Necuima

Hi Larry, This is basically from quirksmode.org/js/cookies.html; function (update_and_go(url) { var n = url.indexOf("&kk"); var g_pk = url.slice(n + 4); var date = new Date(); date.setTime(date.getTime() + (1*24*60*60*1000); /* one day in milliseconds */ var expires = ; expires = "+date.toGMTString(); var name = "vbnefhwgfg"; /* just to obfuscate the name of the cookie */ document.cookie = name + "=" + g_pk + expires + "; path=/; domain=<?php echo $_SERVER['HTTP_HOST']; ?>"; alert(document.cookie); etc.... } If I include the code the alert shows blank but if I embed the code in the PHP module, the alert shows the cookie correctly. Again, any insights will be most appreciated. I had the same issue as a year or so ago in that I could not copy and paste the code - I had to key it in line by line and I hope that I have not made any mistakes! Thanks, Necuima

Hi Larry, I'm having an issue that I don't understand to do with setting cookies in JS. I have re-read the section on cookies in the book (pp 358...). If I have the JS code within the module that uses it (a PHP module it so happens) it works just fine. But if I include that same code via <script type="text/javascript" src = its source></script> it does not set the cookie. I have checked and the script does get loaded and executes when called - it just does not set the cookie. No errors are indicated in either the FF or IE. I have Googled but can't find anything exactly related to this. I have tried with Firefox V56 and IE11 and both exhibit the same behavior. (Running with XAMPP/Windows 7). Do you have any insights into this behavior? Thanks as always, Necuima.

Thanks, Larry, I always appreciate your advice. Cheers

Hi Larry, Can you please give me your thoughts on two window relocation techniques that I use as to which one, if any, is better. $url and header (in PHP) or JS window.location.replace(url) with the urls set appropriately. window.location.replace seems to be better if you are using sessions to avoid the 'headers already sent' issue but I'd appreciate your advice. Best wishes from Oz

Hi Larry, I recently came across an issue whereby array_merge would not accept the second argument, an array with a generated PHP variable name, without typecasting it. The array in question tested as an array with var_dump so I did not understand why the array_merge was failing saying that the second argument was not an array. But typecasting it as an array solved the issue. $destination_array = array_merge($destination_array, array(${"generated_array_name" . $suffix})); // works Posted in case it is of interest. PHP version 5.5.3 Cheers from Oz.

After further experimenting, the bind can be with bindValue in which case you don't need the pass by reference. Cheers

Thanks for your thoughts, Larry. They are always appreciated. Cheers

Hi Larry, I experimented a bit and the following process worked for me: Loop through the row returned from the .doc file for the table in question and create the query inserting an un-named placeholder (?) for every data item - thus it will create an un-named placeholder for each data item - you don't need to know how many up front. Then loop through the row again binding each data item to a numerical count of the placeholder - I found that all the data items are strings so I used the PDO::PARAM_STR constant in every bind. The second foreach loop needs to declare the data_item with a preceding & pass by reference otherwise the binds don't work properly. There may be better ways but this worked for me (after numerous trials and errors)! Cheers

That regex should be /^[a-z\_]+$/ Oops

Hi Larry, I recently came across an attempted hack via the index.php module (pages 57...). I checked the logs and they added additional stuff to the $_GET['p'] data. In case it is of interest, I think the code I have added should avoid that in the future: if (isset($_GET['p'])) { $p = $_GET['p']; // if there's any characters in there that shouldn't be, exit if (!preg_match("/^[a-z\_]/", $p)) { exit ("Invalid attempt to access this module"); } } else $p = NULL; Can you suggest a better way? Thanks, and Cheers

Hi Larry, As mentioned elsewhere, I am upgrading all my database actions to PDO. I use the PHP scripts for database backup and restore which you have provided - they are very useful and have served me well. I have upgraded the database backup to PDO no worries but now I'm coming to the restore. The PDO "inserts" will need to handle a variable number of fields of varying/unknown data types. Are there any 'best practices' for this type of PDO INSERT / field binding? Looking forward to your advice and thank you in anticipation, Cheers

Thanks, Larry. Cheers from Oz.

