PHP Security Tips
Because you can never know too much, and it’s about time I wrote a follow-up to my PHP Script Checklist article. 1. Never include sensitive data in a .inc When I started my current job, one of the first things I did was move all…
I have been working with the PHP language since early 2001, first as the nerdy hobby of a spotty teen and then later into my career as a Web Developer. I try to write about PHP things that will be useful to me, useful to you, and everything in between.
Because you can never know too much, and it’s about time I wrote a follow-up to my PHP Script Checklist article. 1. Never include sensitive data in a .inc When I started my current job, one of the first things I did was move all…
In Part Three of the Beginner’s Guide to PHP we learnt about the if construct (“statement”), and using it to check the value of some input. In this guide we’ll learn about two more constructs: foreach() and array() foreach Construct foreach — a type of…
One of the most effective spam blocking techniques I used in my custom CMS was a scoring system. The idea is that the more spammy someone is, the higher the score they are given. After a certain cut-off point whereby a person or spam-bot has…
I’ve had to restart this about 4 times now, because each time I decide to finish off, I get half way and somehow lose the file. I don’t know about l33t PHP Ninja; recently I’ve been l33t file loser. Anyway, quick recap: in Part Two…
Let’s have a quick re-cap of what we covered in Beginner’s Guide to PHP – Part One: there are different data types (string, integer, floating point number and boolean) and variables are created by simply assigning data to them. Simple enough? Well, now we’re going…
…you create a PHP script to parse your telephone bills because you can’t be bothered to install suitable software to deal with .csv files. (If anyone wants that code btw, let me know and I’ll hook you up. It’s designed to parse BT phone bills…
Due to the relative simplicity of PHP, more and more young webmasters are getting their hooks into scripting. This can be a good thing — it increases the range of functionality and fun that we can add to our websites without the need to learn…
First things first, we might as well get out of the what PHP is not: PHP is not a replacement for HTML. PHP is not a synonym for MySQL. Although they work well together, they’re not the same thing. PHP is not all about layout-based…
I’ve released part one of what I hope will be a series of PHP security articles — a PHP Script Checklist for those developing or looking to develop their own scripts. If you have any thoughts on PHP security problems that you’d like to be…