gmorton01451

Don't try this with Firefox. When using Firefox and attempting to access the www.sandbox.paypal.com website to log in as a test user, I was always redirected to the main Paypal login screen where my test user was not valid. I had to switch to Safari (I'm developing on OSX) in order to gain access to the Sandbox web site.

In the downloaded code for example 1, there was some test code (I assume) near the top of page.php that set some $_SESSION variables which then caused you to be "logged in" even if you hadn't logged in. When I commented those out, the issue resolved. This only applies to the downloaded code. The book did not have this test code in it.

The php documentation for mysqli_fetch_array indicates that the return value is, in fact, an array of strings. Therefore if you wish to perform an identity comparison on any of the values (even numbers), you need to enclose the comparison value in quotes. The code will work like this: if ($row['expired'] === '1') $_SESSION['user_not_expired'] = true;

Thanks for the pointer. The link you pointed to referenced a library that requires 5.3.7 or higher (phppass). However, at this point I was able to get my host to upgrade to 5.3.16 so I can use phppass. Thanks again.

On pp. 84-85 you discuss password hashing techniques with php version 5.5 or higher as well as php version 5.3.7 or greater. Unfortunately, my hosting platform uses 5.2.x and I'm not certain if I can get it upgraded. Please point me to alternative hashing approaches that will be compatible with older versions of php. Thanks in advance.