lindsd1111

Hi. I've been using your Chapter 4 login code for a while now and it works well. But I'd like to make an enhancement. Right now, in the login_form.inc.php, the form code is this: <form action="index.php#loginform" method="post" accept-charset="utf-8"> I use the #loginform because I have placed the login div at the bottom of my page. It needs to take the user back to the bottom of the page if the login is unsuccessful because otherwise they will not see the error messages that the login was unsuccessful. It works well, EXCEPT that if the user logs in successfully, then they are still stuck at the bottom of the page. I would like to change it so that if the user logs in successfully, they are taken to the top of the page. (BTW, you can see the actual site here: www.readinesstest.com) Anyone have a thought on how to accomplish this? I've tried a handful of things but they didn't work. Thanks! --David

Just an update: I was never able to fix the problems. After a while, MySQL simply stopped working all together. The only thing that ultimately "fixed" the problem was not only to uninstall and reinstall XAMPP, but I also had to manually blow away all the XAMPP folders and files after uninstalling and before reinstalling. I would advise anyone upgrading to Yosemite to: - Save off a copy of each DB - Save off a copy of all PHP / code files Then it's just an "easy" matter of copying back the php files and importing the DBs.

Thanks for your response, Antonio. Your advice is always helpful. Sorry I didn't reply sooner; I was sorting out the post-Yosemite upgrade problems. Anyway, I am not advanced enough to follow your suggestions, but they did get me started enough to come up with my own solution. I share it here in case it's helpful to others. FYI, this was for a group of test users I created, all with a sequential number at the end of their name. <?php include('../includes/database.php'); for ($i=1; $i < 51; $i++) { $pass = "NewPassword4321"; $user = "NameOfSequentialUser" . $i; $query = "UPDATE users SET pass='" . password_hash($pass, PASSWORD_BCRYPT) . "' WHERE username='$user' "; echo $query; //Write results to DB $mysqli->query($query) or die(); $query = ""; reset($mysqli); echo "Complete for" . $user . "!</br>"; } echo "ALL complete";

I'm probably missing something obviously stupid, but appear not to have that file structure: "-bash: cd/usr/local: No such file or directory" My path on a Mac using XAMPP to get to phpMyAdmin is: Applications > XAMPP > xamppfiles > phpmyadmin The mysql path is: Applications > XAMPP > xamppfiles > mysql If I run the ls -al on this path: Applications > XAMPP > xamppfiles > var > mysql I get this result: -bash: is: command not found I'm sure I'm missing something very basic; sorry!

Could it possibly be related to folder permissions under xamppfiles > var > mysql? Not sure what I'd change there??

Thank you, Larry. That's what I think too, but can't figure out how to solve it. Could you provide a bit more information as to how to do that? I have set passwords for all users and added the passwords to the config.inc.php file. Screenprint: https://drive.google.com/open?id=0B9uvP7GK92uPWmpkV0w4Z1RFdms&authuser=0 Can't think of what to try next...

I posted this on Apache Friends but thought I'd post here too. I upgraded to Yosemite. I downloaded and installed the most recent version of XAMPP. I changed / updated the root and pma passwords in the config.inc.php file. I can see all DBs and tables, but cannot access any tables (!! exception = I can access the phpmyadmin tables). I can create new tables in any DB. Every time I get a #1146 - Table ... doesn't exist error. It is exactly the same problem as described here on stack overflow (with no solution): http://stackoverflow.com/questions/26438068/xampp-not-working-os-x-yosemite HELP! Thanks!

I have a need to generate many (50+) accounts. I can do this rather easily directly in the DB using PHPMyAdmin or the like. EXCEPT for the passwords. I am following the password creation methods using a hash as you have laid out in your book. Thus I cannot figure a way to create them directly in the DB because of the hash encoding used in the PHP code. Is there a way to create passwords without having to create them in the registration / edit user pages? Can it be done directly in something like PHPMyAdmin? Alternatively, is there a way to quickly create multiple accounts? (They could even have all the same password in this particular case I need). Hopefully the topic and questions make sense. Thanks! --David

Super; thanks!

Hi Larry (and all). I had a problem on my VPS that forced me to look a bit more closely at cleaning strings before writing them to MySQL. So this got me to wonder: What is the difference between escape_data() and $mysqli->real_escape_string()? Larry uses functions like this one during the login process: $fn = escape_data($_POST['first_name'], $dbc); Other authors suggest functions like this one: $fn = $mysqli->real_escape_string($_POST['first_name']); Can someone explain the difference between them (and which one is "preferred")?

Thanks @HartleySan (fellow Buckeye!); that makes sense. Newbie followup question: This method assumes that the user will perform some activity (like loading a page) that will then log them out using your function; is there a way to log them out automatically without them performing an action? So if they simply close their browser without ever logging out? I assume this would have to take place on the server side, and perhaps would be too complicated, but thought I'd ask for security reasons.

