Jump to content
xisto Community
dserban

10 Things You Probably Didn’t Know About Php

Recommended Posts

This is an article which is most likely targeted at newcomers, about SQL injection, proper datatyping, query optimization and similar problems.

http://forums.xisto.com/no_longer_exists/

10 should be the most important. Poorly written scripts can lead to an SQL injection attack with little effort from the wrongdoer.
Also, be sure to test your scripts well. Put yourself in the place of a hacker, it is better you find any flaws before they do.
You are going to have to properly validate user input regardless. And magic quotes have to do with the way the server is set up, so it all depends on what settings your hosting provider has set up. PHP 6 is phasing out magic quotes completely.

Edited by dserban (see edit history)

Share this post


Link to post
Share on other sites

If you’re using PHP 5 with MySQL 4.1 or above, consider ditching the mysql_* functions for the improved mysqli_* functions.

 

May be usefull... Many (good/usefull) improvements?

Share this post


Link to post
Share on other sites

Nothing especially new in those 10 tips for PHP, but I think it may be a lot of really good tips to some people, especially newbies.. one thing I didn't know and is a quite nice thing is using ip2long() and long2ip() to store IP addresses as integers instead of strings in a database, never seen those functions or would think to do something like that ;] also I wonder, how did I miss those functions, maybe they were inefficient for me, irrelevant. :blink:

Share this post


Link to post
Share on other sites

I agree with Quatrux, nothing especially new, for me only the checkdnsrr() php function is new, and what i think is more interesting is the Zend_Db DB wrapper, i will take a look to it definitvely. thanks for the URL.

 

Best regards,

Share this post


Link to post
Share on other sites

This is definitely some valuable information that I will be able to use in future php scripts that I will eventually write. I am fairly new to the whole php language and this information provided me with some good insight on what I need to look out for and pay attention to. It also gave me some very important tips and tricks that will help me in my future scripts which I would look into deeper eventually. I have also been very curious about number 10 and the topic of sql injection, I have yet to grasp its true content. I always knew that it was an exploit but didnt really understand the whole story until now. But even now I feel that I have a lot more to look into if I want to not only protect a database from it but also prevent it during my script writes.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.