Re: [PHP] Turning off magic_quotes_gpc?
On Thu, 10 Feb 2011 14:52:26 -0500
Bob McConnell r...@cbord.com wrote:
It's a good idea to turn it off as soon as possible. However, you need
to test your site to make sure it won't broke something first.
You have to test not only your site, but also the data that possible
lies in the database, if any.
There is a way to undo the results of magic quotes. We have
implemented it on a number of sites so that we won't care when it
gets turned off. Early in the script we have the following code:
// If magic quotes is on, we want to remove slashes
if (get_magic_quotes_gpc()) {
// Magic quotes is on
$response = stripslashes($_GET[$key]);
}
Many people use this approach or something similar and when you use
that from the beginning of production, it's not a problem.
If however you are going to turn Magic Quotes off while running a
production system where it was previously turned on, you might run into
problems.
Don't trust this method blindly. You have to remember that stripslashes
will only remove a single slash. If, for some reason, data has been
pulled out, updated, and re-inserted it may contain several slashes
(because each time Magic Quotes will add a new slash).
If you are turning off Magic Quotes on a system that has been running
with Magic Quotes on, you have to inspect the data manually to be safe.
---
Kind regards
Kim N. Lesmer
Programmer/Unix systemadministrator
Web: www.bitflop.com
E-mail : k...@bitflop.com
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Static content at runtime
On Tue, 28 Dec 2010 23:25:57 -0600 Donovan Brooke li...@euca.us wrote: and btw, I found that Billy Hoffman article to be inaccurate in many of his assertions. Would you mind sharing in what ways you found his assertions inaccurate? Kind regards, Kim Cheers, Donovan -- D Brooke -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Static content at runtime
Hi. I am currently looking into improving a system that (like many systems) generate static content at runtime. I have always been against generating static content at runtime and believe static content should be generated by a cronjob or manually at some idle time (if possible). This will provide real static content (no PHP at all) that doesn't need to be checked every time a request is made hence a huge performance benefit is achieved. A nice article on the issue: http://zoompf.com/blog/2009/12/the-challenge-of-dynamically-generating-static-content Quote: The moral of the story is never make the user pay for your laziness. Do not use the application tier of a website to dynamically generate static content at runtime. Instead do it at publishing time or even do it in a daily or hourly cron job. This approach allows you all the advantages of using application logic without drastically reducing the very web performance you were trying to improve in the first place! Sometimes however many pages are linked together and when working with a system with hundreds or thousands of pages re-creating a lot of content each night perhaps isn't always the best way to do things. Especially if the content needs to be updated right away and can't wait for the nightly cronjob to do its business. To illustrate with a simple example.. A blog system with a menu that displays how many posts exists in each category. - Home - About - Tech (412) - News (2030) etc. When a new page is added to the News category every single page in the system needs to get updated in order for the menu to display the new number (2031). Some use a compromise to include only changing items (like the menu in the above example), but that would mean using PHP and not serving pure static content. Others use ugly solutions like frames. Care to share your experiences and recommendations on the issue? Kind regards --- Kim N. Lesmer Programmer/Unix systemadministrator Web: www.bitflop.com E-mail : k...@bitflop.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Why the PEAR hate?
On Tue, 16 Nov 2010 09:54:30 -0700 Hansen, Mike mike.han...@atmel.com wrote: http://www.reddit.com/r/PHP/comments/e6zs1/how_many_of_you_use_pear_in_your_projects/ I'm still pretty new to PHP. Why the hate for PEAR? I've used a couple of PEAR modules without any issues. The few times I have looked at PEAR most of the modules that could possible present a solution to my problem was very poorly documented and in some cases the code quality was bad. I have also noticed bugs that goes unfixed for quite some time. I have always preferred to implement a homemade solution because of the above. --- Mange venlige hilsner/Best regards Kim N. Lesmer Programmer/Unix systemadministrator Web: www.bitflop.com E-mail : k...@bitflop.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Template engines
On Tue, 9 Nov 2010 00:20:52 -0500 Paul M Foster pa...@quillandmouse.com wrote: On Mon, Nov 08, 2010 at 02:41:12PM -0700, Hansen, Mike wrote: Here's why I don't use a templating engine. First, You're taking an embedded language and writing a templating engine in it. Seriously? Second, you're painting a single page, maybe 10-15K worth of information, and you're dragging 100K of code around just to paint a single page. Seriously? Third, you're creating a page on the fly, thrashing the server's CPU in order to generate a page which could be built statically, or at least with minimally embedded PHP. Seriously? Fourth, you could achieve the same end result with carefully crafted PHP embedded in your static HTML file, with actually very little more work. I know, everyone's heard this before. But just because you *can* do something doesn't mean you *should*. Beautiful put! --- Mange venlige hilsner/Best regards Kim N. Lesmer Programmer/Unix systemadministrator Web: www.bitflop.com E-mail : k...@bitflop.com Paul -- Paul M. Foster -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Template engines
On Mon, 8 Nov 2010 14:41:12 -0700 Hansen, Mike mike.han...@atmel.com wrote: I really like the idea of using a templating engine. Which one do you use? Why? For those that don't use templating engines, why don't you use them? PHP is in itself a template language and I find that the template engines just get in the way. Why learn a template language when you can just concentrate on PHP? Also you can easily become dependable on a third party template system which needs to be upgraded. You never know when such an upgrade is necessary for your system and when it might break something. I always use homemade template systems and try to keep things very simple. If designers are working on the project as well they almost always benefit from a little insight into PHP rather than having to learn some template language they can't use for anything else. IMHO - If you have to jump in and out of HTML and template syntax you might as well jump in and out of HTML and PHP. --- Mange venlige hilsner/Best regards Kim N. Lesmer Programmer/Unix systemadministrator Web: www.bitflop.com E-mail : k...@bitflop.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Pros/Cons of using mysqli prepared statments
On Thu, 4 Nov 2010 02:48:55 -0500 Tamara Temple tam...@tamaratemple.com wrote: I'm wondering what the advantages/disadvantage of using prepared statements with mysqli are. I'm used to using the mysqli::query and mysqli::fetch_assoc functions to deal with retrieving data and bulding my sql statement in php code. Take a look at PHP PDO also. Tamara Temple -- aka tamouse__ tam...@tamaratemple.com May you never see a stranger's face in the mirror. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
