SitePoint Sponsor

User Tag List

Page 4 of 8 FirstFirst 12345678 LastLast
Results 76 to 100 of 186
  1. #76
    SitePoint Addict
    Join Date
    Nov 2000
    Location
    London, UK
    Posts
    223
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    OK, my little tip (and I don't know if it's already been said or not ... too many posts in here, we should start a part 2 or something)

    Don't ever, EVER, under ANY circumstances, EVER attempt to serialize objects, store them, and recover them later.

    PHP's serializing object support (especially if the objects are complex, and stored object-within-object in a tree, with each one having reference variables to its parent, etc. etc.) is very sketchy. You can serialize and unserialize stuff and data will be changed, or you'll just get random crashes and errors.

    For example: at a certain point I was trying to access something after unserializing in my object structure like this:
    $blah = $object->array[$id1]->array2[$id2]->getID();
    $something = $object->array[$id1]->array2[$id2]->getSomething();
    It would get me the $blah just fine, but the $something would give me a "Can't run method on non-existing object" error ... basically the object disappeared between the two statements. When I just built it up by hand to test it, instead of unserializing, it worked fine.


    The Moral Is: Thou Shalt Not Serialize Objects, else { Thou Shalt Have Very Large and Very Arbitrary Problems; }

    ... what's the world coming to?

  2. #77
    SitePoint Evangelist
    Join Date
    Oct 2001
    Posts
    592
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Don't ever, EVER, under ANY circumstances, EVER attempt to serialize objects, store them, and recover them later.
    In my experience, serializing objects works just fine. However, there are two things to take note of:
    1. Don't put circular references in the objects you're serializing (A -> B and B -> A for example). The serialize() method will not know what to do with that. (Or maybe they've fixed that by now).
    2. Be sure to include the classes of the objects you've serialized before deserializing them. If you don't, you will get messages like "Can't run method on non-existing object"...

    Vincent

  3. #78
    As the name suggests... trickie's Avatar
    Join Date
    Jul 2002
    Location
    Melbourne, Australia
    Posts
    678
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Originally posted by FatPiper

    Don't ever, EVER, under ANY circumstances, EVER attempt to serialize objects, store them, and recover them later.
    I have objects stored in the $_SESSION global, and they work ok. Aren't they serialized?

  4. #79
    SitePoint Evangelist
    Join Date
    Oct 2001
    Posts
    592
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I have objects stored in the $_SESSION global, and they work ok. Aren't they serialized?
    Yes, indeed they are!

    Vincent

  5. #80
    SitePoint Guru
    Join Date
    Oct 2001
    Posts
    656
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Want to reduce server load and increase page load time on EVERY page? well here is how!
    Uhm, no? I don't want to increase my page load time

    And besides, output buffering in fact increases your server load because of the extra work it takes to compress the output

  6. #81
    SitePoint Addict
    Join Date
    Nov 2000
    Location
    London, UK
    Posts
    223
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well y'all are v.lucky or my code is v.bad then.

    I'll admit that my code did have references, but they were not circular ... just recursive

    object a:
    property 1 = object b


    object b:
    property 1 = reference to object a

    When one outputted the value of serialize($object_a), it would go infinitely spitting out data forever and ever. Serializing was not a pretty thing, and I'm pretty sure what'd happen is that when stored in the session, this data would get truncated because since it was spitting infinitely there was too much of it. This led to completely unpredictable results.

    Storing basic objects works fine (VERY basic...), but anything complicated like references or database resources (yes, I know about __sleep and co.) and it could very well go haywire on you.

    I will modify my previous statement to: do it if you must, but you're better off putting toString and fromString functions into your objects where you use your own method of serializing. Or just don't serialize.

    ... what's the world coming to?

  7. #82
    SitePoint Zealot Egghead's Avatar
    Join Date
    Feb 2002
    Posts
    197
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    My favourite PHP tips

    Some of the best tips I have found in PHP...

    Register Globals
    Register Globals is now turned off by default, and most coders are getting used to implementing $_POST['variable'] and so on into their scripts. Note for Windows users: If your php.ini file still sets "register_globals = On" because you kept your php.ini settings on an upgrade then it may be a good idea to change it - even if it is just on your home or local machine for your own personal use (It is good practice to get into secure habits).

