nootkan
-
Posts
29 -
Joined
-
Last visited
Posts posted by nootkan
-
-
Thanks Necuima, but this is still confusing. I thought that
$color_red = 'red';was defining the variables. I don't understand why I have to define the variables if they're empty. If the color is picked and validated than the color gets printed doesn't it? I am missing something and I can't seem to get my head around it. Will keep trying to try different ways of defining the variables.
-
40 minutes ago, nootkan said:
Thanks Necuima, I did try that also with no success. I think I mentioned in my first post. I'll keep digging.
Here is the code I tried:
// Validate the color: if ($_POST['color'] == 'red') { $color_red = 'red'; } elseif ($_POST['color'] == 'yellow') { $color_yellow = 'yellow'; } elseif ($_POST['color'] == 'green') { $color_green = 'green'; } elseif ($_POST['color'] == 'blue') { $color_blue = 'blue'; } else { // Problem! print '<p class="error">Please select your favorite color.</p>'; $okay = FALSE; } // If there were no errors, print a success message: if ($okay) { print '<p>You have been successfully registered (but not really).</p>'; print "<p>You will turn $age this year.</p>"; print "<p>Your favorite color is <span style=\"color:red;\">$color_red</span> . '' . <span style=\"color:yellow;\">$color_yellow</span> . '' . <span style=\"color:green;\">$color_green</span> . '' . <span style=\"color:blue;\">$color_blue color.</span></p>"; }
Here is the error I am trying to understand how to fix:
-
Sorry Larry, I knew the code was working just cannot understand how the foreach line is working when the $title and $chapters variables aren't assigned to anything. Looks to me like the variables $phpvqs, $phpadv and $phpmysql were assigned to the chapters and titles. So I am having trouble understanding what makes the foreach work.
On 10/10/2020 at 2:07 PM, nootkan said:foreach ($books as $title => $chapters) { print "<p>$title"; foreach ($chapters as $number => $chapter) {print "<br />Chapter $number is $chapter";} print '</p>';
-
Thanks Necuima, I did try that also with no success. I think I mentioned in my first post. I'll keep digging.
-
One of the pursue tasks asked to do is: "rewrite one of the versions handle_reg.php so that it prints the users favorite color selection in the users favorite color. The hint says to use css and concatenation. I've tried a few things but can't seem to understand how to figure out the logic for this task.
Below is one of the methods I tried that didn't work and I tried to debug for hours with no success. I also tried slashing the double quotation marks in the print command and add the paragraph tag to each style with no success.
Please advise as to what I am not understanding.
handle_reg.php file
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title>Registration</title> <style type="text/css" media="screen"> .error { color: red; } </style> </head> <body> <h1>Registration Results</h1> <?php // Script 6.7 - handle_reg.php #6 /* This script receives seven values from register.html: email, password, confirm, year, terms, color, submit */ // Address error management, if you want. // Flag variable to track success: $okay = TRUE; // Validate the email address: if (empty($_POST['email'])) { print '<p class="error">Please enter your email address.</p>'; $okay = FALSE; } // Validate the password: if (empty($_POST['password'])) { print '<p class="error">Please enter your password.</p>'; $okay = FALSE; } // Check the two passwords for equality: if ($_POST['password'] != $_POST['confirm']) { print '<p class="error">Your confirmed password does not match the original password.</p>'; $okay = FALSE; } // Validate the year: if ( is_numeric($_POST['year']) AND (strlen($_POST['year']) == 4) ) { // Check that they were born before 2011. if ($_POST['year'] < 2011) { $age = 2011 - $_POST['year']; // Calculate age this year. } else { print '<p class="error">Either you entered your birth year wrong or you come from the future!</p>'; $okay = FALSE; } // End of 2nd conditional. } else { // Else for 1st conditional. print '<p class="error">Please enter the year you were born as four digits.</p>'; $okay = FALSE; } // End of 1st conditional. // Validate the terms: if ( !isset($_POST['terms'])) { print '<p class="error">You must accept the terms.</p>'; $okay = FALSE; } // Validate the color: if ($_POST['color'] == 'red') { $color_red = 'red'; } elseif ($_POST['color'] == 'yellow') { $color_yellow = 'yellow'; } elseif ($_POST['color'] == 'green') { $color_green = 'green'; } elseif ($_POST['color'] == 'blue') { $color_blue = 'blue'; } else { // Problem! print '<p class="error">Please select your favorite color.</p>'; $okay = FALSE; } // If there were no errors, print a success message: if ($okay) { print '<p>You have been successfully registered (but not really).</p>'; print "<p>You will turn $age this year.</p>"; print "<p>Your favorite color is <style="color:red;">$color_red .''. <style="color:yellow;">$color_yellow . '' . <style="color:"green;">$color_green . '' . <style="color:blue;">$color_blue color.</p>"; } ?> </body> </html>
-
Okay so I 've created the books.php script like your book says and everything looks fine when viewing in my browser. I decided to try the "access every element of every array" tip to see if it worked even though I am not understanding how the Title and Chapters are found when they haven't been declared. What am I not understanding?
