Necuima

Hi Larry, I have encountered a really weird problem (well weird to me) re the server not being able to write a session cookie reliably but it always gets set first go in localhost. I had to include a do-while loop in the production version until the session data were available but I don't know how many times the loop gets executed before the session cookie gets set. Can you offer any guidance on how to debug this? Am using IE11 and Firefox 62.0 Thanks as always, Necuima

Hi Larry, When I look at topics, the order of the posts is oldest to newest. This looks like a change? Is there an option to see the latest posts at the top rather than at the bottom? Thanks and Cheers, Necuima

Hi Jim, I'm not sure what technique you are using but since PHP 5.5+ there are PHP functions 'password_hash' to create a very strongly hashed password and 'password_verify' to check them. You can see these if you Google for them. I discussed this briefly with Larry a little while ago and he suggested using these. Hope it helps. Cheers

Hi Larry, Thanks for your thoughts (as always:-) I have tested my routine above in tables with and without foreign key (FK) constraints and it works OK. But I found a way to check if a table has FK constraints (with thanks to stack exchange); SELECT TABLE_NAME, COLUMN_NAME, CONSTRAINT_NAME, REFERENCED_TABLE_NAME, REFERENCED_COLUMN_NAME FROM INFORMATION_SCHEMA.KEY_COLUMN_USAGE WHERE CONSTRAINT_SCHEMA = 'database name' and REFERENCED_TABLE_NAME = 'table name'; You can leave the table name off it you don't know if any tables have FK constraints, then in the returned data, look for non-NULL data elements for REFERENCED_COLUMN_NAME and REFERENCED_TABLE_NAME. Cheers

Hi Larry, Thanks for your replies to my numerous posts! In this instance, traffic volumes should be quite low so I'm not concerned about performance in this case. Cheers from Oz.

HI Larry, Am learning more and more from your book ? Am now on page 239 re database encryption and hashing. I have been using PHPs password_hash and password_verify. Can you comment/advise compared to the aes_encrypt process on page 239? FYI both my xampp and production use PHP 5.5 or higher and the database systems are also OK with the approach that I have been using. I have the database fields set as varchar 255. Thanks again and looking forward to your thoughts/advice. Cheers

OK, found the issue - HeidiSQL has a button to set to "view binary data as text" though why this would only be needed for this query seems odd - but in nutshell, this issue is solved. Cheers from Oz

Hi Larry, Am doing exercise 4 page 223 but my results show the counts in hex. Localhost/HeidiSQL/MariaDB 10.1.31. How can I force the counts show normally? Thanks P.S., for the following exercise, bottom right page 223 (results G) the numbers show normally.

Hi Larry, I think that I now understand this a bit better. I tried using table locks and that seems to work. Specifically: $q103a = "LOCK TABLES visitors WRITE"; //only this session can read and write to the visitors table $r103a = $pdo101->prepare($q103a); if (!$r103a->execute()) { ................................. then at the end $q103b = "UNLOCK TABLES"; $r103b = $pdo101->prepare($q103b); if (!$r103b->execute()) { ............................. But I needed to ensure that the privileges included 'lock'! Am I on the right track? Thanks, and Cheers

Hi Larry, am enjoying the book a lot! But I'd like to ask a question re transactions. I have a PHP module which keeps track of the visitors to a website. Specifically it checks to see if the IP address of the visitor is in a database table, and if it is, it increments the access count for that IP address and records the date and time. If the IP address is not already in that database table, it adds it. I am getting an occasional error where the select does not indicate that the IP address is in the database table but when the code tries to add it, it is already there (the IP address is 'UNIQUE' in the database table). I have checked the logs and this seems to occur when the same IP address attempts to visit the database several times in rapid succession though it does not seem to be a DOS attack. So, if I used transactions, would this prevent two very-close-in-time database selects/inserts happening - i.e., would it ensure that the transactions for one visitor cannot interfere with transactions from another visitor, or even the same visitor close in time? Maybe MySQL does this anyway? Does the MySQL table engine need to be InnoDB? Thanks, and Cheers from Oz. P.S., the production environment uses MariaDB 10.0.34

This worked but it seems clumsy. $pdo1 = new PDO('mysql:host=' . DB_HOST . '; dbname=' . DB_NAME, DB_USER, DB_PASS); $qa = "SET FOREIGN_KEY_CHECKS = 0"; $ra = $pdo1->prepare($qa); if (!$ra->execute()) { $e_message = '$qa PDO database actions failed: ' . " - IP: $ip"; add_error("$e_message"); } // end $qa/$ra failed $qb = "TRUNCATE table database_name.table_name"; $rb = $pdo1->prepare($qb); if (!$rb->execute()) { $e_message = '$qb PDO database actions failed: ' . " - IP: $ip"; add_error("$e_message"); } // end $qb/$rb failed $qc = "SET FOREIGN_KEY_CHECKS = 1"; $rc = $pdo1->prepare($qc); if (!$rc->execute()) { $e_message = '$qc PDO database actions failed: ' . " - IP: $ip"; add_error("$e_message"); } // end $qc/$rc failed Your thoughts and advice will be most appreciated. Cheers

