Posts filed under 'PHP'

PHP Classes

Spurred on by Jason's plan, I thought that I would do something similar. I thought it would might be useful if I wrote a small series based upon a set plan. Maybe write up 5-10 (or more?) articles, say one a week, and hopefully get some people thinking about how they should be coding up their scripts, in terms of security, database structure and so on.

A few topics I've thought of:

  • A basic user administration program with multiple levels of access
  • A guestbook
  • Regular Expressions
  • Classes 101
  • New features in PHP 5
  • Database Structuring

Read the full article (126 words)

2 comments April 28th, 2006

PHP Security Tips

Ilia has posted up a PDF copy of his slides used in the recent PHP|Tek conference. Its well worth a quick read over. On another note, Ilia's book on PHP security is a must have for any serious coder. It is full of useful information and my well thumbed copy has been a life saver and taught me a few things I hadn't really considered. Nice one Ilia!

Permanent link to this article

1 comment April 28th, 2006

Problems with simple templating

Its quite common for people to have one main template, and 'include' their content into the main content area. This works well for small informational sites, where the main content is the bit that changes on each page.

You can spot these sites a mile away with their URL's all following a similar pattern:

http://www.domain.com/index.php?page=home

There's nothing wrong with this as such, however, the issue is when the input isn't validated. First, lets see the code on index.php that pulls in our main content

Read the full article (343 words)

Continue Reading 2 comments April 21st, 2006

File Uploads

File uploads are probably one of the things that new coders get worried about, and it is actually very simple. PHP has made vast inroads into supporting file uploads, and you can upload a file with just a few small lines of code.

In this article, I'm going to go through some simple things you should consider when uploading files, and some common mistakes made.

Uploading a file

Uploading a file is very easy. You need to add two things to your form. The first is to provide the correct enctype in the form tag, and the other is to have a file select input box:

Read the full article (1033 words)

Continue Reading 3 comments April 5th, 2006

Even the Pros Get It Wrong

A friend brought to my attention that the php.net site was sporting a rather different design:

PHP Fatal Error

Seems someone forgot to make sure all the functions were included. The irony.

Permanent link to this article

1 comment March 23rd, 2006

Phone Numbers: Input, Storage and Formatting

Its quite common these days to input one or more phone numbers. Be it home, work, fax or mobile, everyone's got a number, and you will invariably need to collect that piece of data some time soon.

Looking at some sites, its blatantly obvious that they do nothing to validate the data before it is entered into the database and when it is later retrieved, its printed out the same as it was input. A good thing would be to:

  1. Validate the incoming phone number. Make sure it has enough digits at a minimum
  2. Store the phone number in a format that is easily retrievable and searchable
  3. When displaying this phone number in the future, we should have a standardised pattern of display

Read the full article (1323 words)

6 comments March 11th, 2006

Zend Framework

Zend Framework? Zend? Framework? Common questions to this posts title. First, lets set the landscape. To quote the Zend website:

Zend delivers the premier web application platform products and services for PHP applications.

Zend is the corporation most closely associated to PHP. You most likely haven't heard of Zend before, apart from the Zend Optimizer, but they are the company behind a lot of the driving force in pushing PHP into enterprise locations.

Read the full article (333 words)

Add comment March 7th, 2006

301 Page Redirects using PHP and .htaccess

During the life of a website, its quite common for pages to move around or to 're-structure' your site's files and folders. However, you can come across issues when people linking to your page go to their 'stale' bookmark of your site, and find that page is missing - in fact, they'll get a '404 Page Not Found'. The same will go for search engines like google and yahoo, and will adversely affect your rankings within their results.

So what do I do?

Read the full article (452 words)

Continue Reading 4 comments March 7th, 2006

Email Header Injection in PHP

It has become apparent that spammers are getting even smarter than we take them for. Rather than abuse open relays, which are almost non-existent, these scum-of-the-earth 'traders' are now abusing contact forms.

However, the problem isn't necessarily that they are attempting to use the contact forms. The problem that exists is that the average coder with little or no understanding of security issues can create a contact form for their website which can act as an open invitation to spammers.

The Problem

Lets take a quick look at a sample of code:

Read the full article (708 words)

Continue Reading 47 comments February 24th, 2006

Dates & MySQL

I recently heard about someone who used to store dates in their DB, retrieve them, and then use mktime(), date() etc to then use that date in a more readable format! So here's a quick look into some of the ways to retrieve dates from MySQL and format them.

Timestamps are your Friend

The UNIX timestamp is a count of the number of seconds since 1st January 1970. The date() function in PHP can format a UNIX timestamp into a large number of user-defineable formats:

Read the full article (254 words)

Continue Reading 3 comments February 13th, 2006

Next Posts Previous Posts

Calendar

July 2008
M T W T F S S
« Sep    
 123456
78910111213
14151617181920
21222324252627
28293031  

Posts by Month

Posts by Category