Antonio Conte

Don't expect us to do the research for you. Do a simple google search and look for material on the subjects. This is all part of the learning experience.

You have the code for that already. Just redirect users without a user id to the login page.

Think you got my point anyway. Btw. I would suggest constant instead of numbers/string right into methods. Much easier to change anything that way. Keep it up.

Sorry about the confusion. It's the session file id that's unique and random to make sure each user has their own file. This way, the session system knows which file belong to which user. It's not really important to understand how that works. What's important is only to explain to you that you and I can have different values in that file. The content in that file, for example the user_id, is not random. The value is what you set it to for that user. So if you set it equal to the user_id in the DB, that's the user_id value for that user. The reason why you may see code like that, might be because of an extremely simple authentication system. Let's say you have a system where it's not critical to have unique users. Then it would work to set the User_id to 1 and just make sure every user actually have any user_id at all. (meaning they know the username/password combo) Other than that, I don't know. It's not really good code. I think you get how this work man. Sound like that to me. Here's what you do step by step. (I think you figured this out, but anyway) 1. On login, Use a query against the DB where you match the username and password. 2. If that is correct (a row is returned for the DB), you assign the user_id from the DB to the session. 3. You then check if the session key is set each time a script runs. ( if ( isset($_SESSION['user_id']) { /* Valid user */ } ) 4. On logut, unset the session key. (and the user is logged out) Good luck.

I've done exactly the same since this summer. I have an internship at a local company, and I've been building a car advertisement system in that time. My best tip would be to write down some interest you have. Try to see if any of that can be developed in PHP. I think I would write a graphical statistics library if I had the time. I find that shit cool. As we don't really know your interest or you personally, It's kind of hard to suggest something. Remember that you can also build software for others to use, not just working applications. I think stuff like that is actually better to do as a student. Publish something cool on github, publish it open source, set up a website, and it'll be great to show feature possible employees. Hope that helped you. Tell us what you decide man.

Yes. A session is really only a cookie file saved on the server, opposed to a normal cookie that is saved on the user's own computer. A cookie file is a simple file storing values like a variable in your scripts. The difference is that the variables found in a session cookie is valid as long as the session is "stamped for", while a variable only has a value when the script runs. That means $_SESSION['user_id'] will have a value until: 1. The session expires (and is deleted) 2. You unset the value from a file 3. A session is regenerated (and the old one is not found) This cookie has an unique random ID per user, and theoretically, only the same user will be able to use that session file. This means $_SESSION['user_id'] can have different value for you and me. This way, if a user HAS a session key named "user_id", you can be sure the user is logged in. (If you make sure only to add the value when a correct username/password combo is provided for that user) What the script basically means is this: - If a session key named "user_id" is NOT found, redirect them to the login site. - If a user HAS a key named "user_id", the IF statement won't execute (and the user is not redirected) Hope that helps out.

Don't matter with that. Delete/change usernames that violates such things. It's impossible to blacklist against bad usernames in general. I can still use "kuk" as a username, and you would not know what kind of curse words that is in norwegian.

You'd want both in that case. You'll get an error if no rows are found. Other than that, glad you solved it. Regarding "==" and "===", the difference is type checking. A String "0" is regarded as a boolean FALSE when you compare with "==". The reason is that PHP type jugles for you. Therefor, if type is important, you should use "===". Some functions can return a result that equates to FALSE in some regards (for example String "false", String "0" or Integer 0. The same functions may return a boolean FALSE on error. To make sure it's not a false positive, you'd need to check type as well. Use "===" when a function may return a false positive.

You don't use fetch_array() in the code above. Tricky to know what's wrong with your code then. This is how I would've done it. $query = "SELECT COUNT(snippet_ref) AS snip_count FROM snippets WHERE display = 'yes' AND price < 8"; $result = mysqli_query($dbc, query); if ( mysqli_num_rows($result) === 1 ) { $row = mysqli_fetch_array($result, MYSQLI_ASSOC); echo '<p>How many: '. $row['snip_count'] .'</p>'; } else { echo'<p>There are no snippets displayed in this price range</p>'; } Another thing is that agregate function often requires a group by statement in the SQL. You might need that if weird results are returned.

Ok. If you don't utilize the constants, it will of course don't affect anything. The easiest way to debug CSS/JS, is to click on the links when viewing the source code. You can then see when the script is looking for the scripts. It will get you a better understanding on how to fix the issue. Besides that, I don't really have any advice for you.

I have never used the computers directory structures when working with a site, not even localhost. I believe the base uri should be set according to the base path for the document root of apache, not your computer. This folder is the htdocs folder. Try setting it according to that. That's my uneducated guess. Also note that these are simple constants, not system affecting constants used by apache/PHP. The server global array constants won't be affected by your changes. Thats why the server document root is not changing.

Then you are most likely not connected to the DB. I see no other explanation. (And don't see any connection code here) You should place those lines at the top of scripts.

Google is your friend: http://pear.php.net/manual/en/installation.php You'll see how to check there.

Provide us some code. Hard to find errors without something to look at. Your queries seems syntactically ok from what I can see. Use var_dump() on the result of mysqli_query(). If it returns false, then you know there's a syntax error. Only tip I can give you right now. I'm pretty sure this is related to syntax errors.

Good things come to those who wait. Relax, everyone. Quality will be affected if he rushes this book out. I'm sure everyone will gain on him not rushing this.

