DavidP

Yes I did... I copied and pasted the first name intending to change the copied one to last name. Thanks. Would "longtext" be considered a "blob" - "b" in prepared statements? Also, I'm using a 3 page process - form (enter information), review (go back make changes or continue), add form information into database -> make payment -> update database with Stripe payment details. The information entered into the form on the first page will be set into session variables on the review page (second page). In the prepared statement example on page 427 (chapter 13) it shows that the values need to be assigned to variables after we "bind the variables" - mysqli_stmt_bind_param(). Would I still need to do this if I have already assigned the values to a session variable on page 2? Or would I just do this: My first row in the jobs database table is $jid (before siteid) and it is an auto-increment not null so it doesn't need to be included in this query. My jobs table: `jid` int(11) NOT NULL AUTO_INCREMENT, `siteid` varchar(4) NOT NULL, `first_name` varchar(25) NOT NULL DEFAULT '', `last_name` varchar(35) NOT NULL DEFAULT '', `email` varchar(155) NOT NULL DEFAULT '', `phone` varchar(25) NOT NULL DEFAULT '', `job_title` varchar(155) NOT NULL DEFAULT '', `company` varchar(155) NOT NULL DEFAULT '', `company_url` varchar(155) DEFAULT NULL, `address` varchar(155) DEFAULT NULL, `city` varchar(35) NOT NULL, `state` varchar(3) NOT NULL, `zip_code` varchar(10) DEFAULT NULL, `salary` varchar(255) DEFAULT NULL, `apply_email` varchar(85) DEFAULT NULL, `content` longtext NOT NULL, `display` tinyint(2) NOT NULL, `payment_status` varchar(15) NOT NULL, `amount_paid` varchar(6) NOT NULL, `chargeid` varchar(35) NOT NULL, `pay_brand` varchar(45) NOT NULL, `pay_type` varchar(35) NOT NULL, `lastfour` varchar(4) NOT NULL, `submitted` date NOT NULL DEFAULT '0000-00-00', $q = 'INSERT INTO jobs (siteid, first_name, last_name, email, phone, job_title, company, company_url, address, city, state, zip_code, salary, apply_email, content, display, payment_status, amount_paid, chargeid, pay_brand, pay_type, lastfour, submitted) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,'','','','','','',NOW())'; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 'isssssssssssssbi', $_SESION['siteid'], $_SESION['first_name'], $_SESION['last_name'], $_SESION['email'], $_SESION['phone'], $_SESION['job_title'], $_SESION['company'], $_SESION['company_url'], $_SESION['address'], $_SESION['city'], $_SESION['state'], $_SESION['zip_code'], $_SESION['salary'], $_SESION['apply_email'], $_SESION['content'], $display); $display = 2; mysqli_stmt_execute(stmt); // get auto-incremented jid so as to update this job ad with Stripe payment details and change display status. $jid = mysqli_insert_id($dbc); if (mysqli_stmt_affected_rows($stmt) == 1){ echo '<p>Job ad entered.</p>'; }else{ echo '<p>Job ad was not entered.' . mysqli_stmt_error($stmt) . '</p>'; } mysqli_stmt_close($stmt); Can the mysqli_stmt_error($stmt) error statement work with the config.inc.php file so that if the site is live it won't be displayed publically? This will put the user information into the jobs database. Then I'll process their payment on Stripe and update the table to enter in the - $amount_paid, $chargeid, $pay_brand, $pay_type, $lastfour. $q = 'UPDATE jobs SET display=?, payment_status=?, amount_paid=?, chargeid=?, pay_brand=?, pay_type=?, lastfour=? WHERE jid=$jid)'; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 'issssss', $display, $payment_status, $amount_paid, $chargeid, $pay_brand, $pay_type, $lastfour); $display = 1; $chargeid = $charge->id; $paymentbrand = $charge->card->brand; $paymenttype = $charge->card->funding; $lastfour = $charge->card->last4; $paymentgross = $charge->amount; $status = "Paid"; mysqli_stmt_execute(stmt); if (mysqli_stmt_affected_rows($stmt) == 1){ echo '<p>Job ad updated.</p>'; }else{ echo '<p>Job ad was not updated.' . mysqli_stmt_error($stmt) . '</p>'; } mysqli_stmt_close($stmt); Does this look correct?

