<?php

if (isset($username[5])) {
    // The username is at least six characters long.
}

?>

When you treat strings as arrays, each character in the string is an element in the array. By determining whether a particular element exists, you can determine whether the string is at least that many characters long. (Note that the first character is element 0, so $username[5] is the sixth character in $username.)

The reason this is slightly faster than strlen() is complicated. The simple explanation is that strlen() is a function, and isset() is a language construct. Generally speaking, calling a function is more expensive than using a language construct.

<?php

if (auth($username) == 'admin') {
    $admin = TRUE;
} else {
    $admin = FALSE;
}

?>

This seems safe enough, because it’s easy to comprehend at a glance. Imagine a slightly more elaborate example that sets variables for name and email as well, for convenience:

<?php

if (auth($username) == 'admin') {
    $name = 'Administrator';
    $email = 'admin@example.org';
    $admin = TRUE;
} else {
    /* Get the name and email from the database. */
    $query = $db->prepare('SELECT name, email
                           FROM   users
                           WHERE  username = :username');
    $query->execute(array('username' => $clean['username']));
    $result = $query->fetch(PDO::FETCH_ASSOC);
    $name = $result['name'];
    $email = $result['email'];
    $admin = FALSE;
}

?>

Because $admin is still always explicitly set to either TRUE or FALSE, all is well, but if a developer later adds an elseif, there’s an opportunity to forget:

<?php

if (auth($username) == 'admin') {
    $name = 'Administrator';
    $email = 'admin@example.org';
    $admin = TRUE;
} elseif (auth($username) == 'mod') {
    $name = 'Moderator';
    $email = 'mod@example.org';
    $moderator = TRUE;
} else {
    /* Get the name and email. */
    $query = $db->prepare('SELECT name, email
                           FROM   users
                           WHERE  username = :username');
    $query->execute(array('username' => $clean['username']));
    $result = $query->fetch(PDO::FETCH_ASSOC);
    $name = $result['name'];
    $email = $result['email'];
    $admin = FALSE;
    $moderator = FALSE;
}

?>

If a user provides a username that triggers the elseif condition, $admin is not initialized. This can lead to unwanted behavior, or worse, a security vulnerability. Additionally, a similar situation now exists for $moderator, which is not initialized in the first condition.

By first initializing $admin and $moderator, it’s easy to avoid this scenario altogether:

<?php

$admin = FALSE;
$moderator = FALSE;

if (auth($username) == 'admin') {
    $name = 'Administrator';
    $email = 'admin@example.org';
    $admin = TRUE;
} elseif (auth($username) == 'mod') {
    $name = 'Moderator';
    $email = 'mod@example.org';
    $moderator = TRUE;
} else {
    /* Get the name and email. */
    $query = $db->prepare('SELECT name, email
                           FROM   users
                           WHERE  username = :username');
    $query->execute(array('username' => $clean['username']));
    $result = $query->fetch(PDO::FETCH_ASSOC);
    $name = $result['name'];
    $email = $result['email'];
}

?>

Regardless of what the rest of the code does, it’s now clear that $admin is FALSE unless it is explicitly set to something else, and the same is true for $moderator. This also hints at another good security practice, which is to fail safely. The worst that can happen as a result of not modifying $admin or $moderator in any of the conditions is that someone who is an administrator or moderator is not treated as one.

If you want to shortcut something, and you’re feeling a little disappointed that our example includes an else, we have a bonus tip that might interest you. We’re not certain it can be considered a shortcut, but we hope it’s helpful nonetheless.

Consider a function that determines whether a user is authorized to view a particular page:

<?php

function authorized($username, $page) {
    if (!isBlacklisted($username)) {
        if (isAdmin($username)) {
            return TRUE;
        } elseif (isAllowed($username, $page)) {
            return TRUE;
        } else {
            return FALSE;
        }
    } else {
        return FALSE;
    }
}

?>

This example is actually pretty simple, because there are only three rules to consider: administrators are always allowed access; those who are blacklisted are never allowed access; and isAllowed() determines whether anyone else has access. (A special case exists when an administrator is blacklisted, but that is an unlikely possibility, so we’re ignoring it here.) We use functions for the rules to keep the code simple and to focus on the logical structure.

There are numerous ways this example can be improved. If you want to reduce the number of lines, a compound conditional can help:

<?php

function authorized($username, $page) {
    if (!isBlacklisted($username)) {
        if (isAdmin($username) || isAllowed($username, $page)) {
            return TRUE;
        } else {
            return FALSE;
        }
    } else {
        return FALSE;
    }
}

?>

Finally, this can be reduced to a single return:

<?php

function authorized($username, $page) {
    return (!isBlacklisted($username) && (isAdmin($username) || isAllowed($username, $page));
}

?>

If your goal is to reduce the number of lines, you’re done. However, note that we’re using isBlacklisted(), isAdmin(), and isAllowed() as placeholders. Depending on what’s involved in making these determinations, reducing everything to a compound conditional may not be as attractive.

