[thelist] PHP Functions

Jack Timmons jorachim at gmail.com
Wed Jan 7 05:58:13 CST 2009

On Wed, Jan 7, 2009 at 2:32 AM, Santilal Parbhu
<santilal at scorpioneng.co.nz>wrote:

> Thanks for all the replies.  I have taken on board what you have said and
> reconstructed my site using just one script for each application I have.
> Previously I had one script per user, which meant a lot of duplication.
> Obviously, the present system is a lot more scalable.
> I have done what you suggested and passed each script mysql data and
> session
> data.  I didn't know you could use session data this way (in fact I didn't
> really know what you would use it for).  Now that I do, I can see the
> potential it has.
> Part of the problem of being self taught is that you can read all the books
> and web info, but often this is not enough to learn how different structure
> can be used.  "The List" has helped me a lot to find out about different
> ways to use different functions.  Thanks to you all again.
> Santilal
I have a feeling most people are self-taught PHP. I learned it by tearing
apart already made PHP scripts (I started with Invision Power Boards and
WordPress). In those cases, you can get a lot of good ideas in what you
should be using.

I also found these articles below, and they helped immensely. Also, I had
semi-learned C/C++ on my own before, so that kinda helped. Take a look at
those articles [1] for reference.

I've only been doing PHP for 3 or 4 years now, and I always try to find the
most flexible and progressive way to do things (so long as it makes sense.
Our world will often come up with a new method everyone things is the hot
topic and then later find out something we were doing before is better.)

Remember to -always- escape the mysql data being sent by the user. This
little script below can go a long way towards preventing attacks:

(Use GET or POST depending on how the for is set up

foreach($_POST as $key=>$value) {
     $_POST[$key] = mysql_real_escape_string($value);

Now that may not work for every single situation, and can be expanded a lot
more, but it's a start.

[1] - http://devzone.zend.com/node/view/id/627

-Jack Timmons

More information about the thelist mailing list