Entries tagged "PHP"
Formatting Dates within the MySQL Query
Before displaying dates from a MySQL database, do you change the format? If so, how are you formatting those dates? For me, I typically went straight to PHP for the answer. That is until it was brought to my attention that MySQL has a built in function for formatting dates. Let's talk about the date_format() function. [Continue reading]
Troubleshooting with var_dump()
When code doesn't perform properly, checking that the variables contain what you expect is an important step in solving the problem. Was the value ever assigned to the variable? Does the variable still contain the value? Is the value formatted for the given the scenario? Let's look at some options for finding out. [Continue reading]
Simple Bar Graphs Made Dynamic with PHP
The simple bar graph shown last week could be utilized to generate charts on the fly. This is great for showing responses from an online survey and other data collection methods. All that's needed is a scripting language such as PHP and direct access to the data. [Continue reading]
Naming Your HTML Form Fields with an Associative Array
When using database entries to dynamically build HTML forms, how do you go about naming the form fields? Do you name them "Field1", "Field2′, etc.? Or do you have a more efficient way to access the fields when processing the form submissions? If you haven't tried using an array as the name, you may be missing out. [Continue reading]
Make Sure Those Passed IDs Contain Numbers
When passing row IDs between pages, it's a good idea to check the value is what you expect. Values which could be tampered with by the user need to validated and sanitized. So, if an ID is supposed to be a number, we should make sure it is before running the database query. Let's discuss some options for checking for numbers. [Continue reading]
Keeping Code Up-to-Date
When managing websites, keep in mind that the Internet doesn't sit still. That PHP script written 10 years ago probably has a thing or two needing to be updated. There may be security issues, outdated code, etc. In addition to the evolution of programming / scripting languages, you as a developer have likely changed. Your coding practices are likely to be more efficient and more secure. So let's look at why we need to review old scripts on a semi-regular basis. [Continue reading]
Why PHP_SELF Should Be Avoided When Creating Website Links
When looking for articles about PHP_SELF, it seems like most only refer to the dangers of using the variable with HTML forms. However, there are risks with using it in other parts of a website. For example, it may be tempting to use the variable within the href attribute for links. The problem is that those links become susceptible to Cross-Site Scripting (XSS). Let's take a closer look at the security vulnerability of PHP_SELF and a simple alternative to avoid the problem altogether. [Continue reading]
Do Single-Quoted Strings Cause More Harm Than Good in PHP?
When writing PHP code, is it better to use single or double quotes? Using single quotes wherever possible will improve the performance of your code, but does it cost too much in productivity when less experienced developers work with the code? After all, certain things won't work as some might expect when using single quotes, such as variables inside the string. [Continue reading]
Using PHP’s implode() Function to Display an Array as a Value-Separated String
When displaying the contents of an array in PHP, what is your go to method? For example, if the items need to be displayed as a comma-separated or HTML unordered list, would you use a foreach() or for() loop? Utilizing a loop would accomplish the task. But there are other options. Why not give the implode() function a shot. [Continue reading]
Slicing Strings with PHP: Be Mindful of Output that Contains HTML Tags
When experimenting with strings which contain HTML code, be mindful of what you're getting for output. Especially if there is something unexpected about the results. That's what I learned the hard way when extracting an open anchor tag from the source code of a web page. The variables used to locate the anchor tag appeared to be working, but for some reason the extracted code wouldn't display to the screen. Let's take a look at where I went wrong. [Continue reading]
