SaranacLake

Where are the "lax security measure"?? 😕

Was that sarcasm or are you serious? If I am not using a database, then what is the safest way to program a log in screen? For instance, is there any benefit to using a hash if it is hard-coded in your script? I should say that this is on my VPS, so I could at least store the hashed password in a .php file *outside* the web-root. Will probably only leave files up for a few weeks, but do want to protect people's pictures...

As a temporary place to store things like work holiday photos or maybe a test.php fle I share with you, is there anything super dangerous about hard-coding in a password in my splash login page? (On my real site that is still under development, I store hashed passwords in MySQL, but don't want to go that far for this site.)

I don't have anything currently. Just wanted to throw up an anonymous site where I can share things like work photos for a temporary period. (This is since I have a webserver I pay for every month and never use for anything!) Your suggestion is probably the easiest, but to be devils advocate... 1.) There is no reason I couldn't create a basic log in screen WITHOUT a database, right? Just have my PHP check a hard-coded hash (or password) and if it's correct, the page loads. 2.) In that scenario, once logged in, I could use session variables to allow them access to other pages, like page 2 of the pictures, right?

Hi everyone. Getting my head back into PHP after a long time away, so pardon the newbie question! I would like to create a simple website that is private to me and a few select people. The intention is to be able to share pictures or files. (Sort of my like my own personal dropbox.) Looking to put up some Holiday photos, so this needs to be a quick endeavor. I was thinking of creating a php page that is a log in page. No database, but f the user enters the correct username and password then I could reveal photos or maybe links to other pages. How does that sound? I have done .htaccess files in the past, but they sorta look crude and might scare non-technical people away. Thoughts?

Okay, glad my thinking was correct! Thanks for the feedback!

What I was uncomfortable with was how I went from loading up the product catalog page, then having the user click on different links, changing the URL, but basically staying on the same page, and then loading different items based on what was selected. In explaining (and re-explaining) to all of you what I was doing I think I answered my own questions.

@Zane, So it sounds like you think the use-case I described above is okay...

Not gonna answer my questions, huh?

I have been asking if the way I am going about this - from a use-case/process-flow standpoint makes sense. Never have I asked about the effort involved. Never have i asked how to do it all. I simply asked if the way I am going about this makes sense. (Maybe there is a different way you would load up different products based on some discriminating factor like "Category"? When you go to any e-commerce site and start shopping, what do you call that area of the website? I have been using the term "product catalog". Agree? I know how to query the database for every product i have and display them all on a single page. What I have been asking about is how to make it so a user can click on different "categories" in a side menu and see the related products in that category/group/whatever. I suppose you could call that "filtering". Right. So I'm trying to put pieces of knowledge together, and seeing if I am doing this in a logical way. So am I? 🙂 Step 1: Use lands on www.mystore.com Step 2. User navigates to the e-commerce store Step 3: User clicks on a "category" link in the left margin (e.g. <a href="www.mystore.com/music/">Music</a>) Step 4: Apache mod_rewrite translates that request to: www.mystore.com?category=music and reloads the web page - still showing the pretty: www.mystore.com/music/ Step 5: My script grabs the (syntax?) _GET['category'] = music or whatever Step 6: My script queries the database for all records where category = "music" Step 7: My script displays those products in the right pane Step 8: The user navigates that result set and hopefully clicks on some music to buy Step 9: A product details page loads with more details for the chosen item. Does that sound like a logical approach??? Like ten times so far... 😉

Never having rolled my e-commerce site before, and having been away from PHP for several years, sometimes I'm not sure what I'm talking about?! 😐 Right now, I am trying to lay out (and ultimately code) a web page that looks like the link I pasted above - well not that fancy! To your question... Because this is a startup business and thus small, I just need a way to be able to sell a handful of items in a handful of categories. Like maybe 4-5 categories each containing a dozen or so products. Down the road, my website will need to grow and provide shopper a more sophisticated way to search for items, but for now I just need something simple like this... Category1: - Product1 - Product2 : -Product12 Category2: more products Category3: more products Category4: and so on... So I was thinking if I added a left column to my earlier gallery, and added say 4-5 hyperlinks wit category names, and when you click on a category link, it would reload the page and the url would change like this... originally: www.mystore.com user clicks on "Music" category in left margin: www.mystore.com/music/ then the user decides to check out movies and clicks on "Movies" and the page reloads with the updated url: www.mystore.com/movies/ How does that part sound? Then assuming that is okay, I guess in the right pane, I would have my PHP code query products based on what in in the url, so in the last example above it would go to my database and retrieve products that have a category of "Movie". How does that sound? And to your question, for now, I do *NOT* need any fancy filtering beyond category, so no: Music + Vinyl Records + Classic Rock + 1970s + Live Albums

Well, with my free gallery I am just hardcoding the query, so not really. Now I need to set up a normal product catalog where you can choose between different categories or I suppose even just see the entire product selection. Something like this... https://www.amazon.com/s?i=popular&k=&ref=nb_sb_noss&url=search-alias%3Dpopular

As I said, it builds off the earlier example. Before I was creating a gallery of thumbnails for a set number of products that I am giving away free with a subscription. Here I am trying to build the actual product catalog for my e-commerce site, i.e. *all* products. So I'm not entirely certain how an e-commerce product catalog should work.

Hi. This question is building off of things you all helped me with earlier in my other two threads. (I go no sleep last night, so sorry if my thinking is a bit off!) Now that I know how to create a gallery page - as far as HTML goes - to display a listing of free add-on items you get when you subscribe, I need to extend those concepts to my next project. I need to create a product catalog page for my e-commerce site. (Not sure if there is a better name?) This is the page you would see if you went to an e-commerce site and started shopping. At the top of the page would be my company mast. And beneath that, on the left side of the screen would be a menu listing different areas of my online store. And to the right, would be the area where you see the actual products. (And I would be using the same techniques to display items on the right hand side as I did in my earlier gallery. So here is where I could use some hep with the logic of this page... Let's say my website is located at www.mystore.com And in the left menu bar, I have these categories: Music, TV Shows, Movies, Gear And in the right pane I want to display items for the chosen section. So if you chose "Music", I am thinking the hyperlink behind it might read; www.mystore.com/music/ with a mod_rewrite to www.mystore.com?category=music And then I would have PHP code that would fire when the page is reloaded to www.mystore.com?category=music and it would query MySL and display all music related products in the right pane. (Note: It is understood I am only using HTML and PHP with no Javascript.) How does the above approach sound?

I am not using JavaScript on my site.

I understand how to do mod_rewrites. I was simply trying to understand why ginerjm was saying one of my steps was unnecessary.

I didn't write any code yet as to avoid hanging myself if I was going about this totally wrong! 🙂 Does the use-case i outline above sound like a reasonable approach?

Sorry, but I still don't think I am understanding you... My user starts off on this page... www.mysite.com/store/product-gallery.php (Technically, I could chop off the ".php" to make it totally "pretty", but I'm not so concerned about that.) A gallery of thumbnails appears. The user clicks on one of those thumbnails - which represents a product - to learn more about the product. Here is where I'm not sure if we are following each other... I don't care about the format of the URL behind that thumbnail that the user clicked, HOWEVER, when the product details page laods for sku 4571, I want the user to see the following URL... www.mysite.com/store/products/4571 Clear? It's a one-way street in that you can't have an "ugly" URL and then load a page displaying a "pretty" URL. If you want a "pretty" URL to appear when the page loads, you need to have a "pretty" URL in the hyperlink behind the image. Right? So I'm not following you when you say I am taking an extra unnecessary step.... If I am wrong about something or am misunderstanding you, please correct me. But it seems like your suggestion wouldn't work like I need it to work. 🙂

Didn't need to. My point is that there *IS* value in "pretty URLs" although a lot of techies disagree. Back back on track.... So does it sound like I am approaching things the correct way in my OP - besides differeing opinions on what URLs should look like?

Most people would not find this URL to be intuitive... www.mystore.com/store/products.php?category=clothing&gender=mens&type=outerwear&season=winter-coats This, by contrast is more intuitive... www.mystore.com/store/products/clothing/mens/outerwear/winter-coats/

I prefer pretty URLs and the hope is - for people who still look at the Address Bar - that it will be more intuitive to them.

Not sure that I follow you... I have Step 3 because you start off in a gallery of thumbnails with no product details and after you choose a given thumbnail, then you go to a product details page which has all of the item's details.

Hello. I just created a product gallery containing thumbnails of items that I will be selling. When a user click on on of the thumbnails, I want a product details page to appear with more details about the chosen product Could use some feedback if I am going about things the right way... Step 1: User goes to my gallery located here: www.mysite.com/store/product-gallery.php Step 2: System displays a page of thumbnails representing items that I am selling. Step 3: User click on a given thumbnail which is a hyperlink to: www.mysite.com/store/products/4571 Step 4: System rewrites the URL as such: www.mysite.com/store/products.php?sku=4571 Step 5: System queries MySQL and retrieves record for sku 4571 Step 6: System displays product details for the chosen item in Step 3 which is sku 4571 How does that sound?

I built most of my site a loooong time ago, and have forgotten a lot. Can you please refresh my memory of how a sessionID would end up in the URL? My site doesn't use cookies, and everything is done using the sessionID. As I recall, I guess the only cookie I use is to store the sessionID which I believe was the safest at the time I did things. But maybe things have changed and I certainly want things to be *secure* to protect my customers! Yeah, last month I think I came up with a fairly simple SKU that is under 8 characters - a combination of letters and characters like eb501 for eBook 501. So to tie this together... I can build a gallery of free eBooks using "thumbnails", but those would be more than just images - maybe they would be a <div> wrapped around an image of the book cover with supporting text. I would use an SQL query to grab whichever eBooks I am offering for free, and then use PHP to loop through that recordset and dynamically build the HTML to display things in a grid gallery, right? And behind each <div> / image would be a hyperlink like www . mysite . com/products/eb5001 and when the user clicks on the hyperlinked <div> they would be taken to that page, at which point my PHP would grab the $_GET variable (e.g. eb5001) and then use that to query MySQL to get all of the related product details (e.g. Book Title, Description, Original Price, Images, etc.), right? And then on that product details page I would have an "Add to Cart" button to allow them to select it. How does that sound?

True, but I guess I have felt more comfortable with $_POST since - as far as I know - it cannot be seen by the user or fiddled with. (Of course I always sanitize incoming requests either way?!) Do you have any thoughts - as a designer or a as an end-user - of what you would expect to see from what I described above? I'm thinking that just having a thumbnail probably isn't very "accessible", so maybe I have to "frame" the thumbnail in a <div> and add some readable text? Also, would it be intuitive enough to an end user with a gallery of thumbnails for them to know that they have to click on the book they want, and then presumably they will dive deeper and get more product details? (I think most e-commerce sites have larger descriptive text when you shop a product catalog, however since I am building this to offer a "FREE eBook" with the purchase of a description, and thus it is a free add-on, I think the experience should be more steamlined, if you follow my thinking?) Anyways, I'm curious to hear what you and others have to say! 🙂