Jump to content
Larry Ullman's Book Forums

giantsfan24

Members
  • Posts

    32
  • Joined

  • Last visited

  • Days Won

    1

Posts posted by giantsfan24

  1. In looking at the code to create the get_shopping_cart/wish_list_contents Stored Procedure, it seams the section for the coffee does not have the phrase "as sku" after the CONCAT. I'm not even sure how you would access that value without the "as sku" command in a statement containing $row[]. Please let me know if this was deliberate or a typo.

     

    On further research, a number of stored procedures do this. If you're not setting the CONCAT("C",sc_id) to anything, how would you access it. The same goes for the CONCAT WS right below it. It's not set to "name". Thanks in advance for your explanation and thank you for all your work, turning geek into English:)

  2. OK, I think we all need to smack ourselves on the back of the head. All three of us missed the most obvious thing:

     

    if (mysqli_affected_rows($dbc) == 1) {

    In both of our codes, the second database query was NOT run before this function was called. You simply left it out, while I put it AFTER the function. So, of course there were no affected rows since the INSERT INTO statement was never run prior.

  3. I'm having the same problem. What exactly about the VARBINARY setting for the password column is causing the error? I read the part of the mysql manual you pointed to and the only thing I could think of is that the VARBINARY setting was taking out space.

     

    "There is no trailing-space removal for BLOB and TEXT columns when values are stored or retrieved. Before MySQL 5.0.3, this differs from VARBINARY and VARCHAR, for which trailing spaces are removed when values are stored."

     

    Even after setting the password column to blob, I got this error:

     

    An error occured in script 'C:\xampp\htdocs\ecommerce_site_1\site\register.php' on line 89:
    $You could not be registered due to a system error. We apologize for any inconvenience.
    Array
    (
    [0] => Array
    	(
    		[function] => my_error_handler
    		[args] => Array
    			(
    				[0] => 1024
    				[1] => You could not be registered due to a system error. We apologize for any inconvenience.
    				[2] => C:\xampp\htdocs\ecommerce_site_1\site\register.php
    				[3] => 89
    				[4] => Array
    					(
    						[GLOBALS] => Array
    *RECURSION*
    						[_POST] => Array
    							(
    								[first_name] => John
    								[last_name] => Jameson
    								[username] => bob
    								[email] => gfannnnnnn@gmail.com
    								[pass1] => Example123
    								[pass2] => Example123
    								[submit_button] => Next →
    							)
    						[_GET] => Array
    							(
    							)
    						[_COOKIE] => Array
    							(
    								[phpSESSID] => 8opiskk5aurqrdr24lc37nblt3
    							)
    
    						[_FILES] => Array
    							(
    							)
    
    						[_SERVER] => Array
    							(
    								[MIBDIRS] => C:/xampp/php/extras/mibs
    								[MYSQL_HOME] => \xampp\mysql\bin
    								[OPENSSL_CONF] => C:/xampp/apache/bin/openssl.cnf
    								[php_PEAR_SYSCONF_DIR] => \xampp\php
    								[phpRC] => \xampp\php
    								[TMP] => \xampp\tmp
    								[HTTP_HOST] => localhost
    								[HTTP_USER_AGENT] => Mozilla/5.0 (Windows NT 6.1; WOW64; rv:10.0.2) Gecko/20100101 Firefox/10.0.2
    								[HTTP_ACCEPT] => text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
    								[HTTP_ACCEPT_LANGUAGE] => en-us,en;q=0.5
    								[HTTP_ACCEPT_ENCODING] => gzip, deflate
    								[HTTP_CONNECTION] => keep-alive
    								[HTTP_REFERER] => http://localhost/Ecommerce_Site_1/site/register.php
    								[HTTP_COOKIE] => PHPSESSID=8opiskk5aurqrdr24lc37nblt3
    								[CONTENT_TYPE] => application/x-www-form-urlencoded
    								[CONTENT_LENGTH] => 138
    								[PATH] => C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Windows Live\Shared;
    								[systemRoot] => C:\Windows
    								[COMSPEC] => C:\Windows\system32\cmd.exe
    								[PATHEXT] => .COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    								[WINDIR] => C:\Windows
    								[sERVER_SIGNATURE] =>
    Apache/2.2.17 (Win32) mod_ssl/2.2.17 OpenSSL/0.9.8o PHP/5.3.4 mod_perl/2.0.4 Perl/v5.10.1 Server at localhost Port 80
    
