¡@
php Programming Glossary: neverHow to evaluate formula passed as string in PHP? http://stackoverflow.com/questions/1015242/how-to-evaluate-formula-passed-as-string-in-php we somehow push a non function on the stack this should never happen return this trigger internal error index elseif op.. ' ' if is_null o2 return this trigger unexpected ' ' oops never had a else output o2 pop the argument expression stuff and push..
How to properly set up a PDO connection http://stackoverflow.com/questions/11369360/how-to-properly-set-up-a-pdo-connection or I might just not get the answers correctly. Anyway I've never thought about it because the way I do it works for me. But here's.. like a charm So that's basically how I'm doing it. Also whenever I need to fetch something from my DB from not whitin a class..
Use global variables in a class http://stackoverflow.com/questions/11923272/use-global-variables-in-a-class all code to change global db to global db2 . You should never need to change your code just to switch to another database...
How can an SQL query return data from multiple tables http://stackoverflow.com/questions/12475850/how-can-an-sql-query-return-data-from-multiple-tables sec Bingo The boss is happy. Of course being a boss and never being happy with what he asked for he looks at the information..
Are PDO prepared statements sufficient to prevent SQL injection? http://stackoverflow.com/questions/134099/are-pdo-prepared-statements-sufficient-to-prevent-sql-injection a query and is much harder to pull off. AFAIK you almost never see real 2nd order attacks as it is usually easier to social..
http://stackoverflow.com/questions/138374/close-a-connection-early 'text I want user to see' in which case the headers are never sent The solution is to explicitly turn off output buffering.. called Do processing here sleep 30 echo 'Text user will never see' Just spent 3 hours trying to figure this one out hope..
Mysqli update throwing Call to a member function bind_param() error http://stackoverflow.com/questions/15447133/mysqli-update-throwing-call-to-a-member-function-bind-param-error E_ALL ini_set 'display_errors' 1 and of course you should never ever use error suppression operator @ in front of your statements...
Reference - frequently asked questions about PDO [closed] http://stackoverflow.com/questions/15990857/reference-frequently-asked-questions-about-pdo E_ALL ini_set 'display_errors' 1 and of course you should never ever use error suppression operator @ in front of your PDO statements...
PHP Parse/Syntax Errors; and How to solve them? http://stackoverflow.com/questions/18050071/php-parse-syntax-errors-and-how-to-solve-them thought process on what looks or might be wrong. One can never have enough reference questions on a programming Q A site. Ancient..
Reading/Writing a MS Word file in PHP http://stackoverflow.com/questions/188452/reading-writing-a-ms-word-file-in-php just have to follow the openly available XML schema. I've never used this format for writing out Office documents from PHP but..
Getting raw SQL query string from PDO prepared statements http://stackoverflow.com/questions/210564/getting-raw-sql-query-string-from-pdo-prepared-statements with a prepared statement on the client side so PDO should never have access to the query string combined with its parameters...
What's wrong with using $_REQUEST[]? http://stackoverflow.com/questions/2142497/whats-wrong-with-using-request aren't like form submission parameters at all you almost never want to treat them as the same thing. If you accidentally get..
What are the best PHP input sanitizing functions? http://stackoverflow.com/questions/3126072/what-are-the-best-php-input-sanitizing-functions . Don't run database escaping code on variables that will never see the database. HTML filtering is entirely unnecessary if..
PHP: “Notice: Undefined variable” and “Notice: Undefined index” http://stackoverflow.com/questions/4261133/php-notice-undefined-variable-and-notice-undefined-index of a sudden I used to use this script for years and there never was a problem. What do I need to do to fix them Is there a quick..
Who needs singletons? [closed] http://stackoverflow.com/questions/4595964/who-needs-singletons often something that you are absolutely sure that you'll never have more than one instance of you eventually have a second...
PHP Session Fixation / Hijacking http://stackoverflow.com/questions/5081025/php-session-fixation-hijacking 1 in your php.ini file. This will tell PHP to never use URLs with session identifiers. Regenerate the session ID.. the identifier is compromised. Session ID Regeneration Whenever you regenerate the session identifier using session_regenerate_id..
http://stackoverflow.com/questions/5166087/php-global-in-functions to rely on anything outside e.g. function fn global foo never ever use that a SOME_CONSTANT do not use that b Foo SOME_CONSTANT..
