Jump to content
Larry Ullman's Book Forums

Search the Community

Showing results for tags 'chapter13'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Single Editions
    • Modern Javascript: Develop and Design
    • The Yii Book
    • Effortless Flex 4 Development
    • Building a Web Site with Ajax: Visual QuickProject
    • Ruby: Visual QuickStart Guide
    • C++ Programming: Visual QuickStart Guide
    • C Programming: Visual QuickStart Guide
    • Adobe AIR: Visual QuickPro Guide
  • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (5th Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (4th Edition)
    • PHP 6 and MySQL 5 for Dynamic Web Sites: Visual QuickPro Guide (3rd Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (2nd Edition)
    • PHP and MySQL for Dynamic Web Sites: Visual QuickPro Guide (1st Edition)
  • PHP for the Web: Visual QuickStart Guide
    • PHP for the Web: Visual QuickStart Guide (5th Edition)
    • PHP for the Web: Visual QuickStart Guide (4th Edition)
    • PHP for the Web: Visual QuickStart Guide (3rd Edition)
    • PHP for the World Wide Web: Visual QuickStart Guide (2nd Edition)
    • PHP for the World Wide Web: Visual QuickStart Guide (1st Edition)
  • Effortless E-commerce with PHP and MySQL
    • Effortless E-Commerce with PHP and MySQL (2nd Edition)
    • Effortless E-Commerce with PHP and MySQL
  • PHP Advanced: Visual QuickPro Guide
    • PHP Advanced and Object-Oriented Programming: Visual QuickPro Guide (3rd Edition)
    • PHP 5 Advanced: Visual QuickPro Guide (2nd Edition)
    • PHP Advanced: Visual QuickPro Guide
  • MySQL: Visual QuickStart Guide
    • MySQL: Visual QuickStart Guide (2nd Edition)
    • MySQL: Visual QuickStart Guide (1st Edition)
  • Other
    • Announcements
    • Newsletter, Blog, and Other Topics
    • Forum Issues
    • Social

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Found 2 results

  1. code: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en"> <head> <meta http-equiv="content-type" content="text/html; charset=utf-8" /> <title>Add a Blog Entry</title> </head> <body> <h1>Add a Blog Entry</h1> <?php // Script 12.5 - add_entry.php /* This script adds a blog entry to the database. */ if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Handle the form. // Connect and select: $dbc = mysql_connect('localhost', 'root', 'musica'); mysql_select_db('myblog', $dbc); // Validate the form data: $problem = FALSE; if (!empty($_POST['title']) && !empty($_POST['entry'])) { $title = trim(strip_tags($_POST['title'])); $entry = trim(strip_tags($_POST['entry'])); } else { print '<p style="color: red;">Please submit both a title and an entry.</p>'; $problem = TRUE; } if (!$problem) { // Define the query: $query = "INSERT INTO entries (entry_id, title, entry, date_entered) VALUES (0, '$title', '$entry', NOW())"; // Execute the query: if (@mysql_query($query, $dbc)) { print '<p>The blog entry has been added!</p>'; } else { print '<p style="color: red;">Could not add the entry because:<br />' . mysql_error($dbc) . '.</p><p>The query being run was: ' . $query . '</p>'; } } // No problem! mysql_close($dbc); // Close the connection. } // End of form submission IF. // Display the form: ?> <form action="add_entry.php" method="post"> <p>Entry Title: <input type="text" name="title" size="40" maxsize="100" /></p> <p>Entry Text: <textarea name="entry" cols="40" rows="5"></textarea></p> <input type="submit" name="submit" value="Post This Entry!" /> </form> </body> </html> iI'm getting the folowing output, what am i doing wrong? Add a Blog EntryPlease submit both a title and an entry.'; $problem = TRUE; } if (!$problem) { // Define the query: $query = "INSERT INTO entries (entry_id, title, entry, date_entered) VALUES (0, '$title', '$entry', NOW())"; // Execute the query: if (@mysql_query($query, $dbc)) { print ' The blog entry has been added! '; } else { print ' Could not add the entry because: ' . mysql_error($dbc) . '. The query being run was: ' . $query . ' '; } } // No problem! mysql_close($dbc); // Close the connection. } // End of form submission IF. // Display the form: ?> Entry Title: Entry Text:
  2. In the Chapter 13 web app, cookies are used to verify if a person has administrator access. It seems that using a cookie is similar to a password in the way that in the book, Larry says to set a cookie with sort of a random name and value. For instance, don't set a cookie with the name of 'login' and the value of 'true' (instead a cookie named Samuel is set with a value of Clemens). But, because cookies are easily viewed once they are set, for example using firebug on firefox, it seems like this is not the best method for veirifying who has access to a site and who doesn't. For example. Lets say someone signs up for a username and password on my site, I grant that person permission to my site and set a cookie named Samuel with a value of Clemens. But lets say for some reason in the future I choose to deny that user access to my site. If while he had access to my site, he happened to check the name and value of the cookie, that person after he looses access to my site could easily create a cookie himself named Samuel with a value of Clemens. Then what? Is this the method that websites actually use to verify login credentials? (obviously I know this is a beginner book and there is probably much more to it than this, but I was wondering if this was an easy way to mimic a login example, or if some form of this method is used in professional sites.)
×
×
  • Create New...