Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.


Welcome to AstaHost - Dear Guest , Please Register here to get Your own website. - Ask a Question / Express Opinion / Reply w/o Sign-Up!

Replying to 10 Things You Probably Didn’t Know About Php

Post Options

Enable emoticons?

Enter Your Name

Security Check *

[quote name="dserban" post="109438" timestamp="1187432951"] This is an article which is most likely targeted at newcomers, about SQL injection, proper datatyping, query optimization and similar problems. [url="http://blog.rightbrainnetworks.com/2006/09/18/10-things-you-probably-didnt-know-about-php/"]http://blog.rightbrainnetworks.com/2006/09...know-about-php/[/url] 10 should be the most important. Poorly written scripts can lead to an SQL injection attack with little effort from the wrongdoer. Also, be sure to test your scripts well. Put yourself in the place of a hacker, it is better you find any flaws before they do. You are going to have to properly validate user input regardless. And magic quotes have to do with the way the server is set up, so it all depends on what settings your hosting provider has set up. PHP 6 is phasing out magic quotes completely.[/quote] [quote name="dserban" post="109438" timestamp="1187432951"] This is an article which is most likely targeted at newcomers, about SQL injection, proper datatyping, query optimization and similar problems. [url="http://blog.rightbrainnetworks.com/2006/09/18/10-things-you-probably-didnt-know-about-php/"]http://blog.rightbrainnetworks.com/2006/09...know-about-php/[/url] 10 should be the most important. Poorly written scripts can lead to an SQL injection attack with little effort from the wrongdoer. Also, be sure to test your scripts well. Put yourself in the place of a hacker, it is better you find any flaws before they do. You are going to have to properly validate user input regardless. And magic quotes have to do with the way the server is set up, so it all depends on what settings your hosting provider has set up. PHP 6 is phasing out magic quotes completely.[/quote]

or Cancel

Topic Summary

kgd2006

Posted 21 August 2007 - 02:49 AM

This is definitely some valuable information that I will be able to use in future php scripts that I will eventually write. I am fairly new to the whole php language and this information provided me with some good insight on what I need to look out for and pay attention to. It also gave me some very important tips and tricks that will help me in my future scripts which I would look into deeper eventually. I have also been very curious about number 10 and the topic of sql injection, I have yet to grasp its true content. I always knew that it was an exploit but didnt really understand the whole story until now. But even now I feel that I have a lot more to look into if I want to not only protect a database from it but also prevent it during my script writes.

TavoxPeru

Posted 20 August 2007 - 08:26 PM

I agree with Quatrux, nothing especially new, for me only the checkdnsrr() php function is new, and what i think is more interesting is the Zend_Db DB wrapper, i will take a look to it definitvely. thanks for the URL.

Best regards,

Quatrux

Posted 18 August 2007 - 02:06 PM

Nothing especially new in those 10 tips for PHP, but I think it may be a lot of really good tips to some people, especially newbies.. one thing I didn't know and is a quite nice thing is using ip2long() and long2ip() to store IP addresses as integers instead of strings in a database, never seen those functions or would think to do something like that ;] also I wonder, how did I miss those functions, maybe they were inefficient for me, irrelevant. :blink:

dserban

Posted 18 August 2007 - 01:43 PM

If you’re using PHP 5 with MySQL 4.1 or above, consider ditching the mysql_* functions for the improved mysqli_* functions.

Or take a look at a DB wrapper, such as Zend_Db:
http://framework.zen...en/zend.db.html

Ntrix

Posted 18 August 2007 - 01:06 PM

If you’re using PHP 5 with MySQL 4.1 or above, consider ditching the mysql_* functions for the improved mysqli_* functions.

May be usefull... Many (good/usefull) improvements?

dserban

Posted 18 August 2007 - 10:29 AM

This is an article which is most likely targeted at newcomers, about SQL injection, proper datatyping, query optimization and similar problems.

http://blog.rightbra...know-about-php/

10 should be the most important. Poorly written scripts can lead to an SQL injection attack with little effort from the wrongdoer.
Also, be sure to test your scripts well. Put yourself in the place of a hacker, it is better you find any flaws before they do.
You are going to have to properly validate user input regardless. And magic quotes have to do with the way the server is set up, so it all depends on what settings your hosting provider has set up. PHP 6 is phasing out magic quotes completely.

Review the complete topic (launches new window)