₦airaland Forum

Welcome, Guest: Join Nairaland / LOGIN! / Trending / Recent / New
Stats: 2,296,526 members, 5,046,277 topics. Date: Friday, 19 July 2019 at 03:28 PM

List Of Don'ts In A PHP Application - Webmasters - Nairaland

Nairaland Forum / Science/Technology / Webmasters / List Of Don'ts In A PHP Application (587 Views)

I Can Port Yoast Sitemap Plugin For (wordpress) To Work With Any Php Application / Sms Sending Php Application / Connecting To Your Gmail Account From Your Php Application. (2) (3) (4)

(1) (Reply) (Go Down)

List Of Don'ts In A PHP Application by ellistmedia: 6:31pm On Oct 24, 2013
Here is a list of some things you must not do in a Php application you intend to be secure

1. Never allow open error reporting in a live application.
Always hide your website errors using error_reporting(0) before any code line

2. Don't directly delete any database records.
Always program you code in such a way that deleted records are first sent to trash and during routine maintenance you can authorize a script to empty the trash. I do this by choosing an active record status to be set to 1, 0 for pending and 2 for trash. The delete function simply just set the record to 2 (trash). This also help if you mistakenly delete a record and you want to retrieve it back.

Also if some very sophisticated crawler can gain access to your member only pages and crawl those delete links. You will start noticing you are losing lots of your database records.

3. Don't always expose your file path.
For example doing something like this www.examplesite.com/signup.php. If this path actually leads to your signup.php script, then it is bad coding practice. Always use mod_rewrite rules to make your URL fancy and difficult to Manipulate the URL querystring.

4. Always filter, validate and escape your input fields properly this way:
htmlspecialchars(stripslashes(strip_tags(trim($_GET['fieldname']))))

You can add some of your don'ts to this thread.

1 Like

Re: List Of Don'ts In A PHP Application by DualCore1: 8:47pm On Oct 24, 2013
Train your instincts to place a "where" immediately after typing "update" or "delete from" in your database queries. So you don't end up forgetting to put it and wiping off ALL the data.

Don't run your code after every line you type, that's a waste of time. Write a considerable amount of codes, the whole thing even (if you can) before testing. PHP error messages have line numbers so you can always figure out where an error is if any.

Don't go from brain to coding, plan your work on paper and see how things relate to each other.

Don't code from morning till night, work smart not hard.

Don't abuse OOP (most people tend to use OOP because it makes them feel among the elite that exists only in their imaginations). Some will end up having to create and instantiate classes for very ridiculous tasks.

Don't write messy codes. Have a fixed framework or file structure when working. Don't through all your php files in the root folder. Break all your files into folders (images, styles, pages, forms, javascript).

That's all I can remember now, these are not rules they are just my best practices.
Re: List Of Don'ts In A PHP Application by Djtm(m): 11:48pm On Oct 24, 2013
Dual Core: Train your instincts to place a "where" immediately after typing "update" or "delete from" in your database queries. So you don't end up forgetting to put it and wiping off ALL the data.
lol. that might be fatal.
Re: List Of Don'ts In A PHP Application by Oohrhii(m): 3:47am On Oct 25, 2013
Please i need help on this php code. i am having problem on how to truncate a record pulled from data base while displaying it but i cant really get it.. the best i was able to do was to put it in a textarea and limit it by width and number of line. .. using this code:

<textarea name="textarea" cols="35" rows="3"><?php echo $row_rsMa['pd_description']; ?></textarea>

but i want it in a proper format without using textarea please how do i go about this?
Re: List Of Don'ts In A PHP Application by DualCore1: 8:20am On Oct 25, 2013
Oohrhii: Please i need help on this php code. i am having problem on how to truncate a record pulled from data base while displaying it but i cant really get it.. the best i was able to do was to put it in a textarea and limit it by width and number of line. .. using this code:

<textarea name="textarea" cols="35" rows="3"><?php echo $row_rsMa['pd_description']; ?></textarea>

but i want it in a proper format without using textarea please how do i go about this?
Its not the place for this, this should be in one of the PHP help threads.

In answer to your problem:

$short_description = substr($row_rsMa['pd_description'], 0, 50);
echo $short_description;

This will display the first 50 characters of the product description. Adjust the last argument 50 to fit your need.
I recommend you go through the entire PHP documentation (www.php.net), it helps to have an idea about all PHP functions and what they can do.
Re: List Of Don'ts In A PHP Application by spikesC(m): 8:39am On Oct 25, 2013
or just get the number of characters you need from mysql

SELECT left(description, 50) FROM...

(1) (Reply)

Webmasters, Please What Are The Best Security Measures For SMF? / Get Free/sure 2014 Jamb Runs/expo Here / E-ADVERT; HOW DO I GO ABOUT IT

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (0) (1) (2) (3) (4) (5) (6) (7) (8) (9)

Nairaland - Copyright © 2005 - 2019 Oluwaseun Osewa. All rights reserved. See How To Advertise. 49
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.