Differences between version 2 and previous revision of PhpHowto.
Other diffs: Previous Major Revision, Previous Author, or view the Annotated Edit History
| Newer page: | version 2 | Last edited on Sunday, October 31, 2004 12:50:40 am | by AristotlePagaltzis | Revert |
| Older page: | version 1 | Last edited on Sunday, October 31, 2004 12:49:42 am | by AristotlePagaltzis | Revert |
@@ -16,9 +16,9 @@
* Easy to code without thinking.
!!Getting Help!
Always check the ONLINE manual. %%% http://www.php.net/manual/en/ %%% It has a wealth of user submited notes and is catagorised by Function. %%%
-You can generally find myself in either #WLUG or #PHPHELP on the undernet IRC network. There is also #PHP on the same network but phphelp is so much better! (ShamelessPlug
) ;)
+You can generally find myself in either #WLUG or #PHPHELP on the undernet IRC network. There is also #PHP on the same network but phphelp is so much better! (shameless plug
) ;)
If there is enough interest I will continue to expand this section as I have time / people bug me.
!!Installation
@@ -27,14 +27,14 @@
!!Tips
__DONT__ put $_POST, $_GET or $_REQUEST varible straght into an SQL statment! Rather put the varible through the [mysql_escape_string()|http://www.php.net/manual/en/function.mysql-escape-string.php] function.
-Ignoring this leaves you database exposed to attacks from ScriptKiddies
. %%% ie.
- $myVarFromForm = $mysql_escape_string(($_REQUEST['myVarFromForm']);
+Ignoring this leaves you database exposed to attacks from [ScriptKiddie]s
. %%% ie.
+ $myVarFromForm = $mysql_escape_string(($_REQUEST[
['myVarFromForm']);
$SQL = "SELECT * FROM mytable WHERE mycol = '$myVarFromForm'";
"" != '' - you can insert varibles directly into double quoted strings! Arrays (and objects) can also be inserted this way by puting the varible in a set of {} squiglyBrakets ! %%% ie.
$var = 'Hello ' . $name . ', ' . $myArray[[3] . ' is the 3rd array element';
can be writen as
$var = "Hello $name, {$myArray[[3]} is the 3rd array element";
I would tend to use {$name} for clarity.
