Jump to content
xisto Community
alex1985

Php Questions?! From: alex1985

Recommended Posts

Listen, as I'm novice in PHP, I will ask certain questions in this topic hoping on your contribution.

$dbhost='.....';

<?php//The Database Information//$dbhost='localhost';$dbname='alex1985_test';$dbusername='alex1985_admin';$dbuserpass='0505009127';//Creating Connection To The Database//mysql_connect ($dbhost, $dbusername, $dbuserpass);//Select The Certain Database//mysql_select_db ($dbname) or die ('Can Not Select Database');

<?php//Start The Session////Always Must Be On Top//session_start();//Include Configuration File//include('config.php');?>

There are questions which I derived practicing the coding:1. Do you put spaces between words and brackets, as well as comas when you do coding. For instance, $dbhost, $dbusername. Is it right, or you do not have to use space between.2. On some tutorials, the users have been used the character ', some of the are using ". What is the different between them. Can I use ' or ". or it does not matter everything.There are many aspects that I wanna ask you about.Could check the coding format, and tell me about the mistakes I did. Please, let me know as soon as possible.

Share this post


Link to post
Share on other sites


$dbname='alex1985_test';

$dbusername='alex1985_admin';

$dbuserpass='0505009127';

//Creating Connection To The Database//

mysql_connect ($dbhost, $dbusername, $dbuserpass);

//Select The Certain Database//

mysql_select_db ($dbname) or die ('Can Not Select Database'); linenums:0'><?php//The Database Information//$dbhost='localhost';$dbname='alex1985_test';$dbusername='alex1985_admin';$dbuserpass='0505009127';//Creating Connection To The Database//mysql_connect ($dbhost, $dbusername, $dbuserpass);//Select The Certain Database//mysql_select_db ($dbname) or die ('Can Not Select Database');


Just a pointer, you don't need to finish a comment with //. There are two sorts of comments in PHP - single line and multi-line. The single line comment is started with a // and applies from that point until the end of the line. This means you can place it after a line of code, like this:

 

$username = 'alex1985'; // This is the username you log in with

A multi-line comment applies over multiple lines, and does require you to finish it. It is started with /* and ends with */

The advantage, of course, is that you can have much longer comments without really long lines:

 

/*  This function does something really cool.  You can pass it all sorts of variables.  Actually, it is quite pointless.*/function pointless(){	return true;}

1. Do you put spaces between words and brackets, as well as comas when you do coding. For instance, $dbhost, $dbusername. Is it right, or you do not have to use space between.

It doesn't make any difference, but generally people put spaces in to make their code easier to read. For example, the second example here is much easier to read than the first example:

 

$dbh=mysql_connect($host,$username,$password)://Connect$dbh = mysql_connect($host, $username, $password); // Connect

It is up to you to code how you want, but generally spaces are put after commas (i.e. in a list of parameters or variables) and around binary operators (=, +, -, *).

 

2. On some tutorials, the users have been used the character ', some of the are using ". What is the different between them. Can I use ' or ". or it does not matter everything.

The single quote character takes its contents literally. Nothing placed in single quotes is parsed. This makes it faster, and more secure, but limits the uses.

 

The double quote character parses its contents. That makes it slower, but a bit more useful.

 

For example:

 

$number = 7;echo 'The \n number \n was... \n $number';echo "The \n number \n was... \n $number";

Would output:

 

From the first echo (single quotes):

 

The \n number \n was... \n $number

 

From the second echo (double quotes):

 

The

number

was...

7


Share this post


Link to post
Share on other sites

You can use either of them and they will both work perfectly well. It depends entirely on your coding style as to which one you want to use. It is generally advised to add whitespace wherever it will make the code easier to read. So, if you look at a line, and you think it looks a little bit squashed, add some spaces in to make it easier to read.

Tabs are also a good idea to represent subsections of code. For example, in an if statement, the code that is executed is usually tabbed in, to separate it from the 'main' code:

if ($var == $var2){	echo 'They are the same';}else{	echo 'They are not the same';}

Share this post


Link to post
Share on other sites

Thanks for your previous replies, were really helpful! How do I protect my user passwords in my database. If someone hacked the database, it was really hard for him to get passwords from that database. Please, list all good ways to do that.

Share this post


Link to post
Share on other sites

The most common method is to 'encrypt' the user_password before you store it into the file or Database.
Then you need to encrypt the input before you compare the entry to the stored value. If they encrypted input is the same as the encrypted stored value (using the same encryption method, then the user is validated.

*EDIT*
In register.php, this is the insert command I use:

$query = "INSERT INTO users (			first_name,			last_name, 			email, 			password, 			registration_date,			phone,			cell,			level,			years,			note) 						VALUES (						'$fn', 			'$ln', 			'$e', 			SHA1('$p'), 			NOW(),			'$p',			'$c',			'$dl',			'$y',			'$n'			 )";					$result = @mysql_query ($query); // Run the query.			if ($result) { // If it ran OK.
And in the Login.php, here is the code for checking the password you get at log-in with the encryted one in the Database:
SELECT user_id, first_name, level FROM users WHERE email='$e' AND password=SHA1('$p')

The password is selected based on the encrypted value, so in the Log-in script, handle the results based on the number of records returned. If zero, no member has that email and password. If one, the person should be allowed into the page/site.

Share this post


Link to post
Share on other sites

Post the register script you are using and the log-in script, too. It will be easier to modify your script than explain the whole workings of mine, but basically, after you have the password on the register script, as you insert it into the database, use the SHA1() function to encrypt it. And when you retrieve the password on log-in, also encrypt it using the SHA1() function before you compare the two.Attach your scripts and I will Mod them for you as best I can.*edit*Oops! I added the method into the posting two up from here.

Share this post


Link to post
Share on other sites

Why do some people create different files of PHP extensions? Like the ones: db_connect.inc.php or db_connect.php?! What is the different between them? In reality, both of them have the same code.

Share this post


Link to post
Share on other sites

There would be no sense in creating two files with different names and the exact same code in them. Are you talking about two files with different names and different codes?

Share this post


Link to post
Share on other sites

Thats just different variable names. As to what they do specifically or hold I don't know I don't have your entire source code. You have to be more specific with your questions if you want better answers. Thats all I can tell you from the last question you asked.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.