SitePoint Sponsor |
|
User Tag List
Results 76 to 100 of 186
Thread: PHP and MySQL coding tips
-
Dec 21, 2002, 04:59 #76
- Join Date
- Nov 2000
- Location
- London, UK
- Posts
- 223
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
OK, my little tip (and I don't know if it's already been said or not ... too many posts in here, we should start a part 2 or something)
Don't ever, EVER, under ANY circumstances, EVER attempt to serialize objects, store them, and recover them later.
PHP's serializing object support (especially if the objects are complex, and stored object-within-object in a tree, with each one having reference variables to its parent, etc. etc.) is very sketchy. You can serialize and unserialize stuff and data will be changed, or you'll just get random crashes and errors.
For example: at a certain point I was trying to access something after unserializing in my object structure like this:
$blah = $object->array[$id1]->array2[$id2]->getID();
$something = $object->array[$id1]->array2[$id2]->getSomething();
It would get me the $blah just fine, but the $something would give me a "Can't run method on non-existing object" error ... basically the object disappeared between the two statements. When I just built it up by hand to test it, instead of unserializing, it worked fine.
The Moral Is: Thou Shalt Not Serialize Objects, else { Thou Shalt Have Very Large and Very Arbitrary Problems; }
... what's the world coming to?
-
Dec 21, 2002, 05:35 #77
- Join Date
- Oct 2001
- Posts
- 592
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Don't ever, EVER, under ANY circumstances, EVER attempt to serialize objects, store them, and recover them later.
1. Don't put circular references in the objects you're serializing (A -> B and B -> A for example). The serialize() method will not know what to do with that. (Or maybe they've fixed that by now).
2. Be sure to include the classes of the objects you've serialized before deserializing them. If you don't, you will get messages like "Can't run method on non-existing object"...
Vincent
-
Dec 22, 2002, 01:53 #78
-
Dec 22, 2002, 02:57 #79
- Join Date
- Oct 2001
- Posts
- 592
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
I have objects stored in the $_SESSION global, and they work ok. Aren't they serialized?
Vincent
-
Dec 23, 2002, 10:12 #80
- Join Date
- Oct 2001
- Posts
- 656
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Want to reduce server load and increase page load time on EVERY page? well here is how!
And besides, output buffering in fact increases your server load because of the extra work it takes to compress the output
-
Dec 25, 2002, 11:10 #81
- Join Date
- Nov 2000
- Location
- London, UK
- Posts
- 223
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Well y'all are v.lucky or my code is v.bad then.
I'll admit that my code did have references, but they were not circular ... just recursive
object a:
property 1 = object b
object b:
property 1 = reference to object a
When one outputted the value of serialize($object_a), it would go infinitely spitting out data forever and ever. Serializing was not a pretty thing, and I'm pretty sure what'd happen is that when stored in the session, this data would get truncated because since it was spitting infinitely there was too much of it. This led to completely unpredictable results.
Storing basic objects works fine (VERY basic...), but anything complicated like references or database resources (yes, I know about __sleep and co.) and it could very well go haywire on you.
I will modify my previous statement to: do it if you must, but you're better off putting toString and fromString functions into your objects where you use your own method of serializing. Or just don't serialize.
... what's the world coming to?
-
Jan 7, 2003, 13:43 #82
My favourite PHP tips
Some of the best tips I have found in PHP...
Register Globals
Register Globals is now turned off by default, and most coders are getting used to implementing $_POST['variable'] and so on into their scripts. Note for Windows users: If your php.ini file still sets "register_globals = On" because you kept your php.ini settings on an upgrade then it may be a good idea to change it - even if it is just on your home or local machine for your own personal use (It is good practice to get into secure habits).
What if you can not change the setting though? You may be using an ISP/host which sets "register_globals = On" for compatibility reasons and refuse to change it. Well shame on your ISP, however there are things you can do about it! First you may want to check the status of the register_globals setting, simply issue the phpinfo() function on the server and check the register_globals value in the PHP Core table.
If it is "On" and you can not change it to "Off" by editing the setting, then you have a few options to make your code more secure.
1. Put all your code into a function, then call the function. The scope of variables in functions will save the day for you.
2. Manually use a function to unregister globals. If you first save the superglobals, you can then copy them back after the unregistering is done.
