Unfortunately, despite the best efforts of myself, the technical editor, the copy editor, the line editor, the proofreader, and despite the multiple revisions, errors still occur. This page lists all the errors found in the book since it went to print.
Note: errors are corrected in subsequent printings and therefore your particular copy may not contain all of the following. You may also be experiencing problems not caused by a mistake in the book. If so, you may find the solution to your problem by using the book’s corresponding forum. Significant changes in the technology will be addressed there and you can also find problems and solutions encountered by other readers.
Known Errors in the Book:
Click on a column heading to sort the table by that column.
| Chapter | Page # | Description | Date Added |
|---|---|---|---|
| 2: Security Fundamentals | 39 | At the top of the page, it suggests that Figure 2.8 is on the next page when it’s actually on the same page. | November 30, 2010 |
| 3: First Site: Structure and Design | 53 | In the last paragraph, the phrase “PDF scripts” in the fourth sentence should be “PDF files”. | September 5, 2011 |
| 3: First Site: Structure and Design | 55 | In a stunning oversight, the escape_data() function defined never actually gets used! The intention was for that function to be called in lieu of mysqli_real_escape_string() in the site’s code. Ugh! | January 3, 2011 |
| 3: First Site: Structure and Design | 56 | In Step 7, the order of the arguments to the mysqli_real_escape_string() function are in the wrong order. It should be:return mysqli_real_escape_string ($dbc, trim ($data)); | December 9, 2010 |
| 3: First Site: Structure and Design | 65 | In Step 7, the conditional should check if $this_page equals $v, not $k:if ($this_page == $v) echo ' class="selected"'; | December 9, 2010 |
| 3: First Site: Structure and Design | 70 | Steps 3 and 4 should be reversed, so that the database connection is included prior to the header. This will become relevant in Chapter 4, when the login system is instituted. | December 1, 2010 |
| 3: First Site: Structure and Design | 71 | The code in Step 10 should actually be// $_SESSION['user_admin'] = true; | November 9, 2010 |
| 4: User Accounts | 74 | The backslash preceding the first line of code shouldn’t be there. | November 29, 2010 |
| 4: User Accounts | 87 | In Step 9, the query should make use of the get_password_hash() function, not create_password_hash(). | November 30, 2010 |
| 4: User Accounts | 91 | The first bit of code should include a file named login.inc.php. | November 29, 2010 |
| 5: Managing Site Content | 110 | The label for attribute value in Step 14 should be title. | January 11, 2011 |
| 5: Managing Site Content | 132 | Step 1 should say that the file being created is named view_pdf.php. | January 3, 2011 |
| 7: Second Site: Structure and Design | 166 | The first sentence under the caption “Product Tables” should begin “Six product-related tables…”. | May 20, 2011 |
| 8: Creating a Catalog | 211 | The code at the top of the page, as part of Step 4, should have one more closing curly bracket, which completes the conditional begun in Step 3. | July 19, 2011 |
| 8: Creating a Catalog | 224 | The two references to the get_sale_price() function should be just get_price(). | December 22, 2010 |
| 9: Building a Shopping Cart | 239 | The conditional in the ternary operator in line 4 of the code under Step 12 needs to be updated per the explanation in this forum posting. | June 23, 2011 |
| 9: Building a Shopping Cart | 245 | The conditional in the ternary operator in line 11 of the code needs to be updated per the explanation in this forum posting. | June 23, 2011 |
| 9: Building a Shopping Cart | 248 | The get_shipping() function ought not to apply number formatting to the calculated shipping. As written, if the shipping is more than $999 (which, yes, is unlikely but still…), the query that inserts the order into the database, which includes the shipping, will fail because of the comma used to break up thousands. Ideally the function should return an unformatted number (or just formatted to two decimals), leaving the view script to format it as needed. | August 28, 2011 |
| 10: Checking Out | 253 | Reports have it that Authorize.net has changed how they handle the creation of test accounts. According to one reader, now Authorize.net provides your API Login ID and Transaction Key online, after logging into the Authorize.net system (the information is not provided via email). | June 23, 2011 |
| 10: Checking Out | 289 | In the code for Step 4, the single quotation marks are missing around the array index in $_POST['cc_number']. | April 2, 2011 |
| 10: Checking Out | 290 | The errors array referenced in Step 8 should be $billing_errors not $shipping_errors. | October 23, 2010 |
| 10: Checking Out | 298 | The response variable referenced in Step 10 should be $response not $post_response. | October 9, 2011 |
| 11: Site Administration | 342 | Step 4 should include $r = mysqli_query($dbc, $q); | February 22, 2011 |
| 11: Site Administration | 347 | Under Step 11, all five TH elements are incorrectly closed. | November 30, 2010 |
on page 65, step 7
if ($this_page == $k) echo ‘ class=”selected”‘;
should be
if ($this_page == $v) echo ‘ class=”selected”‘;
I said the same thing to Larry before, but he said no, for whatever reason. You’re right though, the $k should be $v. Also, if you download Larry’s code, he uses $v, so it’s definitely $v.
