Edward

I have a friend that works for a big company, he was the one that told me the thing about the locks and the keys under the doormat. He told me that there are many way to inject into scripts and also take session data etc. It means nothing much is safe, and i also spoke to him about the design patterns, he quoted that now people are anti pattern because of their use of global's. Security wise its probably best to do as much as is required proportion related to the amount of users that are actually going to be visiting the site. I mean just think about if we had a shed in our back garden with some tools in it, there is no point putting a big diamond log on it, a small one would probably do the job. I am not trying to be a smart ass but its just i have a similar project, so its best to keep things small to start with, that's all i am saying. However if your project is already big then you will need to do all you can, you need to get an advanced book on website security and encyrption.

Have you ever heard the saying "Why put 10 locks on the door, when the keys are under the doormat?"

Yes it was Google i did first run a search in, but intially searched for "Yii Table Joins" nothing came up with nothing that was helpful. I see your search on Yii query brought up some better results, yes i guess it is a query. I also checked my books but didn't find anything much in there, so that's why i was asking here for a pointer. Thanks for your help AC.

When a user signs up to my website the information taken from the registration page needs to be put into 3 separate tables, a users table, user_status table and a user address table, how can such a situation be done using yii, when you can generate only one controller per model? I am also rerunning over the SQL stuff and would like to practice doing TABLE JOINS, how can such be done using Yii?

Hey buddy, i would help you if i could on this but at the moment Ive had to go back for a rerun of the SQL chapters as i need to brush up on it myself.

I didn't think of that one, yes i will change my password locally so it reflects that off online, nice one Larry.

Okay thanks for that Larry i just needed to here from an expert like you. I will start of with Varchar(100) or more and possibly more for addresses then do an SQL SELECT statement on one of the columns later to check the max value of letters then i can tailor it off to my needs. I am taking your advise on building a practice version of my site which i can then scrap and redo the whole thing. I am starting to build it in Yii already. But tell me one thing, how do you handle say for instance running your website on localhost with database connection setting being different to how they are on your server? Just set different setting for both?

I wanted to ask, what do you think is a reasonable number of characters to have in MySQL for 1. Username 2. Email 3. First Name 4. Last Name 5. Address I am seeing various results in different websites Ebay has more than 100 characters that can be held for all of these variables. Larry's books holds these values: 1. Username Varchar(30) 2. Email Varchar(80) 3. First Name Varchar(20) 4. Last Name Varchar(40) 5. Address Varchar(80 + 80 = 160) Do you Larry or anyone have an opinion on this, and i was to start out holding figures like this, would it be easy to add more into SQL later?

Well on the other hand there is an advantage in the design having whitespace around the content, its absolutely great for making notes, as few books give room for, so there you, a positive point. Unfortunately it was the O'Reilly books i began my study with, after i found your books, i realize now i have wasted my money, most of those books just show you what functions are available in PHP, Javascript and MySQL, but what they do not show is the good practice, and multiple ways functions etc and be used as do your books. With O'Reilly books, you can learn the stuff but when you start to code you are once again stuck and need to figure more than really necessary out for yourself. O'Reilly is similar like Star Bucks in a way, you go in there thinking the Coffee will be great, but all you come out with is a commercial type of coffee lacking of taste and quality. I was in Asia at the time of purchasing my first books in 2011, i didn't see your books in Asia Books store. It's funny the way i even found you in the first place, i ordered three books from Amazon on the php Ecommerce development, yours being Effortless Eccommerce, the Beginning Php Ecommerce book the Romanian guy Daire's and Michael Peacock's PHP 5 Ecommerce development. After attempting some of the others it was yours that really took a grip on me, i thought you only had that book, until i saw all the other ones on Amazon and your forum. Anyway no worries, i hope we are cool, i will get on with my PHP!

I tried to setup this in Yii and got the following model code: <?php /** * This is the model class for table "route". * * The followings are the available columns in table 'route': * @property string $id * @property string $userId * @property string $routeName * @property string $routeDescription * @property string $points */ class Route extends CActiveRecord { /** * Returns the static model of the specified AR class. * @param string $className active record class name. * @return Route the static model class */ public static function model($className=__CLASS__) { return parent::model($className); } /** * @return string the associated database table name */ public function tableName() { return 'route'; } /** * @return array validation rules for model attributes. */ public function rules() { // NOTE: you should only define rules for those attributes that // will receive user inputs. return array( array('userId, routeName, routeDescription', 'required'), array('userId', 'length', 'max'=>10), array('routeName', 'length', 'max'=>32), array('routeDescription', 'length', 'max'=>128), array('points', 'safe'), // The following rule is used by search(). // Please remove those attributes that should not be searched. array('id, userId, routeName, routeDescription, points', 'safe', 'on'=>'search'), ); } /** * @return array relational rules. */ public function relations() { // NOTE: you may need to adjust the relation name and the related // class name for the relations automatically generated below. return array( ); } /** * @return array customized attribute labels (name=>label) */ public function attributeLabels() { return array( 'id' => 'ID', 'userId' => 'User', 'routeName' => 'Route Name', 'routeDescription' => 'Route Description', 'points' => 'Points', ); } /** * Retrieves a list of models based on the current search/filter conditions. * @return CActiveDataProvider the data provider that can return the models based on the search/filter conditions. */ public function search() { // Warning: Please modify the following code to remove attributes that // should not be searched. $criteria=new CDbCriteria; $criteria->compare('id',$this->id,true); $criteria->compare('userId',$this->userId,true); $criteria->compare('routeName',$this->routeName,true); $criteria->compare('routeDescription',$this->routeDescription,true); $criteria->compare('points',$this->points,true); return new CActiveDataProvider($this, array( 'criteria'=>$criteria, )); } } So other than 'safe' Yii didn't have much to say about 'multipoint'?