    What if you can not change the setting though? You may be using an ISP/host which sets "register_globals = On" for compatibility reasons and refuse to change it. Well shame on your ISP, however there are things you can do about it! First you may want to check the status of the register_globals setting, simply issue the phpinfo() function on the server and check the register_globals value in the PHP Core table.

    If it is "On" and you can not change it to "Off" by editing the setting, then you have a few options to make your code more secure.
    1. Put all your code into a function, then call the function. The scope of variables in functions will save the day for you.
    2. Manually use a function to unregister globals. If you first save the superglobals, you can then copy them back after the unregistering is done.
    PHP Code:
    function unregister_globals()
    {
       
    // Save the existing superglobals first
       
    $REQUEST $_REQUEST;
       
    $GET $_GET;
       
    $POST $_POST;
       
    $COOKIE $_COOKIE;
       if (isset(
    $_SESSION))
       {
          
    $SESSION $_SESSION;
       }
       
    $FILES $_FILES;
       
    $ENV $_ENV;
       
    $SERVER $_SERVER;

       
    // Unset the $GLOBALS array (clear all)
       
    foreach($GLOBALS as $key => $value)
       {
          if (
    $key != 'GLOBALS')
          {
             unset(
    $GLOBALS[$key]);
          }
       }

       
    // Re-assign the saved superglobals again
       
    $_REQUEST $REQUEST;
       
    $_GET $GET;
       
    $_POST $POST;
       
    $_COOKIE $COOKIE;
       if (isset(
    $SESSION))
       {
          
    $_SESSION $SESSION;
       }
       
    $_FILES $FILES;
       
    $_ENV $ENV;
       
    $_SERVER $SERVER;
    }
    unregister_globals(); 
    Apologies to Theo Spears of php|architect magazine (http://www.phparch.com). You can read his two other methods for solving the register globals problem and also other ideas for "Writing Secure PHP Code" in the January 2003, Volume II, Issue 1 edition of the magazine, which is available FREE.

    Magic Quotes
    Another configurable setting which may affect your scripts is Magic Quotes - both GPC (for incoming Get, Post and Cookie data) and Runtime (for runtime-generated data, e.g. data from SQL, from exec(), etc.) Check the status of Magic Quotes with this:
    PHP Code:
    echo 'GPC Status: ' get_magic_quotes_gpc() . '<br />';
    echo 
    'Runtime Status: ' get_magic_quotes_runtime();
    // 1 = On
    // 0 = Off 
    Use a function that will automatically call "addslashes" to your SQL queries if Magic Quotes is off. Here's one for GPC quotes:
    PHP Code:
    define("MAGIC_QUOTES_STAT_GPC"get_magic_quotes_gpc());

    function 
    auto_slash($str)
    {
       if (
    == MAGIC_QUOTES_STAT_GPC)
       {
          return 
    $str;
       }

       else
       {
          return 
    addslashes($str);
       }

    Then adapt your SQL queries accordingly...

    PHP Code:
    // Here is an UPDATE query using a $_POST value
    $table 'my_table';
    $field auto_slash($_POST['my_field']);
    $sql   'UPDATE ' $table .
             
    'SET my_field = ' $field .
             
    '\'';
             
    // Note: a backslash is missing here! '
             // See note at end of this post.

    // And here is a SELECT query using the same
    $id     auto_slash($_POST['my_id']);
    $column 'my_column';
    $table  'my_table';
    $sql    'SELECT ' $column .
              
    'FROM ' $table .
              
    'WHERE id = \'' $id .
              
    '\'';
              
    // Note: a backslash is missing here! 
    Databases and Tables
    When putting SQL queries into your PHP scripts, you should create a seperate file which sets the names of each database or table. This file can then be included when required, and if any database or table name needs to be changed, then you only need to make one alteration - not many! This is very useful when you are using scripts from other people which create databases/tables, as their script may create a new database/table with the same name as one you already have.
    Example configuration file:
    PHP Code:
    // Database Table Names
    $conf['tbl']['books'] = 'book_names';
    $conf['tbl']['authors'] = 'writers'
    Any query can then use the defined names as so:
    PHP Code:
    $table "$conf['tbl']['books']";
    $field 'field_value'
    $sql   'UPDATE ' $table .
             