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title>Larry Ullman's Books and Chapters</title> </head> <body> <h1>Some of Larry Ullman's Books</h1> <?php // Script 7.4 - books.php /* This script creates and prints out a multidimensional array. */ // let me learn by my mistakes ini_set ('display_errors', 1); // show all possible problems error_reporting (E_ALL | E_STRICT); // Create the first array: $phpvqs = array (1 => 'Getting Started with PHP', 'Variables', 'HTML Forms and PHP', 'Using Numbers'); // Create the second array: $phpadv = array (1 => 'Advanced PHP Techniques', 'Developing Web Applications', 'Advanced Database Concepts', 'Security Techniques'); // Create the third array: $phpmysql = array (1 => 'Introduction to PHP', 'Programming with PHP', 'Creating Dynamic Web Sites', 'Introduction to MySQL'); // Create the multidimensional array: $books = array ( 'PHP VQS' => $phpvqs, 'PHP Advanced VQP' => $phpadv, 'PHP and MySQL VQP' => $phpmysql ); // Print out some values: print "<p>The third chapter of my first book is <i>{$books['PHP VQS'][3]}</i>.</p>"; print "<p>The first chapter of my second book is <i>{$books['PHP Advanced VQP'][1]}</i>.</p>"; print "<p>The fourth chapter of my fourth book is <i>{$books['PHP and MySQL VQP'][4]}</i>.</p>"; // See what happens with foreach: foreach ($books as $title => $chapters) { print "<p>$title"; foreach ($chapters as $number => $chapter) {print "<br />Chapter $number is $chapter";} print '</p>'; } ?> </body> </html>
-
On 3/31/2017 at 11:52 AM, Larry said:
Good question! No, I would actually use isset() on all the POST variables before using empty() or doing other checks. Just a bit safer that way (well, it avoids errors).
This is a little confusing for me. Are you saying that I should be using the following when validating the passwords for example?
// Validate the password: if isset((empty($_POST['password']))) { print '<p class="error">Please enter your password.</p>'; $okay = FALSE; } // Check the two passwords for equality: if isset(($_POST['password'] != $_POST['confirm'])) { print '<p class="error">Your confirmed password does not match the original password.</p>'; $okay = FALSE; }
-
Okay I was able to figure out what I did wrong. It seems that somehow I managed to call the scripts in the browers with c:/ instead of http://localhost. Not sure when or how that happened as I usually just reopen the browser from my last session. In any case, I'm good to go on.
-
After a long absense, I've decided to try to once again get my head around php. I have made to chapter 6 but seem to have an issue that I cannot debug. Was wondering if someone could have a look at my code to see what I am missing or doing wrong?
register.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTDxhtml1-transitional.dtd"><html xmlns="http:///www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv-"content-type" content="text/html; charset=utf-8"/> <title>Registration Form</title> </head> <body> <!-- register.html --> <div><p style="font-size:20px"><strong>Please fill out this form to register:</strong></p> <form action="handle_reg.php" method="post"> <p>Email Address: <input type="text" name="email" size="30" /></p> <p>Password: <input type="password" name="password" size="20" /></p> <p>Confirm Password: <input type="password" name="confirm" size="20" /></p> <p>Year You Were Born: <input type="text" name="year" value="YYYY" size="4" /></p> <p>Favorite Color: <select name="color"><option value="">Pick One</option><option value="red">Red</option><option value="yellow">Yellow</option> <option value="green">Green</option><option value="blue">Blue</option></select></p> <p><input type="checkbox" name="terms" value="yes" /> I agree to the terms (whatever they may be).</p> <input type="submit" name="submit" value="Register" /> </form> </div> </body> </html>
handle_reg.php
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/> <title>Registration</title> </head> <body> <h1>Registration Results</h1> <?php // Script 6.2 - handle_reg.php /* This script receives seven values from register.html: email, password, confirm, year, terms, color, submit */ // Address error management, if you want. // Flag variable to track success: $okay = TRUE; // If there were no errors, print a success message: if ($okay) { print '<p>You have been successfully registered (but not really).</p>'; } ?> </body> </html>
Here is what I see when filling out the form:
I am using wamp with apache 2.4.33, php 7.2.4 and mysql 5.7.21
-
Wow, okay I'll remove it from my server until I understand a little more about security as I don't quite understand everything both of you are trying to tell me. I'm guessing once I get through the book I'll have a better understanding and know what variables to use. Thanks for your replies.