How to “flatten” a multi-dimensional array to simple one in PHP? http://stackoverflow.com/questions/526556/how-to-flatten-a-multi-dimensional-array-to-simple-one-in-php with str_split to make new simple array. However I never know if the join pattern isn't also in values and so after doing..
Create Subdomains on the fly with .htaccess (PHP) http://stackoverflow.com/questions/586129/create-subdomains-on-the-fly-with-htaccess-php www.subdomain.example.org or subdomain.example.org. If you never anticipate having to deal with www. or other subdomains then..
http://stackoverflow.com/questions/11061355/security-threats-with-uploads store the original file name in a database as meta data. Never let anybody or anything access the file arbitrarily. For example.. that file and run arbitrary PHP code on your server. Never store arbitrary uploaded files anywhere publicly always store..
i18n with gettext but without the locale hassle? http://stackoverflow.com/questions/1620670/i18n-with-gettext-but-without-the-locale-hassle to system that you need to provide for to get it working. Never ever. I have a set of languages say de en and es and I want..
Is it possible to protect from downloading a video from a site http://stackoverflow.com/questions/1790190/is-it-possible-to-protect-from-downloading-a-video-from-a-site advance... Fero php share improve this question Yes. Never ever show it to anyone. As soon as you do all bets are off for..
Where to use mysql_real_escape_string to prevent SQL Injection? http://stackoverflow.com/questions/2312051/where-to-use-mysql-real-escape-string-to-prevent-sql-injection when used inside a string that is delimited by quotes. Never use it on any unquoted values. This includes numeric values..
PHP regular expression for strong password validation http://stackoverflow.com/questions/2637896/php-regular-expression-for-strong-password-validation just not worth it. Also that regex you posted is crap. Never trust regexes you find floating around the web. Or any code..
Robust and Mature HTML Parser for PHP [duplicate] http://stackoverflow.com/questions/292926/robust-and-mature-html-parser-for-php in smaller functions for easy overriding Fast and Easy Never used it. Can't tell if it's any good. HTML 5 You can use the..
How do you parse and process HTML/XML in PHP? http://stackoverflow.com/questions/3577641/how-do-you-parse-and-process-html-xml-in-php in smaller functions for easy overriding Fast and Easy Never used it. Can't tell if it's any good. HTML 5 You can use the..
How to parse HTML with PHP? [duplicate] http://stackoverflow.com/questions/3650125/how-to-parse-html-with-php in smaller functions for easy overriding Fast and Easy Never used it. Can't tell if it's any good. HTML 5 You can use the..
Secure hash and salt for PHP passwords http://stackoverflow.com/questions/401656/secure-hash-and-salt-for-php-passwords in it don't prevent them from using it. Never store your user's password in plain text. Never email a password.. using it. Never store your user's password in plain text. Never email a password to your user except when they have lost theirs.. when they have lost theirs and you sent a temporary one. Never ever log passwords in any manner. Never hash passwords with..
The ultimate clean/secure function http://stackoverflow.com/questions/4223980/the-ultimate-clean-secure-function
Bulletin board - Database optimisation http://stackoverflow.com/questions/4310769/bulletin-board-database-optimisation and the other which depend on Independent Entities. 24.1. Never use Id or any such form. Where it is a PK use the full form...
How to convert html to doc in php http://stackoverflow.com/questions/4975266/how-to-convert-html-to-doc-in-php
PHP 2-way encryption: I need to store passwords that can be retrieved http://stackoverflow.com/questions/5089841/php-2-way-encryption-i-need-to-store-passwords-that-can-be-retrieved file . That's exposing yourself to additional compromises. Never store the unencrypted version of the password in anything except..
How to select multiple files for upload? http://stackoverflow.com/questions/5525972/how-to-select-multiple-files-for-upload share improve this question This depends on the browser. Never version of firefox and chrome support this because they started..
Best way to defend against mysql injection and cross site scripting http://stackoverflow.com/questions/568995/best-way-to-defend-against-mysql-injection-and-cross-site-scripting They are an inadequate solution and they confuse matters. Never embed strings directly in SQL. Use bound parameters or escape..
Stop people uploading malicious PHP files via forms http://stackoverflow.com/questions/602539/stop-people-uploading-malicious-php-files-via-forms stop. Tactics for serving user supplied images securely 1 Never store a file on your server's filesystem using a filename taken..