This brings us to our tip. A return immediately exits the function, so if you return as soon as possible, you can express these rules very simply:

<?php

function authorized($username, $page) {

    if (isBlacklisted($username)) {
        return FALSE;
    }

    if (isAdmin($username)) {
        return TRUE;
    }

    return isAllowed($username, $page);
}

?>

This uses more lines of code, but it’s very simple and unimpressive (we’re proudest of our code when it’s the least impressive). More importantly, this approach reduces the amount of context you must keep up with. For example, as soon as you’ve determined whether the user is blacklisted, you can safely forget about it. This is particularly helpful when your logic is more complicated.

If you use strpos() to determine whether a substring exists within a string (it returns FALSE if the substring is not found), the results can be misleading:

<?php

$authors = 'Vijay & Jana';

if (strpos($authors, 'Vijay')) {
    echo 'Vijay is an author.';
} else {
    echo 'Jana is not an author.';
}

?>

Because the substring Vijay occurs at the very beginning of Vijay & Jana, strpos()correctly returns 0, indicating the first position in the string. Because the conditional statement treats this as a Boolean, it evaluates to FALSE, and the condition fails. In other words, it looks like Vijay is not an author, but he is!

This can be corrected with a strict comparison:

<?php

if (strpos($authors, 'Vijay') !== FALSE) {
    echo 'Vijay is an author.';
} else {
    echo 'Jana is not an author.';
}

?>

Class (Store as “sql.date.class.php“):

<?php

class FormatDate {

public function Date($SQLdate, $format) {

$maketime = strtotime($SQLdate);

return date($format,$maketime);

}
}

$dateobj = new FormatDate;

?>

Implementation (Store as “index.php“):

<?php

require_once “sql.date.class.php”;

echo $dateobj->Date(“2009-11-28 6:44:07″,”F j, Y, g:i a”); //Argument 1 is a SQL DATETIME format [Call your date format from SQL table], argument 2 is a format which u need.
echo “<br/>”;
echo $dateobj->Date(“2009-11-28 6:44:07″,”m.d.y”);
echo “<br/>”;
echo $dateobj->Date(“2009-11-28 6:44:07″,”h-i-s, j-m-y, it is w Day”);
echo “<br/>”;
echo $dateobj->Date(“2009-11-28 6:44:07″,’\i\t \i\s \t\h\e jS \d\a\y.’);

?>

In above class, you want to pass 2 arguments,

1. First Argument will be date, which from SQL (DEFAULT SQL DATETIME FORMAT date(“Y-n-j g:i:s”)) table.
2. Second Argument will be Date format which you need as output.

Once above passed arguments are correct, it will returns the date in Date Format, you needed. Download Source here [ ZIP Format ], [ RAR Format ] [Please Comment for updations]

SQL injection refers to the act of someone inserting a MySQL statement to be run on your database without your knowledge. Injection usually occurs when you ask a user for input, like their name, and instead of a name they give you a MySQL statement that you will unknowingly run on your database. Source – tizag.com.

Protection Class in PHP:

This is my own code to filtered unwanted inputs by user: [ Don't forget to comment here for improvement ]

<?php

class SQLProcess {

function filter($array) {

$keyarray = array();
$valuearray = array();
$outarray = array();

while (list($key, $value) = each($array)) {

if(get_magic_quotes_runtime()) {
set_magic_quotes_runtime(false);
}

$badWords = “(delete)|(update)|(union)|(insert)|(drop)|(http)|(–)|(script)|(iframe)|(alert)|(XSS)”;

//Values Filter
$filtervalues = eregi_replace($badWords,”‘”, $value);
$filtervalues = mysql_real_escape_string($filtervalues);
$filtervalues = htmlentities($filtervalues,ENT_QUOTES);

//Key Filter
$filterkeys = eregi_replace($badWords, “”, $key);
$filterkeys = mysql_real_escape_string($filterkeys);
$filterkeys = htmlentities($filterkeys,ENT_QUOTES);

array_push($keyarray,$filterkeys);
array_push($valuearray,$filtervalues);

}
$outarray = array_combine($keyarray, $valuearray);
return $outarray;
}

}

$Process = new SQLProcess;

?>

Example Usage:

$filter = $Process->filter($_REQUEST);

print_r($filter);

$_REQUEST is an array with total inputs given by users through form.

