iwato

JSG: What does this have to do with XML? RAS: I am using PHP to create the XML file for my RSS feed. The PHP code reads the contents of the folder and from these contents produces a list of editable <item> tags as well as the parent <channel> tag. As the, thus produced, XML file resides in the same folder as the contents that it summarizes, and as PHP must read the contents of this folder, I must have access to all of the items in the folder. As it is the contents of this folder to which I wish to limit user access, it is important that I am well able to control access to both the folder and its contents in a variety of ways. JSG: On the server, you can configure a directory to require authentication, but that's the most basic kind where the browsers pops up a built-in box for username and password. RAS: This sort of folder access is not what I have in mind. JSG: You can also configure the server to pass all requests through a server-side script (using htaccess or URL rewriting in IIS), where the script would check for a login session prior to sending the requested file. RAS: I did a little research on the net and discovered that IIS is likely not a UNIX procedure. My remote host server uses LINUX, and my local test server uses Apache. JSG: You could also store the folder outside of the publicly accessible web directory and again use a server-side script to control access to the files. Those scripts can get a little tricky with modern browsers though, because you need to account for compression if the browser is asking for it and, importantly, support for partial requests. The browser may send one request just to check the file size and then send other requests for parts of the file. That's how streaming works in the browser, it will request only pieces of the file in case you skip to another part of a video or audio recording. RAS: Although the contents of the folder to which I have drawn your immediate attention will contain only podcasts (audio files) do you think the aforementioned reserverations will still be a concern? Certainly, I will want that the podcasts to be streamable, I have not yet decided to make them downloadable as well. Moving quickly ahead to the future, however, I expect to be hosting a folder of webinars as well. As I have yet to consult with my remote host about its streaming capacity or my access to it. Can you recommend a PHP class that might be useful in this regard? JSG: You may also be able to find a way to have the web server authenticate with PHP or another language before serving the file, which would save you the hassle of creating the script to handle the request. RAS: Could you please elaborate on this point? Roddy

BACKGROUND: I am in the process of creating two data collections: one will contain an eventually long series of weekly newsletters, and the other a similarly long series of weekly podcasts. Each week the newsletter will be sent out to newsletter subscribers and the creation of a new podcast will be announced. in contrast to the newsletters whose access will be unlimited to both subscribers and non-subscribers, the podcasts will be made available only to subscribers past a not yet determined number of weeks. I have not yet decided whether to produce separate newsfeeds (RSS/RFD/ATOM) for the newsletters and podcasts or only one newsfeed for the newsletter. QUESTION ONE: Is it possible to produce a single feed that provides access to separate folders of content? QUESTION TWO: Typically feeds refer to content that is readily accessible each time new material is made available. How does one typically go about making accessible only the most recent addition to a folder while controlling who does and not have access to the other members of the folder.

BACKGROUND: I am in the process of creating two data collections: one will contain an eventually long series of weekly newsletters, and the other a similarly long series of weekly podcasts. Each week the newsletter will be sent out to newsletter subscribers and the creation of a new podcast will be announced. in contrast to the newsletters whose access will be unlimited to both subscribers and non-subscribers, the podcasts will be made available only to subscribers past a not yet determined number of weeks. I have not yet decided whether to produce separate newsfeeds (RSS/RFD/ATOM) for the newsletters and podcasts or only one newsfeed for the newsletter. In light of the aforementioned scenario I would like to know How does one typically limit access to the contents of a folder? Roddy

Ingolme: The absolute positioning is necessary -- unless you can show me a better method -- to insure that the height of the background element maintains a consistent portion to its responsive width.

The text overlaps. What should appear in the footer separate and distinct from the main content appears in the main content. Rather than shrinking proportionally as appears in the Safari emulator, or expanding in scrolled overflow as in the Firefox emulator, the device browser tries to fit everything in the same viewport with no adjustment for size or proportionment. The proportional distances that I use for the CSS top and bottom properties appear to work fine in the emulator. Unfortunately, they appear to fail in the device itself. I tried the Firefox emulator at your suggestion, but it produced a rendering different from that produced by the Safari emulator. The worst of it, however, is that both emulators produce something different from what I see in my device. I now have three versions only one of which appears as it should and does in a normal browser environment on my iMac. Roddy

Hi, Ingolme! In answer to your question: what appears in the tool does not appear in my iPhone. You can try it on your phone and browser, if you like. Here is the link. You will probably receive a fairly accurate rendering in your computer's browser viewport, as both Safari and Firefox render identical images for me. This is not what is viewed in my iPhone 4SE , though -- this, despite its appearing the same in the Safari emulator. Roddy

is there a better online resource to test responsive design modeling than the Safari browser's RD option?