I love my Apple Air laptop for a couple of reasons. It would really take a lot for me to switch. When it comes to desktop computers, I would not even consider an Apple product at the time being. The reason being bang-for-bucks. I don't really think you get what you pay for with them. Why I love my Air: - Unmatched touchpad. First laptop where the touchpad actually does what I want. On other laptops, I find my self irritated by the touchpad not working properly. This one just works, and I forget that I use a laptop. On every other laptop I have ever tried, including several of latest generation from Samsung, etc, I find problems with the touchpad. I need an external mouse to not throw those computers into a wall after some hours... - Keyboard. Low profile, good quality, normal layout (with some apple specifics) and does not make a lot of sound. I have found other laptops with equally good keyboards, but these things are so important I would not consider a laptop with other characteristics. Luckly, a lot of laptops does this right. (for my regard) - SSD. Quick booting, quick opening of programs. The competition has these as well. I need a SSD in my computer. - Resolution. Good enough for a 13". - Enough memory for what I need to do. - Weight. It's low enough. Some competition does this even better. - Fans. In most cases, the machine is silent. - "Media buttons". No other computer can change the volume, turn on mute, switch songs, dim the backlight as easily. This may have something to do with the operation system as well, but I've yet to be convinced by another product to this day. - OSX. Good operation system. Some important short cuts for my workflow, but I don't really prefer it over Windows. I work good in both. For a desktop machine, this point is gone for me. What I dislike: - Price. They are expensive. You find really good computers a lot cheaper. - Temperature. It can get very warm if you run a lot of programs/expensive computation. - Fans. May sound like crazy if the computer works hard. (sometimes for no apparent reason) - Shiny screen. Impossible to use outside. - Cleaning it... The screen gets spotty for no apparent reason, and expect to clean the keyboard and laptop casing a lot. It attracts dust and finger prints like crazy. Conclusion: All points combined, I've yet to find a laptop I've been equally happy with. My workflow is not affected by using a laptop at all. (and I use a laptop for work on a daily basis) I have a windows custom built desktop too, and I would not even consider switching that for an apple product. The whole package combined, Apple Air beats the competition to the ground for me. The competition may compare on single points, but not for the whole package. My personal points. Feel very free to disagree, as this is very subjective.

No, but the overriding (often called method overloading) is a result of polymorphism. Does that make sense? Polymorphism means "in many forms" or "with many heads". The point is that several objects that share a parent is able to behave different than they brothers. I really like some examples releated to games. class Soldier { public function attack( ) { return 5; } } class Archer extends Soldier { public function attack( ) { return 10; } } class BadAssSoldier extends Soldier { public function attack( ) { return 20; } } // A normal soldier $soldier = new Soldier(); $soldier->attack(); // Does 5 damage // An archer $archer = new Archer(); $archer->attack(); // Does 10 damage // A tough soldier $badAssSoldier = new BadAssSoldier(); $badAssSoldier->attack(); // Does 20 damage! You can really see the use of polymorphism when you don't know that kind of soldier you have. // Holds an army $army = array(); // Add some soldiers to the army $army[0] = new Soldier(); $army[1] = new Soldier(); $army[2] = new Soldier(); // Add "tough soldiers" to the army $army[3] = new BadAssSoldier(); $army[4] = new BadAssSoldier(); // Add archers to the army $army[5] = new Archer(); $army[6] = new Archer(); $army[7] = new Archer(); // Now, let the army attack! foreach ( $army as $single_soldier ) { echo 'Attacked with a strength of: '. $single_soldier->attack(). '<br />'; } The examples should be runnable if you just save them to a file and run them with a browser.

This happens when an executed query returns an error. The way to solve this is to look at your query. Something is wrong with it. The error is really happening in mysqli_query(). Try echo out the query to look for obvious errors. The next step is running the query in something like phpmyadmin to make sure it works. You can compare the error to a PHP syntax error, only that Its happening in MySQL instead

function_escape_data($data) Should be: function escape_data($data) You forgot the space between the function declaration and the function name.

There's a big difference between a cookie and a session. Glad you solved the problem.

Sure the cookie is just not recreated somewhere in your app after it is deleted? Looking at the manual, you seem to be doing this correctly.

Instead of ="$var", you need to concat the variable on like: ="'.$var.'". This is very basis stuff. Had you tried to echo out the query, like suggested, you would see that quite easily.

I would just always select the X latest rows and let it be with that. DBMS systems can handle huge sets of data, so I would not worry about that. If it should become a problem, run a clean up function once in a while instead. This can of course be automated by writing a cron job.

Have you tried pasting the query into something like PHPMyAdmin? It will reveal possible errors to you. The only thing I notice is that the variable might be interpreted as plain text. Try replacing this: AND c.user_session_id="$uid" With: AND c.user_session_id="{$uid}" You need to do this with both the first BETWEEN and the last WHERE clause. Other than that, I have no idea. It shouldn't be problem running this as a normal query from what I see.

From the book: To explain what happens in detail, is that $form is an object holding several HTML elements in an array. The object must have a method called __toString() that let you use echo on an object. The __toString() method is a magic method like __construct(), and it will be called each time you try to print info from an object. An alternative approach would be to explicitly have a method that would let you echo out the form. As a simple explanation, I wrote this super simple class for you. If you try to run this, you'll see that you can print the list using both "echo $list" and "echo list->printList();". Functionally, these methods are equal to each other. All printList() does is to call __toString(). <?php class HtmlList { private $list = array(); /** * Adds elements to the list */ public function add( $element ) { $this->list[] = $element; } // I am called using $list->printList() public function printList() { return $this->__toString(); // Here we call __toString() } // I am called using echo $list public function __toString() { $out = ""; // Add foreach ( $this->list as $element ) { $out .= "<li>{$element}</li>"; } return $out.'<br />'; } } $list = new HtmlList(); $list->add("First list element"); $list->add("And a new one"); $list->add("After two comes three"); // Print the list echo $list; // Also print the list echo $list->printList(); Hope that helps you to understand. The HTML_QuickForm2 class is obviously a lot more advanced than this example, but it works exactly the same way as the code above.