Jump to content
Larry Ullman's Book Forums


  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by margaux

  1. There are 2 functions mainly at work here: sprintf() is a php function and DATE_ADD is a mysql function. sprintf is a function which takes some input, formats it according to the specfied arguments and returns the formatted input . The first argument is the input to be formatted and includes a formatting instruction - DELETE FROM session WHERE DATE_ADD(last_accessed, INTERVAL %d SECOND) < NOW(). You can think of %d in this context as fulfilling 2 roles - it is a placeholder and a type specifier. The percentage sign indicates that a variable will go in this position and be formatted according to d's meaning. There are many different type specifiers, d means translate the variable into an integer. Other optionsinclude binary integer, ASCII integer or string. The next argument is the specific variable to be formatted - (int)$expire. It is using (int) to force the variable to be an integer. If $expire equals 20, the output from this sprintf statement would be - DELETE FROM sessions WHERE DATE_ADD(last_accessed, INTERVAL 20 SECOND) < NOW() DATE_ADD lets you do some math on dates. It takes several arguments the field or date to be manipulated i.e. last_accessed the constant INTERVAL followed by the unit that you wish to add to the 1st argument - $expire seconds The whole statement says DELETE those rows from the sessions table if last_accessed plus $expire seconds is less than NOW(). Play around with different values and echo out the variable q to see how sprintf works. Hope this helps.
  2. That would work if you enclosed it within double quotes but not single quotes. $price='12.34'; echo 'a cost of <b>\$$price </b>'; // a cost of \$$price echo "a cost of <b>\$$price</b>"; // a cost of $12.34 You might want to try different combinations of single and double quotes to confirm your understanding.
  3. I'm pretty certain one of the examples toward the end of the book builds a mini cms and another example goes through the process of user registration quite thoroughly. As you've tagged this thread with Wordpress you may be disappointed as this book is not about working with Wordpress. However, since reading this book, I've built several websites providing cms capability. If you're wanting resources specific to Wordpress you might want to look at the Wordpress codex. Lynda.com has several wordpress tutorials and you might want to check out Smashing Wordpress and PackT publishers.
  4. Its not entirely clear what you are trying to do - if its just outputting the integers you could set up an array and loop through it. $integers = array(2,1,4,3,6,6,8,9); foreach ($integers as $integer) { echo '<p>' . $integer . '</p>'; }
  5. guidelines, bottom right on every page. Please use code tags - its the icon on the edit toolbar that looks like <> and just post the relevant code. Also minor error in the line below $erros[] = 'You forgot to enter your password';
  6. You need to start the session even if you are using output buffering. You have checked for a session variable before you start the session so I think that's why you are getting the error. if(!isset($_SESSION['in'])) { ob_start();
  7. Thanks HartleySan, that worked. I was getting stuck on the syntax of specifying review(ruh)_id and did not know it could be specified in the ON clause. I have been looking for awhile for some good mysql learning resources to take my learning to a more advanced level - if you know of any that you'd recommend please post. Thanks again!
  8. I couldn't get this query to work on a similar situation where I have a table for users and a table for reviews. A user can have one, many or no reviews but a review will belong to only one user. When I ran a query similar to the above using left join $q = "SELECT u.user_id, r.review_id, CONCAT_WS(' ', u.first_name,u.last_name) AS name FROM users AS u LEFT JOIN reviews AS r ON(u.user_id = r.user_id) ORDER BY u.last_name ASC"; a row was returned for each row in the user table and for each row in the review table - so several users were returned multiple times which is not what I want. Then I remembered that an outer join will return all records in the second table if there is a match in the first table which of course there is. So a join won't work but I'm wondering if there is a way to get the info using only one query, perhaps with a subquery or a conditional? I dont think DISTINCT will help because all the review ids are unique. Any thoughts? I only mentioned CONCAT in my previous post because the OP was using CONCAT and not CONCAT_WS which may have not given the results he wanted.
  9. hmm, I wonder if there is a way to do this with one query. btw you might want to try using CONCAT_WS(' ', first_name, last_name) as name for a more readable output
  10. list() is one of those nice functions like array_map() which does a lot of work for you in one step. In the above example, the check_login() function is called and returns an array. list() then assigns the array elements to the 2 variables which list() provides as arguments. Because functions can only return 1 variable (which of course can be an array), this technique is a neat way to call your function and assign a bunch of variables in one step. The longhand version would be $login_data = check_login ($dbc, $_POST['email'], $_POST['pass']); $check = $login_data[0]; $data = $login_data[1];
  11. HartleySan's reply is really useful and you will find that if you take the time to learn joins and few other programming techniques that he suggests, your programming skills will benefit enormously. I just want to add because HartleySan didn't include an explanation but he has used the new(ish) mysqli extension. The OP uses the old mysql version which is deprecated. There are minor differences so updating to the new extension should be painless but make sure to read up on them - mainly the differences are to do with the arguments that the function takes. Or you might want to consider updating to the more secure PHP Data Object.
  12. If you want to be able to upload pdf files in addition to those other file types, you need only amend the $allowed array to include the value 'application/pdf'. If you want to upload only pdf files you might want to check the file extension in addition to the file type e.g. if ($_FILES['upload']['type'] == 'pdf' && substr($_FILES['upload']['tmp_name'], -4) == '.pdf'){
  13. do you get any error message or just not the result you expected? @HartleySan - not stepping on my toes in any way! Its all about providing helpful info when you can. Thanks for asking though.
  14. Can you post precisely what error message you are receiving? $dbc=mysqli_connect("localhost","root",""); Try changing the above statement to include 4 parameters - host, dbusername, dbpassword, dbname
  15. There's a chapter in the php/mysql for dynamic sites which goes through using a form to upload an image (You probably want to read that book first before you tackle Effortless Ecommerce). You can store the name of and file path to the image in your database and the actual image in another folder. Strictly speaking you don't need a radio button in your form as you can check the global $_FILES variable to see if a file has indeed been uploaded. With the radio button you have extra checking - what if a user checks yes but there is no file or checks no and there is a file? But maybe I haven't understood what you are trying to do.
  16. If I remember this example correctly, permission to view the content is predicated on whether the user is logged in and has a valid account which has not expired. I think there may be a similar thread on this forum. Anyway, when displaying the content just omit the check for a logged in user or not expired account.
  17. It is how the label knows which input element it is the label for. In your create_input_function you could single out the agree checkbox and make it sticky, something like if ($type == 'checkbox' && $name='agree') {echo '<input type="checkbox" name="agree" id="agree"'; if ($value) echo 'checked'; if (array_key_exists($name,$errors)) { echo '<span class="error">' . $errors[$name] . '</span>'; } else { echo '/>'; } } Not quite sure what your create_form_input() function looks like but hopefully this will give you some ideas. I've not made full use of the variables but I'm sure you get the general idea.
  18. Hi Paul - difficult to say if I would recommend the SAMS book purely because I have I got it from the library. I've yet to spend alot of time with it but first look looks good and comprehensive. Not a silly question - the syntax for mysql and sql whilst very similar do have some differences. For example there is a cube function available in sql but not in mysql. Let me know if you have any specific questions and I'll try to read up on it.
  19. A degree of 'over-caution' is not a bad thing. I think with the proper security measures - such as the use of mod_rewrites and filters as well as securing both the database and what is sent to the database - using $_GET is fine in certain instances.
  20. I dont have this book so if my response repeats whats in the book, apologies. It sounds like you need to change the permissions of your file or directory. Look up the php chmod() function and see if that helps.
  21. HartleySan - very true! Your query works nicely and is 'legible'. I had started thinking that I should be counting artist_id instead of category_id but I will need to give it some more thought to understand why counting category_id was not coming up with the desired result. I do agree that your approach using double negatives is faster. There's a good explanation of the different sorting approach sql uses for WHERE and HAVING in the SAMS sql book.
  22. I don't have this book so I'm responding from memory and I apologise if I've misunderstood the question. The edit link is linking to a new page without the use of a form so you can't use the hidden input approach. If you wanted to use that approach you would need to create a form on the view_users page. You would then need to decide how that form would be populated and you could end up with an unnecessarily complicated approach either via from the user or the programming point of view. An alternative approach would be to use cookies or sessions to pass the variable. I think the $_GET approach used here is efficient and secure as long as the receiving script applies proper validation. Someone please correct me if I'm wrong.
  23. +1 HartleySan. I was looking at this earlier and playing around (unsucessfully) with queries such as SELECT artist_id FROM cat_artist as t1 WHERE artist_id IN (SELECT artist_id FROM cat_artist as t2 WHERE category_id = 11) GROUP BY category_id HAVING COUNT(category_id) = 1 I'm surprised there is not a way to structure the query in such a way to make it more legible and still get the desired results. Perhaps though I'm not understanding how complex queries work.
  24. I'm not sure if I understand your code or what it is you're trying to do, but I'll have a go. The way your code is currently structured you're creating a form for every row in the database. I think maybe you want to try something like this $bg = '#eeeeee'; echo ' <form action="view_cart.php" method="post"><table>'; while ($row = mysqli_fetch_array($r, MYSQLI_ASSOC)) { $bg = ($bg=='#eeeeee' ? '#ffffff' : '#eeeeee'); echo '<tr bgcolor="' . $bg . '"> <td align="left">' . $row['name'] . '</td> <td align="left"> <input type="checkbox" name="checked[]" value="' . $row['name'] . '" id="' . $row['name'] . '" /> </td></tr>'; } ?> </table> <input type="submit" name="submit" value="submit" /> </form> The checkboxes are all set to a named array and each given a unique id so you can loop through them to see which ones have been checked when you process the form if ($_SERVER['REQUEST_METHOD'] == 'POST') { echo 'you have added the following tools to your shopping cart:'; foreach ($_POST['checked'] as $value) { echo " $value, "; } }
  • Create New...