Hi again, After some extensive Googling, the following works in my HeidiSQL - xampp - Windows 7 environment in localhost: SET FOREIGN_KEY_CHECKS = 0; TRUNCATE table database_name.table_name; SET FOREIGN_KEY_CHECKS = 1; But I'm wondering if this is a good solution? And how would I incorporate these SQL statements into a PDO-executable PHP code? (The truncate is no problem). The only place where I use the TRUNCATE is in the database restore module (from one of your earlier books). Thanks

Hi Larry, I am experimenting with foreign keys as per chapter 6 and am 'learning'. I thought that I would try to add that feature to a website that has a 'galleries' table and a 'works_of_art' table (as well as many other tables). One gallery can have lots of works of art associated with it but a work of art can only 'belong' to one gallery - i.e., a one to many relationship. In my experimentation, I assigned a foreign key constraint in the works_of_art table to the primary key of the galleries table using CASCADE as I thought it would be nice that if a gallery were deleted all its associated works of art would also automatically get deleted. But during my experimentation and 'playing around', I discovered that you cannot use a TRUNCATE table on the galleries table even if the works of art table is empty. As I use the TRUNCATE feature in your database restore routine (I use it and the associated database backup routine in several websites), I'd appreciate your thoughts. Thanks and Cheers from Oz.

Hi Larry, I bought the book - it was not available in Oz so I got it from the U.K.! I downloaded the sql.sql file but I think that there's an error in the create table users code - the version that I am looking at shows the pass to be char (40) but it needs to be char (128) I think? Cheers from Oz.

A point of clarification, I do declare variables 'up-front' if I want them to have some default value, but otherwise no. Apologies for any confusion my post may have caused.

Hi Mike316, I was interested to see that you first declared the variables and am interested in feedback as I never declare PHP variables before using them. Have I been doing something wrong all these years? Necuima

Thanks for getting back to me - much appreciated. I think that I will modify my PDO version of the session script to also delete the cookie. Best wishes from Oz, Necuima.

Hi Larry, After another read of the book, and from the diagram on page 84, I think I understand it a bit better now, so please ignore my question above. But I do not understand where and when the session cookie gets deleted so your advice on this will be most appreciated. Thanks, Necuima.

Hi Larry, On page 90 you define the clean_session function but I can't figure out how to invoke it. I tried 'session_clean(seconds)' to no avail. Can you please guide me. Thanks, Necuima.

My goodness, the last post on this subject was over 3 years ago. I just installed Imagick/Image Magick on a 'clean' PC under XAMPP/PHP7/Windows 10. The only guide that has worked reliably for me is from this post: https://herbmiller.me/installing-imagick-php-7/#more-19745 I have thanked this gentleman profusely as the post sets out step by step exactly what needs to be done. I fell into one trap in that I set the environment variables at a user level but they have to be set at a system level. Once I fixed that phpinfo indicated a correct installation. Posted in case it is of interest to others. Cheers

Hi Larry, Just FYI I modified the db_sessions code (pp 82..) for PDO - after a few pitfalls it works beautifully. Thanks for the base code to work with. Cheers, Necuima.

Hi again Larry, FYI the 'fix' did not in the end work but no matter - I used a JS script from Github that worked. (I virus-scanned the code before using it). In case anyone else falls into the traps that I fell into, here's what I (re) learned (at my age re-learning is a frequent requirement:-) The Github JS code enabled me to set a cookie by including it in my initial PHP script. To enable that cookie to be accessible to PHP, another PHP module had to be called as the cookie data are transferred to PHP via the header (part of my re-learning). I called the second PHP module via JS window.location.replace and that worked reliably. Thanks again for your interest in this. Cheers from Oz, Necuima.

Hi Larry, thanks for getting back to me. The first missing closing parenthesis is another of my typos when I was keying in the code above line by line. I don't know why I can't copy and paste into this forum. Maybe it is something to do with my Windows 7 environment. Your second comment puzzled me too. It is exactly as per the example in in the quirksmode reference. I 'fixed' it and now the code works OK both embedded and included. It was a puzzlement to quote the King of Siam :-) Hope that you get a good Easter break - here in Oz it is a 4 day long weekend. Cheers, Necuima.

Hi Larry, The typo is just in the post above - as mentioned, I had to key in the code above line by line and that's where I made the mistake that I was referring to. In the executing code there is no superfluous opening bracket. Again, I look forward to your comments. Thanks, Necuima P.S., I have ordered the 5th edition of PHP and MySQL :-)

I did make a typo - there should not be an opening bracket before the function name - Oops:-(