After you have backed up your file change the parameters of the range function from 1,3 to 2,2, and eliminate the div tag containing the information for the individual whom you want to remove.

How are you using your images? What is the purpose of their display? Do you understand Javascript and jQuery. I have found Colorbox (a jQuery plug-in) to be very useful. It is client-side. Roddy p.s. No offense implied to the server-side PHP forum! :-)

Got it. I understand. Write the HTML into the document manually, and then alter the element with PHP according to what appears in &non_matches. Thanks!

Because there are many elements, and I am never sure what will be contained in the PHP variable $non_matches. JSG: Please see my above edit. It may prove useful in your further response.

BACKGROUND: I am tempted to write something like the following foreach ($non-matches as $key => $val) { echo '<script> $("#' . $key . '").append("<p style=' . '"color:red;">Complete this item!</p>);</script>)'; } QUESTION ONE: Under the assumption that the echo statement is correct would you recommend this as proper programming procedure? If not, please explain why and provide an alternative, more appropriate strategy that would achieve the same objective suggested by the use of a jQuery object ? QUESTION TWO: If it is proper programming procedure, please correct the echo statement so that it will achieve the following: $("#...").append("<p style='color:red;'>Complete this item!</p>"); EDIT: In order to assist you in your response, the PHP variable $non-matches contains a list of values for the id attributes of form input control tags that have been carefully selected through a prior PHP procedure. An alternative approach that is currently under consideration is to create a JSON object, assign it to a Javascript variable, and iterate the resulting object with jQuery.

Hi, Ingolme! I can see how use of the term form element can lead to confusion. On the one hand, it refers to the form tag <form>; on the other hand, it refers to any HTML element related directly to the creation of a form -- both non-control and control elements alike. Since the form attribute of the fieldset element is not recognized by any recent browser (see W3Schools), I will assume that it is a non-control form element only useful for decoration and the organization of form-control elements. To play it safe I will remove all of my non-essential <form> tags. Originally, all of my control-elements pointed to the same <form> tag, but each was grouped with other control elements in different <form> tags that did not contain a type='submit' control element.

QUESTION ONE: When using the form attribute with a non-form element to redirect the contents of the non-form element to the form element, will confusion be created, if the non-form element is included in a form element different from the form element that contains the type='submit' input element? QUESTION TWO: Are fieldset elements an exception in this regard? Or, are they, too, treated as non-form elements.

Dsonesuk: The form page is local. It is on my test server and likely not accessible to the average user.

Ingolme: The end-users (the recipients of the email insert) should see the highlighted Q&A text -- not the HTML that creates it. Donesuk: I followed you until your last sentence, but believe that everything essential was already said. I believe to be on a clear track now, but will not know for sure until I have succeeded with the implementation. So, for now, thanks to you both! I will be back with a report of success or failure, but am momentarily engaged in another routine that I wish to consummate first.

Ingolme: The HTML Template unless rendered is filled with HTML script: <h3>, <p>, <table>, &, etc. When I pass the information contained in the $_POST variable to this file why must it be altered? Should it not look just like all of the rest of the code in the file -- i.e., the same as it appears in the initial <textarea> element of the form from which it arose? This $html_message = str_replace('%something%', htmlspecialchars($something), $html_message); makes no sense to me in the context that I have provided. Indeed, whatever encoding need to be performed so that the email insert appears correctly in the subscribers email box appears to be performed by the PHPMailer's $mail->msgHTML($html_message); function. Does this not appear reasonable?

QUESTION TWO: Because the data that reside in the $_POST variable are the same that reside in the <textarea> element, and the data that reside in the HTML template are all in unrendered HTML script when I pass the data from the $_POST variable to the HTML template no explicit modification of the code is needed on my part. True or False? Please be patient with my insistence, as I am truly confused.

Ingolme: I understand the code that you have written, but I am having trouble with your English. Please allow me to help by passing your response through a series of true/false questions. QUESTION ONE: My assumption is that the data that I type into my form's <textarea> -- namely, <h3>Q&A</h3> will appear everywhere the same, just as you see it now. Everywhere in this interpretation refers to the contents of the the <textarea> form element, the $_POST variable, and the MySQL database tables I am assuming no explicit modification of the HTML script on my part. Is this statement true or false?