    'SET my_field = ' $field .
             
    '\'';
             
    // Note: a backslash is missing here!'

    $table "$conf['tbl']['authors']";
    $field 'field_value'
    $sql   'UPDATE ' $table .
             
    'SET my_field = ' $field .
             
    '\'';
             
    // Note: a backslash is missing here! 
    NOTE: The VB Code in this forum keeps removing a backslash from the PHP source code.
    All lines reading
    ' ' ' ;
    should in fact read
    ' \ ' ' ;

  8. #83
    SitePoint Member Derfel Cadarn's Avatar
    Join Date
    Mar 2003
    Location
    Berlin
    Posts
    13
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by redemption
    jumping in and out of php sometimes leaves me quite befuddled and having to match the braces is no ...
    Well, I couldn't agree more, but since I started using Arachnophilia as my HTML & PHP & Java-editor, I haven't had any troubles with it!!!
    This little careware-program (written in Java, advantages might be known ) highlights the closing brace when you're on an opening brace (and the other way around). It is GREAT as an editor, at least when you are, like me, some old-fashioned dude, writing every code by hand instead of those frontpagers, et cetera!
    You can get it at http://www.arachnoid.com/arachnophilia/ , mentioning my name doesn't bring me anything more than thanx from Paul Lupus. But that's part of Careware!

    Try it! Or don't!
    ------------------------------------------
    "In a forum no one can here you cry"
    ------------------------------------------

  9. #84
    ********* Member website's Avatar
    Join Date
    Oct 2002
    Location
    Iceland
    Posts
    1,238
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    voostind: I do not fully agree with you. I have a class called $db and a variable called $access that is an array that includes the current user privilages and info. I keep these variables global with global $accss,$db; because they never change over the script and I am using them all the time, I mean, all normal variables I call with the ($var1, $var2) method but I still use these globals simply to simple my script, what is wrong with that I mean, I will never use them for anything else then they currently do.

    Also one question, if accessing arrays, is it better to use single quote ['something'] or double quote ["something"] ? btw, I know I should use ' ' for strings and I always do that but how is it with arrays?
    - website

  10. #85
    SitePoint Evangelist
    Join Date
    Oct 2001
    Posts
    592
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ...but I still use these globals simply to simple my script, what is wrong with that I mean...
    The result of doing this is that your programs aren't modular. Instead of having small, efficient, reusable, modules, you have one big piece of software. Imagine you implemented some brilliant code you'd like to reuse in other projects (or like to release as Open Source or something), then you'd have to rewrite it, because without the globals, the code doesn't work.

    And that's just one reason globals are evil... [img]images/smilies/wink.gif[/img]

    Vincent

  11. #86
    ********* Member website's Avatar
    Join Date
    Oct 2002
    Location
    Iceland
    Posts
    1,238
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ok vincent, I see your point, I realise that my code is rather depended on the current project but can you then please explain to me these layers better?
    Example:
    I have a Global variable called $db which refers to the Db class I created, it makes my work a lot easier and here is an example of something I am doing all the time
    PHP Code:
    $q 'SELECT col FROM table WHERE conditions';
    $res mysql_query($q) or die(mysql_error());
    while (
    $row mysql_fetch_assoc($res)) {
      
    $array[] = $row;

    Instead I did this once and now I simply do
    PHP Code:
    'SELECT col FROM table WHERE conditions';
    $result $db->ret_marray($q); 
    Are you saying that I should write my code as the first example is?
    And I mean, this would result in very easy change between databases

    But if you are saying that I shouldn't do this like I did then how? how would you do what I did but still in very simple way?
    Edit:

    This issue has been considered for a long time and is solved.
    Last edited by website; Aug 9, 2003 at 13:08.
    - website

