=== and !=== PHP is a loosly typed language. For instance this is true because PHP converts to the requried types before the compare: if (1000 == “+1000”) To perform an exact comparison you can use this instead, which is false if (1000 === “+1000”) For does not equal you can also use !== Break […]
All posts by
Convert Strings
Converting to HTML, from form POST, etc See here Converting String To Variable You don’t need to, but if you want to force to a particular type you can: Converting Variables To String No need, PHP automatically converts a varaible to the type needed for the context being used If you want to: Convert copy […]
Sanitising & encoding strings
Sanitising for HTML Convert special HTML entities back to characters URL Encode and Decode Returns a string in which all non-alphanumeric characters except -_. have been replaced with a percent (%) sign followed by two hex digits and spaces encoded as plus (+) signs. A space is encoded to %20 in URLs, and to + […]
Built In Superglobal Variables
Warning When Using Superglobal Variables Hackers often use these to try and inject code etc. When accessing superglobal variables ensure you sanitise them. E.g. $CameFromPage = htmlentities($_SERVER[‘HTTP_REFERER’]); //htmlentities() converts things like < > ” \ etc into HTML strings like < so they become harmless. Superglobal Variables Always available in all scopes $GLOBALS References all […]
.Functions General
Function Examples Functions with optional arguments With a default array
? True False Test
Examples Providing to JavaScript
Print vs Echo
Print is a PHP function called with an argument. Echo is a PHP language construct. Echo is therefore faster, but when you need an actual function call you can use print. For example this only wotks using print: $MyVariable ? print “True” : print “False”;
Useful Debugging Examples
Echo echo “Line: ” . __LINE__ . ” of file: ” . __FILE__; Var Dump var_dump(
Constants
Constants define (“MY_ROOT_PATH”, “/usr/local/httpdocs/”); Then to use $PathToUse = MY_ROOT_PATH; PHP Magic Constants __LINE__ The current line number of the file. __FILE__ The full path and filename of the file. If used inside an include, the name of the included file is returned. Since PHP 4.0.2, __FILE__ always contains an absolute path with symlinks resolved […]
.Array General
Creating Arrays Use array(); Arrays in PHP can contain a mix of values if you wish (e.g. strings, integers, null, arrays). Create an empty array Create an array of values Get array value (Gets the array value if it exists, otherwise to an empty string/int) Calling a function with an array of values Key & […]