How difficult PHP is to use and learn. PHP is not a complicated and advanced technology. at the same time, you should not expect to become an expert within five minutes. For new users, the biggest unsuitable reason is that the fault tolerance of PHP is much lower than that of the browser for HTML. If an end tag is missing in HTML, most browsers still display the page. In PHP, if you miss an ending quotation mark, semicolon, or braces, it will get an error as shown in-3 to use and learn how difficult PHP is.
PHP is not a complex and advanced technology, but at the same time, you do not want to become an expert within five minutes. For new users, the biggest unsuitable reason is that the fault tolerance of PHP is much lower than that of the browser for HTML. If an end tag is missing in HTML, most browsers still display the page. In PHP, if you omit an ending quotation mark, semicolon, or braces, an error message will be generated as shown in Figure 1-3. This is not just a feature of PHP, but is true for all server technologies, including ASP, ASP. NET, and ColdFusion.
?
Figure 1-3 server-side languages like PHP cannot tolerate most encoding errors
If you are a Web designer or developer who uses visual design tools (such as Adobe Dreamweaver or Microsoft Expression Web) and never pay attention to the basic code, it is time to reflect on your method. Mixing PHP with poorly structured HTML may cause some problems. PHP uses loops to execute repetitive tasks, such as displaying database search results. A loop repeats the same piece of code (the code usually contains both PHP and HTML) until all the results are displayed. If you place the loop at the wrong position, or the HTML structure is poor, the page may collapse like a house built with a card. If you are not used to doing so, using the W3C (World Wide Web Consortium) Markup Validation Service (http://validator.w3.org/unicorn) to check your page is a good idea.
W3C is an international organization responsible for developing standards (such as HTML and CSS) and guidelines to ensure long-term Web development. Led by Tim Berners-Lee, founder of World Wide Web. To understand W3C's mission, see www.org/consortium/mission.
?? Can I copy and paste code only?
?
There is nothing wrong with copying the code in this book, which is exactly the purpose of their existence. Replication is a method we learned when we were young, but most of us will get rid of the imitation stage. we will ask questions and start to experiment in person. I don't plan to use some boring exercises that do not have direct value for web pages to teach you how to learn PHP. This book is to allow you to apply new knowledge directly to practical projects. At the same time, I will explain what the code is used to do and why it appears there. Even if you cannot accurately understand how it works, you will gain enough knowledge to understand which part of the code is suitable for your needs, and which part should be ignored.
PHP is a toolbox that provides a lot of powerful functions. It has thousands of built-in functions that can execute various tasks, such as converting text to uppercase, generating thumbnails from a full-size image, or connecting to a database. The real strength lies in combining these functions in different ways and adding them to your own conditional logic. To learn more from this book, you need to experiment with the tools you have learned in the book and propose your own solutions.
PHP Security
PHP is like an electric or kitchen knife in your home: if it is used correctly, it is very safe; if it is operated responsibly, it will cause a lot of harm. One of the inspiration for the 1st version of this book is the emergence of malicious attacks at the end of 2005. These attacks exploit an email script vulnerability to convert websites into spam relay. Few people are not at risk. Of course I was not spared, but after realizing this problem, I fixed the vulnerability and immediately stopped these malicious attacks. However, every day, people send urgent requests to online forums for help. Even if they are told how to handle such a problem, their responses are even more maddening. Many people admit that they do not understand the code they use on their websites. It seems understandable that some people regard website creation as a hobby, but many of them are "professionals" who create websites for customers ". When their mailboxes start to be full of spam, they will naturally be unhappy. When host hosting companies disable customers' domain names because they cannot accept insecure scripts on their servers, they will be even more unhappy.
The implication of this story is not that PHP is insecure, but that everyone needs to be a security expert who uses PHP. It is important to understand the basic principles of PHP Security: check before processing user input..You will find that this will become the topic throughout the book. With little effort, most security risks can be eliminated.
Perhaps the most worrying aspect is that after the problem was first revealed for more than five years, I still see many people using insecure email scripts. The best way to protect yourself is to understand the code you are using. Even if you cannot solve the problem on your own, you can implement remedial measures recommended by the script writer or other experts .?
-Taken from PHP dynamic web page design (version 2nd)