  12. #87
    SitePoint Member
    Join Date
    May 2001
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by Kymira
    Associative Array Interpolation in Strings
    PHP Code:
    echo $array['key']; // is better than

    echo $array[key]; 
    However, if you try to use $array['key'] in a double quotes echo, it won't work. What you have to do is this:
    PHP Code:
    echo "This is my var in the array [color=red]{[/color]$array['key'][color=red]}[/color]."
    The braces help the parser distinguish the quotes between the brackets, i.e. [].
    Why is this? We're told in my 4.3.0 help documentation to use $array['key'] rather than $array[key] but then one has to use curly quotes or concatenation on that constuct rather than being able to just plop it into a double-quoted string. I don't understand why PHP isn't able to figure out how to parse this:

    echo("The value is $array['key'].");

  13. #88
    Database Jedi MattR's Avatar
    Join Date
    Jan 2001
    Location
    buried in the database shell (Washington, DC)
    Posts
    1,107
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    echo "This is my var " . $array[ 'key' ] . " stuff";

    You can also use the comma (,) in place of dot (.) in echo.

  14. #89
    SitePoint Evangelist
    Join Date
    Oct 2001
    Posts
    592
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You can also use the comma (,) in place of dot (.) in echo.
    Actually, it's better to use a comma instead of a dot, because it saves some overhead (no string concatenation).

    Example:
    echo 'foo', 'bar';
    translates to:
    echo 'foo';
    echo 'bar';

    whereas:
    echo 'foo' . 'bar'
    translates to:
    echo 'foobar'

    The first is cheaper, because PHP doesn't first have to create the new string 'foobar', but can instead send the two strings to output directly.

    Vincent

  15. #90
    SitePoint Zealot
    Join Date
    Dec 2001
    Location
    UK
    Posts
    105
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by DaveBaker
    Why is this? We're told in my 4.3.0 help documentation to use $array['key'] rather than $array[key] but then one has to use curly quotes or concatenation on that constuct rather than being able to just plop it into a double-quoted string. I don't understand why PHP isn't able to figure out how to parse this:

    echo("The value is $array['key'].");
    How's PHP supposed to recognise between you referencing a variable called $array and then quoting the text ['key'] and you referencing a variable called $array['key']. You can either use simple syntax with the { } to delimit for parser the variable name, or use the complex syntax for more complex expressions. E.g.:
    PHP Code:
    // 'simple' syntax examples
    print "Hello ${_POST['name']}, and welcome.";
    print 
    "Hello $name, and welcome";

    //'complex' syntax examples
    print "Hello {$member->name}, and welcome";
    print 
    "Hello {$member['details']['name']}, and welcome"

  16. #91
    ********* Member website's Avatar
    Join Date
    Oct 2002
    Location
    Iceland
    Posts
    1,238
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by torrent
    How's PHP supposed to recognise between you referencing a variable called $array and then quoting the text ['key'] and you referencing a variable called $array['key']. You can either use simple syntax with the { } to delimit for parser the variable name, or use the complex syntax for more complex expressions. E.g.:
    PHP Code:
    // 'simple' syntax examples
    print "Hello ${_POST['name']}, and welcome.";
    print 
    "Hello $name, and welcome";

    //'complex' syntax examples
    print "Hello {$member->name}, and welcome";
    print 
    "Hello {$member['details']['name']}, and welcome"
    Hmm, nice, didn't know this.

    But honestly, isn't it better simply to do
    PHP Code:
    print 'Hello ' $_POST['name'] . ', and welcome.'
    ?

    and then ofcourse to use echo() if you can ?
    - website

  17. #92
    "Of" != "Have" bronze trophy Jeff Lange's Avatar
    Join Date
    Jan 2003
    Location
    Calgary, Canada
    Posts
    2,063
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by torrent
    PHP Code:
    print "Hello {$member->name}, and welcome"
    PHP Code:
    echo "Hello $member->name, and welcome"
    would also work
    Who walks the stairs without a care
    It shoots so high in the sky.
    Bounce up and down just like a clown.
    Everyone knows its Slinky.