PHP Code:function unregister_globals()
{
// Save the existing superglobals first
$REQUEST = $_REQUEST;
$GET = $_GET;
$POST = $_POST;
$COOKIE = $_COOKIE;
if (isset($_SESSION))
{
$SESSION = $_SESSION;
}
$FILES = $_FILES;
$ENV = $_ENV;
$SERVER = $_SERVER;
// Unset the $GLOBALS array (clear all)
foreach($GLOBALS as $key => $value)
{
if ($key != 'GLOBALS')
{
unset($GLOBALS[$key]);
}
}
// Re-assign the saved superglobals again
$_REQUEST = $REQUEST;
$_GET = $GET;
$_POST = $POST;
$_COOKIE = $COOKIE;
if (isset($SESSION))
{
$_SESSION = $SESSION;
}
$_FILES = $FILES;
$_ENV = $ENV;
$_SERVER = $SERVER;
}
unregister_globals();
Magic Quotes
Another configurable setting which may affect your scripts is Magic Quotes - both GPC (for incoming Get, Post and Cookie data) and Runtime (for runtime-generated data, e.g. data from SQL, from exec(), etc.) Check the status of Magic Quotes with this:
PHP Code:echo 'GPC Status: ' . get_magic_quotes_gpc() . '<br />';
echo 'Runtime Status: ' . get_magic_quotes_runtime();
// 1 = On
// 0 = Off
PHP Code:define("MAGIC_QUOTES_STAT_GPC", get_magic_quotes_gpc());
function auto_slash($str)
{
if (1 == MAGIC_QUOTES_STAT_GPC)
{
return $str;
}
else
{
return addslashes($str);
}
}
PHP Code:// Here is an UPDATE query using a $_POST value
$table = 'my_table';
$field = auto_slash($_POST['my_field']);
$sql = 'UPDATE ' . $table .
'SET my_field = ' . $field .
'\'';
// Note: a backslash is missing here! '
// See note at end of this post.
// And here is a SELECT query using the same
$id = auto_slash($_POST['my_id']);
$column = 'my_column';
$table = 'my_table';
$sql = 'SELECT ' . $column .
'FROM ' . $table .
'WHERE id = \'' . $id .
'\'';
// Note: a backslash is missing here!
When putting SQL queries into your PHP scripts, you should create a seperate file which sets the names of each database or table. This file can then be included when required, and if any database or table name needs to be changed, then you only need to make one alteration - not many! This is very useful when you are using scripts from other people which create databases/tables, as their script may create a new database/table with the same name as one you already have.
Example configuration file:
PHP Code:// Database Table Names
$conf['tbl']['books'] = 'book_names';
$conf['tbl']['authors'] = 'writers';
PHP Code:$table = "$conf['tbl']['books']";
$field = 'field_value'
$sql = 'UPDATE ' . $table .
'SET my_field = ' . $field .
'\'';
// Note: a backslash is missing here!'
$table = "$conf['tbl']['authors']";
$field = 'field_value'
$sql = 'UPDATE ' . $table .
'SET my_field = ' . $field .
'\'';
// Note: a backslash is missing here!
All lines reading
' ' ' ;
should in fact read
' \ ' ' ;
-
Mar 27, 2003, 16:40 #83
Originally Posted by redemption
This little careware-program (written in Java, advantages might be known) highlights the closing brace when you're on an opening brace (and the other way around). It is GREAT as an editor, at least when you are, like me, some old-fashioned dude, writing every code by hand instead of those frontpagers, et cetera!
You can get it at http://www.arachnoid.com/arachnophilia/ , mentioning my name doesn't bring me anything more than thanx from Paul Lupus. But that's part of Careware!
Try it! Or don't!------------------------------------------
"In a forum no one can here you cry"
------------------------------------------
-
Apr 11, 2003, 04:00 #84
- Join Date
- Oct 2002
- Location
- Iceland
- Posts
- 1,238
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
voostind: I do not fully agree with you. I have a class called $db and a variable called $access that is an array that includes the current user privilages and info. I keep these variables global with global $accss,$db; because they never change over the script and I am using them all the time, I mean, all normal variables I call with the ($var1, $var2) method but I still use these globals simply to simple my script, what is wrong with that I mean, I will never use them for anything else then they currently do.
Also one question, if accessing arrays, is it better to use single quote ['something'] or double quote ["something"] ? btw, I know I should use ' ' for strings and I always do that but how is it with arrays?- website
-
Apr 11, 2003, 04:48 #85
- Join Date
- Oct 2001
- Posts
- 592
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
...but I still use these globals simply to simple my script, what is wrong with that I mean...
And that's just one reason globals are evil... [img]images/smilies/wink.gif[/img]
Vincent
-
Apr 11, 2003, 10:10 #86
- Join Date
- Oct 2002
- Location
- Iceland
- Posts
- 1,238
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
ok vincent, I see your point, I realise that my code is rather depended on the current project but can you then please explain to me these layers better?
Example:
I have a Global variable called $db which refers to the Db class I created, it makes my work a lot easier and here is an example of something I am doing all the timePHP Code:$q = 'SELECT col FROM table WHERE conditions';
$res = mysql_query($q) or die(mysql_error());
while ($row = mysql_fetch_assoc($res)) {
$array[] = $row;
}
PHP Code:q = 'SELECT col FROM table WHERE conditions';
$result = $db->ret_marray($q);
And I mean, this would result in very easy change between databases
But if you are saying that I shouldn't do this like I did then how? how would you do what I did but still in very simple way?