Okay i see your point about the two column layouts, people may or may not like that. But why not have larger lettering and at least fill that white space, that's the main point i was emphasizing on. Those small letters you have and many pages look like there is loads to get through and is off putting for me. Do you see the point i am making? Just look at how apple use their fonts and various size etc, you will see there banners look interesting to read this way. Ive seen a lot of commercial stuff and various books so i can see when some design doesn't flow.

Thanks i got your new book just a couple of days ago, looked cool, but i will be honest with you a prefer the style more from your other books like PHP and MySQL for Dynamic Web Sites, i prefer the two column layout and also the way that the content was more tightly packed into the pages. With the javascript book, there is too much white space around the content and the book just generally looks and feels like a harder read, even though it may not be, it could put some people off just picking up and looking at that book. I am sure the content of the book will be awesome as with the rest of the book but for me visually it wasn't as good as the others. Once i have read the book through i promise i will write up a full review here on the forum for you, i will do the same for the PHP and MySQL for Dynamic Web Sites books when done, if i have time i may even do a live YOUTUBE video to present your books. Please don't grill me for my slightly negative on your javascript book, i am just being honest, i am very fussy when it comes to details. Sorry

I got Design Patterns Christopher G. Lasater, its a neat little book, at least the examples are more approachable, with matt's book it was hard to even understand what he was talking about let alone the design patterns, he has his way of over complicating things. I am going to make like a sample version of my site just for fun like Larry advised me to do, then later scrap it to rebuild. I am in the middle of the Larry Php and Mysql for dynamic website's book, i must say the middle of the book is tough. I was surprised at how much SQL could actually do and now i can see that with a databased website that most of the logical coding will be done at the SQL level before it even hits php. Inner and outer joins can get a bit confusing towards the end of the section, its the hardest stuff ive ever done out of any book ive done so far with regards to this stuff, even the OOP stuff i done was easier. Are you not interested in using the Yii framework? It's really pretty cool and it's actually interesting to see that in Effortless Ecommerce Larry was using those function's to generate the html via the php, and now Yii already has all the stuff setup with the CHTML stuff.

That while loop syntax also confuses me, even though i know a query is unrelated. So why does the while loop go through all the rows in an array when the $row condition is equal. I checked the return value on php.net for mysqli_fetch_array and it says Returns an array of strings that corresponds to the fetched row or NULL if there are no more rows in resultset.

The combination of two Norwegian minds is always better than one. No bother! Just one to replace any negative karma created from my Foreign Keys lame joke.

Do all standard frameworks and web applications have folders like this to work? If the folder is open like that does it mean that an outside source could load up a php hack file into the directory and do server damage, or is there some protection against that with the Yii framework?

Hey Larry and HartleySan sorry to but in, but rather than over complicating the situation by adding in a tab on the navbar, would it not be easier for you Larry to add an errata as a sticky post in each book forum. By sticky post i am referring to the other posts you have like "Does your post apply to this book?" That way the errata would be much more accessible at the top of each forum. Then once you receive new errors you can log them all into that sticky.

Yes i know i did read it, just wanted to hear the words from you about Ebay, i just helped one of your readers out now on the same topic just a minute ago. This is the second time now i was just about to sleep and i saw one question on the ipad i could answer so i jumped out of bed ran down stairs and switched on the PC, well that's me for today. Goodnight Larry and Everyone.

In order to use the function CONVERT_TZ(), the list of time zones must already be stored in MySQL, which may or may not be the case for your installation. So if the times zones are not installed the function will return a NULL value, that's why may be your are not receiving any output.

Thanks ill check that out first before i write in next time thanks.

I first thought that the ebay time system would be rather complicated but this helps simplify the matter, thanks Larry.

I got more errors coming up here, did this happen to you Larry and is 777 okay to use. Is this issue with Cent OS? CAssetManager.basePath "/var/www/vhosts/mydomain.com/assets" is invalid. Please make sure the directory exists and is writable by the Web server process.

I managed to successfully install the yii on the server with the yii framework folder in the root folder. I have Linux Cent OS operation systme, when i installed it and tried to run the application i got one error: Application runtime path "/var/www/vhosts/mydomain.com/protected/runtime" is not valid. Please make sure it is a directory writable by the Web server process. The folder permissions were 755 as default, i changed this to 777 and then the application run, but i am concerned is this safe to have 777 on this runtime directory at all times?

Thanks ill just do that then, i will use Yiic to generate the app within the same directory as the Yii folder. Thanks Larry. PS I had quite a bit of work to do over the last few months, but now I'm onto this stuff everyday, so i will have loads of questions for you But i will do my best to help out others here that is if Hartley San doesn't beat me to it! The database chapters of yours have given me a lot more confidence, so i want to get some tables built live and see how i can configure these options with Yii just for fun. I also see all that same stuff now that was in Knowledge is power. I haven't done coffee shop yet, but plan to finish that when this book is done.

Where is the errata page?