Updates from June, 2011 Toggle Comment Threads | Keyboard Shortcuts

  • saif 12:15 pm on June 14, 2011 Permalink | Reply  

    isset() use techniques in php 


    isset() is the most commonly used php construct as well as a good friend of  a programmer. we frequently use it to check whether a variable has been set or not. it returns true if the variable has been set otherwise false… also return false if the variable has been set to null.

    isset() is the only one of the three language constructs that accepts an arbitrary amount of parameters. Its accurate prototype is as follows:

    isset($var1, $var2, $var3, …);
    It only returns true, if all the variables have been defined; otherwise, it returns false. This is useful when you want to check if the required input variables for your script have really been sent by the client, saving you a series of single isset() checks.

    So writing it with arbitrary parameters can be interesting upon your need! cheers!

  • saif 9:48 am on March 15, 2011 Permalink | Reply
    Tags: interview, php programmer, question   

    Interview question set for a advanced PHP Programmer 

    Recently, I got a chance to face some questions which make sense for a PHP Programmer, who can rethink all about web development what he has been learned yet. I thought i can share those among yourselves just for sharing that what could be the questions for a advanced PHP Programmer.

    Questions are as follows. I will try to give answers here and discussion about these time to time. Looking forward to hear from you guys about any question listed below.

    • Question: You are committing a file with bug fixes to the SVN, there is an issue with a conflict in the file what does this mean? How do you solve it?
    • Question: How would you find out what files were out of date within SVN and commit those specific files into a revision with a log message via the command line?
    • Question: How do you use memcached to optimize mysql queries?
    • Question: How do you iterate an array in smarty?
    • Question: PHP errors are not displaying on the page you are developing. You only have SFTP Access to change files. How do you display the errors?
    • Question: What is better and more efficient in development time for a large scale enterprise PHP / MySQL application. Using packages and open source classes or developing your own solutions?
    • Question: What are the risks of using user inputted data in SQL queries and how to eliminate this risk ?
    • Question: You have been given a specification and been briefed on a project. The specification included work that was already completed for the project but there are many bugs and you did not write this code. What do you do?
    • Question: There is a bug in your code, what do you do?
    • Question: Recently users are complaining they are being logged out of the site. The site uses sessions and php. Also recently a new webserver was added, bringing the total to 2. What could be causing this and how would it be solved?
    • Question: You need to create a search function for a website with over 30.000 searches per hour on a record set of 1.000.000 text records. How would you do this using MySQL?
    • Question: You need to integrate an external website’s data that does not have a API – describe this process.
    • Question: You’ve written a news service in PHP that needs to used by many external websites. How would you allow those websites to use your functions to display the news on their site ?
    • Question: You want to create an AJAX suggestion box that displays in real time suggestions related to the content of the search textfield. Describe how this process would work.

    I think, some questions are really good and every PHP Programmer should know about those terms.

  • saif 7:39 pm on February 16, 2010 Permalink | Reply
    Tags: CodeIgniter, PHP Security   

    Simple PHP Security in CodeIgniter 

    As web is now the part of our life and we can’t think our daily works without www. For both users and developers, security is a key question. I would like to share some simple security points in this post, which are common.

    • Cross Site Scripting(or XSS) is one of the most common application-layer web attacks. XSS commonly targets scripts embedded in a page which are executed on the client-side (in the user’s web browser) rather than on the server-side. An example of XSS may be as from user input. Suppose you put <textarea> on your site to get user input. But malicious user give input like this :<script type="text/javascript">

      or it may be a unwanted alert message in javascript, which is not expected.So you definitely want to prevent this type of attack. I’m going to show the solution here in CodeIgniter. CodeIgniter has its built in input class.The example is below:

      $data= $this->input->post('UserInput');
      $data_xss = $this->input->xss_clean($data);

      At first, you get user input by post method and now just pass that value to the function. if you print the final value, you will see the javascript code will be replaced by others like [removed].Now you can pass the value to database query or do anything with that value.

    • Use htmlentities( ) for user input . It will convert all applicable characters to HTML entities like below.

      $str = “A ‘quote’ is <b>bold</b>”;
      // Outputs: A ‘quote’ is &lt;b&gt;bold&lt;/b&gt;
      echo htmlentities($str);

    Some useful links for best practices and security:

    Cheers and practice with best approach. 🙂

  • saif 10:52 am on February 3, 2010 Permalink | Reply
    Tags: html, PHP, php in html   

    Execute PHP code within a html/htm file 

    When a web page is call, the server checks two thongs, whether it is a html/htm file or a php/asp(etc) file. The key point is file extension or file type.If it is a normal .html/.htm file, server sends it direct to the browser. And if it is a php/asp(etc), server than execute the appropriate code before sending it to the browser.