Yes, that should be $v, not $k. My apologies for the confusion and my apologies to Jon for erroneously replying to you on this issue before. I’ve added this to the above list.
on page 224 both on line 6 and 19 the function to be called is get_price instead of get_sale_price as declared on page 222 step 2.
Sorry about that and thanks for pointing it out!
Two minor html errors at page 243 step 11 and 247: in both cases:
the tags should be reversed.
Also in the downloaded code for the coffee site, in the checkout_cart.html at line 96 there is an echo statement that shouldn’t be there – I think:
echo “CALL add_to_wish_list(‘$uid’, ‘$sp_type’, $pid, $qty);CALL remove_from_cart(‘$uid’, ‘$sp_type’, $pid)”;
Sorry: the tags that should be reversed are </form></p>
Here’s one: Page 110, Step 14. The label tags have the wrong label name. It should be title, not first_name.
Correct. Thanks for pointing that out! (That’s what I get for copying-and-pasting!)
Page 55… mentions that the mysqli script should go in the includes folder, when it should go in an outside one.
Sorry for the confusion. The mysql.inc.php script should go outside of the Web root directory, if possible, or in the includes folder in not.
I have found two mistakes, I’m not sure they are worthy of going into the errata but anyway….
Pages 35 and 39 – 2nd line on both pages it says (figure x.x on the next page) and in both cases the figure is on the same page. No biggie
BTW – brilliant book so far
Thank you for the nice words. And an error is an error: I’d rather they not be there and will get them removed from future printings when I know about them. Thanks for pointing them out!
On pg125 should the validate file check be an “or” statement? As it stands, the “if” clause will only fail when both tests (for MIME type and .pdf) fail. However, the textbook suggests we want it to fail when either test fails.
Amazing book by the way – thank you! My only suggestion would be to utilise the margins for visual representations of the trickier concepts (i.e. a picture to show what our session cookie looks like). This would help those like me who struggle with large chunks of text.
Thanks for the nice words. I really appreciate it!
Page 342:
Missing:
$r = mysqli_query ($dbc, $q);
Indeed. Thanks for pointing that out!
In chapter 5 page 114 item #10 it should read:
content_css:”/css/styles.css”, the “s” in styles is missing.
Love the book! Thought I might give back a little with just a very minute typo… Page 289, step 4 has the term $_POST[cc_number], however cc_number must have quotes around it: $_POST['cc_number'].
Cheers!
Thanks for the nice words. I’m glad you liked it. Thanks for pointing out that error, too. I’ll get it added to the list!
Once again, love the book! I was having major problems with the gateway_process.php file, and i realized that the transactions were working fine, but in step 10 where you define the $response_array, you explode a variable called $post_response. I believe this is just supposed to be $response, as there is no mention of $post_response before this. I could very well be missing something…
Hi Larry:
As always, very clear book … any chance we can get the errata in a text file so I can print it and stick it in the book? …
Hey Bill. Thanks for the nice words. As for a text file, I don’t have anything like that available. In fact, I’d have to do the same thing you’d have to do to make that happen (copy the content from the page, paste it into another application, etc.). Sorry!
Page 166, under the heading “Product Tables”, you write “Six customer-related tables represent the specifics about all the products available…” I believe you mean to write “Six product-related tables…”
Ugh! Yes, that’s correct. Thanks for catching it.
Here’s some errors in the errata.