Edit:
This issue has been considered for a long time and is solved.Last edited by website; Aug 9, 2003 at 14:08.
- website
-
Apr 21, 2003, 12:32 #87
- Join Date
- May 2001
- Posts
- 1
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by Kymira
echo("The value is $array['key'].");
-
Apr 21, 2003, 13:34 #88
- Join Date
- Jan 2001
- Location
- buried in the database shell (Washington, DC)
- Posts
- 1,107
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
echo "This is my var " . $array[ 'key' ] . " stuff";
You can also use the comma (,) in place of dot (.) in echo.Matt - Sybase DBA / PHP fanatic
Sybase/MySQL/Oracle | I don't like MySQL
Download Sybase | DBForums.com - for all your RDBMS talk
-
Apr 22, 2003, 12:32 #89
- Join Date
- Oct 2001
- Posts
- 592
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
You can also use the comma (,) in place of dot (.) in echo.
Example:
echo 'foo', 'bar';
translates to:
echo 'foo';
echo 'bar';
whereas:
echo 'foo' . 'bar'
translates to:
echo 'foobar'
The first is cheaper, because PHP doesn't first have to create the new string 'foobar', but can instead send the two strings to output directly.
Vincent
-
May 15, 2003, 12:31 #90
- Join Date
- Dec 2001
- Location
- UK
- Posts
- 105
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by DaveBaker
PHP Code:// 'simple' syntax examples
print "Hello ${_POST['name']}, and welcome.";
print "Hello $name, and welcome";
//'complex' syntax examples
print "Hello {$member->name}, and welcome";
print "Hello {$member['details']['name']}, and welcome";
-
May 15, 2003, 18:31 #91
- Join Date
- Oct 2002
- Location
- Iceland
- Posts
- 1,238
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by torrent
But honestly, isn't it better simply to do
PHP Code:print 'Hello ' . $_POST['name'] . ', and welcome.';
and then ofcourse to use echo() if you can ?- website
-
May 15, 2003, 19:58 #92
- Join Date
- Jan 2003
- Location
- Calgary, Canada
- Posts
- 2,063
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by torrent
PHP Code:echo "Hello $member->name, and welcome";
Who walks the stairs without a care
It shoots so high in the sky.
Bounce up and down just like a clown.
Everyone knows its Slinky.
-
May 15, 2003, 20:06 #93
- Join Date
- Mar 2001
- Location
- TO, Canada
- Posts
- 126
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
according to what voo said, would not this be 'best':
PHP Code:print 'Hello ' , $_POST['name'] , ', and welcome.';
-
May 15, 2003, 23:01 #94
- Join Date
- Dec 2001
- Location
- UK
- Posts
- 105
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by cyborg from dh
PHP Code:echo "Width = $member->width00";
Point is; there are a zillion ways you can print out your information. Do what you think is best in your application.
-
May 16, 2003, 04:42 #95
- Join Date
- Oct 2002
- Location
- Iceland
- Posts
- 1,238
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by AhmedF
But guys, isn't this method still 'better' then the other one ?
This is the problem with php, there are too many ways to do a single thing.- website
-
May 21, 2003, 11:36 #96
- Join Date
- Dec 2001
- Location
- UK
- Posts
- 105
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by MattR
PHP Code:<?php
print "There is a newline between this text\nand this text\n";
print 'Now see what happens\nwhen you do this!';
?>
-
May 31, 2003, 07:55 #97
- Join Date
- Jan 2003
- Location
- Calgary, Canada
- Posts
- 2,063
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by torrent
PHP Code:print 'There is a newline between this text
and this text
';
Who walks the stairs without a care
It shoots so high in the sky.
Bounce up and down just like a clown.
Everyone knows its Slinky.
-
Jun 10, 2003, 07:47 #98
- Join Date
- Nov 2001
- Location
- Singapore
- Posts
- 617
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by AhmedF
-
Jun 10, 2003, 07:53 #99
- Join Date
- Jan 2003
- Location
- Calgary, Canada
- Posts
- 2,063
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
PHP Code:print 'Hello', $_POST['name'], ', and welcome.';
And the difference is, when echoing and using commas, (especially when outputting variables), instead of creating a new string in memory, it just outputs it as it goes.
(faster.)Who walks the stairs without a care
It shoots so high in the sky.
Bounce up and down just like a clown.
Everyone knows its Slinky.
-
Jun 10, 2003, 08:07 #100
- Join Date
- Nov 2001
- Location
- Singapore
- Posts
- 617
- Mentioned
- 0 Post(s)
- Tagged
- 0 Thread(s)
Originally Posted by cyborg from dh
Bookmarks