Useful suggestions for PHP 10-turn (Qi ba Jiu 0)

1. Use the Ip2long () and LONG2IP () functions to convert the IP address into an integer store into the database.

This approach reduces storage space to nearly One-fourth (char (15) of 15 bytes to reshape 4 bytes), calculates whether a particular address is within a section of the page is simpler, and speeds up the search and sorting speed (although sometimes just a little bit faster).

2. Verify that the domain name exists by using the CHECKDNSRR () function when verifying the email address.

This built-in function verifies that the specified domain name resolves to an IP address. The user comment section of the PHP document for this function has a simple user-defined function that is based on CHECKDNSRR () to verify the legality of the email address. For those who think their email address is [email protected] instead of [email protected], this method can be very convenient to catch them.

3. If you are using PHP 5 and MySQL 4.1 or higher, consider using the Mysqli_* series function.

A good feature is that you can use preprocessing statements, which can speed up queries if you are maintaining a database-intensive site. Some assessment scores.

4. Learn to fall in love with ternary operators.

5. If you feel a reusable part of your project, check to see if you have the pear before you write the next line of code.

Many PHP programmers know that PEAR is a good repository, although many programmers do not know. This online repository contains more than 400 reusable program fragments that you can instantly use in your program. Unless you say your project is really special, you can always find a pear package that saves you time.

6. Use Highlight_file () to print out a beautifully formatted source code.

This function is handy if you're looking for a script to help with the message board and IRC. Of course, be careful not to accidentally leak out your database connection information and passwords and so on.

The Highlight_file () function highlights the file syntax.

1. Highlight_file (filename,return)

FileName	Necessary. The path of the PHP file to be highlighted.
Return	Optional. If set to True, this function returns the highlighted code.

This function outputs or returns a syntax-highlighting version of the code contained in the filename by using the color defined in the PHP syntax highlighting program.

Many servers are configured to automatically highlight files with the phps suffix. For example, when you view Example.phps, the source code that the file is highlighted by syntax is displayed. To enable this feature, add the following line to httpd.conf :

1. AddType Application/x-httpd-php-source. Phps

return value

If the return parameter is set to True, the function returns the highlighted code instead of outputting them. Otherwise, if successful, returns True, and False if it fails.

Instance:

1. <span style="Font-size:small;" >
2. <body>
3. <?php
4. Highlight_file ("test.php");
5. ?>
6. </body>

7. Use the error_reporting (0) function to prevent users from seeing potentially sensitive error messages.

Ideally, the publisher should be completely banned in php.ini. But if you're using a shared Web server and you don't have your own php.ini file, then your best bet in this case is to add error_reporting (0);(or use the require_once () method before the first line of all the scripts. This makes it possible to completely block sensitive SQL query statements and path names when errors occur.

Error_reporting () Sets the error level for PHP and returns the current level.

Mask value represents name
1 E_error
2 e_warning
4 E_parse
8 E_notice
E_core_error
E_core_warning

E_notice indicates that the general situation is not recorded and only used if the program has an error condition, such as attempting to access a nonexistent variable or calling the stat () function to view a nonexistent file.
E_warning are usually displayed, but the execution of the program is not interrupted. This is very effective for debugging. For example: Call Ereg () with a problematic regular expression.
The e_error is usually displayed, and the program execution is interrupted. This mask cannot be traced to a memory configuration or other error.
E_parse parsing errors from the syntax.
E_core_error is similar to E_error, but does not include errors caused by PHP core.
E_core_warning similar to e_warning, but does not include PHP core error warnings.

8. Use Gzcompress () and gzuncompress () to explicitly compress/decompress strings before storing large strings in the net database.

This PHP built-in function uses the GZIP algorithm to compress normal text up to 90%. These functions are used whenever I want to read and write fields of blob type. The only exception is when I need a full-text search.

string gzcompress (string data [, int level])
Description
The result returns a compressed version of the input value string, which returns False if it fails. The non-required level can be given 0 to 9,0 to indicate no compression, and 9 for maximum compression.
But this compression is not gzip compression

9. You get multiple return values from a function by using the "reference" method to pass the parameter.

Like the ternary operator, most programmers trained in formal programming know this technique. But programmers with HTML backgrounds that are larger than Pascal's backgrounds have more or less questioned "can I return multiple values from a function with only one return?" The answer is to precede the variable with a "&" symbol, passed by "reference" rather than "value".

10. Fully understand the dangers of "magic quotes" and SQL injection.

I want to read that the developers here are already very familiar with SQL injection. But I'm still listing this here because it's a bit hard to understand.

Magic quotation marks (Magic Quote) is a process that automatically escapes data into a PHP script. It is best to avoid escaping while encoding and escaping as needed at run time.
What is Magic Quotes

When turned on, all ' (single quotes), "(double quotes), \ (backslash), and NULL characters are automatically added with a backslash to escape. This is exactly the same as the addslashes () function.

A total of three magic quote instructions:

* MAGIC_QUOTES_GPC affects HTTP request data (Get,post and cookies). Cannot be changed at run time. The default value in PHP is on. See GET_MAGIC_QUOTES_GPC ().
* magic_quotes_runtime if open, most of the functions that get data from external sources and return the data, including from the database and text files, are escaped by backslashes. This option can be changed at run time, and the default value in PHP is off. See Set_magic_quotes_runtime () and Get_magic_quotes_runtime ().
* Magic_quotes_sybase if opened, single quotes are escaped using single quotes instead of backslashes. This option will completely overwrite the MAGIC_QUOTES_GPC. If you open two options at the same time, the single quotes will be escaped to '. Double quotes, backslashes, and NULL characters are not escaped. How to get its value see Ini_get ().

Useful suggestions for PHP 10-turn (Qi ba Jiu 0)