Errata

Coded HTML does not work at present

Currently text says:
params = "news.com"

It needs to say:
params = "url=news.com"

The text describing the example refers to setting params to the name/value pair that will be posted to the PHP that responds to it.

Note from the Author or Editor:
This was fixed during production.

Robin Nixon/5th_edition_examples/24/example24-22.html
Please advise how to make the manipulated image display in Firefox 71(32 bit) and Opera 55 on Windows 7?

The manipulated image in example24-22.html works in Internet Explorer 11.09600.19572 and k-meleon K-Meleon/76.0; however, it’s suppressed in Firefox 71(32 bit) and Opera 55, on Windows 7: only the lightblue canvas shows up to the right of the original image

Console log / debugger states : SecurityError: The operation is insecure. example24-22.html:21; debugger points to idata = context.getImageData(0, 0, myimage.width, myimage.height).

A search on the internet -> https://developpaper.com/explain-how-to-solve-the-cross-domain-problem-of-canvas-image-getimagedata-todataurl/ -> states use AJAX, which seems a complex way of resolving the problem

Please advise how to make the manipulated image display in Firefox 71(32 bit) and Opera 55 on Windows 7?

Many thanks

Note from the Author or Editor:
For this to work correctly, please add the line following directly after myimage.src = 'photo.jpg' in example 24-22:

myimage.crossOrigin = ''

Then please add to the end of the final paragraph on page 626 the following:

Many recent browsers have adopted strict security measures to prevent cross origin exploits, which is why we have to add the crossOrigin attribute with a value of the empty string (representing the default of 'anonymous') to the myimage object in this example, to expressly allow the image data to be read. For the same security reasons, the example will only work correctly when served from a web server and will not work correct when called from a local file system.

URL given for downloading AMPPS is apachefriends.org (which is URL for XAMPP not AMPPS).

Note from the Author or Editor:
Correct the URL should be: https://www.ampps.com

The text tells you to download the linux version of AMPPS from apachefreinds.org. This is wrong as this the the home of XAMPP. I assume this was used in the previous addition and it was missed during checking for the new version.

Note from the Author or Editor:
Correct. The URL is:

https://www.ampps.com

Editra site is no longer available since July 2019:
https://en.wikipedia.org/wiki/Editra

Note from the Author or Editor:
Starting at line 3 of the final paragraph on P30, the text relating to Editra should now read as follows, without the end of the sentence about downloading and locating the documentation.

At the time of writing Editra development appears to have been discontinued, but you can download the last known fully working release for free at https://editra.en.softonic.com.

“Example 5-9 checks for array_combine, a function specific to PHP version 5.”

Excerpt From: Robin Nixon. “Learning PHP, MySQL & JavaScript.” Apple Books.


The PHP user manual page at
https://www.php.net/manual/en/function.array-combine.php seems to indicate that the function mentioned in the text is available in the current version of PHP.

Note from the Author or Editor:
This should now read:

Example 5-9 checks for array_combine, a function specific to only some versions of PHP.

The author suggests, as "an alternative syntax to foreach...as, you can use the list function in conjunction with the each function"

However, according to

https://www.php.net/manual/en/function.each.php

The 'each' function has been DEPRECATED as of PHP 7.2.0. Relying on this function is highly discouraged.

Note from the Author or Editor:
Yes. This advice is no longer accurate and should be ignored.

Regarding:

$name = strtolower(ereg_replace("[^A-Za-z0-9.]", "", $name));

The ereg function was deprecated in PHP 5.3.0, and removed in PHP 7.0.0.

https://www.php.net/manual/en/function.ereg.php

Note from the Author or Editor:
This is a typo. The statement should read as follows:

$name = strtolower(preg_replace("[^A-Za-z0-9.]", "", $name));

“To create a user, issue the GRANT command”

Beginning with MySQL 8.0 you can no longer use the GRANT command to create a user. Use the CREATE USER statement instead.

https://dev.mysql.com/doc/refman/8.0/en/create-user.html

Note from the Author or Editor:
Yes. This is correct as of MySQL 8.

The book should read:

To create a user, issue the CREATE USER command which takes the following form (don’t type this in; it’s not an actual working command):

CREATE USER 'username'@'hostname' IDENTIFIED BY 'password';
GRANT PRIVILEGES ON database.object TO 'username'@'hostname'

3rd line: "Because and is a stopword"

'and' is stopword for MyISAM search index. But we are (as instructed in the book) using here InnoDB seach engine where 'and' is not a stopword.
Check:
https://dev.mysql.com/doc/refman/8.0/en/fulltext-stopwords.html#fulltext-stopwords-stopwords-for-innodb-search-indexes

Note from the Author or Editor:
Replace the sentence:

Because and is a stopword, MySQL will ignore it and the query will always produce an empty set - no matter what is stored in the columns

With:

If you are using the MyISAM storage engine, then because and is a stopword in that engine, MySQL will ignore it and the query will always produce an empty set - no matter what is stored in the column. Otherwise, if you are using InnoDB and is an allowed word.

Referring to this code, in example 10-6

if (isset($_POST['author']) &&
isset($_POST['title']) &&
isset($_POST['category']) &&
isset($_POST['year']) &&
isset($_POST['isbn']))

pg. 245 states "The first section of new code [shown above] starts by using the isset function to check whether values for all the fields have been
posted to the program. "

isset returns true when no value is submitted in the form. isset only triggers when the value being checked is NULL. To fix it, you can replace all the isset tests with !empty (not empty) so you can actually check whether values for all the fields have been filled in by the user before the user tries to write empty, garbage data to the database. The isset check, as it is currently written, checks for nothing at all, as far as I can tell.

Not sure if intentional or an error:

Line 12 in the example file (example11-2.php):

form method="post" action="formtest.php"

Should be:

form method="post" action="formtest2.php"

formtest2.php - matches the example printed in the book

Note from the Author or Editor:
Fixed in the downloadable examples to match the book.

Sentence states the following:

When SSL is not a possibility....

This was correct in Ed. 4 of this book. In Ed. 5, the concept of TLS (the successor to SSL) is being discussed. Therefore to be more consistent, the sentence should read as follows:

When TLS is not a possibility...

Note from the Author or Editor:
The first sentence of the third paragraph of P304 should read

When TLS is not a possibility...

In Chrome and Brave, the code for Example 20-8 never forces a DOM refresh, and therefore the new element with contents "I'm a new object inserted in the DOM" never appears on screen.

(The code for Example 20-8 DOES work in Firefox and Internet Explorer.)

Note from the Author or Editor:
The final paragraph on Page 491 should have the following appended to its end:

In Chrome-based and some other browsers you may see pop-up windows asking whether you wish to confirm the insertion and removal of the element.