    								[sERVER_SOFTWARE] => Apache/2.2.17 (Win32) mod_ssl/2.2.17 OpenSSL/0.9.8o PHP/5.3.4 mod_perl/2.0.4 Perl/v5.10.1
    								[sERVER_NAME] => localhost
    								[sERVER_ADDR] => 127.0.0.1
    								[sERVER_PORT] => 80
    								[REMOTE_ADDR] => 127.0.0.1
    								[DOCUMENT_ROOT] => C:/xampp/htdocs
    								[sERVER_ADMIN] => postmaster@localhost
    								[sCRIPT_FILENAME] => C:/xampp/htdocs/ecommerce_site_1/site/register.php
    								[REMOTE_PORT] => 50979
    								[GATEWAY_INTERFACE] => CGI/1.1
    								[sERVER_PROTOCOL] => HTTP/1.1
    								[REQUEST_METHOD] => POST
    								[QUERY_STRING] =>
    								[REQUEST_URI] => /Ecommerce_Site_1/site/register.php
    								[sCRIPT_NAME] => /Ecommerce_Site_1/site/register.php
    								[php_SELF] => /Ecommerce_Site_1/site/register.php
    								[REQUEST_TIME] => 1330825957
    							)
    
    						[live] =>
    						[contact_email] => gfan31@gmail.com
    						[_SESSION] => Array
    							(
    							)
    
    						[page_title] => Register
    						[pages] => Array
    							(
    								[Home] => index.php
    								[About] => about.php
    								[Contact] => contact.php
    								[Register] => register.php
    							)
    						[this_page] => register.php
    						[v] => register.php
    						[k] => Register
    						[dbc] => mysqli Object
    							(
    								[affected_rows] => 0
    								[client_info] => mysqlnd 5.0.7-dev - 091210 - $Revision: 304625 $
    								[client_version] => 50007
    								[connect_errno] => 0
    								[connect_error] =>
    								[errno] => 0
    								[error] =>
    								[field_count] => 2
    								[host_info] => localhost via TCP/IP
    								[info] =>
    								[insert_id] => 0
    								[server_info] => 5.5.8
    								[server_version] => 50508
    								[sqlstate] => 00000
    								[protocol_version] => 10
    								[thread_id] => 82
    								[warning_count] => 0
    							)
    						[reg_errors] => Array
    							(
    							)
    						[fn] => John
    						[ln] => Jameson
    						[u] => bob
    						[e] => gfannnnnnn@gmail.com
    						[p] => Example123
    						[q] => INSERT INTO users (username, email, pass, first_name, last_name, date_expires) VALUES ('bob', 'gfannnnnnn@gmail.com', '�����Pn��wV��Y���q,qBl��SF&9', 'John', 'Jameson', ADDDATE(NOW(), INTERVAL 1 MONTH) )
    						[r] => mysqli_result Object
    							(
    								[current_field] => 0
    								[field_count] => 2
    								[lengths] =>
    								[num_rows] => 0
    								[type] => 0
    							)
    
    						[rows] => 0
    					)
    			)
    	)
    [1] => Array
    	(
    		[file] => C:\xampp\htdocs\ecommerce_site_1\site\register.php
    		[line] => 89
    		[function] => trigger_error
    		[args] => Array
    			(
    				[0] => You could not be registered due to a system error. We apologize for any inconvenience.
    			)
    	)
    )
    

     

    Here is my php code:

    <?php
    // This is the registration page for the site.
    // This file both displays and processes the registration form.
    // This script is begun in Chapter 4.
    // Require the configuration before any PHP code as the configuration controls error reporting:
    require ('includes/config.inc.php');
    // The config file also starts the session.
    // Include the header file:
    $page_title = 'Register';
    include ('includes/header.php');
    // Require the database connection:
    require (MYSQL);
    // For storing registration errors:
    $reg_errors = array();
    // Check for a form submission:
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    
    // Check for a first name:
    if (preg_match ('/^[A-Z \'.-]{2,20}$/i', $_POST['first_name'])) {
     $fn = mysqli_real_escape_string($dbc, $_POST['first_name']);
    } else {
     $reg_errors['first_name'] = 'Please enter your first name!';
    }
    