-
On page 100 it states that three functions can be used to beef up security in a php script. htmlspecialchars(), htmlentities() and strip_tags().
My question is: Should I be using strip_tags() in all my scripts to prevent cxs attacks? For example, as part of the pursue task in chapter 4, I created a simple form weight calculation script that I used on one of my websites to determine the weight of a fish based on the length x girth / 775. Although the text box sizes in the form are only "5" can someone still do a cxs attack using the simple form? Here is what I placed inside my php processing file based on the strip_tags() exercise. The processor file works fine returning the proper result. Is this right and will it help to prevent a cxs attack?
/* Get the values from the $_POST array */ $length = $_POST['length']; $girth = $_POST['girth']; /* Calculate the total */ $total = (($girth*$girth)*$length /775); /* round out the weight */ $total = number_format($total, 2); /* adjust for html tags */ $strip_length = strip_tags($_POST['length']); $strip_girth = strip_tags($_POST['girth']);
-
Is there a reason for placing spaces between some of the two variables when doing a calculation using numbers and not others? For example in the book it shows:
$taxrate = $tax/100; $taxrate = $taxrate + 1; $total = $total * $taxrate;
I've tried it both ways and it works fine. Just wanted to be sure that there isn't something I missed that will be needed further down the road. Don't want to develop bad habits now. Also I've read that spaces add up the loading time and should be avoided. Is this true?
-
Oh I see so it's not actually a variable value unless it is in brackets and variables can be used by themselves without quotes unless the output requires them. Thanks for your help.
-
I thought all variables had to have either single or double quotes. I must be not understanding something. I'll go back and read again.
-
Okay made the change and still not working. Here are the errors:
Notice: Undefined index: name in /home/mysite/public_html/webdev/phpclass/hello.php on line 17
Notice: Undefined variable: GET in /home/mysite/public_html/webdev/phpclass/hello.php on line 18
Notice: Undefined variable: GET in /home/mysite/public_html/webdev/phpclass/hello.php on line 19Hello, !
When look at those lines I can't see anything wrong based on the books explanations. I know I am not understanding something just cannot put my finger on it. Will keep trying though.
The errors are telling me that get variable isn't assigned a value right? I thought that $name = $_GET['name']; $first_name = $_GET['first_name']; and $last_name = $_GET['last_name']; were doing that, correct?
I see that the $name variable is working fine just not my $first_name or $last_name variables. I also noticed that when I used the second example I get hello Micheal! and Hello ! so obviously the variables should all be inside one print statement instead of their own print statements to look like Hello Michael Smith! For the life of me I cannot get the first and last name variables to work right. I wonder if it may be a setting on my server?
Okay what I figured out is that I cannot have the $name variable with the $first_name and $last_name variables in the same php script. It works if I do this:
<ul>
<li><a href="hello.php?first_name=Michael&last_name=Smith">Michael Smith</a></li>
<li><a href="hello.php?first_name=Celia&last_name=Ayers">Celia Ayers</a></li>
<li><a href="hello.php?first_name=Jude&last_name=Law">Jude Law</a></li>
<li><a href="hello.php?first_name=Sophia&last_name=Loren">Sophia Loren</a></li>
</ul><?php // Script 3.7 - hello.php
ini_set ('display_errors', 1);
// Let me learn from my mistakes
error_reporting (E_ALL | E_STRICT);
// Show all possible problems
// This page should receive a name value in the url
//Say "Hello":
$first_name = $_GET['first_name'];
$last_name = $_GET['last_name'];
print "<p>Hello, <span style=\"font-weight:bold;\">$first_name $last_name</span>!</p>";
?>But it won't work with a mixture of only first names and both first and last names. Is this right? If so, why?
