[Mysqli_Stmt_Insert_Id]

Well they're the same 'function' (do the same job) but one's the object orientated method and they second is the procedural function - it's just a paradigm thing.

[Same-Page Shopping Cart]

Just a note - layering your application with JS to improve the user experience is fine but it should not replace proper server side validation of the shopping cart prior to checkout to ensure malicious users haven't manipulated prices etc...

[Need Help With Multidimensional Array]

I don't know what everyone thinks but personally I think that would be overkill for what you're trying to achieve - added complexity for no significant benefits. Unless you plan on storing huge numbers of poems e.g. 500,000 plus (number plucked from thin air) I'd stick to querying on the title field - if you've got 1000, 5000, 10000 poems it won't make any noticeable difference to performance.

[Need Help With Multidimensional Array]

Well after conducting a quick test (I know its not been repeated, there are many confounding variables and ultimately means nothing) but using SUBSTRING to select all articles beginning with A from a 7000 row dataset took 0.0291 seconds in comparison to 0.3323 seconds using LIKE. I'm sure I could quite easily produce results to the contrary also, depending on the dataset etc... but to me if you want to extract a row that starts with a single character you should test specifically for that character.

 

That said if I was really worried about performance and using a huge dataset I'd probably add another column as a foreign key to represent the letters as then it could be indexed.

[Final.Php Not Destroying The Session]

This is browser caching nothing to do with the session not being destroyed. It's not really an issue but if you want to prevent it use header() and set the appropriate caching related headers.

[Need Help With Multidimensional Array]

Indeed that's what you do. Also I'm pretty sure:

 

$query = "SELECT * FROM poems WHERE substring(title, 1, 1) = '$letter'";

 

Is better practice/more efficient.

[Trouble With The Absolute_Url Function Of Chapter 11]

You could try other $_SERVER variables like:

 

$_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'']

 

That might/should work - check out the full list here: http://php.net/manual/en/reserved.variables.server.php

[Need Help With Multidimensional Array]

Hi Randy,

 

Welcome to the forums! Are you (or is there any reason you're not using) a database to store and retrieve the poems?

 

There's no material reason why you can store the poems in an array but storage in a database would make filtering, retrieving and on-going maintenance a lot easier!

 

Let us know if thats an option first.

 

Thanks

[Human Verification (Math) On A Form.]

Aside from the fact you've found it problematic storing the answer inside the form as a hidden input it also to a certain extent defeats the purpose of a turing/CAPTCHA test. If you want to ensure that only a human can submit your form then the answer needs to be stored in the session for security reasons.

 

As an example if you have a login system you wanted to force CAPTCHA on to prevent brute force logins and you stored the value in a hidden field it wouldn't take long to realised this and create a script that automatically scrapes the value and makes the appropriate submission.

 

While it would stop basic BOTs posting Viagra adds on your site it's certainly not best practice.

 

As for hashing the value in the session I personally don't see any real benefit in doing this as the values are transient - they alter on every single page load. But yes you can hash any string AFAIK.

[Authorize Id # Changing On Db Insert]

Check the PHP manual and you'll see the root of your problem at least with respect to intval:

 

The maximum value depends on the system. 32 bit systems have a maximum signed integer range of -2147483648 to 2147483647. So for example on such a system, intval('1000000000000') will return 2147483647. The maximum signed integer value for 64 bit systems is 9223372036854775807.

 

That said the max value for a bigint field should be -9223372036854775808 to 9223372036854775807 OR 0 to 18446744073709551615 which shouldn't cause you any problems. I'd first of suggest double checking your column definition and which OS you're server is running. (This last part I'm kind of winging I dont understand 32/64 in any detail - but should put you on the right track).

[Return False To Suppress Clicking A Link]

Thanks for the kind words about our site unfortunately I can take very little credit... think my only contribution to that was some htacccess work! I've passed your comments onto our designer Rob Calvert. Good luck with your project over in Japan it's an exciting landscape over there - we did a lot of research for a potential client a while back into design trends and the huge adoption of QR codes/mobile usage.

[Return False To Suppress Clicking A Link]

Personally I'd use jQuery and do something like:

 

$('a').click(function(e) {

 e.preventDefault();

 $('#content').load($(this).attr('href'));

});

 

Don't know the ins and outs of best practice here as I'm not a JS developer but it works. You'd obviously have to manipulate the href value from the actual link which would be pointing to the non-JS (or non-ajax) fallback e.g. prepending ajax/

 

Quick edit - if you're loading content to the page dynamically you'll want to use:

 

$('a').live('click', function(){

});

[Expiry Date (Repeat)]

Not tested but can't you just do this:

 

$q = "SELECT DATEDIFF(card_expiry_date, CURDATE()) AS days_till_expiry FROM staff";

 

A negative value would indicate that the expiry date has been exceeded.

[Variable Variables]

Yeah sure - it's surprisingly simple but very powerful/useful:

 

$array['a'] = 'foo';
$array['b'] = 'bar';
$array['c'] = 'baz';
$array['d'] = array('hello', 'world');

extract($array);

 

Would be the same as writing:

 

$a = 'foo';
$b = 'bar';
$c = 'baz';
$d = array('hello', 'world');

 

It's really useful when you've extracted lots of fields from a database and want to put them into variables for use in templates etc...

[Variable Variables]

Well with the example you've given at the bottom you're just creating (and then overwriting) a variable called 'index' rather than 'abc' and 'def'.

