PHP Programming Tips

The Alarming Security Gaps

PHP being the most used scripting language for deploying web pages is under a lot of scrutiny as well as the many projects that used it as framework. One of these is Wordpress which has suffered a lot of malicious attacks in the form of code insertion and comments spamming which is intended to influence adSense ratings or ranking to promote malicious sites to boost rankings. This promotes them without the owner’s knowledge which is more the norm for blogs seldom get administered properly. Read the rest of this entry »

Posted in Information, Related | No Comments »

Smarty – Template Easy

Formatting is one of the hardest tasks to do with respect to cross-platform and scripting programs/pages. Smarty, one of the many PHP advocates has a complete line of products, from community-based ones to those aimed at more commercial purposes enabling the development of enterprise applications over the internet that are secure and powerful. Below, we see a sample of the use of their formatting, using their libraries that have been released to the many PHP users as their contribution to the community. Read the rest of this entry »

Posted in Basic Programming, Information, Related, Sample Code | No Comments »

PHP – Patching up the Mess

The world’s most used scripting language for web page development is constantly under attack from many threats that continue to wage war against the many security holes that have been left by developers and programmers the world over. Programmers and developers are being blamed for most of the many security holes that have since been addressed yet not applied to existing deployments/projects in terms of updating codes and other plug-ins and scripts. Many problems have indeed been addressed with the release of new and improved versions of the scripting language and the many tools that are now available for use. Read the rest of this entry »

Posted in Information, Related | No Comments »

Of image and file sizes

One of the things that annoy many people are pages that load slowly. A lot of times, this happens simply because the PHP programmer did not pay enough attention to the file sizes and image sizes he or she put into the page. It naturally follows that larger files and larger images WILL definitely load slower.

We’re not telling you to reduce your file and image sizes to oblivion, but just enough so that it doesn’t weigh down you page when you or somebody else loads it. And remember, not everyone has a fast internet connection, and while your lightning speed connection might be able to handle the load, others’ might not be the same. You might as well put a big disclaimer on your page that says “Visitors with slow internet connections are NOT welcome.”

It’s a very small thing, but it goes a long way.

Posted in Information | 3 Comments »

PHP Development Tools Released

The PHP community has again gotten a boost with the announcement that Eclipse is set to release their much loved PHP Development tools later this month. The developer tools included in the release is set to again make the lives of PHP developers a whole lot easier and has been since they released the last version (1.0) in 2007. The new release features a new and improved dynamic language toolkit that gives PHP more bite compared to its older counterpart. It is also designed to work with Java so any developed projects can easily be imported into the dynamic language toolkit. Better code testing tools allows faster error checking making development faster and testing is a breeze with better functionality making PHP easier to use and deploy. With this, the PHP community is set to get a boost and life would be a little bit easier in the wild that is the internet where all is supposed to work.

Posted in Information | No Comments »

安全なPHPプログラムを書く

イメージ提供:sitepointstatic.com

PHPプログラミングはプログラミングが簡単な言語として書かれました。 安全志向のプログラミングとは正反対でした。 4.1バージョンまではそうでした。 Phpの人気が短期間に伸びたのは疑いの余地がありません。 しかし一方、非常に低質なスクリプトが多数作成されたことも確かです。そして膨大の数のプログラマーにプログラミングの安全面を軽視する考え方を植えつけたのです。この主な理由として、PHPが入力データを自動的にスクリプト変数に変換するまたはPHPを通してそれを可能にすることが挙げられます。PHP4.2 ではこのタイプの操作は初期設定で無効にされています。世界中の何千というスクリプトが破られました。このディレンマのため、プログラマーはもっと安全なコードを作成するよう強いられたのです。破られるスクリプトを作成した。以前は強力に反対されていましたが、彼らはそれを賢い動きとして見たのです。

Posted in Imp @ja | No Comments »

Change your PHP to 5.2.8. now

As the year 2008 is about to go to 2009, so should be the ever-updating PHP versions:

Due to a security bug found in the PHP 5.2.7 release, it has been removed from distribution. The bug affects configurations where magic_quotes_gpc is enabled, because it remains off even when set to on. In the meantime, use PHP 5.2.6 until PHP 5.2.8 is later released.

The PHP Development Team would like to announce the immediate availability of PHP 5.2.8. This release addresses a regression introduced by 5.2.7 in regard to the magic_quotes functionality, which was broken by an incorrect fix to the filter extension. All users who have upgraded to 5.2.7 are encouraged to upgrade to this release. Alternatively you can apply a work-around for the bug by changing “filter.default_flags=0″ in php.ini.

Time to update it and update it soon!

Source

Posted in Information | No Comments »

Get Your Tools

Image Source: moonsdesigns.com

Before you can start with your PHP programming, you will surely need some few things handy. To be able to create a PHP page, you will need to have a simple text editor. A text editor is a small program that enables you to edit files in plain text. Usually these files are those that have extensions like .php, .html, .cgi and many others. This is an essential tool because your file , when saved should not be formatted, it should be saved in plain text. Notepad is a simple text editor that works only on Windows and Text Edit is another plain text editor that solely works on Mac OS. Next thing you should have is an FTP. This will be used to transfer files to and fro to a remote server. When you already got them, you can now start creating your PHP pages.

Posted in Basic Programming | 1 Comment »

フローコントロールと反復

写真提供:theopensourcery.com

フローコントロールと反復はほとんどのプログラミング言語で使用される特徴です。これら無しではプログラムは線形です。フローコントロールは文字通りです。フローコントロールはあなたにコード実行の順番、実行回数、実行の有無などを管理させます。フローコントロールは主に三つのカテゴリーに識別されます。

• 条件的 – 条件により、選択されたコードが実行されるかどうかを指定します。
• 反復　- ルーピングとしても知られ、コードが何回実行されるか指定します。
• 機能　-　スクリプト内でブロック化されたコードの名前付けを許可します。 コードをスクリプト内の複数場所で複数回実行します。

Posted in Imp @ja | No Comments »

Write secured PHP

Image Source:sitepointstatic.com

PHP programming was written to be an easy language to program. Completely opposite to being very security oriented. It was so until the 4.1 version. Undeniably, Php has grown to be popular in the short term. But it also created many, many, very badly written scripts. And it gave a very big number of programmers a mindset which is not inclined to the security aspect of programming. Maybe, the main reason behind it, is the automation of conversion by PHP of inputted data to script variables using or enabling though php.ini setting register globals. In the 4.1 version of PHP, this type of behavior was left enabled but was not recommended to be used. With PHP 4.2, this type of behaviour was disabled by default. It broke thousands and thousands of scripts worldwide. This dilemma led to forcing the coders to write more secure codes. They made scripts break. This was opposed stongly before but somehow they saw that the move was a smart one.

Posted in Advanced Programming | 1 Comment »