-
Larry trying to get the pursue exercise for sending multiple values to a script but seem to be not achieving it. Tried all sorts of combinations but keep getting errors. Here is my two scripts:
<div><p>Click al link to say hello:</p> <ul> <li><a href="hello.php? first_name=Michael&last_name=Smith">Michael Smith</a></li> <li><a href="hello.php? name=Celia">Celia</a></li> <li><a href="hello.php? name=Jude&Law">Jude</a></li> <li><a href="hello.php? name=Sophia">Sophia</a></li> </ul> </div>
<?php // Script 3.7 - hello.php ini_set ('display_errors', 1); // Let me learn from my mistakes error_reporting (E_ALL | E_STRICT); // Show all possible problems // This page should receive a name value in the url //Say "Hello": $name = $_GET['name']; $first_name = $GET['first_name']; $last_name = $GET['last_name']; print "<p>Hello, <span style=\"font-weight:bold;\">$name $first_name $last_name</span>!</p>"; ?>Also tried this in the php script:
<?php // Script 3.7 - hello.php ini_set ('display_errors', 1); // Let me learn from my mistakes error_reporting (E_ALL | E_STRICT); // Show all possible problems // This page should receive a name value in the url //Say "Hello": $name = $_GET['name']; $first_name = $GET['first_name']; $last_name = $GET['last_name']; print "<p>Hello, <span style=\"font-weight:bold;\">$name</span>!</p>"; print "<p>Hello, <span style=\"font-weight:bold;\">$first_name</span>!</p>"; print "<p>Hello, <span style=\"font-weight:bold;\">$last_name</span.!</p>"; ?>In the book on page 71 it states: Tip if you want to use a link to send multiple values to a script, separate the name=value pairs with the ampersand like this: hello.php?first_name=Larry&last_name=Ullman. So that is what I was basing my exercise on. What did I miss?
-
Larry in the book on page 59 where it states:
4. Print out the user information:
print "<p>Thank you, $title $name, for your comments.</p><p>You stated that you found this example to be '$response' and added:<br />$comments</p>";
There are no single quotes in the first two variables ($title $name) and last variable ($comments). Is that by design or a typeO? I noticed that it works either way but wanted to know if that is okay to do or should they all have the single quotes? Just a little confusing for me.
-
I wasn't questioning your dedication, sorry if that is how I came accross. Just merely trying to confirm what I am learning from the book and I have been told by a lot of people (family included) that I ask too many questions to the point of irritation. I was just trying to apologize for my persistence. Your examples above did it for me thanks. The single argument was the true one and the multiple argument was the false which clears up the usage of false instead of true. They're used together I am assuming.
Have a great holiday!
-
Okay I get it now only affects the print statement not the variables.
-
Those questions do pertain to the book. I took those statements directly from the book. Just trying to understand what constitutes a multiple arg as opposed to a single one as I'm not sure I understand the difference. Sorry to have bothered you. Didn't mean to take advantage of your time.
-
After studying the section on quotation marks I wrote this script:
<?php // scalar.php $first_name = "Paul"; $last_name = "Smith"; $age = 57; $birth_date = "july 15,1957"; print "<p>First Name:$first_name<br />Last Name:$last_name<br />Age is:$age<br />Date of Birth:$birth_date</p>"; ?>
then I wrote this one:
<?php // scalar.php $first_name = 'Paul'; $last_name = 'Smith'; $age = 57; $birth_date = "july 15,1957"; print "<p>First Name:$first_name<br />Last Name:$last_name<br />Age is:$age<br />Date of Birth:$birth_date</p>"; ?>
However I see no difference when using single or double quotes. Based on my interpretation of single and double quotes not being printed the same in the book, what am I not understanding?
-
Okay thanks, I guess I'm just worried that further along I may not understand where to place a semicolon and where not to. I'll keep plodding along through the book. Thanks again.
-
So what is the true statement then in the multiple arg example? Would you just change the last arg to read true? What would be the purpose of the single arg example that reads "nl2br("Some Text"); ? Sorry for my constant questioning but I don't learn very well by just reading I usually need someone to actually explain what I've read to fully grasp it. Hopefully I will not be a pain in the butt for you but I do want to learn php if I have the iq to do so.
-
On page 19 you state that "as the definition also indicates, the second argument has a default value of true" yet I see the word false inside the parenthesis: nl2br("Some Text", false); Is this a type O? Shouldn't it say true? I'm not sure I understand what is happening here.
Not Understanding Chapter 6 Pursue
in PHP for the Web: Visual QuickStart Guide (4th Edition)
Posted
Hi Larry, thanks for your reply. I was just using the handle_reg.php code like the pursue task stated. Was I supposed to delete the if else statements and try something different?
If so, I am not sure I understand how to figure this out. I have gone back and re-read the previous 6 chapters over a few times and I am still not sure how to figure out how to tell php that I want to just print out the chosen color.
My head is spinning so I think I will take a break and see if I can clear my head and try again in a couple of days.
Maybe I should continue to work through chapter seven and come back to the pursue tasks in chapter six?
Appreciate the support from both of you as I try to get a better grasp of how to understand the thought process of figuring out which way to go when defining the solution.