Here are a few possibilities to get the conversation started: Escape all input upon initialization. Escape each value, preferably when generating the SQL. The first solution is suboptimal, because you then need to unescape each value if you want to use it in anything other than SQL, like outputting it on a web page. The second solut...
I'm dealing with a MySQL table that defines the JobName column as UNIQUE. If somebody tries to save a new Job to the database using a JobName that is already in the database, MySQL throws a warning. I would like to be able to detect this warning, just like an error, in my PHP script and deal with it appropriately. Ideally I would like...
I have a webapp development problem that I've developed one solution for, but am trying to find other ideas that might get around some performance issues I'm seeing. problem statement: a user enters several keywords/tokens the application searches for matches to the tokens need one result for each token ie, if an entry has 3 tokens,...
What are the performance, security, or "other" implications of using the following form to declare a new class instance in PHP <?php $class_name = 'SomeClassName'; $object = new $class_name; ?> This is a contrived example, but I've seen this form used in Factories (OOP) to avoid having a big if/switch statement. Problems that...
As a classic ASP developer about once a year since ASP.NET came out I decide I really gotta buckle down and learn this fancy new ASP.NET. A few days in and messing with code behinds and webforms and all this other stuff I decide the new fancy stuff is whack and go find something else to learn (PHP and Ruby and Python were all fun to pla...
How can I generate a (pseudo)random alpha-numeric string, something like: 'd79jd8c' in PHP? ...
Documentation is severely lacking on anything to do with stored procedures in mysql with PHP. I currently have a stored procedure that I call via PHP, how can I get the value of an out parameter? ...
I know php scripts don't actually compile until they are run. However say I want to create a small simple program and compile it to a binary without requiring the php binary. How could I do this? I'v seen a few IDE's out there that would do this, but either they are all for windows or the linux versions don't actually build properly. Wh...
I have a few sites on a shared host that is running Apache 2. I would like to compress the HTML, CSS and Javascript that is delivered to the browser. The host has disabled mod_deflate and mod_gzip, so these options are out. I do have PHP 5 at my disposal, though, so I could use the gzip component of that. I am currently placing the foll...
I would like to implement something similar to a c# delegate method in PHP. A quick word to explain what I'm trying to do overall: I am trying to implement some asynchronous functionality. Basically some resource-intensive calls that get queued, cached, and dispatched when the underlying system gets around to it. When the asynchronou...
How are callbacks written in PHP? ...
I've come across a rather interesing (and frustrating) problem with IE6. We are serving up some server generated pdfs and then simply setting headers in PHP to force a browser download of the file. Works fine and all, except in IE6 but only if the windows user account is set to standard user (ie. not administrator). Since this is for a ...
I created a few mediawiki custom tags, using the guide found here http://www.mediawiki.org/wiki/Manual:Tag_extensions I will post my code below, but the problem is after it hits the first custom tag in the page, it calls it, and prints the response, but does not get anything that comes after it in the wikitext. It seems it just stops p...
I'm using PHP's PDO layer for data access in a project, and I've been reading up on it and seeing that it has good innate support for persistant DB connections. I'm wondering when/if I should use them. Would I see performance benefits in a CRUD-heavy app? Are there downsides to consider, perhaps related to security? If it matters to you...
Unit Testing Mocking Inversion of Control Refactoring Object Relational Mapping Others? I have found simpletest for unit testing and mocking and, though it leaves much to be desired, it kind-of sort of works. I have yet to find any reasonable Inversion of Control framework (there is one that came up on phpclasses but no documentatio...
Is there a standard way of dealing with globally scoped variables in PHP? Session scoped? From the research I've done, it looks like the options are mostly addons or external. APC might work, but would be limited to a single PHP instance and not so useful for a farm of servers. Memcached seems like it would work, but I was hoping to find...
Simple one: How would you find the fractional part of a floating point number in PHP? For example, if I have the value 1.25, I want to return 0.25. ...
How can you determine the performance consequences of your PHP code if you are not familiar with the internals? Are there ways to figure out how your code is being executed (besides simply load testing it)? I am looking for things like memory usage, execution time for algorithms. Perhaps Joel would say, "learn C, then read the internals...
I am trying to code TDD style in PHP and one of my biggest stumbling blocks (other than lack of a decent IDE) is that I have to make my own hacked together IoC container just to inject all my mock objects properly. Has anyone used an Ioc container in php? All I've been able to find is PHP IOC on the ever-annoying phpclasses.org and it ...
While cross-site scripting is generally regarded as negative, I've run into several situations where it's necessary. I was recently working within the confines of a very limiting content management system. I needed to include database code within the page, but the hosting server didn't have anything usable available. I set up a couple...