So my prepared statement query would look like this: $q = 'INSERT INTO users (first_name, last_name, email, join_date) VALUES (?,?,?,NOW())';

I'm practicing the prepared insert statement in Chapter 13 page 427. Is this how I would I write the prepared statement for a users table in a registration scenerio where the userid is to be assigned by auto-increment? In the bind param I would only have 3 s's and have nothing for the userid and the now()? $dbc = mysqli_connect ('localhost', 'username', 'password', 'users'); $q = 'INSERT INTO users (userid, first_name, last_name, email, join_date) VALUES ('',?,?,?,NOW())'; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 'sss', $first_name, $last_name, $email); $first_name = strip_tags($_POST['first_name']); $first_name = strip_tags($_POST['first_name']); $email = if (filter_var(trim($_POST['email'], FILTER_VALIDATE_EMAIL))) { $email = $_POST['email']; } else { $email = FALSE; echo "Error! Not a valid email."; } mysqli_stmt_execute($stmt); if (mysqli_stmt_affected_rows($stmt) ==1) { echo "Entry Successful!"; } else { echo "Error! Entry Failed!"; echo '<p>' . mysqli_stmt_error($stmt) . '</p>'; } mysqli_stmt_close($stmt); mysqli_close($dbc);

In phpmyadmin I added these parameters: IN - email - varchar - 35 IN - pass - varchar - 40 OUT - rid - int - 11 Now I get the error message - "Incorrect number of arguments for login; expected 3, got 2". It figures...I'm not able to meet the expectations. I think I better stick with the old procedural coding style. I can get that to work most of the time.

This question actually spans two books - this one and "PHP and MySQL for Dynamic Web Sites 4th Edition. I'm using the User Registration in Chapter 18 of the latter and I''m trying to convert it to using Stored Procedures, but things aren't going very well. I created this stored procedure: DELIMITER $$ CREATE PROCEDURE login() BEGIN SELECT * FROM login WHERE email='$email' AND pass=SHA('$pass'); END $$ DELIMITER ; And this Call: $r = mysqli_query($dbc, "CALL login('$email', '$pass')"); if (!$r) echo mysqli_error($dbc); if (mysqli_num_rows($r) > 0) { But I'm getting an error message - "Incorrect number of arguments for PROCEDURE login; expected 0, got 2" Is the problem with SHA?

Ah, without the dollar sign on card. Thank you.

Hello again, I'm back to working on my Stripe payment processing and while I'm beginning to understand it a little bit more I need to ask a couple of questions regarding the charge attributes. I need to take some information returned from Stripe and assign it a variable to be entered into a database table. Specifically I need to know how to write a variable to get some of the charge card's child parameters. I write this to set a variable for the charge id: $charge_id = $charge->id; ...so would I write a variable like below to get the card brand and funding... $card_brand = $charge->$card->brand; $card_type = $charge->$card->funding; ??? Thanks. David

Early in your book in the "Tip" sidebar you mentioned something to the effect that it would be better to register your domain name separate from your hosting company. Who do you use?

I purchased an SSL Certificate (just to get that out of the way) and Stripe is working in test mode. I still have a couple of questions but will get to those later.

Hi Larry, Yes, sorry about that. First, does my website need to be https:// in order to test Stripe? I'm trying to use the buy.php script from your online tutorial. I need to send Stripe the customer's email address so they can email them a receipt. I affirmed the "email customer a receipt" setting in Stripe. But I'm not 100% sure how to do that via the credit card form. I'm have this: <input type="hidden" name="email" value="<?php {$_SESSION['eemail']} ?>"> and this here: // Charge the order: $charge = Stripe_Charge::create(array( "amount" => $amount, // amount in cents, again "currency" => "usd", "card" => $token, "email" => $e ) ); not sure if these are correct or not. I also need to update my jobs database "txn_id" column with the Stripe order id #, but I'm not sure of the Stripe php variable for the order id #... UPDATE jobs SET txn_id='$order_id' Thanks. David

I tested buy.php and it didn't work. No surprise there. Got the message: I have these javascript files in the header: <script type="text/javascript" src="https://js.stripe.com/v2/"></script> <script type="text/javascript" src="js/buy.js"></script> I also have this: // If no errors, process the order: if (empty($errors)) { // create the charge on Stripe's servers - this will charge the user's card try { // Include the Stripe library: require_once('includes/stripe/lib/Stripe.php'); All are installed.

