Jump to content
Larry Ullman's Book Forums

Virtual_Skippy

Members
  • Content Count

    6
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Virtual_Skippy

  • Rank
    Newbie
  1. Hello there. I'm having a issue with a couple of my websites I am making for clients. I am creating a website, located at http://furniture.thelegendofskippy.com/, but whenever I try to add a product to the Cart, I can see that the database is updating but the webpage is not displaying it. An identically created website I also created, http://mammaandbubbas.co.uk/, also allows customers to add content to the cart. This one works perfectly. From recent contact I have had with my webhost (1and1) I recall one of the agents said I was on an older package with 30MB memory usage. Could this be causing the issue? And if so can I increase my limit? Any other suggestions would be greatly appreciated. Virtual_Skippy
  2. I might be having a bit of a brain freeze here, apologise if this is a daft question. I add items to my cart, I click to proceed to checkout, I enter my shipping address, then when I press 'Continue to Billing' I get taking back to an empty shopping cart. I thought I was making a silly error so I copied and pasted the downloaded source code and used them, and it did exactly the same things. I know in checkout.html the form submission is set to checkout.php, but I expected it to redirect me to billing.php to continue the order. Any help would be greatly appreciated. All the best Skippy ****UPDATE**** I was indeed having a bad day lol. Was creating a new session instead of using the existing session
  3. Hi there. How you all doing? I'm in the process of setting up an online store for my website, using the Effortless E-Commerce book to help me out. Its all going great, but I would like to be able to return visitors back to non secure pages when they are done using secure pages. Currently I am using this code in my .htaccess file, adapted direct from Larry's book # For HTTPS pages: RewriteCond %{HTTPS} off RewriteRule ^(register.php|admin/(.*))$ https://%{HTTP_HOST}/$1 [R=301,L] Unfortunately it has the effect of turning all my links into https links, so after visting the register page the rest of the links are https....index.php etc instead of http....index.php. Is there a way I can switch back to non secure pages? Thanks in advance Skippy
  4. adding the slashes function seemed to isnpire me to find a solution to the tags issue I had while using tiny_mce. An example to the solution which correctly displays text is shown below // Check for the copyright: if (!empty($_POST['copyright'])) { $allowed = '<p><br><a><img>'; $copy = stripslashes(str_replace('\r\n', '', mysqli_real_escape_string($dbc, strip_tags($_POST['copyright'], $allowed)))); } else { $add_mp4_errors['copyright'] = 'Please enter the copyright info!'; } mysqli_real_escape is used to prevent any injection directly into the database. Stripslashes is used to remove the slashes to make it easy to read for any would people who visit the website. Unfortunately tiny_mce includes auto page breakes everytime you hit return on your keybaord, which when stripped of tags shows up as 'rn' in any displayed text. To overcome this str_replace('\r\n', ' is used to remove these evil rn text before the slashes are stripped and replaced with a blank space. This, while preventing any kind of security issues involved with updating and inserting data into a database, outputs any of your content the way it should be seen to a web browser. Hope that helps some people too, and thanks again for pointing me in the right direction to get me started All the best Skippy www.thelegendofskippy.com
  5. Ah fantastic. That one extra line of code makes the code so much easier to understand. Thank you so much for that. Really appreciate it . I'll implement the extra line of code and see what results Tiny_Mce throws back at me. I don't really think it has anything to do with the actual javascript plugin, more likely that the tags that have been allowed are somehow getting rewritten before it gets stored in the database. Then again I have noticed that tiny_mce does seem to enjoy adding extra ../'s to all types of tags. If anyone else has noticed this and managed to find a work around I think that may solve the <a href src = "quot: problem. Thanks for your help again
  6. Hello there folks. Hope your all great. After reading Effortless Ecommerce a few times I decided to try out some of the instructions in this great book to help me create my own website. I'm having an issue with mysqli_real_escape_string though. This is the first time I've used this piece of code and I'm not entirely familiar with how it works. I've set up a website where I can post my own blog and games that I make. Using the code from the book I've managed to create a few admin pages that let me add, edit and delete this content, with the results being displayed to anyone who visits the website and browses through normally. Unfortunatly whenever I add some kind of punctuation to text such as you'll or it'll it gets formatted as you\'ll and it\'ll. The second issue I have revolves around inserting hyperlinks, image or any other tag into a blog entry. the Javascript plugin (tiny_mce) accepts the image but when I submitted to my database ''quo//' and // get included to prevent the tags from working. Great as a security measure, but my understanding of the code in the Ecommerce book is that I can allow these tags to be ignored so images, hyperlinks etc work. If anyone can shed any light on how I can resolve these two issues I will greatly appreciate it. For reference I am using a 1&1 web hosting Business package with a shared server with magic_quotes enabled (however I can change my php.ini to disable it if I choose by uploading my own php.ini to my root folder). The results I want to achieve are displaying text normally without any slashes and to stop slashes and tags being stripped so that hyperlinks and images will display correctly. An example of the code I am using that allows tags (taken directly from the book) // Check for the copyright: if (!empty($_POST['copyright'])) { $allowed = '<div><p><span><br><a><img><h1><h2><h3><h4><ul><ol><li><blockquote>'; $copy = mysqli_real_escape_string($dbc, strip_tags($_POST['copyright'], $allowed)); } else { $add_mp4_errors['copyright'] = 'Please enter the copyright info!'; } An example of the code I am using that just accepts text (again taken directly from the book) // Check for a author: if (!empty($_POST['author'])) { $a = mysqli_real_escape_string($dbc, strip_tags($_POST['author'])); } else { $add_mp4_errors['author'] = 'Please enter the author!'; } Spent 6 hours thinking of a solution this afternoon, so any help will be greatly appreciated. Many thanks Skippy
×
×
  • Create New...