PHP and MySQL

Sessions versus cookies

I used to prefer sessions to cookies.

However, a lot of websites nowadays send cookies out anyway, and users don’t seem to care anymore.

One of my websites once got flagged by Google - something like the site is not to be trusted, which I disagreed with. It took about 24 hours to resolve the dispute, but it took months before I even discovered that this alert had been going on. I was at the losing end, however which way I tried to analyze it.

Actually, the I was using allowed adult sites on their servers. That could also have been the culprit. I may have been sharing the server with websites that had malicious ware.

Lately, I try to just avoid both cookies and sessions as much as possible. At least I sleep better.

Val Zubiri

Programming by Val Zubiri
Art by Val Zubiri
Arts Global Impact.org / Original Art and Art Books for Collectors for sale
Chicago Art Movement.com
Get a Massage Contact and Shop using your mobile phone

How to Have Alternating Colors in Table Row Results

1. Pick two colors for table cell backgrounds. For example, light cream and light green.

2. When you dip into the MySQL table, you will be using a while loop. You will also be using two other elements.

3. The first is the use of $i=0, $i++ while using the “while loop”

4. The second is the use of the modulo % to get the remainder.

5. As you use the “while” loop, you increment the $i by 1 each time, and you will be dividing $i by 2, $i % 2.

6. You also place the condition, if the remainder is 0, then use the light cream, and if the remainder is 1, then use the light green.

Note, if you want three colors, just do the same thing, use $i % 3, and if the remainder is 0, 1 or 2, then use color1, color2 or color3. Obviously, if your site is gay, and you want the gay colors to appear, use $i % 6, assigning 6 colors, but I think that would look tacky. I think red and white with a little blue and some stars appearing in the background would look like an American flag.

Val Zubiri

Programming by Val Zubiri
Art by Val Zubiri
Arts Global Impact.org / Original Art and Art Books for Collectors for sale
Chicago Art Movement.com
Get a Massage Contact and Shop using your mobile phone

How to clean entries submitted in forms

If you are asking for usernames and email addresses in your forms, you want to make sure that they are unique.

Spaces, whether they are intentional or unintentional should be taken out, before the submission goes to the database.

Use the following functions:
trim() With trim, spaces before and after a submission gets taken out. For example,

Code:

becomes

Code:

eregi_replace() This takes three elements: The pattern you want to replace, the replacement pattern, and the variable or entry in question.
Example: In

Code:

you are looking to replace all the spaces to no spaces at all, so

Code:

would yield

Code:

strtolower() You might also want to convert all entries for the username to lower case when you enter them into the MySQL table, even if the MySQL has the entry programmed as text that does not care whether the characters are in uppercase or lowercase.

Note: Look up the difference between eregi_replace() and ereg_replace(). Eregi does not care about capitalization. Ereg does, so in this case, since we’re just concerned with replacing spaces, both would work. However, I prefer to just keep using eregi.

Val Zubiri

Programming by Val Zubiri
Art by Val Zubiri
Arts Global Impact.org / Original Art and Art Books for Collectors for sale
Chicago Art Movement.com
Get a Massage Contact and Shop using your mobile phone

How to validate an email address using PHP

Use the code

Code:

This is actually not a perfect solution. However, it is acceptable enough to dissuade majority of people from abusing the form. Error messages do not have to be super-sensitive, you can make it sound stupid and seemingly flawed - that way it will discourage people from playing with your form, trying to find out what else it can do.

Val Zubiri

Programming by Val Zubiri
Art by Val Zubiri
Arts Global Impact.org / Original Art and Art Books for Collectors for sale
Chicago Art Movement.com
Get a Massage Contact and Shop using your mobile phone

How to: Making Forms with Error Messages in PHP and MySQL

What you need to understand to make forms with error messages.
I use Dreamweaver for this.

1. Your form has an action="". In between the two quotation marks, place your PHP_SELF code. Simply Google the term “PHP_SELF” for detailed explanation. Simply put, the PHP_SELF code, placed in the action part of the form, will make the submit button come back to that same form page.

2. Your page needs PHP coding before the entire HTML code on that page. What this does is that PHP gets “computed” before the HTML gets sent by the server to the visitor’s computer. So, when the visitor (or user) fills up the form, and presses submit, the server “computes” the answers in the form before serving the same page again.

If the answer is unacceptable, like some fields in the form were left blank, the page will display a message telling the visitor what mistake he or she made.

3. Your form also needs what is called a “hidden” variable. The variable is not seen up front on the form page, but if you look at the html code, the hidden variable should be there. Usually coders place the hidden variable next to the submit button code.

