Jump to content

Noobish Questions


dminder
 Share

Recommended Posts

I am new to PHP programming and rather than create alot of posts for the few questions I have, I will consolidate and put them all here instead:Security:1. If I have my php pages that connect to my database in the same folder as say my index.php (main display page for my website), how secure are they? 2. How easy is it for anybody to download a php page (the actual code, not display) from my website?General3. I am using phpbb for my forums and want to use 1 login for both the forums and my site, what is the recommended setup to allow this?4. How do you create controls in PHP? I want to create a groupbox type control (with rounded corners) that contains links.5. If I want to allow my registered users to upload files to my website, how would I go about that?6. Validate data, I am still unclear on how to validate incoming data, ie an email address, and make sure that it does not inject bad things into my database or use a malicious script on my database.Well, that is all I have for now. I like to learn by doing, so if anybody has links to tutorials or wants to give me a general direction then I would be very grateful! I am working through all of the tutorials here and the manual on php.net so hopefully I can get a decent grasp on PHP relatively quickly....Thanks in advance!

Link to comment
Share on other sites

In answer to questions 1 and 2, PHP is server based so any php code is run and results output on the server before a user sees the code. Basically without direct access to your server (like your ftp details) a user wont see your php code. HTML and Javascript are client side, they use the clients browser to run the code not your server (sort of) so this code can be seen by the user.Qusetion 3 depends on whether you meen you want everyone to use the same login details for both phpbb or just you. I have done this in the past by altering phpbb so that users log in to the site by providng details which are then stored in the database for phpbb and used to autmatically login to the forum once the user has logged into the main site. It's not an easy hack for a begginer to php tho.Question 4 its pretty easy to echo the same thing in php as you would normally code in html so you may find that you can do this whilst still using the features of php required to get the result you want. You just need to remember the distinction between php being server side and html/js being client side.Question 5 Using a combination of html forms and a php script you can create a simple upload script. If you want o make it members only the you would need to valiadte the user against something like a database of username you want to allow acesss. Check out http://www.w3schools.com/PHP/php_file_upload.aspQusetion 6 Using php you can valiadte all sorts of data. The bet option is to validate in javascript first so the user can alter any mistakes before the page is submitted. Then once the page is submitted you can use php to recheck the data, the benfit of which is , unlike javascript, the client can't disable the php checks. A good way to validate a form on the server is to post the form to itself, instead of jumping to a different page. The user will then get the error messages on the same page as the form, which makes it easier to discover the error. Have a look at http://www.w3schools.com/php/php_secure_mail.asp its helpful for getting a basic idea of vailating e-mail before using it.Hope thats helped .... and Welcome to W3schools

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

×
×
  • Create New...