NotionCommotion

Thanks requinix and jacques, In regards to Chinese, are we talking Mandarin or Cantonese? I actually could count to ten in Cantonese Don't know the alphabet, so guess I don't need to go there. In regards to using the mb extensions, yes, I unfortunately recently needed to do so. I must read a file and look at the first few bytes of each line, and parse the rest of the line as appropriate. Took me for a loop.

Thanks Jacques, Yes, I had recently become aware of the poor name of utf8_encode(). As far as I can tell, Excel cannot export text with UTF-8 encoding. It is possible to take several steps to do so (export to Google equivalent, etc), but that is not ideal. Excel can export to Unicode text and since I have only one column, this might work, but it mysteriously puts quotes around some of the entries. Obviously, not a PHP topic and no need to respond unless you want to. My main reason for my original post was making sure I understood what I was witnessing. If without utf8_encode(), it would display � for non-ASCI characters, then the source file was SO-8859-1 (or at least not UTF-?

Just changed 80 lines of code to specify the encoding Oh well, at least Dallas and Denver lost

Major breakthrough. utf8_encode() allows me to view utf-8 characters in the browser. Therefore, my source data file must be ISO-8859-1 encoded text, right? Am I understanding this correctly? <?php //mb_internal_encoding("UTF-8"); header('Content-type: text/html; charset=utf-8'); $file = fopen('some_csv_file_created_by_excel.csv', "r"); ob_start(); while (($spec = fgetcsv($file, 100000, ",")) !== FALSE){ echo($spec[0].' '.utf8_encode($spec[0]).'<br>'); } $string=ob_get_clean(); ?> <!DOCTYPE html> <html> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"> <title>utf</title> </head> <body> <p><?php echo($string);?></p> </body> </html>

I look at my phpinfo() output, and it has ISO-8859-1 and ISO-8859-15 all over it. UTF is not listed once. Furthermore, mb_internal_encoding() displays it as ISO-8859-1. For the most part, I stick to the default settings unless I have a specific reason to change. Should I be changing php.ini to use UTF-8? If so, any specific advice how to do so? This whole encoding issue has been causing me major grief today

Thanks Kicken, I haven't been able to find any documentation explaining the "big picture" behinds the my.cnf file. Yes, there is documentation about the individual settings, but I haven't seen anything describing these "groups and options". Could you point me in a good direction to read up on them? Thank you

Your advice makes sense, however, I might have misunderstood your earlier post. I heard that I should always explicitly define the charset when setting a Content-type header. This seems contradictory to setting it globally in the webserver configuration.

Or should the Twig class be used to generate the content type header? require_once '../../../vendor/autoload.php'; Twig_Autoloader::register(); $loader = new Twig_Loader_Filesystem('templates'); $twig = new Twig_Environment($loader, array('debug' => true,)); $twig->addExtension(new Twig_Extension_Debug()); header('Content-type: text/html; charset=utf-8'); echo $twig->render('myTemplate.html', array());

Good! For once, just what I wanted to hear

Thanks Kicken, Any reason I wouldn't want to specifiy utf-8 encoding on the whole table? Or better yet, the whole database schema? Assume a table just has int, tinyint, varchar, char, text, datetime columns, is there any problem?. What about if the table includes something like a BINARY column? If so, could I do the whole database or whole table, and only got to a different encoding for specific columns? And, yes, I do use header('Content-type: text/html'); and header('Content-type: application/json; charset'); but never specified the encoding. I take it is is utf-8 by default if not specified? Good practice explicitly call out the coding even if default? I also include a utf-8 meta tag in the HTML. Probably redundant. Any reason not to do it?

Thanks QuickOldCar, I am just getting more into encoding, know nothing about iconv, and am a bit overwhelmed. A couple of basics... Client sends POST or GET request to server. Should I check each element in the array to ensure it is utf-8? How would this be done using iconv? My php.ini file states that "PHP's default character set is set to empty", and that refers to utf-8. But I thought that PHP was basically utf-8 unaware. What is the point? When creating a PDO connection, I include charset=utf8. Do I also need to configure the MySQL database as utf8? How is this done? When sending HTML to the browser, I include the <meta charset="utf-8" /> so the client interprets it correctly. Should I be doing something similar for JSON?

I recently read another post which stated: Seems like a lot of work. How important is really doing so? Can the DB be configured in some kind of strict mode which will error upon anything which isn't, and I can deal with it as an exception?

