[member=25402]sladepowers[/member] , What you posted in your same as examples is wrong from the 2nd to the third example. They are not the same at all.
Telling him what is wrong post after post is getting pretty monotonous. This thread is so played out. The dude obviously isn’t learning anything the right way. This thread is never going to end.
do you need me to donate, Kevin Rubio?
Can you clarify as I am not sure if it was directed at my post?
Not you [member=72272]astonecipher[/member] , Directed to Slade where he said
$item = $temple = $quantity = $price = $promotional = "";is the same as
$item = ordertest01($_POST[“item”]);
$temple = ordertest01($_POST[“temple”]);
$quantity = ordertest01($_POST[“quantity”]);
$price = ordertest01($_POST[“price”]);
[member=25402]sladepowers[/member] , no you dont need to donate, but if you would like to hire me as a personal tutor, I am available.
Tell you what I would like though, take a break from what your doing and from this forum and go through the following tutorial end to end. These are interactive tutorials and very good.
When you finish that one, go through this one
Depending on your current html and css knowlege you may want to do this one first
Let us know when you have completed those and understand everything. Feel free to go through them again if need be to sink it in.
the first site i constructed is babiesnmovies.com. set it up myself and it works. that was in 2009. things were a bit different then. no such thing as PDO then. everything seemed more straight forward. kevin rubio, tell me whats wrong with this script that was made for me…
[php]
<?php error_reporting(E_ALL); ini_set('display_errors', 1); // 1) Since your page will likely require a database connection for displaying data in addition to inserting the form data into a database table, you can make the database connection before processing the form data. // database credentials $hostname = 'xxxx'; $username = 'xxxx'; $password = 'xxxx'; $database = 'new_order' // create the database connection and set up the configuration options $pdo = new PDO("mysql:host=$hostname;dbname=$database", $username, $password); $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false); // note: if you don't catch exceptions yourself, php will throw an error for the uncaught exception and display (or log) the cause of the error. //2) Detect if a post method form has been submitted. ALL the form processing code should be contained within this conditional statement so that the code only runs when a form has been submitted. if ($_SERVER["REQUEST_METHOD"] == "POST") { //3) Create an empty array to hold validation errors. Add each error message as an element to this array. To test if there are errors, you can just test if the array is empty or not. $errors = array(); //4) Validate the input data. At a minimum, required fields must not be empty and should contain data of the expected format. Add an error message to the errors array for each validation test that fails. // the validation code is up to you ... //5) If there are no validation errors, you can use the form data. If there are validation errors, you would display them, by looping over the array of error messages, at the appropriate place in your html document. if(empty($errors)) { //6) To insert the data, first prepare the sql statement, then bind the input data to the place-holders in the prepared sql statement, then finally execute the query. $query = "INSERT INTO new_order (item, temple, quantity, price) VALUES (:item, :temple, :quantity, :price)"; $stmt = $pdo->prepare($query); $stmt->bindParam(':item', $_POST['item']); $stmt->bindParam(':temple', $_POST['temple']); $stmt->bindParam(':quantity', $_POST['quantity']); $stmt->bindParam(':price', $_POST['price']); $stmt->execute(); //7) After inserting the data, without any further errors, your code should do a header() redirect back to the same exact URL of this page to cause a get request for the page. See this link for why you would want to do this - [url=https://en.wikipedia.org/wiki/Post/Redirect/Get]https://en.wikipedia.org/wiki/Post/Redirect/Get[/url] $host = $_SERVER['HTTP_HOST']; $uri = $_SERVER['REQUEST_URI']; header("Location: http://$host$uri"); die; } // if there were validation errors, the code would not do a redirect and would continue to run on this page, to display the errors and display the html document } // any code responsible for displaying the html document would start here... [/php] outside of the connection the code is different...am i right? you never shared this with me Kevin. you thought your bootstrap was the best way but it's NOT right for everyone. now w3schools show me another way, your bootstrap is another way....i didn't ask for you to write script for me, im learning and as much as i respect your assistance i technically didn't ask you for your snide remarks or help. this forum isn't for the belittling of anyone, this according to the guidelines....am i right? i never knew that you HAD to work with this post. even if it is April 1st. too bad your knowledge on what is easy for you and difficult for me has clouded your ability to share responsibly and make a novice wanna quit. too bad....i'm staying to learn. previously you mentioned that i was blaming you for what was not right with my script. i never blamed you. you took that upon yoself. i just stated the case. the beauty of it all is that there are other senior coders that have been at this longer than you and have been totally cool about my naivete. like i said Kev, if a donation will make you feel better, let me know. because surely, you have better things to do than help me on this. go do what you do, you can ALWAYS move on. its a matter of class. forgive me for using this forum to represent and defend my lack of knowledge. thanks all.so what's next kevin rubio?[b] your assistance may have been great for others but it did mess up my server.[/b] [b]i had to call go daddy to show me how to kill what you suggested. it took them 45 mins to fix it.[/b]
I know it was about a hundred posts ago, but is sure sounds like you blamed me. There is NOTHING whatsoever that I have posted that would “mess up” your server, let alone take anyone with any knowledge 45 minutes to fix. What ever happened, happened because YOU did something wrong.
I just gave you a list of some excellent tutorials to help you but instead of checking them out you just want to say I am belittling you.
It wasn’t in heavy use, but PDO was released in 5.1 which was 2005.
As far as the posted script?
It is missing error validation. Meaning, the $errors array is declared, but nothing is done with it.
There is no graceful way to deal with Exceptions. I personally don’t like die statements, but others do.
There is no graceful way to deal with Exceptions.
What do you mean? Of course there is. Be happy to talk about it in another thread if you like.
- LOL! We are now tied for exact number of posts!
In the script posted above there is not. Nothing deals with exceptions on any facet.
[member=72272]astonecipher[/member] , Ok, you were referring to the posted script. I thought that was a general statement.
LOL. no, Kev…it was not a general statement. :-* i’m so slow.
so with the script that i posted, the one that does not deal with the exceptions properly, is that the only thing wrong with that script? can i run with that? i can take the exception handlers from the code we have been working with and put them in that code and go with it. but someone told me that i would be lazy if i prepared statements that way. so i need to choose some things like using “die” or not. it’s a matter of preference it appears. i don’t know enough to make that decision. so because of this please tell me what is wrong with the script we have now and let me fix it and learn.
[php]try {
$dbh = new PDO(“mysql:host=$hostname;dbname=new_order”, $username, $password);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$dbh->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
/*** echo a message saying we have connected ***/
echo ‘Connected to database
’;
}catch(PDOException $e) {
echo $e->getMessage();
}
?>
thanks guys. all of yall, Kev too. you are helping to me learn.
I must refer you back to the PDO bumpstart. Study the code and you will learn how to globally handle ALL exceptions, not just PDO exeptions, rather than writing code to handle them one by one all over your scripts.
Study the function myException in config/functions.php and
And in ./config.php
set_exception_handler(“myException”);
In the Php manual, lookup and learn about set_exception_handler
If you setup and run PDO Bumpstart there is a lot you can learn from it. It only takes seconds to get it working. Not sure if you ever did or not.
[php]<?php
error_reporting(E_ALL);
ini_set(‘display_errors’, 1);
// 1) Since your page will likely require a database connection for displaying data in addition to inserting the form data into a database table, you can make the database connection before processing the form data.
// database credentials
$hostname = ‘xxxx’;
$username = ‘xxxx’;
$password = ‘xxxx’;
$database = ‘new_order’
// create the database connection and set up the configuration options
$pdo = new PDO(“mysql:host=$hostname;dbname=$database”, $username, $password);
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
// note: if you don’t catch exceptions yourself, php will throw an error for the uncaught exception and display (or log) the cause of the error.
//2) Detect if a post method form has been submitted. ALL the form processing code should be contained within this conditional statement so that the code only runs when a form has been submitted.
if ($_SERVER[“REQUEST_METHOD”] == “POST”)
{
//3) Create an empty array to hold validation errors. Add each error message as an element to this array. To test if there are errors, you can just test if the array is empty or not.
$errors = array();
//4) Validate the input data. At a minimum, required fields must not be empty and should contain data of the expected format. Add an error message to the errors array for each validation test that fails.
// the validation code is up to you ...
//5) If there are no validation errors, you can use the form data. If there are validation errors, you would display them, by looping over the array of error messages, at the appropriate place in your html document.
if(empty($errors))
{
//6) To insert the data, first prepare the sql statement, then bind the input data to the place-holders in the prepared sql statement, then finally execute the query.
$query = "INSERT INTO new_order (item, temple, quantity, price)
VALUES (:item, :temple, :quantity, :price)";
$stmt = $pdo->prepare($query);
$stmt->bindParam(':item', $_POST['item']);
$stmt->bindParam(':temple', $_POST['temple']);
$stmt->bindParam(':quantity', $_POST['quantity']);
$stmt->bindParam(':price', $_POST['price']);
$stmt->execute();
//7) After inserting the data, without any further errors, your code should do a header() redirect back to the same exact URL of this page to cause a get request for the page. See this link for why you would want to do this - [url=https://en.wikipedia.org/wiki/Post/Redirect/Get]https://en.wikipedia.org/wiki/Post/Redirect/Get[/url]
$host = $_SERVER['HTTP_HOST'];
$uri = $_SERVER['REQUEST_URI'];
header("Location: http://$host$uri");
die;
}
// if there were validation errors, the code would not do a redirect and would continue to run on this page, to display the errors and display the html document
}
// any code responsible for displaying the html document would start here…
[/php]
Follow the comments. Line 25 says to validate the data. How you do it depends on what you are validating.
thank you both, kevin and cipher. please take a moment to look at my practice files. and i ask this because the cart has only 4 options to choose from then the submit takes us to checkout & passes the users information to the db . the checkout has validating included. my task is to lock in the checkout. so i don’t think that validation is a issue with the shopping cart but definitely during checkout. but first i need to be sure that the cart data is being passed to the php script.
kevin, i am going to try to work the bumpstart but on a different machine. again, please look at the shopping cart because i don’t think there are any validation concerns, but there are validation issues for checkout.
http://solutionm3.com/ordertest.html…and of course the “continue to checkout” takes us to checkout. take note of the validation required for the back side of the checkout.
thanks a heap, guys.
this is where i am studying from now:
http://php.net/manual/en/function.set-exception-handler.php
thanks
Slade,
Yes, you do not need validation for drop-downs. Since you hard-code the data in the tags, there
can only be those options posted. You might need to validate your “Promotional Code” field to make sure it
holds up to your standard promo-code number.
I would validate anything sent. I can change an input, it just depends what you would get with that change.
well…i’m back. lol. here is my latest error message,
"Connected to database
Fatal error: Uncaught exception ‘PDOException’ with message ‘SQLSTATE[42S02]: Base table or view not found: 1146 Table ‘new_order.new_order’ doesn’t exist’ in /home/ewff/public_html/prac01.php:59 Stack trace: #0 /home/ewff/public_html/prac01.php(59): PDO->prepare(‘INSERT INTO new…’) #1 {main} thrown in /home/ewff/public_html/prac01.php on line 59"
i went to check the name of my database to be sure of the spelling and i got that right. i only have one database ‘new_order’ and its table ‘details’ (please see the image attached). i’m going to read up on SQLSTATE[42S02].