Hello, I bought the book, but I'm struggling with Stripe. I have several questions, most of which I think can be easily answered. I also read the tutorial at "http://www.larryullman.com/2012/10/10/introduction-to-stripe/" and I downloaded the codes associated with that tutorial - buy.php, buy.js, etc. In the book, the picture of the Stripe form shows inputs for the customer's first and last name, although in the form script I do not see these inputs. Same goes with the online tutorial that shows an input for the customer's email. So, I'm guessing that I have to include the email input into the form like below: <label>Your Email:</label> <input type="text" name="email" class="input-medium" value="<?php if(isset($_POST['email'])) echo $_POST['email']; ?>" /> Correct? I'm currently using PayPal. I use a php IPN (fsockopen) script. PayPal collects all kinds of information from the customer via their payment form and sends that infomation to me in the form of php variables. The ones I'm most interested in are these: $txn_id = escape_data($_POST['txn_id']); $first_name = escape_data($_POST['first_name']); $last_name = escape_data($_POST['last_name']); $payer_email = escape_data($_POST['payer_email']); $payment_date = escape_data($_POST['payment_date']); $payment_status = escape_data($_POST['payment_status']); I use the name and email to match the right customer in the database and the payment_status (if "Completed") to update the "display" column in the database to "2" to make the job ad viewable. Below is my jobs database setup: CREATE TABLE IF NOT EXISTS `jobs` ( `id` int(11) NOT NULL AUTO_INCREMENT, `first_name` varchar(25) NOT NULL DEFAULT '', `last_name` varchar(35) NOT NULL DEFAULT '', `email` varchar(155) NOT NULL DEFAULT '', `phone` varchar(25) NOT NULL DEFAULT '', `job_title` varchar(155) NOT NULL DEFAULT '', `company` varchar(155) NOT NULL DEFAULT '', `company_url` varchar(155) DEFAULT NULL, `address` varchar(155) DEFAULT NULL, `city` varchar(35) NOT NULL, `state` varchar(3) NOT NULL, `zip_code` varchar(10) DEFAULT NULL, `salary` varchar(255) DEFAULT NULL, `apply_email` varchar(85) DEFAULT NULL, `apply_website` varchar(155) DEFAULT NULL, `description` longtext NOT NULL, `display` tinyint(2) NOT NULL, `txn_id` varchar(30) NOT NULL, `payment_date` varchar(50) NOT NULL, `payment_status` varchar(15) NOT NULL, `submitted` date NOT NULL DEFAULT '0000-00-00', PRIMARY KEY (`id`) ); Using: MySQL Client API version - 5.1.73 PHP version - 5.2.17 In my Stripe account I checked to automatically send me and the customer confirmation of payment. Stripe has my email address, so will they just use the $email value the customer enters in the form to send a receipt to them? I'm using the buy.php script in Larry's tutorial to process the payment information. To update the database after a successful payment I'm using this: // Check that it was paid: if ($charge->paid == true) { // Store the order in the database. // Send the email. // Celebrate! $query = "SELECT COUNT(*) as num FROM jobs WHERE txn_id='' && email='$e'"; $total_pages = mysql_fetch_array(mysql_query($query)); $total_pages = $total_pages['num']; if ($total_pages >= 1) { $newdisplay = 1; $payment_status = "Completed"; $txn_id = $id; $sqlupdate = "UPDATE jobs SET display='$newdisplay', txn_id='$txn_id', payment_gross='$payment_gross', payment_date = now(), payment_status='$payment_status' WHERE email='$e'"; $result = mysql_query($sqlupdate); } } I'm looking at the picture (Figure 15.12) on page 511 of the book and see the Stripe Charge Object. I'm not sure which exactly is the order_id, but if it's the top id, I do not know how to change: [id] => ch_102jyI2BAZoCjj35RP3QgGkT into the $txn_id variable to update the database. In the above I have $txn_id = $id; but I am not sure that this is correct.

Thanks for the heads up about Stripe. I've never heaed of them but I'm on their page right now! Thanks again. Love the books Larry. I'll be getting this one soon!

I have two of Larry's books and and am considering buying this book if it can help me do what I need to do. I do not have a complicated e-commerce store with many products, sizes and quantities. I have one product, one price and it's sold one at a time. I have a job board where peopel can post one job ad for $95. If they want to post another job ad they start over. I want to use PayPal's "PayPal Payments Advanced" as my payment processing. This cost $5 a month along with a transaction fee of 2.9% plus $.25-$.30. I'd like to use "PayPal Payments Advanced" because payments would be processed on my website instead of PayPal's standard payment system where the customer is taken to PayPal's site for payment processing. To use "PayPal Payments Advanced" requires a shopping cart. I've looked at many but I do not need a hosted e-store website nor do I need a complicated system that I have to pay a $30-$50 a month subscription fee to. I also do not want to pay a one time fee of several hundred dollars for a shopping cart. I already have my job ad database written and installed along with PayPal's IPN database. Employers post their job ad and then make payment. When PayPal sends the IPN report with a successfully completed payment, the jobs database is updated from "hide" job ad to "show" job ad. This works with my current system using PayPals "Buy Now" button and paying on PayPal's website. What I don't like about this is that their page is pre-set for people to pay with their PayPal account. The option to pay with a credit/debit card is below the pay with your PayPal account section and is easily missed. People are thrown off with the pay with your PayPal account because most do not have a PayPal account so they cancel the order. I don't want to overload my customers by posting detailed instructions on how to disregard the "Pay with your PayPal Account" section and find the "Pay with Credit/Debit Card" link. Sorry for ALL that, but will this book help me to create a simple shopping cart that only has one product at one price and one quantity that will work with PayPal? I'm located in the U.S. Thanks. David

Got it. Thanks.

With mysql we... $q = "SELECT * FROM users WHERE id='$id'"; but I noticed that with mysqli quotes aren't used... $q = "SELECT * FROM users WHERE $id=$id"; It seems this came with no fanfair or mentioning and its probably nothing, but I'd like to just clarify that quotes in this case aren't necessary. Thanks David