Results 1 to 8 of 8

Thread: Programming tips for php

  1. #1
    Join Date
    Mar 2007
    Posts
    59
    Rep Power
    0

    Default Programming tips for php

    The golden rule on the world wide web is that one should “never-ever-ever trust user input”. Given this, it would be wise to spend quite some time to make sure that all of the inputs from the users in able to make sure it is safe and what was expected..

    There are several things to should watch out for when validating input:

    Mistaken input.
    For example the user types 99.7 rather than 9.97

    Bad input
    The user provides incorrect input in on purpose for whatever reason.

    Dangerous input
    User innocently enters information that would harm the system

    Missing input
    User provides no input.
    l^l*l*{$Gates$}*l*l^l

    Volare Forever: http://www.facebook.com/volare.forever

  2. #2
    Join Date
    Mar 2007
    Posts
    59
    Rep Power
    0

    Default Common Errors in PHP

    Common Errors in PHP 'Warning: Cannot modify header information - headers already sent by (output started at filename line no __) '

    If you run a PHP document get the above error message, it means that an error has occured in your php document. This takes place if there are any executable statements like echo before the set cookie or session variable. Try to find the statement and remove it and then run the same program.
    l^l*l*{$Gates$}*l*l^l

    Volare Forever: http://www.facebook.com/volare.forever

  3. #3
    Join Date
    Oct 2009
    Posts
    785
    Rep Power
    0

    Default

    That is why form validation is important. I typically validate on both client and server side and make sure all DB inputs/outputs are serialized.

    also, addslashes($str) and all those functions should be your best friend when storing data in the DB..

    Chris

  4. #4
    Join Date
    Feb 2006
    Posts
    4,242
    Rep Power
    0

    Default

    Use a dropdown box where possible, rather than using text box.
    This reduces typo.
    |--- www.RealJamaicaEstate.com ™ ---|
    Invest small = small returns [micro enterprise] | Invest Big = returns Big [macro enterprise]
    --- www.fashionsJAMAICA.com ™ -|- www.ChampsJamaica.com

  5. #5
    Join Date
    Sep 2004
    Posts
    510
    Rep Power
    0

    Default

    when it comes to checking what the users input, try using javascript to check for any errors. then use php on the server side to double check what you have is what you wanted
    Phenom II X4 955 (3.6Ghz), HD 4670(soon upgrade), AM2+ gigabit board, 4gb DDR2, cant afford any 3 yet....

  6. #6
    Join Date
    Jun 2008
    Posts
    74
    Rep Power
    0

    Default

    Quote Originally Posted by Layton View Post
    Common Errors in PHP 'Warning: Cannot modify header information - headers already sent by (output started at filename line no __) '

    If you run a PHP document get the above error message, it means that an error has occured in your php document. This takes place if there are any executable statements like echo before the set cookie or session variable. Try to find the statement and remove it and then run the same program.
    That message is shown when there is any output before the headers are sent.

  7. #7
    Join Date
    Jul 2004
    Posts
    153
    Rep Power
    0

    Default

    One of the best ways to prevent data corruption, malicious manipulation and other types of attacks is to use regular expressions. Now I'm not going to sit here and tell you that I do it all the time for my projects, but you will know when that approach is truly required.

    Also remember that validation should not be done solely on the client-side...complete reliance on javascript is inadequate.

  8. #8
    Join Date
    Mar 2007
    Posts
    59
    Rep Power
    0

    Default

    Quote Originally Posted by codecarnage View Post
    One of the best ways to prevent data corruption, malicious manipulation and other types of attacks is to use regular expressions. Now I'm not going to sit here and tell you that I do it all the time for my projects, but you will know when that approach is truly required.

    Also remember that validation should not be done solely on the client-side...complete reliance on javascript is inadequate.


    yea man this method is good for email addresses and certain codes lke phone numbers..kool point there man
    l^l*l*{$Gates$}*l*l^l

    Volare Forever: http://www.facebook.com/volare.forever

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •