form. The line var theForm=document.getElementById('theForm') is simply assigning a varaible name to the form object with an id of 'theForm.' You could have more than one form on the page with different id's, but the listener is set to only listen for that one form object. The listener could also have been written as: document.getElementById('theForm').onsubmit = calculate; Hope that helps clarify it for you.