Ingolme: I still do not understand. I will surely use code similar to the following to fetch my HTML template before attaching it to the mail that I will send to my subscribers. $html_message = file_get_contents('../../confirmation_mail.php'); $html_message = str_replace('%username%', $name, $html_message); $html_message = str_replace('%email%', $email, $html_message); $html_message = str_replace('%hash%', $hash, $html_message); $mail->msgHTML($html_message); At this point is the file still not an unrendered HTML file? The story with which I started this query has changed somewhat since I wrote it. My current, more reflected intention is to to do the following: When the completed form data arrives at the remote server from my local test server via the $_POST variable two things will happen: one, a large portion of the information will be placed into the HTML template before being sent out as an email insert to my subscribers; and two, the entirety of the data will be archived in various tables in my remote host server account's MySQL data base. My assumption is that the data that I type into my form's <textarea> -- namely, <h3>Q&A</h3> will appear everywhere the same, just as you see it now. Everywhere refers to the contents of the <textarea> element, the $_POST variable, the MySQL database tables, and the HTML template before it is sent. If this is true, why would any encoding or decoding of the HTML code be necessary?

Thank you, Dsonesuk, for responding. It is good to know that I can avoid the normal security procedures. The second part of my question, however, is the need for encoding and decoding the HTML. Recall that my goal is to have appear in my HTML template exactly what I write in my <textarea> element. In other words, I want the recipient of the email insert to see Q&A, but in my template I wish to see exactly what I type into my <textarea> element -- namely, <h3>Q&A</h3>. The transmission path is 1) <textarea> on locally created form 2) $_POST variable sent to PHP file on remote server. 3) Insertion of the contents of the <textarea> into the HTML template via the PHP file on the remote server 4) SMTP transmission to subscribers mailbox with the modified HTML template included. In other words, at only one point do I want the code <h3>Q&A</h3> to appear as Q&A with <h3> element highlighting. QUESTION: Must I encode the HTML script as HTML entities before sending the $_POST variable and then decode the entities as HTML script after the transmission? If so, why? If not, I understand.

Say, I enter the following line of code into a <textarea> element in the same manner that it appears below. <h3>Q&A</h3> is there any reason that I would have to encode it using the htmlspecialchars( ) method before sending it to the MySQL database. Recall that upon retrieval from the database, it will be inserted into an HTML page.

This is another strategy question. Multiple answers are welcome. What is written in present tense should be thought of as future, not yet realized activity. BACKGROUND: I have constructed a form whose intended purpose is to create chunks of data including text, links, and images that can be entered into a MySQL database for both immediate and future use. For the moment, I am only concerned about their immediate use. From the database these same chunks of data are retrieved and entered into an HTML template that serves as the backbone for an email insert that is, in fact, a weekly newsletter that can be viewed directly in one's mailbox or viewed on line should the insert fail. The mail insert is then distributed using PHPMailer that takes advantage of an assembled list of subscribers stored in the same database. Based on previous experience I believe that I am well able to handle this routine except for one hitch -- the treatment of the HTML data. MY DILEMMA: In the form are <textarea> elements that I intend to fill with a combination of plain text, HTML, and CSS styling attributes. That the HTML does not render as anything but the code itself is not a cause for concern on my part. Rather, I am bothered about how to send this data to the remote server. Now, I have been taught to filter and sanitize $_POST variable data as it is received and before processing. This time, however, I am sending the data to myself, and what will be generated and sent to my subscribers will also be generated by me. Do I even need to worry how about filtration and sanitation when I am both the source and the receiver of the data? Further, it is my understanding that MySQL is indifferent how the data is received, and that it will automatically return data in the same format that it is received. Am I making a big ado about nothing? By the way, it is not just a matter of filtration and sanitization. Take, for example, the following script used to process form data on the same page that it is entered. <form id="sevengates" method="post" action="<?php echo htmlspecialchars($_SERVER['PHP_SELF']);?>">

SET-UP: When you open to the main page of my website two consecutive splash panels appear. The second of these leads you to a form with a reward for its completion. If the form is successfully completed, a confirmation page appears that congratulates you on successful completion of the form and invites you to return to the main page. Under normal conditions an if-statement whose condition is performance.navigation.type === 0 suppresses the splash panels from reoccurring when the main page is refreshed. When the main page is reopened from the confirmation page, however, this suppression technique fails. QUESTION: How would you recommend that I suppress the reoccurrence of the splash panels when the user seeks to access my site's main page using the link provided on the confirmation page? Mind you, I wish to retain the current suppression of the main page in the event that the users seeks to refresh the page! For example, is there a way that I could fool the browser into thinking that the main page is being refreshed when it is opened from the confirmation page?