Note: Comment here to improve this class. And also mysql_real_escape_string() will works only when Database is used(connected). If you not using Database! replace mysql_real_escape_string with addslashes.

<?php
$sPage = explode(“/”, $_SERVER['PHP_SELF']);
$URL= $sPage[count($sPage)-1];
?>

For Example:

http://www.vijayakumar.org/profile/vijay

Output will be profile.php [file name changes depends upon file used]

Explanation is given under source code.

<?php
//connection parameters
$username = “root”;
$password = “”;
$dbhost = “localhost”;
$database = “test”;

//Array creation
$table1array = array();
$table2array = array();
$finalarray = array();

//connect to database server
$dbconnection = mysql_connect($dbhost, $username, $password) or die(“Could not connect to MySQL Database”);
echo “Connection Success!!!”;

//connect to database
$dbhandle = mysql_select_db($database, $dbconnection) or die(“Could not select the test database”);

//Queries to combine
$t1 = “select * from `table1`”;
$t2 = “select * from `table2`”;

$table1query = mysql_query($t1);
$table2query = mysql_query($t2);

//Count the number of records are equal.
$t1_count = mysql_num_rows($table1query);
$t2_count = mysql_num_rows($table2query);

//If not equal, error will be produced
if($t1_count != $t2_count) {

echo ” But, both parameters should have an equal number of elements”;
exit;

}

//First table query to push, first table values into array by using array_push
while($table1row = mysql_fetch_array($table1query)) {

$table1value = $table1row['table1_value'];
array_push($table1array, $table1value);

}

//Second table query to push, second table values into array by using array_push
while($table2row = mysql_fetch_array($table2query)) {

$table2value = $table2row['table2_value'];
array_push($table2array, $table2value);

}

//Combine above generated arrays and combine into one
$finalarray = array_combine($table1array, $table2array);

//Print the output
print_r($finalarray); exit;

?>

EXPLANATION:

Create tables:

Connect to database with database username and password. Create database called “test” followed by creating 2 tables. Name those tables as ‘table1’ and ‘table2’. Inside both tables create 2 fields with names ‘t1_id’, ‘table1_value’ -> for table1 and ‘t2_id’, ‘table2_value’ -> for table2. Then insert values into 2 tables in fields ‘table1_value’ and ‘table2_value’ equally. Remember that, both tables’ values should be equal.

Create 3 arrays:
Return to PHP source code, Create 3 arrays using array() in names $table1array, $table2array, $finalarray. $table1array is to hold values from table 1 and $table2array is to hold values from table 2. $finalarray is to combine arrays $table1array and $table2array.

Execute 2 queries and compare:

$t1 and $t2 are MySql queries to combine values. Execute the 2 tables’ using mysql_query(). Count number of rows using mysql_num_rows(); Because values of 2 tables should be same, otherwise it will returns warning message.[ This is validated on next line 32 using if statement].

Push values into array:

If both table 1 and table 2 values are equal, it will run 40th line. There we using while loop to get table1 values into array by name $table1array using array_push(). Now all values of table 1 are moved to $table1array. Next line 48th, having another while loop, It’s also get table 2 values into array by name $table2array using array_push().

Combine 2 arrays:

We got 2 arrays which holding 2 different set of values. Combine, 2 arrays $table1array and $table2array by using array_push(). And named final array  $finalarray. Print the result print_r($finalarray);. That’s all. We achieved.

Final result:

If 2 tables (table1 and table 2) values are not equal. Output will be,

Connection Success!!! But, both parameters should have an equal number of elements

Otherwise output will look like [data can be differ as per ur input],

Connection Success!!!Array ( [1] => vijay [2] => jana [3] => selvaraj [4] => welcome [5] => hello world )

Download Source code:

http://www.splendidwebtech.com/code/download.php?file=CombineMySqlresults.zip

http://rapidshare.com/files/280269160/CombineMySqlresults.zip.html

Ok, let we start..,

It’s very simple work, by fetching data from 2 different databases. In these 2 databases, one will holds data about Tamil (or any language) and another will holds English. Once, Tamil language is clicked, data from Tamil (or any language) database will fetched and if English language is clicked, data from English database will fetched. So, you need to know 2 things very clearly,

1)     How to handle 2 different databases in a project? and

2)     How to insert Tamil language (or any language) into DB?

