|HOME|MUSIC|NEWBIEZ|JFF Family|MULTIMEDIA|BLOG SIJUNJUNG|




10 Tips That Every PHP Newbie Should Know


E-mail this post



Remember me (?)



All personal information that you provide here will be governed by the Privacy Policy of Blogger.com. More...



I wish I had known these 10 tips the day I started working with PHP. Instead of learning them through painstaking process, I could have been on my way to becoming a PHP programmer even sooner! This article is presented in two parts and is intended for folks who are new to PHP.

Tip 1: MySQL Connection Class


The majority of web applications I've worked with over the past year have used some variation of this connection class:


class DB {
function DB() {
$this->host = "localhost"; // your host
$this->db = "myDatabase"; // your database
$this->user = "root"; // your username
$this->pass = "mysql"; // your password

$this->link = mysql_connect($this->host, $this->user,
$this->pass);
mysql_select_db($this->db);
}
}

// calls it to action
$db = new $DB;


Simply edit the variables and include this in
your files. This doesn't require any knowledge or special understanding
to use. Once you've added it to your repertoire, you won't likely need
to create a new connection class any time soon. Now you can get to work
and quickly connect to your database without a lot of extra markup:


$result = mysql_query("SELECT * FROM table ORDER BY id ASC LIMIT 0,10");



More information can be found in the manual--be sure you read the comments: http://www.php.net/mysql_connect/


Tip 2: Dealing with Magic Quotes

PHP "automagically" can apply slashes to your
$_POST data for security purposes. It's an important measure to prevent
SQL injections. However, slashes in your scripts can wreak havoc. This
is an easy method for dealing with them. The way to handle the slashes
is to strip them from our variables. However, what if the magic quotes directive is not enabled?


function magicQuotes($post) {

if (get_magic_quotes_gpc()) {
if (is_array($post) {
return array_map('stripslashes',$post);
} else {
return stripslashes($post);
}
} else {
return; // magic quotes are not ON so we do nothing
}

}

The script above checks to see if magic quotes is enabled. If they are,
it will determine if your $_POST data is an array (which it likely is)
and then it will strip the slashes accordingly.


Understand that this is not true 'validation'. Be sure to
validate all your user-submitted data with regular expressions (which
is the most common way to do so).




More information about magic quotes: http://www.php.net/magic_quotes/
More information about SQL injection:http://www.php.net/manual/en/security.database.sql-injection.php/
More information about regular expressions: http://www.php.net/pcre/

Tip 3: Safely Query Database with mysql_real_escape_string

When you are ready to query your database you will need to escape
special characters (quotes for instance) for safety's sake by adding
slashes. We apply these before we insert variables into our database.
Once again, we need to determine which version of PHP you are running
first:

function escapeString($post) {

if (phpversion() >= '4.3.0') {
return array_map('mysql_real_escape_string',$post);
} else {
return array_map('mysql_escape_string',$post);
}

}

More information about mysql_real_escape_string: http://www.php.net/mysql_real_escape_string/
More information about SQL injection: http://php.belnet.be/manual/en/security.database.sql-injection.php


Tip 4: Debugging


If you search the forum there are many good threads with rules about debugging.
The single most important thing you can do is ask PHP to report errors
and notices to you by adding this line at the beginning of your
scripts:


error_reporting(E_ALL);


This will keep you in line as you learn by
printing out errors to your screen. The most common error that E_ALL
reports is not actually an error, but a notice for an "Undefined
index". Typically, it means that you have not properly set your
variable. It's easy to fix and keeps you programming correctly.


Another convenient tool while working with queries is print_r(). If your query is returning null or strange results, simply place this after your query command and it will display
all the contents of the $result array.


print_r($result); exit;

The exit command stops your script from executing any further so you can specifically review your query results.

More information about error_reporting: http://www.php.net/error_reporting/
More information about print_r; http://www.php.net/print_r/


Tip 5: Writing Functions (and Classes)

Initially I thought that tackling functions and classes would be difficult--thankfully I was wrong. Writing a function is something I urge all newbies to start doing immediately--it's really that simple. You are instantly involved in understanding how to produce more efficient code in smaller pieces. Where you might have a line of code that reads like this:

if ($rs['prefix'] == 1) {
$prfx = 'Mrs. ';
} elseif ($rs['prefix'] == 2) {
$prfx = 'Ms. ';
} else {
$prfx = 'Mr. ';
}

echo $prfx.$rs['name'].' '.$rs['last_name'];




You could rewrite it like this in a function:



function makePrefix($prefix='')
{
if (!$prefix) return '';
if ($prefix == 1) return 'Mrs. ';
if ($prefix == 2) return 'Ms. ';
if ($prefix == 3) return 'Mr. ';
}

echo makePrefix($rs['prefix']) . $rs['name'] . ' ' . $rs['last_name'];




Now that you've written this function, you can use it in many different projects!
An easy way to describe classes is to think of it as a collection of functions that work together. Writing a good class requires an understanding of PHP 5's new OOP structure, but by writing functions you are well on your way to some of the greater powers of PHP.

This article taken from PHPbuilder, the 2nd part of this article, i will published in a few time..

Regards

Verd_hatherley





About me

  • I'm verd_hatherley

Archives

Last Posts



Name :
Web URL :
Message :

Google


Google Reader or Homepage
Subscribe
Add to My Yahoo!
Subscribe with Bloglines
Add to Technorati Favorites!

Buttons created with the Create Feed Buttons

XFN Friendly





www.flickr.com
More of verd_hatherley's photos