Jump to content
Larry Ullman's Book Forums

Search the Community

Showing results for tags 'chapter 13'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Single Editions
    • Modern Javascript: Develop and Design
    • The Yii Book
    • Effortless Flex 4 Development
    • Building a Web Site with Ajax: Visual QuickProject
    • Ruby: Visual QuickStart Guide
    • C++ Programming: Visual QuickStart Guide
    • C Programming: Visual QuickStart Guide
    • Adobe AIR: Visual QuickPro Guide
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (5th Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)
    • PHP 6 and MySQL 5 for Dynamic Web Sites: Visual QuickPro Guide (3rd Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (2nd Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (1st Edition)
  • PHP for the Web: Visual QuickStart Guide
    • PHP for the Web: Visual QuickStart Guide (5th Edition)
    • PHP for the Web: Visual QuickStart Guide (4th Edition)
    • PHP for the Web: Visual QuickStart Guide (3rd Edition)
    • PHP for the World Wide Web: Visual QuickStart Guide (2nd Edition)
    • PHP for the World Wide Web: Visual QuickStart Guide (1st Edition)
  • Effortless E-commerce with PHP and MySQL
    • Effortless E-Commerce with PHP and MySQL (2nd Edition)
    • Effortless E-Commerce with PHP and MySQL
  • PHP Advanced: Visual QuickPro Guide
    • PHP Advanced and Object-Oriented Programming: Visual QuickPro Guide (3rd Edition)
    • PHP 5 Advanced: Visual QuickPro Guide (2nd Edition)
    • PHP Advanced: Visual QuickPro Guide
  • MySQL: Visual QuickStart Guide
    • MySQL: Visual QuickStart Guide (2nd Edition)
    • MySQL: Visual QuickStart Guide (1st Edition)
  • Other
    • Announcements
    • Newsletter, Blog, and Other Topics
    • Forum Issues
    • Social

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Found 4 results

  1. there is a function isadministrator() in an includes file which checks for the existence of a certain cookie, yet in the footer there are exceptions in his logic for the login and logout page. can someone please go over with me why its not working on these two pages: on login.php : basically when the pass and user is correct the server sends a cookie to the client but its not available to be read right away unless you refresh the page? on logout,php: destroys the cookie by setting it to false and its time in the past… so then why wouldnt isadministrator work? why does the browser still think the cookie exists? is this the same reason as on login.php page?
  2. Chapter 13 page 421 creating a receipt page.... Wondering if anyone else had this issue or if anyone can recommend a work around... For the query to grab the order info .. this is not working "SHA1(email)=?".. I have echo out $email_hash and and I have echo out echo sha1(email address in the order)....they are the same... I am wondering if there is a mysqli issue when using sha1?
  3. Hello All, Well I'm wrapping up the last part of this book and seem to have hit a roadblock. On the first Ch. 13 Pursue assignment that tells you to make the login form sticky, I can't seem to get it to work and I've been able to get all of the previous ones pretty quickly. I know it'll probably be something that makes me feel silly after I figure it out, but after 2 hours of mixing and rearranging code, I keep coming back to the same thing and get somewhat similar results each time. Aside from it not working properly, when I put my code in the value attribute, it shows up as code in the actual form the first and every time after you reload the page. Here is my code and any help is appreciated: <?php // Script 13.5 - login.php /* This page lets people log into the site. */ // Set two variables with default values: $loggedin = false; $error = false; // Check if the form has been submitted: if($_SERVER['REQUEST_METHOD'] == 'POST') { // Handle the form: if(!empty($_POST['email']) && !empty($_POST['password'])) { if ( (strtolower($_POST['email']) == 'me@example.com') && ($_POST['password'] == 'testpass') ) { // Correct! // Create the Cookie setcookie('Samuel', 'Clemens', time()+3600); // Indicate they are logged in: $loggedin = true; } else { // Incorrect! $error = 'The submitted email address and password do not match those on file!'; } } else { // Forgot a field. $error = 'Please make sure you enter both an email address and a password!'; } } // Set the page title and include the header file: define('TITLE', 'Login'); include('templates/header.html'); // Print an error if one exists: if ($error) { print '<p class="error">' . $error . '</p>'; } // Indicate the user is logged in, or show the form: if($loggedin) { print '<p>You are now logged in!</p>'; } else { print '<h2>Login Form</h2> <form action="login.php" method="post"> <p><label>Email Address <input type="text" name="email" value="<?php if(isset($_POST[\'email\'])){ print htmlspecialchars($_POST[\'email\']); } ?>"/></label></p> <p><label>Password <input type="password" name="password" /></label></p> <p><input type="submit" name="submit" value="Log In!" /></p> </form>'; } include('templates/footer.html'); // Need the footer. ?> I've tried messing around with the red code all sorts of ways and get different results each time. If I don't escape the post values for email then I get a unexpected 'email'(T_STRING) error. I have a feeling it has something to do with the quotes and for the fact that the form is still within php already but can't quite grasp it yet. Please help! Scatz
  4. In the Chapter 13 web app, cookies are used to verify if a person has administrator access. It seems that using a cookie is similar to a password in the way that in the book, Larry says to set a cookie with sort of a random name and value. For instance, don't set a cookie with the name of 'login' and the value of 'true' (instead a cookie named Samuel is set with a value of Clemens). But, because cookies are easily viewed once they are set, for example using firebug on firefox, it seems like this is not the best method for veirifying who has access to a site and who doesn't. For example. Lets say someone signs up for a username and password on my site, I grant that person permission to my site and set a cookie named Samuel with a value of Clemens. But lets say for some reason in the future I choose to deny that user access to my site. If while he had access to my site, he happened to check the name and value of the cookie, that person after he looses access to my site could easily create a cookie himself named Samuel with a value of Clemens. Then what? Is this the method that websites actually use to verify login credentials? (obviously I know this is a beginner book and there is probably much more to it than this, but I was wondering if this was an easy way to mimic a login example, or if some form of this method is used in professional sites.)
×
×
  • Create New...