KevinM1
Moderators-
Posts
5,222 -
Joined
-
Last visited
-
Days Won
26
Everything posted by KevinM1
-
For non-e-commerce frameworks, look into either Symfony2, Zend Framework 2, or Yii (I see a lot of Yii questions on Stack Overflow). CodeIgniter is still popular, too, but I'm not sure about its popularity in high-end shops. Honestly, MVC frameworks all tend to be pretty similar. Once you understand the pattern, it's largely the implementation details that differ. Even cross-platform (a Controller in ASP.NET MVC is pretty much the same thing as a Controller in Symfony, or Ruby on Rails).
-
How Can Site Get Hacked If You Protect All Get And Post Inputs ?
KevinM1 replied to Eritrea's topic in Application Design
Also, no one should be using the mysql_* functions any more. They're essentially soft deprecated. Instead, use either MySQLi or PDO. Both have parameterized statements, which is the way to go when attempting to stop SQL injection.- 7 replies
-
- php
- sql-injection
-
(and 2 more)
Tagged with:
-
Absolutely ridiculous. To tie it back to something I've noticed on here, that style of 'learning' seems to be what members like justlukeyou and some others employ, where the absolute foundation (operators, user-defined functions, control structures, etc.) will eventually and subconsciously be absorbed while they attempt to solve a larger problem. And there's likely some truth to that idea. But I'm willing to bet that people who are taught/learn like that will be less proficient in whatever subject they're attempting to learn (math, English, science, programming, whatever) than those that learned in a more traditional way. I'm trying to think back (waaaay back) to my first few years in school, and from what I can remember we learned how numbers actually worked. Yeah, the teacher would use props from time to time ("If I take two apples away from this pile, how many do I have left?"), but it was done to reinforce how the glyphs on paper/on the blackboard represented the mechanics of math. We learned the logical process. We certainly didn't replace numerical positions with shapes, and then recombine them. I can only imagine the current crop of kids 15+ years from now. "Honey, did you withdraw 4 cubes, 2 cubes with a missing side, 56 curly braces, and 93 sperm from the bank?"
-
...wow.
-
In the future, please place any code within tags. If you're using the full editor, then simply click the <> button. I took the liberty of editing your original post to make it easier to read.
-
Restrict Email Domains I.e. Gmail.com, Msn.com
KevinM1 replied to Presto-X's topic in PHP Coding Help
I use gmail for my business/professional email account as well. Not mentioned is how Sisyphean the task itself is. There are a gazillion free email services around the globe. Does your boss really think that it's possible to block all of them? I mean, you could always just compare whether or not the email address' domain matches the domain of the website the user entered (if they're required to enter their business' URL (if they have one... oy)), but then you're back at "This is a dumb idea" anyway. Can you show your boss this thread? Because he strikes me as one of those people who's more apt to listen to professional strangers on the internet than the people he hired expressly for their technical ability. Not kidding. There are plenty of middle management people who can only be persuaded that their idea is shit by a neutral and respected 3rd party. -
I think it's largely the same in the US. Universities focus more on the academic/theoretical side of CS. Community/technical colleges are geared towards actual employment, but the quality of their programs varies widely by school and instructor. There's also a glut of for-profit scams (both local and national) that offer certificate programs for thousands of dollars and 2-3 years worth of investment. The certificates come from those so-called 'schools' and are about on par with toilet paper. They exist solely to prey on those who don't understand how secondary education works, or don't have the money to go to a legit school. There seems to be a movement in my area to improve the local tech school offerings across the board. Hardly surprising given the number of tech startups between Boston and Manchester, and the focus on education that area is known for in general. That said, I'm willing to bet that options aren't as rosey in Alabama, Mississippi, Kentucky, or some place remote like North/South Dakota. There's still a lot of work to be done in order to give equal (for all intents and purposes) access to secondary education here.
-
Can you show the rest of your class?
-
A couple quick things before I go to bed: Reduce the text shadow a bit. Paragraphs are your friend (index, become a citizen, etc.).
-
'Polluting' is the correct spelling: http://www.merriam-webster.com/dictionary/polluting
-
Anyone have any experience with cloud based PaaS hosting? I've heard of PHP Fog, and apparently Heroku has PHP hosting capabilities (poorly documented and not advertised). I'm curious to see if anyone's tried PaaS hosting, and what their thoughts are.
-
I recently bought a few names through hover.com. A bit expensive ($15 each), but a great control panel. and they were recommended by Leo Laporte, who generally knows his stuff. No complaints.
-
Can you show your form code, your form handling code, and your anti-flood code?
-
Exactly. Legit companies don't ask for a full app to be written. Instead, they look at the applicant's portfolio, and then ask a variety of small (but perhaps complex) programming questions to be solved then and there, like the infamous FizzBuzz question. If you don't have a portfolio you can show potential clients/employers, you need to make one.
-
I'm trying to embrace TDD, and to that end, I want to fiddle with PHPUnit. What's the consensus on installation? A new copy included with every project, or installing it in bin for universal access? I'm leaning towards the latter, but am interested in hearing other opinions.
-
In past posts, I gave you a link to what I felt was the most "In plain English" resource I have found - Larry Ullman's book. Have you bought it yet? Because that's as gentle an introduction there is. Get it, if you don't have it already.
-
Pretty much. Encoding code as base64 does nothing to secure it. Base64, in particular, is such a common method that it's easily recognizable and easily thwarted.
-
Is this supposed to be security through obfuscation or something? Because turning PHP into base64 and then executing it isn't really gaining you anything.
-
On the one hand, classes like that produce people that ensure people like us will always be in high demand. On the other, someone teaching that Dreamweaver is the end-all, and that code is bad in 2012 is highly unqualified and out of touch. This isn't 2003. I mean, I can understand if the class is more about the visual side of development since it's titled Advanced Web Design. Design and development are two sides of a coin. Design is really all about the UX - layout, user interaction, fancy pants Javascript, general aesthetics. But professionals still write code. Yeah, they may use libraries and frameworks, but they do more than blindly find 3rd party scripts and plug them in, hoping they'll work. And, buying input validation? Really?
-
Read/unread is not what he said. He said it's the same as posting a message, which, if your forum is working, should already be in place. The only real difference to posting in a thread is that a PM is private between two parties. Read/unread is a completely different thing, one that doesn't have much to do with posting messages at all.
-
Your best bet is to look for some documentaries. Anything Hollywood puts out is usually incredibly wrong on the technology and what programmers actually do, and focused entirely on some cliche story. The best I've seen that wasn't a documentary was Pirates of Silicon Valley which was a made-for-TV movie about Bill Gates and Steve Jobs. It's about as good a movie about programmers can be without being a documentary, although it still wasn't completely accurate. http://en.wikipedia.org/wiki/Pirates_of_Silicon_Valley Fun fact: the guy who voices Bender on Futurama (along with other cartoon roles) played Steve Ballmer in the movie. Inspired casting.
-
No, a stroke, as in outline. In this case, each letter should have a thin (read: 1px) dark (the blue in the flag?) outline to help make the letters stand out from both the background and each other. How are you creating them? I'm assuming it's with some sort of image editor. There should be a way to add a stroke/outline to any shape or text. If you have Photoshop, it's trivial to do.
-
I really don't like the pale gold headings. At the very least, put a dark stroke around the letters.
-
Auto increment has nothing to do with duplicated data. All it would do is the following on insert: id first_name last_name age 1 Peter Griffin 35 2 Peter Griffin 35 A unique or primary key will do what you suggest. That said, it doesn't address the actual problem, which is his code apparently executing twice.
-
Already edited. That's what we moderators are for.