PHP Programming Tips

PHP stands for PHP: Hypertext Preprocessor. It is a server-side scripting language wherein the scripts are executed on the server itself. PHP is an open source software and is free to download and use. MySQL is a database server that is ideal for both small and large applications. MySQL can compile on a number of platforms and just like PHP, it is free to download and use. Both are open to everybody who wants to learn more on this.

PHP combined with MySQL can create a cross-platform which means that you can freely develop in Windows and serve on a Unix platform.

The golden rule on the world wide web is that one should “never-ever-ever trust user input”. Given this, it would be wise to spend quite some time to make sure that all of the inputs from the users in able to make sure it is safe and what was expected..

There are several things to should watch out for when validating input:

Mistaken input.
For example the user types 99.7 rather than 9.97
Bad input
The user provides incorrect input in on purpose for whatever reason.
Dangerous input
User innocently enters information that would harm the system
Missing input
User provides no input.

PHP can be done through a lot of programming languages. This can be from the simple notepad authoring (a practice that can be done by advanced programmers who are already familiar with PHP programming) or from PHP ready programs such as Dreamweaver.

It would be best however to read on more on which software can be suitable for you. PHP is a common scripting technique these days and some even download basic scripts and enhance them afterwards. This approach is actually a learning process and in the end, you will find yourself starting from scratch and making your own scripts for self-improvement in the world of website design and development.

In PHP, common tasks like ftp, encrypt passwords in MD5, or send email from a web page all are built in hidden code, and as PHP is Open source there is a lot
of free code available for PHP.

Unlike PHP there is no hidden code with ASP. If you need to upload files, then you would need a third party component like ASP upload, also if you need to send mail you need another component and so on.

Although PHP is better in many aspects, ASP offers more security than PHP.

Price Compared to ASP, PHP installations are absolutely cheaper to install. PHP perfectly runs on Linux (which is a free OS) and programmers use MySQL .(which also comes FREE) ASP runs on the IIS Server (Internet Information Server) which requires Windows N.T/2000/2003 Servers or better. Aside from that ASP mostly uses MS-SQL Server as the back end which is really expensive. PHP obviously is cheaper than ASP.

Cross Platform compatibility
PHP programs run on a wide variety of Operating Systems Unix, Linux, Solaris and Window’s.ASP on the other hand only works flawlessly with Windows and not with other platforms. PHP offers more versatility than ASP.

PHP developers try to maintain backwards compatibility in PHP programming such that a script written for an older version will still run without changes in a newer version. Two of the most important recent changes that affect old code are:

• The deprecation of the old $HTTP_*_VARS arrays which should be indicated as global when used inside a function or method. The following superglobal arrays were introduced in PHP » 4.1.0. They are: a) $_GET; b) $_POST; c) $_COOKIE; d) $_SERVER; e) $_FILES; f) $_ENV; g) $_REQUEST, and; h) $_SESSION. The older $HTTP_*_VARS arrays like $HTTP_POST_VARS are also available. In PHP 5.0.0, the long PHP predefined variable arrays may be disabled with the register_long_arrays directive.

• By default, external variables are no longer registered in the global scope, meaning in PHP » 4.2.0 the PHP directive register_globals is off by default in php.ini. These values can be accessed through the superglobal arrays.

If you want to keep track of who has been visiting your web site and their destination, it would be a good idea for you to create a simple user log. The user log that will be used here will be stored in on a flat file and will store four basic functions: a) Time when the user accessed your page; b) User’s IP address; c) If available, the user’s referrer, and; d) User’s browser. Make a log.html and CHMOD it to 777, giving all permissions to the file. Use the date () function to set time. The four basic functions are built into PHP (all you need to do is to define the functions and send them to a log HTML file) so all other variables are already predefined. Using fopen (), the second part of the script will open up log.html and write the data in using fputs ().

Smarty is categorized as a “Template engine”, though developers describe it more detailed as a “Template/Presentation Framework”, that offers developers and programmers ample tools to make extensive coding tasks easier by replacing tags with their appropriate counterparts. Smarty is aimed to hasten and make the development process simpler for all who aim to develop pages for the internet. Read the rest of this entry »

There are several platforms on which web pages are deployed and with thousands of people using different versions of software, scripting languages should be endowed with the proper set of tools that determines the proper set of scripts. Scripts for one platform may differ in form in another so a conversion method should be deployed to allow them to properly interface with each other. Though done behind the scenes, it is of utmost importance making the web experience more enjoyable with an example of the script below for reference. Read the rest of this entry »

With many of the internet’s web pages and applications based on PHP, many questions are being raised by the security and robustness of the system so to speak as we go through years of rapid development. Now the scripting language that is PHP isn;t meant to be weak security-wise and the problem lies with the sloppy work programmer have done all through the years that have left quite large and gaping security holes in something we so rely on. One event that greatly tripped the panic meters of developers the world over is the departure of one of the world’s leading authority on PHP, Stephan Esser, one of the founders of the language and a foundation of the web with him stating as an explanation that the security issues that are currently coming out are happening without his knowledge. Read the rest of this entry »