I don't have any formal training, but this is what I learned the hard way. Understand and document your user requirements. Do not go forward until this is complete. Come up with a final design for all your pages, or at a minimum, a design developed enough to all you to define all required functionality. Do not go forward until this is complete. Develop your database schema. Spend some time here, and get it right. Be sure it is normalized. For understanding general SQL queries, I like "Simple SQL" by Rudy Limeback. For the actual design, I like "Database Design" by Ryan Stephens and Ronald Plew. Definitely don't go forward until this is complete. Come up with a consistent MVC design pattern which will be used throughout the application. I recommend not using someone else's, but just make your own simple one. Utilize OOP. Use a single entry point into your site (index.php) where additional data is included in the URL or Post. Consider the use of Twig templates. Give thought to security. Don't go forward until you are happy with it. Come up with a list of methods in your controllers and models for all the page. Determine where they shared between individual pages. Document what arguments they are given or returned, and briefly what they should do. NOTE TO OTHERS: I've never done this step, but wish I had. Is this an important step? Is the process of doing so called anything so I could search for literature describing how it should be accomplished? Now, start your application. Be sure to religiously use PDO and prepared statements for user input. Use Git for source control! Ask questions. Have fun.

My my.cnf file has three sections (mysqld, mysqld_safe, mysql). It seems that they represent different modes which MySQL runs in. Is this correct? I read that some recommend running in safe mode. Should I be if it is being used to support PHP? I typically start MySQL as "service mysqld start" when running Centos. How should I be starting it if I want it in safe mode.

I now see the $60 SmartCom certificate was just verified and not extended verified, and their EV goes for $200/year (time limited special offer?) and has additional requirements to obtain. I assume their EV cert offers wildcard, but am not certain. Assuming there are not excessive hidden fees, pricing seems reasonable even with the potential $25 revocation fee. I've used their free certificates before, but cannot vouch for their customer service and how they handle exceptional situations. Unless I find their customer service sucked, I will likely go with their non-extended verified offering first, and upgrade when appropriate.

Saying??? It is extensive verified? But a standard certificate? What other type is available? Just no green bar but the same quality? My personal needs are multiple subdomains with "reasonable" security.

Thanks Jacques, I actually changed the user response to differentiate between a non-existent hashed (link is incorrect) token and one that isn't 32 characters (are you sure you included all the characters in the link?) based on your advise. Also, I agree that caching or logging of URLs with secret tokens is problematic, however, ever user (potentially excluding you ) wants it, so hopefully they will immediately reset their password and make the token no longer valid.

Thanks Kicken, I am sure this is a little tiny detail which could cause a not so little headache.

I had done so before starting this post. As far as I could tell, the equal sign has higher precedence than the > sign, and the parenthesis are not required. Just couldn't find this documented anywhere.

Thanks phpaddiction, and welcome to php freaks. Do you know whether the parenthesis around setting $f2_y are absolutely required. I looked at http://php.net/manual/en/language.operators.precedence.php, and wasn't sure whether = had higher precedence than >. Regardless, I feel they make the code more readable.

Just to confirm, the password reset page in step 3 should include a hidden input containing the token itself and not the hash of the token? Should only the most recent token be considered valid if the user reset their password multiple times and gets multiple emails? If so, I suppose I should check the token and inform the user to check their email if it is not the most recent before displaying the password reset page. Similarly, if the token hash doesn't exist in the DB, inform the user?

I typically only use the first two solutions. Is there anything wrong with the third? Is there any more streamlined way to do it? function f1($x){return $x*1;} function f2($x){return $x*1;} $x=2;$y=1; if(f1($x)>f2($y)){echo(f2($y)."\n");} // or $f2_y=f2($y); if(f1($x)>$f2_y){echo($f2_y."\n");} // or if(f1($x)>$f2_y=f2($y)){echo($f2_y."\n");}

The application is being built for Sony, and it is a business rule which they will not budge on.

Does anyone have any comments regarding StartSSL's verified offering? It is $60/year and includes wildcard. StartSSL™ VerifiedStartSSL™ Verified (Class 2 / 3) digital certificates are ideal for authentication, B2B and B2C transactions, protection of electronic mail and signing of object code and macros. More than that, StartSSL™ Verified provides a level of flexibility and support options not found anywhere else. StartSSL™ Verified supports: Web server certificates (SSL/TLS) Wild cards (*.domain.com) Multiple domains (DNS Alt Names) 128/256-bit encryption Object Code Signing Client and mail certificates (S/MIME) US $ 10,000 insurance guaranteed Certificates 2 or 3 Years valid

Okay, I understand that this is not correct since I am catching any exceptions, and not a specific type. What exception should I throw if I have a problem with the file upload part? try { db::db()->beginTransaction(); //Do a bunch of queries, and throw PDO exception upon error if(!$this->save_XHR_File($file_path)) {throw new Exception('File not uploaded.');} if(!$this->verifyFileType($file_path)) {throw new Exception('Invalid file upload type.');} db::db()->commit(); } catch (Exception $e) { db::db()->rollBack(); if(file_exists($file_path)) {unlink($file_path);} }