Page 132 Step 1 should create pdf_view.php (and not pdf.php)
Page 342 Ste 4 should have line added at the end
$r = mysqli_query($dbc, $q);
(and not ($q, $dbs);
Page 347 Step 11. All FIVE TH elements should end with
(you mentione 4 were wrong, but 5th one currently is also wrong, as
… and I spelled mention wrong. (just to show how easy it is to make mistakes:-)
Thanks for catching those. Ugh! I’ve corrected them.
Hi Larry,
On page 298, I believe the proper variable passed to the explode() function should be $response — not $post_response (which doesn’t exist, as far as I can tell). I think you combined $post_string and $response in your head to get $post_response, but I could be mistaken.
In addition to the above, I believe the code in checkout.php does not check for magic quotes for last name — though the comment does make reference that other variables besides first name should be subject to that conditional
Hi Larry,
I think perhaps I have found a small non-coding error on page 45. “When Alice loads the page with that image tag, her browser will make a request for the add_credits.php script on your site, passing along the user and credits numbers. This request will look, to the server, exactly the same as if Alice had consciously gone to the add_scripts.php page (add_scripts.php should perhaps be add_credits.php)??
Yes, that’s a mistake. Thanks for catching it!
Hi Larry,
I think I may have found an error but i also wouldn’t be surprised if insanity had got to me. On page 211, step 4:
if ($_GET['type'] == ‘goodies’) {
$sp_type = ‘other’;
$type = ‘goodies’;
} elseif ($_GET['type'] == ‘coffee’) {
$type = $sp_type = ‘coffee’;
}
// Should there be an additional brace here
it then goes on to the step 5 if(!$type || !$sp_type || !$sp_cat || !$category)
Looking at your downloadable code, you have an extra brace here but I couldn’t see this in the book. However, as stated this could be insanity.
Jonathon
Hello Jonathon. You are correct: there should be another brace there, closing the conditional begun in Step 3. Thanks for pointing that out!
I see that there is 1 little error on page 92
“IF(date_expires > NOW(), true, false)”
it appears to be corrected though on page 93
“IF(date_expires >= NOW(), true, false)”
Very minor but thought I’d point it out
The second to the last sentence on page 53 should read: Additionally, the PDF files… instead of, “Additionally, the PDF scripts…”
Sorry for the nitpicking,
Hacker
Thanks for pointing that out! Nitpicking is fine!
I am looking for the entire code for ‘Knowledge is Power’ and ‘Selling Products’ on your website as mentioned in the book. But I can’t find the link. Please send me the link to download code at my email address. Thanks.
On the book’s home page, is the downloads section, with the links to both sets of code.
Hi Larray!
What a great book! It’s really helping me wrap my head around ecommerce and the MySQL stored procedures are awesome!
I think I found a typo in the code though:
Page 298, Step 10:
$response_array = explode($data["x_delim_char"], $post_response);
The last variable, $post_response, should be $response, declared in Step 9.
Thanks for the book!
Paul
Oh, and I must have been thinking about arrays when I misspelled your name… Sorry!
Hello Paul. Thanks for the nice words on the book and for pointing out that error. That’s what I get for changing my variable’s name midway through the writing of the book!
Hello Larry
On your version of the coffee site on the checkout button on the cart.php source you have http:// not https:// to go to the check out screen(checkout.php).
I have changed in cart.php on the button to have http://(not https://) in the code supplied.
It still shows https:// in front of base URL when it tries to load checkout.php?session=(session no).
Hello David. My SSL certificate expired after a year and I didn’t feel it was necessary to spend hundreds of dollars a year for a site that doesn’t actually do any ecommerce. The downloaded code should still have HTTPS in there and the .htaccess file forces HTTPS for best security practices. Perhaps that’s what you’re seeing.
Yes that is what I am seeing. I gather I can test it as http and then change it to https when I buy a certificate. Thanks for the reply.
Hi Larry, the php codes embedded within the html page cannot be interpreted by the server and besides my ide shows an error, should i change the .html extension to .php
PHP scripts require a valid file extension to work, which is normally .php. By the way, the e-commerce book assumes sound knowledge of PHP and MySQL. I worry that you’ll have lots of problems with its content if you’re not already familiar with how to create a simple PHP script.
On page 41 you refer to sanctifying cookie and URL data. Did you mean sanitize?
No, I meant “sanctify”, but I’m using it similarly as “sanitize”, as in “to make legitimate”. Thanks.