Useful PHP Functions & Code - 09/24/05 05:14 PM
Learner's Picks:
You will need the following(assuming you know html, xhtml, xml, or some markup to dissplay data)
date
http://us2.php.net/manual/en/function.date.php
sessions(login auth)
http://us2.php.net/manual/en/function.session-start.php
http://us2.php.net/manual/en/function.session-is-registered.php
http://us2.php.net/manual/en/function.session-unregister.php
http://us2.php.net/manual/en/function.session-unset.php
MySQL db functions(unless of course you want to learn a different db)
http://us2.php.net/manual/en/function.mysql-connect.php
http://us2.php.net/manual/en/function.mysql-close.php
http://us2.php.net/manual/en/function.mysql-query.php
http://us2.php.net/manual/en/function.mysql-fetch-array.php
http://us2.php.net/manual/en/function.mysql-fetch-assoc.php
MySQL links
http://dev.mysql.com/doc/mysql/en/delete.html
http://dev.mysql.com/doc/mysql/en/insert.html
http://dev.mysql.com/doc/mysql/en/update.html
Gizmo's Picks:
arrays:
http://us2.php.net/manual/en/function.array.php
http://us2.php.net/manual/en/ref.array.php
file_exists:
http://us2.php.net/manual/en/function.file-exists.php
file:
http://us2.php.net/manual/en/function.file.php
fopen/fclose:
http://us2.php.net/fopen
http://us2.php.net/manual/en/function.fclose.php
fsockopen:
http://us2.php.net/manual/en/function.fsockopen.php
other disk/file functions:
http://us2.php.net/manual/en/function.disk-free-space.php
http://us2.php.net/manual/en/function.disk-total-space.php
http://us2.php.net/manual/en/function.chmod.php
http://us2.php.net/manual/en/function.copy.php
http://us2.php.net/manual/en/function.delete.php
http://us2.php.net/manual/en/function.filesize.php
http://us2.php.net/manual/en/function.filetype.php
http://us2.php.net/manual/en/function.flock.php
http://us2.php.net/manual/en/function.is-writable.php
http://us2.php.net/manual/en/function.touch.php
BTW, if you're going to go off playing with MySQL you should also look into:
http://us2.php.net/manual/en/function.str-replace.php
http://us2.php.net/manual/en/function.stripslashes.php
http://us2.php.net/manual/en/function.strip-tags.php
so you don't go and get yourself owned...
Coding for Security:
Trust nothing from the user. Code every form as if you know a hacker is coming at it. Also safe guard from URL submissions. Remember the GET method. If someone views source on your form they will see all variables that will be passed. Even if you are using host, they can mess with the URL and try submiting malious code that way.
1.) Code like registered globals is off.
http://us2.php.net/variables.external
2.) Make sure the user came from the page the form is on. See the predefined variables
http://us2.php.net/manual/en/reserved.variables.php#reserved.variables.request
Here is a function snagged from PHP.net to make sure your forms are secure.
Useful Links:
If you are going into mySQL get very used to reading the manual on thier site.
http://dev.mysql.com/doc/mysql/en/tutorial.html
Also see thier forums
http://forums.mysql.com/
for thier PHP forum
http://forums.mysql.com/list.php?52
Most MySQL you can just see the info on PHP.net and run with it. Some tricky stuff you will need to look at thier manual and play with the PHP code to get it to work.
PHP.net MySQL functions
http://us2.php.net/manual/en/ref.mysql.php
You will need the following(assuming you know html, xhtml, xml, or some markup to dissplay data)
date
http:/
sessions(login auth)
http:/
http:/
http:/
http:/
MySQL db functions(unless of course you want to learn a different db)
http:/
http:/
http:/
http:/
http:/
MySQL links
http:/
http:/
http:/
Gizmo's Picks:
arrays:
http:/
http:/
file_exists:
http:/
file:
http:/
fopen/fclose:
http://us2.php.net/fopen
http:/
fsockopen:
http:/
other disk/file functions:
http:/
http:/
http:/
http:/
http:/
http:/
http:/
http:/
http:/
http:/
BTW, if you're going to go off playing with MySQL you should also look into:
http:/
http:/
http:/
so you don't go and get yourself owned...
Coding for Security:
Trust nothing from the user. Code every form as if you know a hacker is coming at it. Also safe guard from URL submissions. Remember the GET method. If someone views source on your form they will see all variables that will be passed. Even if you are using host, they can mess with the URL and try submiting malious code that way.
1.) Code like registered globals is off.
http:/
2.) Make sure the user came from the page the form is on. See the predefined variables
http:/
Here is a function snagged from PHP.net to make sure your forms are secure.
PHP Code
<?php
function form_post_check()
{
$referring_url = $_SERVER['HTTP_REFERER']; // get the referring URL
$host = $_SERVER['HTTP_HOST']; // get the header from the current request (example: www.yoursite.com)
$valid_url = 'http://'.$host.'/'; // finish defining a valid referring URL
$valid_len = strlen( $valid_url ); // get the length of the valid url
// if the valid url isn't the first part of the referring url
if ( substr( $referring_url, 0, $valid_len ) != $valid_url )
{
die( 'You submitted this form from an invalid URL.' ); // stop everything and display a message
}
}
?>
If you are going into mySQL get very used to reading the manual on thier site.
http:/
Also see thier forums
http://forums.mysql.com/
for thier PHP forum
http://forums.mysql.com/list.php?52
Most MySQL you can just see the info on PHP.net and run with it. Some tricky stuff you will need to look at thier manual and play with the PHP code to get it to work.
PHP.net MySQL functions
http:/