    // Check for a last name:
    if (preg_match ('/^[A-Z \'.-]{2,40}$/i', $_POST['last_name'])) {
     $ln = mysqli_real_escape_string ($dbc, $_POST['last_name']);
    } else {
     $reg_errors['last_name'] = 'Please enter your last name!';
    }
    
    // Check for a username:
    if (preg_match ('/^[A-Z0-9]{2,30}$/i', $_POST['username'])) {
     $u = mysqli_real_escape_string ($dbc, $_POST['username']);
    } else {
     $reg_errors['username'] = 'Please enter a desired name!';
    }
    
    if (filter_var($_POST['email'],FILTER_VALIDATE_EMAIL)) {
     $e = mysqli_real_escape_string($dbc, $_POST['email']);
    } else {
     $reg_errors['email'] = 'Please enter a valid email address!';
    }
    // Check for a password and match against the confirmed password:
    if (preg_match ('/^(\w*(?=\w*\d)(?=\w*[a-z])(?=\w*[A-Z])\w*){6,20}$/', $_POST['pass1']) ) {
     if($_POST['pass1'] == $_POST['pass2']) {
      $p = mysqli_real_escape_string($dbc, $_POST['pass1']);
     } else {
      $reg_errors['pass2'] = 'Your password did not match the confirmed password!';
     }
    } else {
     $reg_errors['pass1'] = 'Please enter a valid password!';
    }
    
    if(empty($reg_errors)) {
     $q = "SELECT email,username FROM users WHERE email='$e' OR username ='$u'";
     $r = mysqli_query($dbc, $q);
     $rows = mysqli_num_rows($r);
    
     if($rows == 0) { // No problems!
      // Add the user to the database...
    
      // Temporary: set expiration to a month!
      // Change after adding PayPal!
      //$q = "INSERT INTO users (username, email, pass, first_name, last_name, date_expires) VALUES ('$u', '$e', '"  .  get_password_hash($p) .  "', '$fn', '$ln', ADDDATE(NOW(), INTERVAL 1 MONTH) )";
      $q = "INSERT INTO users (username, email, pass, first_name, last_name, date_expires) VALUES ('$u', '$e', '"  .  get_password_hash($p) .  "', '$fn', '$ln', ADDDATE(NOW(), INTERVAL 1 MONTH) )";
    
      if (mysqli_affected_rows($dbc) == 1) { // If it ran OK.
      $r = mysqli_query($dbc, $q);
      echo '<h3>Thanks!</h3><p>Thank you for registering! You may now log in and access the site\'s content.</p>';
    
       // Send a separate email?
       $body = "Thank you for registering at <whatever site>. Blah. Blah. Blah.\n\n";
       mail($_POST['email'], 'Registration Confirmation', $body, 'From: admin@example.com');
    
       // Finish the page:
       include ('includes/footer.php'); // Include the HTML footer.
       exit(); // Stop the page.
    
      } else { // If it did not run OK.
       trigger_error('You could not be registered due to a system error. We apologize for any inconvenience.');
      }
    
     } else { // The email address or username is not available.
    
      if($rows == 2) { // Both are taken.
    
       $reg_errors['email'] = 'This email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.';  
       $reg_errors['username'] = 'This username has already been registered. Please try another.';  
      } else { // One or both may be taken.
       // Get row:
       $row = mysqli_fetch_array($r, MYSQLI_NUM);
    
       if( ($row[0] == $_POST['email']) && ($row[1] == $_POST['username'])) { // Both match.
     $reg_errors['email'] = 'This email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.';
     $reg_errors['username'] = 'This username has already been registered with this email address. If you have forgotten your password, use the link at right to have your password sent to you.';
       } elseif ($row[0] == $_POST['email']) { // Email match.
     $reg_errors['email'] = 'This email address has already been registered. If you have forgotten your password, use the link at right to have your password sent to you.';	 
       } elseif ($row[1] == $_POST['username']) { // Username match.
     $reg_errors['username'] = 'This username has already been registered. Please try another.';  
       }
    
      } // End of $rows == 2 ELSE.
    
     } // End of $rows == 0 IF.
    
    } // End of empty($reg_errors) IF.
    }// End of the main form submission conditional.
    // Need the form functions script, which defines create_form_input():
    require('includes/form_functions.inc.php');
    ?><h3>Register</h3>
    <p>Access to the site's content is available to registered users at a cost of $10.00 (US) per year. Use the form below to begin the registration process. <strong>Note: All fields are required.</strong> After completing this form, you'll be presented with the opportunity to securely pay for your yearly subscription via <a href="http://www.paypal.com">PayPal</a>.</p>
    <!-- The Form, created with the help of create_form_input() definied above in formfunctions.inc.php -->
    <form action="register.php" method="post" accept-charset="utf-8" style="padding-left:100px">
     <p><label for="first_name"><strong>First Name</strong></label><br /><?php create_form_input('first_name', 'text', $reg_errors); ?></p>
    
     <p><label for="last_name"><strong>Last Name</strong></label><br /><?php create_form_input('last_name', 'text', $reg_errors); ?></p>
    
     <p><label for="username"><strong>Desired Username</strong></label><br /><?php create_form_input('username', 'text', $reg_errors); ?> <small>Only letters and numbers are allowed.</small></p>
    
     <p><label for="email"><strong>Email Address</strong></label><br /><?php create_form_input('email', 'text', $reg_errors); ?></p>
    
     <p><label for="pass1"><strong>Password</strong></label><br /><?php create_form_input('pass1', 'password', $reg_errors); ?> <small>Must be between 6 and 20 characters long, with at least one lowercase letter, one uppercase letter, and one number.</small></p>
     <p><label for="pass2"><strong>Confirm Password</strong></label><br /><?php create_form_input('pass2', 'password', $reg_errors); ?></p>
     <input type="submit" name="submit_button" value="Next →" id="submit_button" class="formbutton" />
    
    </form>
    <?php // Include the HTML footer:
    include ('includes/footer.php');
    ?>

  4. Good point about the image resizing and formatting! A quick google search should find a quick bit of code for 00cakea to limit the size and placement of the shown image, such as applying some CSS.

     

    Also your first instance of creating the $image variable seems unnecessary(isn't it?), since you re-assign the variable a couple lines down anyway and never use it outside the if conditional there.

     

    I do admire your ability to improvise, since that seams to be a large portion of programming. Trust me when I tell you I am not speaking from superiority, since you are likely a better programmer than me. Good job!!!

  5. While I am partial to various cyclops throughout history, I am a SF Giants fan.

     

    I do have one more question: On page 627, you reference a $_POST['existing'] variable on line 138(or is it technically a string... I get my terms mixed up sometimes lol), but I do not see one set or mentioned anywhere in the form, not even a hidden value like $_POST['submitted'] is often set. Where is $_POST['existing'] set in the script? Thanks

  6. Ah, so the issue was not with the script, but that I had a user_id value in my cookies from a previous chapter script but no user_level value(0 or 1). I would imagine this would be an easy thing to avoid in a real world script where not everything comes from the site localhost :) . Thanks for the explanation.

     

    I wanted to take the opportunity to say how much I love your writing style. There are MANY php books, and many are formatted horribly(more the publishers fault) or by the time you reach later chapters, the author assumes you've become a master programmer and stops explaining each step. I love how even in the last chapter, you still explain what each step is. You don't dwell on it, but you say what's going on AND you seam to know when a user might have forgotten a particular subject, and point back to the chapter where that topic is discussed more in depth. So: Thank You!

  7. Hey Larry. First of all, loved this book so far. Already read the intro php book and am almost finished with this one, moving on to Effortless E-Commerce and your advanced php(latest edition) and javascript books to be released later this year. I hate that my first post here had to be a report of an error with your code but on page 563, on the footer.html file, line 17:

     

    if ($_SESSION['user_level'] == 1)) {

     

    It throws an error for an undefined index. A quick google search shows this fixes the problem:

     

    if (isset($_SESSION['user_level']) && ($_SESSION['user_level'] == 1)) {

     

    The first code assumes it's set, and if you first log on, and have no user level, it throws an error.

     

    Also, for anyone seing the logout links instead of the registration links when you are first testing the site, check your cookies from past chapters and clear them for the site 'localhost' since some of the cookie/session names Larry uses are re-used in later examples, and they'll already have values. Not Larry's fault, as in a real world site, you would use common cookie/session names for different sites.

×
×
  • Create New...