nrg_alpha
-
Posts
2,441 -
Joined
-
Last visited
Never
Posts posted by nrg_alpha
-
-
http://yvettesbridalformal.com/index.htm
Pftt, doesn't even validate. (152 errors - 5 warnings) Fail.
Bonus CSS Fail. (360 errors)
-
-
-
In the event of say preg_match vs built-in functionality like str_replace, explode, etc, it's circumstancial. Typically, while regex is extremely robust and useful, it is heavier (as there is more overhead involved). Depending on the task at hand, sometimes it does make sense to use those built-in functions as opposed to regex. In reality, it appears that in most cases, the speed difference comparison between both methods won't amount to anything special (but again, it highly depends on the task at hand and the data involved). Often you'll see benchmarking tests with a loop involving thousands of iterations, and the difference between methods is so small that on a reasonable amount of looping, it will even make less of a difference (we humans won't be able to tell the speed difference).
Having said that, I am personally an advocate of squeezing out performance (as a generality anyways). If the situation calls for making better use of built-in functions over regex, so be it. That's the way I'll go (or vise versa). Squeezing out extra performance juice never hurts IMO. But admittedly, the speed differences are most likely to be infinitesimal at best in most real world situations.
-
aeroswat, for future refernce, please don't wipe out your posts like that (don't edit out original posting content). What you initially posted may be relevant to others who may stumble upon it (or have similar issues and could possibly gain insight from your initial question / issue).
-
Or rather than using temp variables creating long chains of nested functions like:
echo implode( ', ', array_reverse( array_map( 'trim', /*you get the idea */ ) ) );
Or; Put; Everything=Onto; One; Line;
Ohhh even better.. how 'bout nested ternary operators?
$test = 'one'; echo $test == 'one' ? 'one' : $test == 'two' ? 'two' : 'three'; /* Ultimately evaluates to 'two'; as the initial test for $test evaluates as 'one' * however, (in the wise words of Billy Mays "But wait! There's more!") that 'one' is now checked to see if it is in turn true... * in which case it is, thus 'two' of the final 'two' or 'three' choice is chosen. Nice way to cluster f#$k the mind. */
-
[ot]Surely words like "a" and "I" also start and end with the same letter, right?
[/ot]Yeah, I suppose... lol
[ot]
Hmmm.. do words like"a" and "I" make great palindromes (much like PHP
)?[/ot]
-
Something like this should do it
'/\b([a-z])[]a-z]*\1\b/i'
Two issue though:
a) I think you accidently inserted a ] in your a-z character class, and
b) Your character class would suffice with zero times (due to using the * quantifier).
So your pattern would be problematic in something like:
$str = 'I took my dad to the bb range!'; preg_match_all('/\b([a-z])[a-z]*\1\b/i', $str, $matches); echo '<pre>'.print_r($matches[0], true);Both dad and bb will register in the $matches array. I suspect you would need to make the quantifier a + like so: [a-z]+ This would force the word to be at least 3 characters long (unless of course the OP doesn't mind matching "words" like bb, or qq, ii, etc...
-
tibberous said he hates it when people use $_GET or $_POST instead of $_REQUEST (IOW he was saying you should use $_REQUEST). I was questioning why he felt that way, and argued that if anything, using $_REQUEST is not ideal.
Right.. sorry, the way his post was worded, I was interpreting it as suggestive of using $_POST / $_GET as opposed $_REQUEST., but I now see the context.
All for naught..
-
Sorry, I didn't state that solution properly (now upon re-reading it).
The book mentions:
You can take a few steps to mitigate the risk of CSRF attacks. Minor steps include using POST rather than GET in your HTML forms that perform actions, using $_POST instead of $_REQUEST in your form processing logic, and requiring verification for critical actions (convenience typically increases risk, and it's up to you to determine the appropriate balance).
The most important thing you can do is to try to force the user to use your own forms. If the user sends a request that looks as though it is the result of a form submittion, it makes sense to treat it with suspicion if the user not recently requested the form that is supposedly being submitted...
So I mistated the solution. So when I mentioned 'one of the solutions', I meant it was part of a series of steps.. but yeah, poorly worded on my part.. my bad. In any case, the link provided in the edit in the previous post should help shed light on the issue.
-
so tibberous, is using $_GET and $_POST instead of $_REQUEST just a personal pet peeve of yours, or do you have a real reason why that's some kind of bad practice? If anything, I would argue the opposite, as $_REQUEST holds both, it's one step closer to the concept of register globals.
...and same goes with someone using their own framework they built...I sort of fail to see how that's bad practice. Do you know the ins and outs of all the existing "big name" frameworks out there? And btw they did have to start somewhere themselves; at one point in time they were also no-name frameworks.
Actually CV, according to Chirs Shiflett (author of 'Essential PHP Security'), $_REQUEST is not recommended. One of the reasons is that it is susceptible to CSRF (Cross-Site Request Forgeries) attacks. CSRF is when an attacker sends arbitrary HTTP requests from the victim. The book mentions this is particularly dangerous when say the victim is always logged onto a site that sells goods and uses $_REQUEST in its form. The attacker can profile the form code, see what elements and their expected values are, and observe the overall form's behavior. Once this is figured out, the attacker tests to see if GET data can perform the same behavior as achieved by using the form normally.
If so, the doors are blown wide open for the attacker to use this to his/her advantage (getting the victim to visit the set-up URL in question). One of the solutions in mitigating CSRF attacks is to use POST instead.
Granted, I'm no security expert (and having not read the book in a while, it would do me good to re-read it as a refresher).
EDIT - Here's an article from Chris' site regarding this issue:
-
I think he was referring to my comment about bad variable names (like $x representing say a car budget). $x was probably a bad example, as he probably thought about using variables inside loops as counters. In hindsight, I should have used say $cb (for car budget) instead.
But, like they say, hindsight has 20/20 vision.
-
With the use of array_slice, the last 20 entries will be retained (including their indices.. so using an array with say 25 indices, the new array will start at index 5 and go through to 24:
$arr = array(1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25); $last20 = array_slice($arr, -20, 20, true); echo '<pre>'.print_r($last20, true); // index 5 thru 24, with values 6 thru 25
Not sure if this is a big deal or not.. but if you want to have the indices renamed from from 0 instead, you can use array_splice instead:
$arr = array(1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25); $last20 = array_splice($arr, -20); echo '<pre>'.print_r($last20, true); // index 0 thru 19, with values from 6 thru 25
-
I suppose one way could something like:
$html = <<<EOF <br>Forta +95<br>Aparare +20<br>Dexteritate +20<br> <br>Forta +70<br>Dexteritate +80<br> EOF; preg_match_all('#(?:<br>(?:Forta|Aparare|Dexteritate).*?(?=<br>))+#i', $html, $matches); foreach($matches[0] as $val){ echo $val . "<br />\n"; } -
So do you mean something like this?
$str = 'I like my cat better than my dog, but decided to eat my mouse instead.'; preg_match_all('#(?:cat|dog|mouse)#i', $str, $matches); // using preg_match_all will match any / multiple instances of what the pattern is looking for echo '<pre>'.print_r($matches, true); -
lol reminds me of transformers stop motion vids
-
$headhsot = array()
lol Yes, I accumulate plenty of those off of opponents (virtually speaking of course.. so don't send the men in black after me, please. Kthanx).
-
I'm not referring to variables in a loop acting as a counter.. I mean just creating a variable to represent something, but is poorly represented.
-
lol @ quine.
-
- I would recommend always using error reporting (not in live production servers, but localhost - I suppose this can be configured in your installation as well - I'm not much of a server / let's configure everything kind of guy):
error_reporting(E_ALL | E_STRICT);
I have seen some people say it isn't necessary to use E_STRICT. Problem is, E_ALL won't catch the problem like this:class Foo{ public function bar(){ return 'I am a method!'; } } echo Foo::bar();
As of PHP 6, it is my understanding that E_STRICT will be rolled up into E_ALL (at least, that's what I read somewhere... can't recall where though).
- In classes, I tend to label private and protected properties with a leading underscore (for easier client coder readability):
class Foo{ public $name; // no leading underscore, as this property is public private $_age; // leading underscore tells me through the class code that this property is private ... }
- Mistakes I often run across include accidental assignments like:
if ($a = $b) ...
- While the following isn't a mistake (nor perhaps a bad habit per say), it irks me to find someone do this:
if($valuation == true)...
as opposed to:
if($valuation)...
We know that a lone variable in that case is being evaluated to see if it equates to true or not.
- Bad formatting / indentation is an obvious given (too many examples to bother listing).
- While I confess to be guilty to this, sometimes, instead of declaring an array to start, like:
$headhsot = array()
I skip this and just start assigning values in a loop like:$headshot[] = $value
Problem is, when I return to this code later on, I find myself wondering where this thing was declared.. and because it isn't, it confuses me.
- Another thing that bugs me is not giving variables meaningful names that make sense. Exmaple, did you know that $x is actually representative of a car budget? Me neither.. but $carBudget certainly does.
I'm sure I'll think of more...
Edit (Daniel0): Replaced faux horizontal rules with real ones.
- I would recommend always using error reporting (not in live production servers, but localhost - I suppose this can be configured in your installation as well - I'm not much of a server / let's configure everything kind of guy):
-
Ah, I see now what the end result should be like.. yeah, cags pattern will work (if the goal is only to split by periods). If there is a sentence with say an exclamation mark or question mark, it won't work. In that case, you would have to change the positive look behind assertion to something like: (?<=[.!?])
-
My suggestion would be to to use something like dom / domxpath.
So for example, suppose I wanted to fetch all the links from say http://www.sfu.ca/, this would be one way to do it:
$dom = new DOMDocument; libxml_use_internal_errors(true); @$dom->loadHTMLFile('http://www.cs.sfu.ca/'); // insert url of choice libxml_use_internal_errors(false); $xpath = new DOMXPath($dom); $aTag = $xpath->query('//a[@href]'); // search for all anchor tags that provide an href attribute $finaloutput = array(); // declaring array $finaloutput foreach($aTag as $url){ $finalouput[] = array('url' => $url->getAttribute('href'), 'anchor' => $url->nodeValue); } echo '<pre>'.print_r($finalouput, true); -
The sentences within a paragraph should have no space between them, but when there is a paragraph break, I'd like the single spaced empty space to show up between paragraphs.
Well, my point was that the pattern splits when it runs into a carriage return (in the above example, I simplified things by using simple sentences between breaks instead of complete paragraphs. I tweaked the pattern a bit and used two small paragraphs as a test:
$article = 'Phasellus molestie rhoncus odio, vitae vehicula nisl varius eget. Nullam eget aliquam nibh. Quisque turpis diam, adipiscing non consequat a, hendrerit sit amet lacus. Donec commodo egestas ipsum id placerat. Nulla aliquet posuere neque, eget ultricies nulla feugiat et. Nunc et nunc molestie nibh viverra pretium at eu felis. Cras nec quam eros. Nunc in velit ac mauris consequat tempor. Etiam pretium eros non erat molestie dapibus.'; $chunks = preg_split('#(\R+)#', $article, -1, PREG_SPLIT_DELIM_CAPTURE); $chunks = array_map('ltrim', $chunks); echo '<pre>'.print_r($chunks, true);the \R is a shorthand for \r\n.. so using \R+ is basically saying, whenever someone hits the enter key one ore more consecutive times, this is how everything will be split up. Granted, if someone types a sentence, hits enter (with the intention of still keeping those sentences within the same paragraph), the pattern will still split this.. if this is going to be a problem, then perhaps changing \R+ to \R{2,}
EDIT - If this is still not what you are looking for, please provide a small sample set of paragraphs, and show what the end result array should look like.
-
Perhaps a pattern like this?
/\.(?:gif|jpe?g|png)$/i
The i modifier takes care of case insentivity, so gif or GIF / png or PNG will both work. as for jpg's I used jpe?g (since the e is optional, this will match jpg, JPG, jpeg, JPEG).
1997 called, they want their website back.
in Miscellaneous
Posted
I used the default settings in the W3C validator (set to "automatically detect" - which has the site treated as HTML 4.01 Transitional). In any case, nothing can save that thing. It's an eternal abomination.