Ok let we see the answers for above questions,

1) How to handle 2 databases in a project? (This is my logic; you can use by your own, if u has any method to call databases)

<?php

session_start();

ob_start();

if(isset($_REQUEST['ta']))

{

$sess = $_REQUEST['ta']; //Tamil language

$_SESSION['ta']=$sess;

$database = ‘multitamil’;

}

else if(isset($_REQUEST['en']))

{

unset($_SESSION['ta']);

$sess = $_REQUEST['en']; //English language

$_SESSION['en']=$sess;

$database = ‘multienglish’;

}

mysql_connect(“localhost”,”root”,”") or die(‘Server down for maintenence, please try again later’);

mysql_select_db($database);

?>

In above code, if once Tamil language (or any language) link clicked, pass the variable to the same page as ‘ta’ ie., ($_REQUEST['ta']) , like below,

www.youdomain.com/?ta

Once ‘ta’ is set, unset `en` session and set the session as ta. Once ‘ta’ set, database for Tamil language will be called. Tamil language Database will be active till session expired.

If, English language is clicked; pass the variable to the same page as ‘en’ i.e. ($_REQUEST['en']) , like below,

www.youdomain.com/?en

Once ‘en’ is set, unset ‘ta’ session and set the session as en. Once ‘en’ set, database for English language will be called.

Note: Default language is English.

2)  How to insert Tamil language (or any language) into DB?

If Tamil (or any language) language want to insert into DB means it will store as bulk Unicode characters. So, type Tamil language (or any language) using text box or comment box etc. and submit the form, like given below example,

<form id=”form1″ method=”post” action=”<?php $_SERVER['PHP_SELF'];?>”>

<textarea name=”language”></textarea>

<input name=”submit” type=”submit” />

</form>

Store the content in Tamil (any) Language database by using insert query. You didn’t need to worry about Unicode conversion, it will automatically converted by browsers while submission. See the link for Unicode chart supported by browsers by clicking here .

Or use Google transliteration tool for typing (Click here). Note: Once typed, copy it and paste it in text box and submit the form. Write insert query to store in Tamil database (or any of your language database).

Requirements to run this code:

1) PHP Editor,

2) WAMP server or your own server,

3) Basic knowledge in PHP, MYSQL.

Features of this code:

1) Displays same content in both Tamil Language and English,

2) Search option in both English and Tamil,

3) Search terms will be highlighted with different color in both English and Tamil language.

Download:

Click here [ RAR format ] for download [ unlimited download ]

Click here [ ZIP format ] for download [ unlimited download ]

[ Any problem in downloading, please report me ]

Installation:

1) Download the source code, and unzip it.

2) Place it in your server,

3) Open your database; create 2 databases name as multienglish and multitamil. Import the sql files (multienglish.sql & multitamil.sql) into database. (See the Database folder).

4) Change database username and password in ‘connect.php’ file.

5) Run the code now.

• MSN

• Skype

• ICQ

• AIM

• Yahoo!

1) Eliminate duplicate (or more) characters in a string (the underscore in the example below):
$text = preg_replace('#(_)+#','_',$text);

2) Randomly select of one element out of an array:
$image = $image_array[array_rand($image_array)];

3) Pass the htaccess/htpassword authenticated user to a script:
$user = $_SERVER['REMOTE_USER'];

4) Debug $_GET variables by displaying the whole search string:
echo $_SERVER['QUERY_STRING'];

5) Read a flat file (file.txt in this example) in as an array and remove line breaks:
$newArray = preg_replace("#\r\n?|\n#","",file('file.txt'));

6) Scrub html output:
$output = strtr($output,array('&'=>'&amp;','<'=>'&lt;','>'=>'&gt;'));

7) Validate the format of an email address:
if (!preg_match("(^[-\w\.]+@([-a-z0-9]+\.)+[a-z]{2,4}$)i", $email)) echo "Email address $email is not valid";

8 ) Validate the format of a domain name:
if (!preg_match("(^([-a-z0-9]+\.)+[a-z]{2,4}$)i", $domain)) echo "Domain name $domain is not valid";

9) Validate the format of the user name and verify valid MX records for the domain name (OK, so it is two lines):
list($username, $domaintld) = split("@", $email, 2);
if (!getmxrr($domaintld, $mxrecords) OR !preg_match("(^[-\w\.]+$)", $username)) echo "Email address $email is not valid";

10) Remove one element from an array (in this example remove $image from array $image_array):
$image_array = array_merge(array_diff($image_array,(array)$image));

11) Randomly select of one element out of an array:
$image = $image_array[array_rand($image_array)];

12) Include using a full unix path while still maintaining script portability:
include($_SERVER['DOCUMENT_ROOT'] . '/file.inc');

Note: If u found any error, report me.

]]> http://vijayakumar.org/bulk-one-line-php-scripts.html/feed 4