Hi Larry, I key the links in in a form - they just refer to a website for a member of a club that I'm the webmaster of. They are just HTML (<a ... etc ) so that if someone clicks the link, they will go to that website. Someone else suggested just storing the link 'as is' in the database but applying htmlentities to it before echo-ing it to the page. Again, thank you for your response and looking forward to your further advice. Cheers

Yep - beauty:-) Cheers

Test code paste with the code start and end: while($row_outputs=mysqli_fetch_array($run_projects)) { // opening while loop $prog_name = $row_outputs['prog_name']; $proj_name = $row_outputs['name']; $projectId = $row_outputs['id']; $proj_array = array($projectId); $proj_array_uni = array_unique($proj_array); $projecty = ''; foreach($proj_array as $projectile) { $projectile = trim($projectile); etc... this indicates that it will paste correctly in 'Preview' - let's see if it does when I post it.

for some reason my indents are not displaying but it may help anyway - hope so. while($row_outputs=mysqli_fetch_array($run_projects)) { // opening while loop $prog_name = $row_outputs['prog_name']; $proj_name = $row_outputs['name']; $projectId = $row_outputs['id']; $proj_array = array($projectId); $proj_array_uni = array_unique($proj_array); $projecty = ''; foreach($proj_array as $projectile) { $projectile = trim($projectile); $projecty .= $projectile; $get_outputs_active = "SELECT * FROM projects WHERE project_id=$projectile AND impact_area='1'"; $run_outputs_active = mysqli_query($conn, $get_outputs_active); while ($row_outputs_active =mysqli_fetch_array($run_outputs_active)) { $total_outputs_active += $row_outputs_active['total_cost']; } // end while 2 $ftotal_outputs_active = number_format($total_outputs_active,2); $get_outputs_run = "SELECT * FROM projects WHERE project_id=$projectile AND impact_area='2'"; $run_outputs_run = mysqli_query($conn, $get_outputs_run); while ($row_outputs_run =mysqli_fetch_array($run_outputs_run)) { $total_outputs_run += $row_outputs_run['total_cost']; } // end while 3 } // end foreach } // end opening while loop ?>

You are missing a closing brace. To help diagnose issues like this, I always line my opening and closing braces up vertically so I can see where they start and end. Then, indent subservient routines also lining up the opening and closing braces. For me anyway, it helps to see what code loops are embedded in other loops, etc. Hope it helps.

My question relates to INSERT and UPDATE operations so my details above might be a bit misleading. For the 'binds' I also append the type specifier, e.g., PDO::PARAM_STR etc. To check for rows affected I add PDO::MYSQL_ATTR_FOUND_ROWS => true to the PDO creation statement. Hope that makes it clearer. Cheers

Hi Larry, I am progressively updating all my websites to use PDO for database actions rather than escape_data/mySQLi. Can you please recommend the safest way to store HTML links in a database table using PDO. Do they first need to be urlencoded, say, and/or quoted? I have searched via Google but have not found clear guidance (for my aged brain anyway). My code sequence is: 1) create a new PDO 2) create (say) SELECT with placeholders 3) prepare 4) bind parameters and values (one by one for clarity) 5) execute 6) check for successful execution all within a try/catch block then null the PDO. Looking forward to your advice. Cheers from Oz.

Thanks, Larry. Cheers from Oz.

Hi Larry, Looking forward to your advice re the ini-sets and cookie and session parameters. Thanks

As an aside, I always nest braces aligned top with bottom and indented so that you can easily see where they start and end. It seems that this is not a common approach but I have found it very helpful in complex nesting situations. For what it's worth... Cheers

Hi Larry, After reading the advice in pages 4... more carefully, I found that a straight usort with the keys based on values within the secondary array gave me exactly what I was looking for. Cheers

Hi Larry, The book describes how to use usort, etc., to sort a multi-dimensional array and that works great. Is it possible to use something similar to sort a 2 dimensional array by its primary key whilst at the same time inserting some value into an existing field in each secondary array entry? I want to insert a sequence number into the field in the secondary array as the primary key is not sequential for the purposes I have in mind. Thanks in anticipation for your advice. Cheers

Also, there are no financial data in the website but it has been mischievously hacked twice - current/old version now protected by sucuri.net but I'm trying to avoid the need for that type of protection in the re-write that I'm doing. My questions above relate to the re-write. The website is www.sunshinecoasthog.com.au - currently the old version is in production but the re-write will have similar functionality but is architected as per your guidance in "PHP Advanced".