by JeremyArnold?
PHP was created for serverside scripting of WebPages. From humble beginnings, it has become one of the most powerful languages for web application development.
http://www.php.net/manual/en/Yes, there are some downsides to PHP
Always check the online manual. It has a wealth of user submited notes and is categorised by Function.
You can generally find the author in either #wlug or #phphelp on the UnderNet IRC network. There is also #php on the same network but #phphelp is so much better! (shameless plug) ;)
If there is enough interest I will continue to expand this section as I have time / people bug me.
See the docs below (outdated) or the Manual ... This is one program where it pays to read the manual when things down work. Else come and me ask nicely.
DONT put $_POST, $_GET or $_REQUEST varible straght into an SQL statment! Rather put the varible through the mysql_escape_string() function.
Ignoring this leaves you database exposed to attacks from ScriptKiddies.
ie.
$myVarFromForm = mysql_escape_string($_REQUEST['myVarFromForm'?); $SQL = "SELECT * FROM mytable WHERE mycol = '$myVarFromForm'";
"" != '' - you can insert varibles directly into double quoted strings! Arrays (and objects) can also be inserted this way by puting the varible in a set of {} squiglyBrakets !
ie.
$var = 'Hello ' . $name . ', ' . $myArray[3? . ' is the 3rd array element';
can be writen as
$var = "Hello $name, {$myArray[3?} is the 3rd array element";
I would tend to use {$name} for clarity.