It looks like this:

Code:

Make it a practice to place it near the submit button, like so:

Code:

I usually use the name “stage” and the value “2″, because I imagine that the value “1″ would be the first time the user or visitor sees the form, and the second time or stage the visitor sees the form is right after the visitor pressed submit.

4. Somewhere on the page, but usually just right on top of the form, would be where error messages, preferably in red, should be. However, that would also be the spot where the Success! message can be read.

Examples of error messages are:
You need a name. The name should not be left blank
You need a last name. The last name should not be left blank
You need an email.
Your email is not in the correct format. It should be in the form “youremail@thegivendomain.com".
You need a username
The username is already taken
You need a password
The password is too short
The password is too long
You forgot to make a comment.

If all the required fields are answered correctly, the information gets processed. An example of a success message would be:
Success! You have been registered. Please expect an email notifying you of your registration. Welcome Harold4000!

5. You need to learn to check the answers in different ways. The answers are strings.

“You need a name” means that the field was left blank… so your PHP code would say something like
if $name =="", then the message appears. “” means that there is nothing submitted, and therefore, the variable $name is “” instead of “Harold". There’s nothing in between the two double quotes.

The Email used… The code checks if the email is valid, by checking if the “@” sign is present, and the “.” period is present as well. Before the “@” sign, there should be at least one character, and there should also be at least one letter in between the “@” and the “.” period. There should also be some letters after the period.

Note: If you are also being a little more industrious, there is a way to check if the domain after the “@” sign is a valid website. However, depending on the code you use, and your server, it might not work at times, resulting in you irritating your potential user or client. So if you are a vengeful, compulsive, “gotcha!” type of person, research on this functionality, and implement it. Otherwise, just let some gibberish from some users be… like “kfjdkfjw@dlfdkfjd.cokdjfk". Not everyone will do this hundreds of times anyway.

You can require your password to be an acceptable 4 to 8 characters, so if the user puts in 3 or 9 characters, you would tell them it’s unacceptable.

6. Don’t go yet, it gets even more complicated. There are two important parts to code.

7. The first part of the code. Assign variables to all the error messages. So the first error, for example, is $errormessage1, and then $errormessage2, $errormessage3, and so on, until you get to the success message, which you can name $success1 or $errormessage9

8. The second part would have the conditions. It will be a series of if - else - if - else - if -else.

So “if” the first condition is wrong, then $errormessage = $errormessage1. “Else” (if the first condition is okay) move on to see if the second condition is met. If not, then $errormessage = $errormessage 2. Else, (if the second condition is okay) then move to see if the third condition is okay. And this goes on, until all the conditions are met.

If all the conditions are met, then further action is taken. For example, the information would then be made to go to the database OR an email can also be sent to the user, and $errormessage = $success.

9. Notice that all the error messages are to be programmed as:
$errormessage = $errormessage1, etc… Each error message takes a turn to become $errormessage, without the number.

10. Go to your html code and view the design, not the code. Type in what I would call a “marker” - something like “xxxxxxxx", then make it bold, and color it red. Then go look at your html code and look for “xxxxxxxx". Replace it with PHP code:

Code:

So there you go, that’s the way to have a self-correcting form.

Sometimes, you may want to code, together with the error messages, the new line or paragraph tags, and the bold and the color tags. That way, the page only expands down when there is an errormessage to be shown.

There are many ways to make this even more complicated.

Your email thanking the user for the successful submission can be formatted to look like an html page. The email itself uses the PHP email function. Google using the words “headers” “email function” and “PHP” for more information about this.

You may need for the user to click an activation link in the email with a randomly generated code in order to fully register him or her. This means you need to generate unique random codes.

Usernames should also be unique, which means you need a stage when you should check if the username is already in use.

You might also want the form fields to automatically populate themselves. For example, if you have First Name and Last Name, and the user forgot the Last Name, when the page returns, the First Name should already have the field answered so that the user does not have to refill the field.

In the past, a lot of forms had the Submit Button and the Reset Button. When you press reset, the form becomes blank again.

However, a lot of websites now do not have the Reset Button. The rationale for this is that users should only use the form when they seriously do want to fill up the form and submit. Resetting forms back to no answers at all only means that the user is merely playing with the form to begin with.

There is also another part of the PHP code you should not forget to consider.

In the past versions of PHP, variables (the answers in the forms) get sent to where they should go without you having to worry if they were even passed on in the first place.

Now, the later versions of PHP need you to “register” the variables so they can be “remembered” to come back on the page.

The code would look like this, repeated for every variable on the page, and placed on top of the PHP code at the top part of the page.

Code:

Val Zubiri

Programming by Val Zubiri
Art by Val Zubiri
Arts Global Impact.org / Original Art and Art Books for Collectors for sale
Chicago Art Movement.com
Get a Massage Contact and Shop using your mobile phone