    Come to the point: Now you need to add some php code within your existing html file,then what is the process?
    There are two ways, what i ever know and want to share with you,
    1.Rename the html file to php file (the easiest way),
    2.Using .htaccess file to allow php within html file.

    if you follow the first one, it’s easy. but you may have incoming links or search engine ranking or if u change the file type, you need to change many code within your application.so in this situation, come to the second solution. 😉

    The way is:
    You need to add some command in your .htaccess file like below:
    For html file :
    AddType application/x-httpd-php .html

    Or for .htm
    AddType application/x-httpd-php .htm

    If you only plan on including the PHP on one page, it is better to setup this way:
    <Files myhome.html> AddType application/x-httpd-php .html </Files>

    Now you can put php script like below in your html file :

    <p id='php_cont'><?php echo "hi all"; ?></p>

    N.B. Always be careful about your .htaccess file. if you have already one, just add the above command to the file, don’t replace all. and for beginner, the .htaccess file will be in your root folder, where your application or project exists (i.e. http://localhost/myapp)

    That’s all. For very beginners it may be helpful and i think this is a common question for them that  ‘How to use php in html file?’. cheers 😉

  • saif 6:28 pm on December 20, 2009 Permalink | Reply
    Tags: insert string with quote, mysql   

    insert string with single quote(‘) or double quote(“) in mysql 

    In developing web application, we write insert query for inserting data into database. Hence i use mysql query and PHP functions for inserting string with single quote(‘) or double quote.

    let we know two useful PHP function :

    1.  addslashes — Quote string with slashes. Returns a string with backslashes before characters that need to be quoted in database queries etc. These characters are single quote ('), double quote ("), backslash (\) and NUL (the NULL byte).

    = "Is your name O'reilly?";
    // Outputs: Is your name O\'reilly?
    echo addslashes($str);

    2. stripslashes —  Un-quote string quoted with addslashes(). Returns a string with backslashes stripped off. (\' becomes ' and so on.) Double backslashes (\\) are made into a single backslash (\).

    = "Is your name O\'reilly?";

    // Outputs: Is your name O’reilly?
    echo stripslashes($str);

    Now come to the point…..if we insert string into database with single or double quote like this :
    $str = “Is your name O’reilly?”;
    $query = “INSERT INTO tbl (description) VALUES ( ‘$str’)”;
    This will occur error.

    but if we use addslashes($str) function like below and then insert into database, then no error will be occurred.
    $str = “Is your name O’reilly?”;
    $desc_str = addslashes($str);
    $query = “INSERT INTO tbl (description) VALUES ( ‘$desc_str’)”;

    similarly we can use stripslashes($str) to print that table field value like this :
    echo stripslashes($str);

    cheers 🙂

  • saif 11:15 am on December 13, 2009 Permalink | Reply
    Tags: user IP   

    Get users IP by Getenv() PHP Function 

    Definition: Getenv () is used to get the value of an environmental variable. It is written as Getenv (varname) .

    Below are some examples of environmental variables you can use. If you are interested, you can see a full list by running phpinfo ().

    Also Known As: Get Environment Variable


    Get users IP by getenv() function. This is useful, when you want to know the users IP of your site during registration. By this you can know about users that, from where they are signing up or related information.

    You can also track users during login that, every time users are logging in and you know from which area or IP they are access your site. So see the simple use of this function:

    //Gets the IP address
    $ip = getenv(“REMOTE_ADDR”) ;
    Echo “Your IP is ” . $ip;

    //Gets the document root
    $root = getenv(“DOCUMENT_ROOT”) ;
    Echo $root;

    //Gets the server admin’s email
    $ad = getenv(“SERVER_ADMIN”) ;
    Echo $ad;

    Happy’s coding 🙂

    Definition: Getenv () is used to get the value of an environmental variable. It is written as Getenv (varname) ;

  • saif 5:42 pm on December 10, 2009 Permalink | Reply

    Set favicon in different browser 

    we have seen most of the site has favicon which describe the additional information about the site , Addition in the scene it could be logo,company Profile, company production,web site application, and so many .

    now how can u do this ?
    its very simple to do , just u need to add some line’s of code and be ready with small icon image, u can also add animated image in fevicon

    add this part in between <head> </head> Section. Please try to use relative icon type like  type=”image/ico” for .ico image.

    <link rel=”shortcut icon” type=”image/ico”  href=”images/favicon.ico”>

    now some time this code will not work on most of the Browser like IE old version
    in this case u can add this line

    <link rel=”shortcut icon” href=”images/favicon.ico” type=”image/vnd.microsoft.icon” *gt;

    we can use this also for IE:

    <!--[if IE]>
        <link href="images/favicon.ico" type="image/x-icon" rel="shortcut icon" />

    Finally ConvertICO can help to convert png image to ico image.

    Hope this will help the beginners who just started their journey in web development.

    Happy’s coding 🙂

  • saif 5:20 pm on December 10, 2009 Permalink | Reply  

    PHP == Progress Happiness Prosperity 

    I discovered a new meanings of PHP. In general, we know PHP stands for ‘Hypertext Pre processor’. but i think PHP stands for ‘Progress Happiness Prosperity’ for PHP developer guys who love PHP, who work in PHP, stay with PHP.

    It may like a funny abbreviation, but i think it’s a alternate meanings of PHP. Bcoz i love PHP.

    Happy’s coding!!


Compose new post
Next post/Next comment
Previous post/Previous comment
Show/Hide comments
Go to top
Go to login
Show/Hide help
shift + esc
%d bloggers like this: