Jump to content
Larry Ullman's Book Forums


  • Content Count

  • Joined

  • Last visited

  • Days Won


Posts posted by Duke

  1. Here is what I did...


    I added a value into the url link to the rss feed script.  (rss.php?x=somevalue). 

    The rss.php script checks the value in the url using if(isset($_GET['x'])) against a value in the database. (Learned this in a book by Larry Ullman).  


    Also checks out as valid rss when submitted to feedvaliator.com.


    Do not need it to be super secure.


    Thank you


  2. I did something similiar..I used cookies and set the pictures to change based on time.

    I used an  if (isset($_COOKIE['picture'])) 


                       display pix 1


                        display pix 2


    I am thinking there is a better way using javascript....

  3. Hi Larry. I have read and performed the exercises for 3 of your books.  Subject on all is PHP.  -I have learned a lot thank you- In all -that I can remember-javascript is not used for form inputs-adding data to a MySql table-The closest I found/can remember is in PHP and MySql for Dynamic Web Sites-chp 15 - a login form that uses jQuery.  Have you written any books that use javascript/jQuery form input , ajax for adding data to a MySql table and validating  the data ?

    When we create a site ie Message board in PHP and MySql For Dynamic Websites , or the 2 sites in Effortless ecommerce...Can we actually use the finished products live or are there copyright issues?


    Thank you

  4. I made changes in my ipn.php script ....It seems to be working now

    My changes:

    Page170 step 2
    Book uses :
     if (($_SERVER['REQUEST_METHOD'] === 'POST') && isset($_POST['txn_id']) && ($_POST['txn_type'] === 'web_accept') )

    I used:
    if (($_SERVER['REQUEST_METHOD'] === 'POST') && isset($_POST['txn_id']) && ($_POST['txn_type'] === 'subscr_payment') )

    Page172 step 8
    Book uses:
    if ($status === 200 && $response === 'SUCCESS')

    I used:
    if ($status === 200 && $response === 'VERIFIED')

    Page172 step 9
    Book uses:
    && ($_POST['mc_gross'] === 10.00)   

    I used:
    && ($_POST['mc_gross'] === '10.00')  (10.00 is in single quotes)

    For the above the below line may also work as I had to use either quotes or double == for a line  in my login.inc.php script in chp 6

    && ($_POST['mc_gross'] ==10.00)  (10.00 is in single quotes)



    Just wanted to share this in the event it helps others....I am not sure why they work ...but they do work for me....I am using PHP5.5

    Thank youi

  5. I just wanted to put this out there in case it helps anyone ... (I am using PHP 5.5)


    For the login.inc.php script on Page 99 , step 9


    In the book the row is:
    if ($row['expired'] === 1) $_SESSION['user_not_expired'] = true;


    The above line was not working for me so I used this:
    if ($row['expired'] === '1') $_SESSION['user_not_expired'] = true;...( I added single quotes around 1)

    This will also will work work:
    if ($row['expired'] ==1) $_SESSION['user_not_expired'] = true;...(use double ==)



    Thank you


  6. Hey Larry.. many thanks for the quick response....Error message == A System error occurred. We apologize for the inconvenience.

    Everything else seems to be working..except for the error message.....I did notice that on stripe dashboard...CVC Check is showing Failed...


    Only diff in my code is the email below... I am leaving this blank...

        Stripe:: setApiKey(STRIPE_PRIVATE_KEY);
        $email = '';
        $customer = Stripe_Customer::create(array(
        'description' => "Customer $email",
        'email' => $email,
        'card' => $token,
        'plan' => 'kip_basic'


    Ahhh do not worry about it ...I will keep looking to see if I can find what is not working and then maybe that will lead me to why the error is appearing....

    Thank you

  7. RE: Page 518 Capturing charges and the download script stripe_capture.php


    Should this script work as it is written in book and download?

    my code below:


    Stripe:: setApiKey(STRIPE_PRIVATE_KEY);

    $charge = Stripe_Charge::retrieve($charge_id);

    $charge->capture(); <<<<<<<<<<<This line is not working


    When I echo out the charge_id from the database the value = the value in the  charges table.



    I just performed a live purchase.  Then went to stripe website and verified it was not captured nor  paid.

    Then I went to my admin->view_order.php ..Clicked Ship This Order...I get an error message from Stripe.

    But then when I look in stripe.com under payments the order now shows captured and Status :Paid


    Your thoughts?



    Thank you very much.

  8. I believe my issue has to do  with my hosting.  I found this. I am not that tech savey so not sure.  I also tried using MD5 ..same issue.  
    I hard coded the hash from the url into the query  ie... WHERE o.id=? AND 'url hash'=?';.......this works. 

    also hard coded email address for order....and changed query to ...AND c.email=?...this works......

    and of course using customer_id works....


    Everything seems to work until I use sha1 or md5....My only fix is to go back and add a column to orders called email_hash and create the hash in the php when the order is added to the customers table....then use in the query WHERE o.id=? AND c.email_hash=?

  9. Yes Larry you understand correctly... Yes I was thinking using primary key or any information from database in URL is not too cool....If I change either the x or y in the url the page will display:


    OOpps! Error!

    This page has been accessed in error.


    maybe I should add a header redirection  and exit();


    Thank you for your interest in this thread.....

  10. For some reason sha1() not working in my query on page 423

    Here is what I did..

    In chapter 10 I used http://www.larryullman.com/forums/index.php?/topic/3373-chapter-10-checkoutphp/

    in chapter 13 I am not verifying  the correct email address in the query on page 423...

    I am verifying the customer_id that is set  in checkout.php I am setting a session y using  customer_id value

    then on final.php I am using  this  session in the url-not sha1(email).

    on receipt.php I changed the IF statement that validates required parameter-page 422 step 3

    I then changed the query-page 423 to check y which is now customer_id.....changed sha1(email)=?  to .  c.customer_id=?';.....

    Seems to be working...not sure how secure this is...

    I hope this is not total confusion.....

  11. Chapter 13 page 421 creating a receipt page....

    Wondering if anyone else had this issue or if anyone can recommend a work around...

    For the query to grab the order info .. this is not working "SHA1(email)=?".. I have echo out  $email_hash and and I have echo out  echo sha1(email address in the order)....they are the same... I am wondering if there is a mysqli issue when using sha1?



  12. using the above work around....in chapter 11....

    for view_orders.php script I changed the query to


    $q =   'SELECT o.id, FORMAT(total/100, 2) AS total, c.customer_id AS cid,
            CONCAT(last_name, ",", first_name) AS name, city, state,zip,
            COUNT(oc.id) AS items FROM orders AS o
            LEFT OUTER JOIN order_contents AS oc ON
            (oc.order_id=o.id AND oc.ship_date IS NULL)
            JOIN customers AS c ON (o.customer_id = c.customer_id)
            JOIN transactions AS t ON (t.order_id=o.id AND t.response_code=1)
            GROUP BY o.id DESC';


    for the view_order.php script I changed the query to


    $q ='SELECT FORMAT(total/100, 2) AS total, FORMAT(shipping/100,2) AS shipping, credit_card_number, DATE_FORMAT(order_date, "%a %b %e, %Y at %h:%i%p") AS od, email, CONCAT(last_name, ", ", first_name) AS name, CONCAT_WS(" ", address1, address2, city, state, zip) AS address, phone, o.customer_id, CONCAT_WS(" - ", ncc.category, ncp.name) AS item, ncp.stock, quantity, FORMAT(price_per/100,2) AS price_per, DATE_FORMAT(ship_date, "%b %e, %Y") AS sd FROM orders AS o INNER JOIN customers AS c ON (o.customer_id = c.customer_id) INNER JOIN order_contents AS oc ON (oc.order_id = o.id) INNER JOIN non_coffee_products AS ncp ON (oc.product_id = ncp.id AND oc.product_type="goodies") INNER JOIN non_coffee_categories AS ncc ON (ncc.id = ncp.non_coffee_category_id) WHERE o.id=' .$order_id. '
    SELECT FORMAT(total/100, 2), FORMAT(shipping/100,2), credit_card_number, DATE_FORMAT(order_date, "%a %b %e, %Y at %l:%i%p"), email, CONCAT(last_name, ", ", first_name), CONCAT_WS(" ", address1, address2, city, state, zip), phone, o.customer_id, CONCAT_WS(" - ", gc.category, s.size, sc.caf_decaf, sc.ground_whole) AS item, sc.stock, quantity, FORMAT(price_per/100,2), DATE_FORMAT(ship_date, "%b %e, %Y") FROM orders AS o INNER JOIN customers AS c ON (o.customer_id = c.customer_id) INNER JOIN order_contents AS oc ON (oc.order_id = o.id) INNER JOIN specific_coffees AS sc ON (oc.product_id = sc.id AND oc.product_type="coffee") INNER JOIN sizes AS s ON (s.id=sc.size_id) INNER JOIN general_coffees AS gc ON (gc.id=sc.general_coffee_id) WHERE o.id='.$order_id;  


    ..seems to work . I am going to check it more...just wanted to add above in case anyone uses mt_rand() for customer id


    Thank you


  • Create New...