Jump to content
Larry Ullman's Book Forums

nomadsoulkarma

Members
  • Content Count

    14
  • Joined

  • Last visited

Community Reputation

1 Neutral

About nomadsoulkarma

  • Rank
    Newbie
  1. Julien: In the Xampp server the default username is also "root" and the password part can be " " (blank) maybe it is the same for the MAMP?
  2. It is working now, thanks Larry I truncated the table, used varchar(256) again then did an update and also reregistered another user and now am logged in. Thanks. BTW Do you have plans for a new edition of Effortless E-Commerce?
  3. This is the select statement to fetch from the pass field -line 55 (login_functions.inc.php): $q = "SELECT user_id, first_name FROM users WHERE email='$e' AND pass=SHA2('$p', 512)"; And this is the insert statement - line 50(register.php): $q = "INSERT INTO users (first_name, last_name, email, pass, registration_date) VALUES ('$fn', '$ln', '$e', SHA2('$p', 512), NOW() )";
  4. I went directly into phpmyadmin and did a select statemetn without the pass field in the where clause and there was no problem getting a return value for user_id, and first_name, but when I added the pass field in the where clause it returned an empty set. That tells me there is something wrong with the pass field datatype or something in the code. Definitely stuck at this point. Does anyone have a work-around to this?
  5. Does anyone know how to fix this problem: The registration page does insert the data into the database but the login page always returns the error string "'The email address and password entered do not match those on file." I've changed the pass varchar field to 256 as suggested and also changed the select statement as suggested in an earlier post. Then I changed the pass varchar field to 128 as is in the book. Did a lot of other things too but nothing is working. Anyone know how to fix this? Thank You
  6. <?php # Script 12.2 - login_functions.inc.php // This page defines two functions used by the login/logout process. /* This function determines an absolute URL and redirects the user there. * The function takes one argument: the page to be redirected to. * The argument defaults to index.php. */ function redirect_user($page = 'index.php') { // Start defining the URL... // URL is http:// plus the host name plus the current directory: $url = 'http://' . $_SERVER['HTTP_HOST'] . dirname($_SERVER['PHP_SELF']); // Remove any trailing slashes: $url = rtrim($url, '/\\'); // Add the page: $url .= '/' . $page; // Redirect the user: header("Location: $url"); exit(); // Quit the script. } // End of redirect_user() function. /* This function validates the form data (the email address and password). * If both are present, the database is queried. * The function requires a database connection. * The function returns an array of information, including: * - a TRUE/FALSE variable indicating success * - an array of either errors or the database result */ function check_login($dbc, $email = '', $pass = '') { $errors = []; // Initialize error array. // Validate the email address: if (empty($email)) { $errors[] = 'You forgot to enter your email address.'; } else { $e = mysqli_real_escape_string($dbc, trim($email)); } // Validate the password: if (password_verify($p, $row['pass'])) { $errors[] = 'You forgot to enter your password.'; } else { $p = mysqli_real_escape_string($dbc, trim($pass)); } if (empty($errors)) { // If everything's OK. // Retrieve the user_id and first_name for that email/password combination: $q = "SELECT user_id, first_name, pass FROM users WHERE email='$e'"; $r = @mysqli_query($dbc, $q); // Run the query. // Check the result: if (mysqli_num_rows($r) == 1) { // Fetch the record: $row = mysqli_fetch_array($r, MYSQLI_ASSOC); // Return true and the record: return [true, $row]; } else { // Not a match! $errors[] = 'The email address and password entered do not match those on file.'; } } // End of empty($errors) IF. // Return false and the errors: return [false, $errors]; } // End of check_login() function.
  7. Thank You Montoya49 and Larry. I changed the Select statement as adivsed but I'm not sure where to put : if (password_verify($p, $row['pass'])) Seems like it should go on line 46 in login_functions.inc.php. So I put it in place of: if (empty($pass)) But when I login I get the undefined variable error message. I does not say what variable is undefined. Must be $p So here's the script after I made the changes, can you tell me if it is correct? Thanks.
  8. Larry I am having the same problem. I hope you see this post. If not I will start a new topic. The length of my passord field is varchar(40) should it be longer? shorter?
  9. Thanks Larry, I fixed it. Yes at first I clicked the links and nothing happened so I tried many things and what worked was changing ../images to ./images and I didn't have a js folder so when I made a js folder and put the javascript function in it it worked.
  10. Sorry for late replay. If there are any expat geeks in Taipei the bookstore is: Tenlong Computer Books at Taiwan, Taipei, Chengzhong, village, Zhong Qing Nan Lu Yi Duan , 105
  11. Images are uploading into the upload folder no problem and the links show up on the image.php page. But the links do nothing. I've re read the chapter and on page 369 you stress that nothing can be sent to the browser before using the header function. I'm just not understanding this topic yet. I hope someone can look at this? Here is my show_image.php and image.php. All the files and the upload directory are in the root where they should be. However unavailable.png DOES show up in the browser. Must the images be outside the root directory as suggested? could that be the problem? Thanks in advance. show_image.php images.php
  12. Nice to see the new Php book, I bought it in a real book store(believe it or not). It's great. But I'm only in chapter 3 and I'm wondering if the bootstrap is optional? -I mean if I don't use it will the finished website have problems? or look ugly? I know what it is and its history. I'd just rather not us it. I haven't had time to look through the files, but often these pre-designed codes and plug-ins contain links that are censored in many countries. Even if the website is not censored these links cause the website to time-out or be censored. I work in China and i can't tell you how many perfectly good websites are out reach to me. For example Git-hub is hard to reach and I often just can't access without a VPN which often does not work. Also anything with an innocuous google link.
×
×
  • Create New...