Category Archives: PHP

Ngrok – Free Web Tunneling

In the verge of today’s web development we encounter cases that in order to proceed we need to have a public accessible URL. Thankfully, Ngrok provide a free service to do this.

What it does is tunnel your machine to a Ngrok URL with a specific port. We just need to download the ngrok.exe from their website and run the command like

ngrok http 80


With this command your service on your local machine that is running on port 80 will be mapped and accessible publicly for FREE. For a full documentation view it here.

God Bless!

Thanks,
Thomie

Creating a file to Download dynamically in an https / SSL connection

Hi there, 

Here is a tip when you are programming something that you want your file’s path to be hidden. It’s specially when its under a secure connection or https or SSL connection.

  1. Remember the mime type ea. image/jpg
  2. Remember the file name ea. image.jpg
  3. Remember not to put expiration and no-cache on your header
  4. Remember to open it on another tab or window as much as possible
  5. When you are debugging you can remove the headers so the file won’t be downloaded

Hope this tips can help you specially #3 because your download will fail on lower version of IE.

Thanks,

A potentially dangerous Request.Form value was detected from the client

Have you ever experience the following error in ASP .NET?

A potentially dangerous Request.Form value was detected from the client 

Then you are one like me. Then you should now that one of the values of your elements (<inputs> or <button> or <textarea>) has html elements on it. Example is bellow:

<input type=’text’ name=’content’ value='<script language=”javascript”>alert(“Hello World!”);</script>’/>

Then you should also know that this error is persisting because the values given above might be an XSS attack. If you are sure that you want to accept this type of values on your dabatase you may explicitly remove this validation by adding this tag to your page’s masterpage or 1st line of tag.

validateRequest=”false”

If you are on ASP .NET MVC you can add this to your model, assuming that your model has the content variable.

[AllowHtml]
public string content = String.Empty;

Thanks hope it help you allot. Also if you are not familiar with XSS attacks, I will try to make an article for that so you can create your own script that is hack-able, be able to prevent it, and know what are it’s crons.

God Bless!

PHP.ini Mail Settings

Note this, PHP.ini Mail Settings guide, is for users who has an email that is using the MS Office Outlook Email on their dev PC.

Open your PHP.ini and look for the following line of code:

[mail function]
;For Win32 only.
;http://php.net/smtp
SMTP = <put here the SMTP server address of your email>
;SMTP = localhost
; http://php.net/smtp-port
smtp_port = <port of your smtp server>
;smtp_port = 25
; For Win32 only.
; http://php.net/sendmail-from
sendmail_from = <put your email address here>
;sendmail_from = [email protected]