 

I'd also recommend getting into the habitat of using curly braces to define your variable variables because when you start working with arrays it can cause ambiguity.

 

foreach ($array as $index => $value){
   ${$index} = $value;
}

 

I appreciate that's just an example - but if you actually wanted to just do that then use the extract() function.

[Insert Date Of Birth Into Database Using Select Lists]

No offence but in my opinion this forum should be used by people who are learning PHP - people who have tried, got stuck and need guidance. It doesn't look like you've even attempted to write the code for yourself - and I'm not (and I doubt anyone else is) about to do it for you.

 

At least try to write the code first and if you get stuck then come back for help.

[Registration Script Issue]

Is CSS the active pseudo class is only used to style the link for when it is pressed - so that declaration will take place when you click... it won't have any impact once the page reloads etc... Can be confusing if you've used :visited before.

 

I don't think what you want to do is apply the test individually - if I was doing it in PHP I'd probably create a function that takes the link href and link text and outputs the link HTML dynamically... something like:

 

function print_link($href, $title, $page){

 $class = (strpos($_SERVER['REQUEST_URI'], $page)) ? ' class="active" ' : '';

 echo '<a href="' . $href . '"' . $class . '>' . $title . '</a>';

}

 

A little crude and would require fleshing out but you get the idea - then create an md-array containing all the links in your sidebar including:

 

$href = The URL you want to link to

$title = Text anchor for the link

$page = Unique portion of the URL that will be present when on that page

 

Then a quick foreach loop calling that function could print all your links with an 'active' class applied to the one representing the current page.

 

Or if thats overkill use jQuery to do the same thing:

 

$('#sidebar > a').each(function(){

// Check if anchor matches URL

   // If so apply the class
   $(this).addClass('active');

});

[Clearing An Error On Mysql Client]

I was under the impression you just pressed up... quick google people have suggested shift+page up and shift+up arrow? Either of those work for you?

[Chapter 16: Sending Activation Email Using Localhost]

Someone correct me if I'm wrong but as far as I know WAMP doesn't come with a mail server? XAMPP comes packaged with Mercury Mail Server so might be easier to install that rather than installing Mercury or HMail yourself.

[Help Creating Queries With Php]

I'd approach it a bit differently.

 

1) Don't append an ID to the end of the select name - instead set the name like so: name="players[]" which will give you an array you can just loop through:

 

foreach($_POST['players'] as $player){
   // Execute query
}

 

2) Use a prepared statement instead of a standard query - so you only have to pass the SQL to the DB once.

 

$q = "INSERT INTO abc_players_matches (match_id, player_id, sub) VALUES (?, ?, ?)";
$stmt = mysqli_prepare($dbc, $q);
mysqli_stmt_bind_param($stmt, 'iii', $match, $player, $sub);

foreach($_POST['players'] as $player){

 $player = intval($player);
 mysqli_stmt_execute($stmt);

}

mysqli_stmt_close($stmt);

 

Need to define $match and $sub also to actually use that code.

[Session Fixation Attack Problem]

Also session.use_only_cookies is by default (5.2+) set to TRUE meaning passing a PHPSESSID in the URL will have no impact at all.

[Arrays And Sessions]

You need to assign the value into the session - you're trying to do this:

 

$pn = $_SESSION['product_name'];

 

But no value is ever assigned into this session variable... you need a line like this below in the script that originally defines $pn.

 

$_SESSION['product_name'] = $pn;

[Chapter 6]

Yep you got it!

 

The only caveat is that because its a checkbox the value is only sent to the server if the checkbox is selected by the user - thats why in this instance you don't need to check it's value is equal to 'Yes' just that indeed the value isset in the $_POST array.

[Chapter 6]

A single = sign means the value is getting assigned to a value where as == is a comparison operator (i.e. testing that one thing is equal to another).

 

So with a single = sign the value of 'Yes' is being assigned to $_POST['terms'] which will return TRUE in a conditional check.

 

e.g.

 

<?php

if ( !isset($_POST['terms']) AND ($_POST['terms'] = 'Yes') ) {
 echo "BUG!!";
}
echo $_POST['terms'];

?>

 

That code will echo out BUG!! and Yes because it has been assigned to $_POST['terms']. If you changed it to:

 

<?php

if ( !isset($_POST['terms']) AND ($_POST['terms'] = FALSE) ) {
 echo "BUG!!";
}
echo $_POST['terms'];

?>

 

It would output nothing - correctly. Using a comparison operator would never output anything because if it's not set it can't also be equal to 'Yes'

 

Does that make it any clearer?

[Zero'S Showing Instead Of Empty Space]

Your submitting an empty value as the fax number which is then being typecast by MySQL into an integer because of your INT column declaration.

 

You can either submit the value as NULL (which is easier/nicer to do using prepared statements over standard SQL) or what I'd do is change the column declaration from INT to VARCHAR.

 

It's quite conceivable that someone may include spaces, pluses, dashes and parentheses in their fax number: e.g. (+441902) 281711

 

A fax number doesn't need to be an integer - you're never going to test the value conditionally e.g. fax_number > 1000 or perform arithmetic on them e.g. fax_number * 3.

 

Indeed looking at Larry's e-commerce example he has a field defined as: phone VARCHAR(15), which is a NULL field.

 

I don't think in this case you'd use JOINS because it's a one-to-one relationship? Personally I don't tend to define these as NULL and just query as: fax_number != '' etc... not sure what best practice is though.