Display Data From MYSQL; SQL statement error http://stackoverflow.com/questions/10326746/display-data-from-mysql-sql-statement-error query or die mysql_error ^^^^^^^^^^^^^^^^^^^^^^ NEVER assume a query succeeded. Even if the SQL syntax itself is perfect..
finding a file in php that is 4 directories up http://stackoverflow.com/questions/12999809/finding-a-file-in-php-that-is-4-directories-up .' absolute path reliable for your site.php' NEVER EVER DO RELATIVE INCLUDES LIKE current directory can change..
How to Block 100,000+ Individual IP addresses http://stackoverflow.com/questions/15579620/how-to-block-100-000-individual-ip-addresses out numerous times on the mailinglist s libiptc was NEVER meant to be used as a public interface. We don't guarantee a..
CodeIgniter: Try Catch is not working in model class http://stackoverflow.com/questions/15858372/codeigniter-try-catch-is-not-working-in-model-class make sure you do rollbacks on exceptions. Related to this NEVER as in EVER use persistant connections as open transactions and..
WebRTC video chat with Ajax instead of WebSocket: Possible? http://stackoverflow.com/questions/17161287/webrtc-video-chat-with-ajax-instead-of-websocket-possible and had no signalling problems. Here they are For answerer NEVER add ICE candidates until that peer generates creates answer..
Sanitization of User-Supplied Regular Expressions in PHP http://stackoverflow.com/questions/2371445/sanitization-of-user-supplied-regular-expressions-in-php original execution time set_time_limit old_time Anyways NEVER EVER use eval with user submitted strings . Additionally you..
PHP - Query single value per iteration or fetch all at start and retrieve from array? http://stackoverflow.com/questions/356778/php-query-single-value-per-iteration-or-fetch-all-at-start-and-retrieve-from-a faster than 12 queries that return 1 piece of data. Oh and NEVER EVER NEVER put a SQL inside a loop it will always lead in a.. 12 queries that return 1 piece of data. Oh and NEVER EVER NEVER put a SQL inside a loop it will always lead in a disaster. Depending..
htmlspecialchars vs htmlentities when concerned with XSS http://stackoverflow.com/questions/3623236/htmlspecialchars-vs-htmlentities-when-concerned-with-xss And for really important and secure sites you should NEVER trust strip_tags . Use HTMLPurifier for PHP . share improve..
PHP Can a client ever set $_SESSION variables? http://stackoverflow.com/questions/4181872/php-can-a-client-ever-set-session-variables to unfiltered user input. Which brings me to my point NEVER TRUST INPUT FROM THE USER. EVER If indeed you are filtering..
Publishing To User's Wall Without Being Online/Logged-in - Facebook Sharing Using Graph API http://stackoverflow.com/questions/4814432/publishing-to-users-wall-without-being-online-logged-in-facebook-sharing-usin learning how Facebook Graph API works first. Facebook will NEVER share the user password with you If you just need to give the..
PHP security : retrieving PHP file from server, un-processed http://stackoverflow.com/questions/498521/php-security-retrieving-php-file-from-server-un-processed the server and have it returned as plaintext. However you NEVER EVER want to place such a script on a production server for..
Are mysql_real_escape_string() and mysql_escape_string() sufficient for app security? http://stackoverflow.com/questions/5414731/are-mysql-real-escape-string-and-mysql-escape-string-sufficient-for-app-secu and KNOWN exploits in the Database. All escaping will NEVER be sufficient to secure databases. In fact you can explicitly..
How to properly generate exceptions in PHP/Dojo when returning javascript code http://stackoverflow.com/questions/7265371/how-to-properly-generate-exceptions-in-php-dojo-when-returning-javascript-code This is currently under development. Backgrounds should NEVER have mouse events associated with them as a redraw of a background..
Doctrine 2 LifecycleCallbacks with abstract base class are not called http://stackoverflow.com/questions/7320425/doctrine-2-lifecyclecallbacks-with-abstract-base-class-are-not-called PreUpdate public function setUpdatedAt die 'THIS POINT IS NEVER REACHED' this updatedAt new DateTime Concrete Class @ORM Entity.. it etc. The problem is that the line die 'THIS POINT IS NEVER REACHED' is never reached. Note the @ORM PreUpdate This means..
PHP file upload: mime or extention based varification? http://stackoverflow.com/questions/7349473/php-file-upload-mime-or-extention-based-varification type whatever checkers run it In conclusion you should NEVER EVER EVER rely on MIME type. You web server doesn't care about..
|