  18. #93
    Crazed
    Join Date
    Mar 2001
    Location
    TO, Canada
    Posts
    126
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    according to what voo said, would not this be 'best':
    PHP Code:
    print 'Hello ' $_POST['name'] , ', and welcome.'
    Notice the ',' instead of '.'
    iBegin.com - everything local
    Tech Soapbox - my blog

  19. #94
    SitePoint Zealot
    Join Date
    Dec 2001
    Location
    UK
    Posts
    105
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by cyborg from dh
    PHP Code:
    echo "Hello $member->name, and welcome"
    would also work
    True. Only because the name is followed by an invalid character for variable names. If you changed the above to:]
    PHP Code:
    echo "Width = $member->width00"
    The this would not work, as 00 are valid characters in a variable name.

    Point is; there are a zillion ways you can print out your information. Do what you think is best in your application.

  20. #95
    ********* Member website's Avatar
    Join Date
    Oct 2002
    Location
    Iceland
    Posts
    1,238
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by AhmedF
    according to what voo said, would not this be 'best':
    PHP Code:
    print 'Hello ' $_POST['name'] , ', and welcome.'
    Notice the ',' instead of '.'
    I belive the , does only work with echo()

    But guys, isn't this method still 'better' then the other one ?
    This is the problem with php, there are too many ways to do a single thing.
    - website

  21. #96
    SitePoint Zealot
    Join Date
    Dec 2001
    Location
    UK
    Posts
    105
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by MattR
    Kymira,

    I think the official word from Zend (et al) is that you should abandon the use of double-quotes since the process to find variables in the quotes is quite costly. Not to mention it craps out quite soon (you can run benchmarks and it will eventually kill PHP).

    In short:
    PHP Code:
    echo 'You are ' $age ' years old!'
    is better and preferable to:
    PHP Code:
    echo "You are $age years old!"
    I think it should be noted that you cannot single quote escaped characters you want the parser to recognise. For example
    PHP Code:
    <?php
    print "There is a newline between this text\nand this text\n";
    print 
    'Now see what happens\nwhen you do this!';
    ?>
    I agree it is good practice to use single-quotes where possible, although find it slightly more difficult to believe the performance difference in everyday PHP programming is really that noticeable.

  22. #97
    "Of" != "Have" bronze trophy Jeff Lange's Avatar
    Join Date
    Jan 2003
    Location
    Calgary, Canada
    Posts
    2,063
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by torrent
    PHP Code:
    print "There is a newline between this text\nand this text\n";
    print 
    'Now see what happens\nwhen you do this!'
    Of course you could go:

    PHP Code:
    print 'There is a newline between this text
    and this text
    '

    (Not saying it's better, lol, just pointing it out.)
    Who walks the stairs without a care
    It shoots so high in the sky.
    Bounce up and down just like a clown.
    Everyone knows its Slinky.

  23. #98
    SitePoint Guru GamerZ's Avatar
    Join Date
    Nov 2001
    Location
    Singapore
    Posts
    617
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by AhmedF
    according to what voo said, would not this be 'best':
    PHP Code:
    print 'Hello ' $_POST['name'] , ', and welcome.'
    Notice the ',' instead of '.'
    What is the difference between '.' and ','? I always use with '.'

  24. #99
    "Of" != "Have" bronze trophy Jeff Lange's Avatar
    Join Date
    Jan 2003
    Location
    Calgary, Canada
    Posts
    2,063
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    PHP Code:
    print 'Hello'$_POST['name'], ', and welcome.'
    would not work, because commas do not work with print, only echo.

    And the difference is, when echoing and using commas, (especially when outputting variables), instead of creating a new string in memory, it just outputs it as it goes.

    (faster.)
    Who walks the stairs without a care
    It shoots so high in the sky.
    Bounce up and down just like a clown.
    Everyone knows its Slinky.

  25. #100
    SitePoint Guru GamerZ's Avatar
    Join Date
    Nov 2001
    Location
    Singapore
    Posts
    617
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Quote Originally Posted by cyborg from dh
    PHP Code:
    print 'Hello'$_POST['name'], ', and welcome.'
    would not work, because commas do not work with print, only echo.

    And the difference is, when echoing and using commas, (especially when outputting variables), instead of creating a new string in memory, it just outputs it as it goes.

    (faster.)
    thanks, learned another gd pt.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •