function getHash( $pass , $login ) {
$salt = substr( md5( $login ) , 0 , 10 );
return hash( 'sha256' , $pass . 'ThEStAtIcSaLe' . $salt );
}
Remeber to use same function when checking user credentials.It will be also more secure to use slower hashing/crypting function
PHP Coding Tips
PHP Coding tips & tricks. Function & error explanation, coding style, how tos etc. Short notes posted directly from developer work environment.
PHP Coding Tips
Thursday, March 28, 2013
PHP password hash with salt
It is more secure to stora a password hashed with added static (or even dynamic salt). To achieve static salt in password just append a string when calculating a hash. Example below shows dynamic salt, most secure:
Inheritance in PHP
Inheritance (extending classes) is realised in PHP with extends keyword:
class albumController extends MfStandardController {
Now, object of class albumController will be of type albumController, but also of type MfStandardController, because MfStandardController is a parent of this class
Sample smarty loop with images
If you want to print several images on your site, you must assign array of those images to smarty variable. Then, you can iterate over this array in smarty and show img tags for each image. Rember about good path:
{foreach from=$sm_photos item=item}
<img src="/content/photophoto/1/{$item.file}">
{/foreach}
If your path will not target image file, you can get 404 error, but typically image will be just hidden
Thursday, March 21, 2013
PHP: Get last element of array
Often you need to get the last element of PHP array. This is easy to achieve with
using count() function, wich counts all elements in array. Because PHP arrays are indexed from 0,
you must remeber to get "count()-1" element of an array, not "count()" element:
$exampleArray = array( 3,6,8,11,14 );
$lastElement = $array[ count($exampleArray) - 1];
echo $lastElement; // prints 14
This is the obvious way for some begginer developers. But more experienced developers will know,
that there is a function defined especially for this purpose:
echo end( $exampleArray ); // prints 14
Because this function will move internal array pointer to the end, you can reset it if you are
currently iterating over this orray, for example:
reset( $exampleArray ); // prints 14
If you are afraid about non set array, or set as other type than array, you can use function is_array() to check
if this variable is defined as array. You can also get a last key of an array in several ways:
echo end(array_keys( $exampleArray) );
// or:
end( $exampleArray );
echo key( $exampleArray );
If you don't want to move internal array pointer, you can use another one-liner to get last element from array:
$last = array_slice($array, -1, 1, true);
How to quote in echo or print in PHP?
If you are creating applications in PHP, even if you are beginner, you definatelly see echo function already.
Echo function just outputs it's argument to a user browser or to a console/terminal if PHP script is running in
the CLI mode. The trouble rises, when you have to put ' or " sign in a echo, because you have to use one
of this characters just to begin and terminate echo literal. To embed such characters in displayer string,
you need to use escape sequence. It is a special characters combination, that makes some special sense in
string literal. So, if you want to send quote sign to user, not to terminate echo string, use \" escape sequence.
If your sequence is terminated by single quotes ('), then you can also include this character in string
by escape sequence \'. See examples below:
echo "This example shows \"escape sequences\" in php string, like quotes etc";
echo 'This example shows \'escape sequences\' in php string, like quotes etc';
You can be confused if you think, what to do to put a slash in php string (\), because
it has some special meaning. But I have solution for you: this character also have some custom
escape sequence, and this sequence is: "\\".
Wednesday, March 20, 2013
How to do SMARTY foreach loop to present array values from PHP?
SMARTY is a very good template engine that helps you decompose application
view and model. If you want to create a SMARTY foreach loop, you need to have assigned
array first. If you want only to present array values, then it can be a usual PHP array without special keys.
But SMARTY foreach, same as foreach in PHP, can present keys for array items. The basic construction
of foreach loop in smarty, together with PHP array assigment to present in view, you can see below:
Now, you can write a foreach loop in your tpl file. The basic atribute of SMARTY foreach tag is from. This attribute says, from wich array you want to pick up all items for iteration. Remeber that this variable must have a dollar sign at begining.
Second required parameter in this loop construction is item. Item refers to name of variable, wich will have a value from array inside the loop. Key attribute works in the same way - it will contains key for item value in single loop iteration. There is some important thing - remeber that you create a new SMARTY varaibles here, so do not use dollar sign.
Inside the foreach loop, you can access your array item value and key by varaible names you specified as foreach tag attributes, this time begininnig with a dollar sign.
Of course, if yours item value is an array, nothings stop you to provide a nested foreach loop, with new key and value variables. This is useful thing.
If you want to print your array in fastest way, only for debug etc. you can try to use print_r function in your SMARTY tpl file. I wrote some nice tutorial about using print_r in SMARTY, so check itd.
If you want to provide additional filtering when iterating over items, see my tutorial about modifiers here.
// In PHP:
$array = new array( 'key1' => 'val1' , 'key2' => 'val2' );
$smarty->assign('someAssignedArray' , $array );
// In SMARTY:
{foreach from=$someAssignedArray key=keyOfItem item=itemValue}
The key of this item is: {$keyOfItem}<br>
The value of this item is: {$itemValue}<br>
{/foreach}
As you can see, we have to have defined array first. Example above shows custom keyed array, but this array can also
have standarized default keys like 0,1,2,3,4 etc. The first step is to assign our array to SMARTY variables,
because SMARTY doesn't have access to global PHP scope in nice way. So we must define a custom name for this variable -in
example above i named it 'someAssignedArray'. So, the array wich in PHP exeist as $array, will exist in smarty as $someAssignedArray.
Now, you can write a foreach loop in your tpl file. The basic atribute of SMARTY foreach tag is from. This attribute says, from wich array you want to pick up all items for iteration. Remeber that this variable must have a dollar sign at begining.
Second required parameter in this loop construction is item. Item refers to name of variable, wich will have a value from array inside the loop. Key attribute works in the same way - it will contains key for item value in single loop iteration. There is some important thing - remeber that you create a new SMARTY varaibles here, so do not use dollar sign.
Inside the foreach loop, you can access your array item value and key by varaible names you specified as foreach tag attributes, this time begininnig with a dollar sign.
Of course, if yours item value is an array, nothings stop you to provide a nested foreach loop, with new key and value variables. This is useful thing.
If you want to print your array in fastest way, only for debug etc. you can try to use print_r function in your SMARTY tpl file. I wrote some nice tutorial about using print_r in SMARTY, so check itd.
If you want to provide additional filtering when iterating over items, see my tutorial about modifiers here.
Tuesday, March 19, 2013
Call superclass method in object oriented PHP application
You can call parent methods using :: operator, as in example below:
parent::init( 'aaa' );
This situation works also, when dealing with static methods.
Call parent constructor in PHP
You can call constructor of the superclass of your class. Why to do that? It's important if you write your own constructor. If you derive from a class and write custom constructor then, when object is creating o only yours constructor will be called. This can casue a situation, when object isn't propably initialised. For example, some fields can be not set, null valued etc. To prevent those situations it is a good practice to call parent construtor in your class constructor as the first line like example below:
public function __construct() {
parent::__construct( 11 );
}
In this situation you prevents errors like uninitialised class variables, uncalled other initialisation methods etc. As you can see, there is also a posibility to pass some variables to parent conscturctor. This is common case - if you derive from a class, wich have some variables in constructor, then you have to pass those variables in parent constructor call. If you are afraid, that some developer who will expand your classes will omitt ocnstructor call, then you can create some variable and set it to some value in constructor. Then in working methods, you can check if this variables is still set like in constructor association. Then, if other developer will forget to call your parent constructor, this custom variable will not be set and you can throw a Exception, or other sign of error, to ensure that developer of a subclass will init object properly by parent constructor call.
Wednesday, January 30, 2013
Best way to secure e-mail in SMARTY template and CSS
See the best way to secure your e-mail from spambots. Just rearrange text flow to reverse and reverse an email with strrev() function:
<span style="unicode-bidi:bidi-override; direction: rtl;">
{$sm_item.email|strrev}
</span>
Now you have your e-mail backwarded in page source, but displayed properly
Wednesday, November 14, 2012
A three-line guestbook in PHP
Below you can see a short script that causes to write somthing you enter a form to a file. Each entry is appended in new line.
<form method=post><input name=a><input type=submit></form>
<?php
if($_POST['a'])file_put_contents('z.txt',$_POST['a']."\n",FILE_APPEND);
Subscribe to:
Posts (Atom)