I was hoping that someone might be able to provide a few lines of code that would automatically log the user out after 20 or 30 minutes of inactivity. Maybe the code could be placed in the config.inc.php file so that it gets run frequently? (Note: I am using the "First Site" as created in chapters 1-6 of Larry's book.) Thanks!

Resolved with a work-around using cookies. It looks like this is not such an uncommon problem. Here is a helpful article: http://stackoverflow.com/questions/17242346/php-session-lost-after-redirect I went with the cookie solution, but in the future I might experiment with this: session_save_path('"your home directory path"/cgi-bin/tmp'); session_start();

I thought of that too, Larry. But that doesn't appear to be the problem. I verified that my website is using https:// on the page where the user clicks the PayPal button. Then I verified that PayPal was redirecting back to: https://www.readinesstest.com/thanks... So it would seem that the user stays within https:// settings the whole time (unless maybe the PayPal sandbox site is not https:// and that is what destroys the sessions? Any help you or others could offer would be great. I guess the next step is to try implementing the pdt.php but I'm a little gun-shy at this point...

After the user goes to PayPal and makes a successful purchase, the user is redirected back to the "thanks.php" page on my site (in accord with Chapter Six). But there is no _SESSION information available! Therefore the "thanks.php" will not run properly, because it doesn't have the user_id or reg_user_id to be able to write it to the database. Help? Important Note: I am not (yet) using the pdt.php; I'm trying to make it work without it for now.

I thought I would post this in case it benefited others. Problem: I tried several times to create a PayPal button in the sandbox. Each time, the generated code did not contain any reference to the sandbox; it always generated code for a "live" site. This was even the case when I walked through the process on the phone with PayPal tech support. Naturally, then, there way no way to test the PayPal payment functionality and I got all sorts of errors. Root Cause: Not entirely sure, but it's something on the PayPal side when you go to create the button in the sandbox. Solution: I worked with a different tech support person for this strange work-around that did work. In short, you have to NOT go to the "Merchant Services" tab, but get to the button creation a different way. Steps: Log into Developer website (using your "official" account, not any sandbox accounts you created) Create a new Business Type account in sandbox (This actually failed for me the first time. I got an "We're sorry but something went wrong.Please delete this account and try again" error. It worked the second time.) Click on "Enter Sandbox Site" and login as the Business Type user you just created. Hover over Profile Link. Click on My Selling Tools. (The tech said I might see something in this drop down menu referring to "PayPal buttons" but I didn't.) Click on PayPal butons -> Update Click on "Sample Subscription Button" -> Action -> Create new button Create the button in line with Ullman's instructions in Chapter Six. The resulting code should have "..www.sandbox.paypal..." in it. Good luck!

I got the same error. In my case, it was caused by the fact that, due to something wrong on the PayPal side, when I created the PayPal button in the sandbox, it created a "live" button instead of a test / sandbox button. There was nothing to refer to "sandbox" in the code for the button. When I added "sandbox." to the code to try and fix it, I got the error you posted above. For more, see post: Bizarre work-around to create PayPal sandbox button

Resolved. Short explanation: The PayPal advice above was simply wrong. Long explanation: See posting: "Bizarre work-around to create PayPal sandbox button"

Note: The config.inc.php still has this original setting: if (!defined('LIVE')) DEFINE('LIVE', false);

I am trying to test a subscription purchase using the PayPal sandbox button as described in Chapter Six with no luck. I just spent an hour with PayPay tech support and they said that the problem is that my localhost is set to "live" and not "test" and therefore the PayPal button will not work with a sandbox. I'm using XAMPP on my MacBook Pro. Steps I've taken: - Created sandbox account - Logged into sandbox - Created button in sandbox (note: the button code does NOT contain any reference to "sandbox"; I expected that it would based on Chapter 6) - Pasted button HTML into register.php - Logged in to my localhost site - Pressed the button - I am NOT taken to a sandbox PayPal location; I am taken to www.paypal.com/cgi-bin/webscr PayPal tech support says that I need to go into my localhost settings and change something from "live mode" to "test mode". I assume I'm missing something stupid... Help or advice? THANKS!

Resolved. The problem was NOT with the CSS. It was that I did not have the bootstrap.min.js file installed correctly. Apparently, Bootstrap dropdown functionality is controlled via JavaScript.

Thanks Larry and Laurent for the responses. I'll experiment over the coming days and hope to post up some results here maybe next week.

Thanks for the responses. I'll experiment over the coming days and hope to post up some results here maybe next week.

I pulled down a fresh copy of the CSS files from your website, Larry. The dropdown menus for Account and Admin still won't display. Any thoughts of what to check next? Picture: .

Merci, Laurent. I like the offcanvas template. Did you have to make any changes in the CSS files for Larry's "warning" messages that turn red and so forth?