PHP Developer TipsList

Some Tips for PHP Developers

  1. echo is faster than print.
  2. Wrap your string in single quotes (’) instead of double quotes (”) is faster because PHP searches for variables inside “…” and not in ‘…’, use this when you’re not using variables you need evaluating in your string.
  3. Use sprintf instead of variables contained in double quotes, it’s about 10x faster.
  4. Use echo’s multiple parameters (or stacked) instead of string concatenation.
  5. Use pre-calculations, set the maximum value for your for-loops before and not in the loop. ie: for ($x=0; $x < count($array); $x), this calls the count() function each time, use $max=count($array) instead before the for-loop starts.
  6. Unset or null your variables to free memory, especially large arrays.
  7. Avoid magic like __get, __set, __autoload.
  8. Use require() instead of require_once() where possible.
  9. Use full paths in includes and requires, less time spent on resolving the OS paths.
  10. require() and include() are identical in every way except require halts if the file is missing. Performance wise there is very little difference.
  11. Since PHP5, the time of when the script started executing can be found in $_SERVER[’REQUEST_TIME’], use this instead of time() or microtime().
  12. PCRE regex is quicker than EREG, but always see if you can use quicker native functions such as strncasecmp, strpbrk and stripos instead.
  13. When parsing with XML in PHP try xml2array, which makes use of the PHP XML functions, for HTML you can try PHP’s DOM document or DOM XML in PHP4.
  14. str_replace is faster than preg_replace, str_replace is best overall, however strtr is sometimes quicker with larger strings. Using array() inside str_replace is usually quicker than multiple str_replace.
  15. “else if” statements are faster than select statements aka case/switch.
  16. Error suppression with @ is very slow.
  17. To reduce bandwidth usage turn on mod_deflate in Apache v2 or for Apache v1 try mod_gzip.
  18. Close your database connections when you’re done with them.
  19. $row[’id’] is 7 times faster than $row[id], because if you don’t supply quotes it has to guess which index you meant, assuming you didn’t mean a constant.
  20. Use <?php … ?> tags when declaring PHP as all other styles are depreciated, including short tags.
  21. Use strict code, avoid suppressing errors, notices and warnings thus resulting in cleaner code and less overheads. Consider having error_reporting(E_ALL) always on.
  22. PHP scripts are be served at 2-10 times slower by Apache httpd than a static page. Try to use static pages instead of server side scripts.
  23. PHP scripts (unless cached) are compiled on the fly every time you call them. Install a PHP caching product (such as memcached or eAccelerator or Turck MMCache) to typically increase performance by 25-100% by removing compile times. You can even setup eAccelerator on cPanel using EasyApache3.
  24. An alternative caching technique when you have pages that don’t change too frequently is to cache the HTML output of your PHP pages. Try Smarty or Cache Lite.
  25. Use isset where possible in replace of strlen. (ie: if (strlen($foo) < 5) { echo “Foo is too short”; } vs. if (!isset($foo{5})) { echo “Foo is too short”; } ).
  26. ++$i is faster than $ i++, so use pre-increment where possible.
  27. Make use of the countless predefined functions of PHP, don’t attempt to build your own as the native ones will be far quicker; if you have very time and resource consuming functions, consider writing them as C extensions or modules.
  28. Profile your code. A profiler shows you, which parts of your code consumes how many time. The Xdebug debugger already contains a profiler. Profiling shows you the bottlenecks in overview.
  29. Document your code.
  30. Learn the difference between good and bad code.
  31. Stick to coding standards, it will make it easier for you to understand other people’s code and other people will be able to understand yours.
  32. Separate code, content and presentation: keep your PHP code separate from your HTML.
  33. Don’t bother using complex template systems such as Smarty, use the one that’s included in PHP already, see ob_get_contents and extract, and simply pull the data from your database.
  34. Never trust variables coming from user land (such as from $_POST) use mysql_real_escape_string when using mysql, and htmlspecialchars when outputting as HTML.
  35. For security reasons never have anything that could expose information about paths, extensions and configuration, such as display_errors or phpinfo() in your webroot.
  36. Turn off register_globals (it’s disabled by default for a reason!). No script at production level should need this enabled as it is a security risk. Fix any scripts that require it on, and fix any scripts that require it off using unregister_globals(). Do this now, as it’s set to be removed in PHP6.
  37. Avoid using plain text when storing and evaluating passwords to avoid exposure, instead use a hash, such as an md5 hash.
  38. Use ip2long() and long2ip() to store IP addresses as integers instead of strings.
  39. You can avoid reinventing the wheel by using the PEAR project, giving you existing code of a high standard.
  40. When using header(’Location: ‘.$url); remember to follow it with a die(); as the script continues to run even though the location has changed or avoid using it all together where possible.
  41. In OOP, if a method can be a static method, declare it static. Speed improvement is by a factor of 4..
  42. Incrementing a local variable in an OOP method is the fastest. Nearly the same as calling a local variable in a function and incrementing a global variable is 2 times slow than a local variable.
  43. Incrementing an object property (eg. $this->prop++) is 3 times slower than a local variable.
  44. Incrementing an undefined local variable is 9-10 times slower than a pre-initialized one.
  45. Just declaring a global variable without using it in a function slows things down (by about the same amount as incrementing a local var). PHP probably does a check to see if the global exists.
  46. Method invocation appears to be independent of the number of methods defined in the class because I added 10 more methods to the test class (before and after the test method) with no change in performance.
  47. Methods in derived classes run faster than ones defined in the base class.
  48. A function call with one parameter and an empty function body takes about the same time as doing 7-8 $localvar++ operations. A similar method call is of course about 15 $localvar++ operations.
  49. Not everything has to be OOP, often it is just overhead, each method and object call consumes a lot of memory.
  50. Never trust user data, escape your strings that you use in SQL queries using mysql_real_escape_string, instead of mysql_escape_string or addslashes. Also note that if magic_quotes_gpc is enabled you should use stripslashes first.
  51. Avoid the PHP mail() function header injection issue.
  52. Unset your database variables (the password at a minimum), you shouldn’t need it after you make the database connection.
  53. RTFM! PHP offers a fantastic manual, possibly one of the best out there, which makes it a very hands on language, providing working examples and talking in plain English. Please USE IT!

The Adamson Chronicle Website

theadamsonchronicle.tk

theadamsonchronicle.tk

Here is another website I have developed together with my partner, Calbin Montalban.

Staging: http://theadamsonchronicle.tjsa.info

Live: http://theadamsonchronicle.tk

PHP : How to remove a folder and its content?

If you are using PHP then you can use this function.

/*

@params

$dir – the full directory path of the FOLDER you want to delete

$DeleteMe – if you want to delete the said FOLDER or not.

*/

function rmdir_r ( $dir, $DeleteMe = TRUE ){

if ( ! $dh = @opendir ( $dir ) ) return;
while ( false !== ( $obj = readdir ( $dh ) ) )
{
if ( $obj == ‘.’ || $obj == ‘..’) continue;
if ( ! @unlink ( $dir . ‘/’ . $obj ) ) $this->rmdir_r ( $dir . ‘/’ . $obj, true );
}

closedir ( $dh );
if ( $DeleteMe )
{
@rmdir ( $dir );
}

}

PHP: Just got into mysql_insert_id() is very useful.

Long ago I have been programming with PHP but I am having problem in getting the inserted key for the new record that I have just inserted to my database.

 

My turn around was to query the same data that I have inserted. Recently, it just to  my head if there is a function on the net that perform the said task. And poof there it is. mysql_insert_id();

Usage

1. Perform an insert query. ea. INSERT INTO name(`name`) VALUES(‘NAME’)

2. Use the function to get the primary-auto-increment key. $id = mysql_insert_id();

Thats it you have get the key of your inserted record.

 

Hope it help you.

WEBSITE : Transportation Method Using Modified Stepping Stone

WEBSITE : http://transpomodi.tk

During my school days, I, together with my co leagues, had develop one website for Operational Research.  The said website was develop as part of their finals for the said subject.

Its main goal is to easily compute optimized number of items to be delivered to a particular location. Or what ever the purpose of using the transportation method using modified stepping stone in the area of Operational Research.

Again you are free to use the website for any purpose. Hope it help you.

The said website were developed by:

  • Thomie Jose San Agustin
  • Calbin Montalban
  • Kevin Stephen Muñoz