Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
> I don't know away to improve it, but I can
> point out a thing or 2.
>
> instead of using $_POST["comments"], and if
> your address is like,
> http://mad.chickenkiller.com/blogtest/blog.php?comments=cdtgfgytfgyytgtu
> PHP creates a varible called $comments, so you can just use
> fwrite($fp,$comments);
As I understood it, it was the GET method that tacked the variables onto the
URL. That's actually why I chose POST. Also, I read that variables like
$comments are 'external variables', and that they are off by default in PHP4.
Unless I'm mistaken, this is now the preferred way of accessing them.
> Also, technically, I haven't looked up "ab" yet, but with
> $fp = fopen($filename,"w");
> If the file doesn't exist, it should created it, but if
> you're reading a file and it doesn't exist, you should
> be able to get by with...
a is 'append,' so it begins writing after the content that's already there, and
b is 'binary,' which is the default in PHP4, but is recommended for portability.
Also, I'm not ever planning to have anyone commenting on a file that doesn't
exist, which is why I tested for file_exists() first.
> if(!$fp = fopen($filename,"r")) {
> printf("ERROR: file %s does not exist\n",$filename);
> return;
> }
I didn't know using (!$foo) was valid PHP. Thank you. That'll make all
my '$foo == NULL' parts look much cleaner.
I do thank you very much for taking the time to take a look at it.
> And that's basicly the same thing as if File does not exist.
>
> On Sun, 7 Sep 2003, yoda wrote:
>
> > Hey, all. I wanted to play with some interactivity on my site, so I figured I'd
> > start toying with PHP. I looked up a bunch of stuff, and wrote a little page for
> > my journal that allows comments. It's pretty basic, but I was wondering if
> > someone would be willing to skim the code quickly and see if there's anything I
> > could improve (with respect to security, efficiency, etc.) on it. Thanks to
> > anyone who's willing to help.
> >
> > I've added .txt to the end so you can download it without preprocessing:
> > http://mad.chickenkiller.com/blogtest/blog.php.txt
> > You can see it in action at:
> > http://mad.chickenkiller.com/blogtest/index.php
> >
> > ------------------------------------------------------
> > It's GNU/Linux damnit.
> > http://www.gnu.org/gnu/linux-and-gnu.html
> > _______________________________________________
> > members mailing list
> > EMAIL:PROTECTED
> > http://mlug.missouri.edu/mailman/listinfo/members
> >
> _______________________________________________
> members mailing list
> EMAIL:PROTECTED
> http://mlug.missouri.edu/mailman/listinfo/members
>
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact