If it’s not already done, I suggest you to read the first part of this serie of two posts to learn how to use properly PHP sessions.
Well, now that everyone knows what to do and not do with sessions, we can try to improve performance a little more.
The rule is to determine how sessions will be used in the application and then choose a better handler than the default one : files.
Back in the game with another PHP quick tip
Ever faced the problem of needing to loop through an array but it has non-consecutive numeric keys ?
There are some easy ways to reassign array keys from 0 onwards.
Since its 5th version, PHP brings a full object model and offers a lot of features for OOP (Object-oriented programming). Unlike PHP 4, PHP 5 implements concepts such as visibility (public, private, protected), abstract classes and methods, interfaces…
Moreover, it provides a large set of ready-to-use and useful classes, abstract classes and interfaces. This ressources collection composes the SPL : Standard PHP Library. Among those, array overloading classes, iterators and additional exceptions may be found.
This post don’t cover all the SPL features but offer a good overview of the powerful iterators to enrich your own classes.
Yet, if you are curious, you may list all the classes and interfaces contained in the SPL with the two following functions :
// Display the SPL classes var_dump(spl_classes()); // Display the declared interfaces var_dump(get_declared_interfaces());
Ever wonder how many days there are in a specific month ?
When coding websites or web applications, working on security is important. To prevent all kinds of injections (XSS, SQL, CSRF…), you have to check all data coming from a foreign source. The typical example is when a user send data to your server from an HTML form. But it’s also the case when getting your visitors’ HTTP REFERER or USER AGENT, a value from a cookie or calling an API.
The basic rule is to never trust data which don’t come from your own code.
To help you keep your applications safe, since its 5.2 version, PHP provides the Filter extension which supplies a couple of handy functions to validate and sanitize data.
The two main functions are filter_var and filter_input. The first simply filters a specified variable with the given filter whereas the second is able to directly target an external variable (such as a $_POST or $_GET key) and to return it, possibly after having filtered it.
Both come with the same list of filters allowing you to validate or sanitize data.
In this first part we’re going to overview the validate filters. The sanitize ones will be exposed in a second part post. (more…)