Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Is there a better way?
61 views
Skip to first unread message
Paul Knaggs
Apr 13, 2015, 10:47:47 PM4/13/15
to
I was looking at using Angular to try and do this but was told by a developer my code was not very good is there a better way?
The code is an extract from function.php used in a dynamic page "request.php?=123"
case "foo":
if($type == "foo"){
$sql1 = $wpdb->get_results("SELECT * FROM `him_form_fields` WHERE `form_id` = '$form_id' AND `inputtype` = '$type' ORDER BY `orderby` ASC ", ARRAY_A);
foreach($sql1 as $row1) {
$website=get_field_value($serialno,$form_id,$row1['systemname']);
if(!empty($website)){
echo '<div class="foo"><a href="'.$website.'" id="pearl_per_link_a" target="_blank"><span class="foo"></span></a><input type="hidden" name="foo[]" value="'.$website.'"></div>';
}
}
}
break;
The code is an extract from function.php used in a dynamic page "request.php?=123"
case "foo":
if($type == "foo"){
$sql1 = $wpdb->get_results("SELECT * FROM `him_form_fields` WHERE `form_id` = '$form_id' AND `inputtype` = '$type' ORDER BY `orderby` ASC ", ARRAY_A);
foreach($sql1 as $row1) {
$website=get_field_value($serialno,$form_id,$row1['systemname']);
if(!empty($website)){
echo '<div class="foo"><a href="'.$website.'" id="pearl_per_link_a" target="_blank"><span class="foo"></span></a><input type="hidden" name="foo[]" value="'.$website.'"></div>';
}
}
}
break;
Jerry Stuckle
Apr 14, 2015, 7:54:15 AM4/14/15
to
On 4/13/2015 10:47 PM, Paul Knaggs wrote:
> I was looking at using Angular to try and do this but was told by a developer my code was not very good is there a better way?
>
Did you ask the developer to elaborate on his statement? If he/she
> I was looking at using Angular to try and do this but was told by a developer my code was not very good is there a better way?
>
feels you can do better, he/she should be willing to tell why.
> The code is an extract from function.php used in a dynamic page "request.php?=123"
>
>
>
> case "foo":
> if($type == "foo"){
> $sql1 = $wpdb->get_results("SELECT * FROM `him_form_fields` WHERE `form_id` = '$form_id' AND `inputtype` = '$type' ORDER BY `orderby` ASC ", ARRAY_A);
> foreach($sql1 as $row1) {
> $website=get_field_value($serialno,$form_id,$row1['systemname']);
> if(!empty($website)){
> echo '<div class="foo"><a href="'.$website.'" id="pearl_per_link_a" target="_blank"><span class="foo"></span></a><input type="hidden" name="foo[]" value="'.$website.'"></div>';
> }
> }
> }
> break;
>
First of all, you should always list the columns you are retrieving, not
just "Select *". If there is a change in the database, you may end up
retrieving columns you don't want, or worse yet, one of the columns you
expect to be there no longer is. Specifying the column names means you
will only retrieve those columns (and not something that was added), or
will give an error message on the statement if a column has been deleted.
Secondly, did you validate $form_id? All input from the user needs to
be validated before being used.
Also, I don't know what $wdb->get_results() does, but all strings need
to be escaped before they are used in a SQL statement.
Other than that, I can't help because I don't know Angular.
--
==================
Remove the "x" from my email address
Jerry Stuckle
jstu...@attglobal.net
==================
Paul Knaggs
Apr 15, 2015, 7:40:34 AM4/15/15
to
Jerry Stuckle
Apr 15, 2015, 11:01:46 AM4/15/15
to
I don't know anything about Angular, so I don't know if it's good or
bad, and make no recommendation either way.
The comments I gave you are just good practices which should be used
with any PHP code accessing a database. And things like validating all
user input and escaping strings used in database requests are to help
prevent hacking. You can never protect too much from hackers!
And good luck with your project.
richard
Apr 15, 2015, 3:09:03 PM4/15/15
to
On Mon, 13 Apr 2015 19:47:36 -0700 (PDT), Paul Knaggs wrote:
> I was looking at using Angular to try and do this but was told by a developer my code was not very good is there a better way?
>
> The code is an extract from function.php used in a dynamic page "request.php?=123"
>
I just have to ask.
> I was looking at using Angular to try and do this but was told by a developer my code was not very good is there a better way?
>
> The code is an extract from function.php used in a dynamic page "request.php?=123"
>
What exactly is =123?
the ? begins a variable list.
That is followed by a variable with an assigned value.
such as ?page=123
When I get told something like that, I usually respond with, "Ok so
enlighten me. Show me where my mistakes are. I'm willing to learn".
When they walk away with no response, then I know they really don't know
any better.
I once had a college professor say there was "God's way and his way".
"So WTF are you doing here then?"
Lew Pitcher
Apr 15, 2015, 3:40:24 PM4/15/15
to
On Wednesday April 15 2015 15:04, in comp.lang.php, "richard"
As defined by the W3C, the '?' begins the "query" part of the URL. The IETF,
in RFC-1738, calls it the "searchpart".
> That is followed by a variable with an assigned value.
> such as ?page=123
Not quite.
The <variable list> consists of one or more variables. Each variable /may/
have an associated value, but it is not necessary.
Obviously, the code needs to have foreknowledge of the variable name.
However, it doesn't need to extract information from that variable; it's
presence or absence in the URL can be detected and used as information all
on it's own.
Consider
if (exists($_GET('123'))
{
// We can do useful work, knowing that the query asked for 123
echo "Found the variable"
if (is_set($_GET('123'))
echo "The variable is set to $_GET('123')"
else
echo "The variable is not set"
}
else echo "Did not find the variable"
Now, invoke the php page this code is in, with the following queries
?
?123
?123=456
?999
The first query ("?") should print out
"Did not find the variable"
The second query ("?123") should print out
"Found the variable"
and
"The variable is not set"
The third query ("?123=456") should print out
"Found the variable"
and
"The variable is set to 456"
And, the fourth query ("?999") should print out
"Did not find the variable"
--
Lew Pitcher
"In Skills, We Trust"
PGP public key available upon request
<nor...@example.com> wrote:
> On Mon, 13 Apr 2015 19:47:36 -0700 (PDT), Paul Knaggs wrote:
>
>> I was looking at using Angular to try and do this but was told by a
>> developer my code was not very good is there a better way?
>>
>> The code is an extract from function.php used in a dynamic page
>> "request.php?=123"
>>
>
>
> I just have to ask.
> What exactly is =123?
> the ? begins a variable list.
In PHP terms, yes.
> On Mon, 13 Apr 2015 19:47:36 -0700 (PDT), Paul Knaggs wrote:
>
>> I was looking at using Angular to try and do this but was told by a
>> developer my code was not very good is there a better way?
>>
>> The code is an extract from function.php used in a dynamic page
>> "request.php?=123"
>>
>
>
> I just have to ask.
> What exactly is =123?
> the ? begins a variable list.
As defined by the W3C, the '?' begins the "query" part of the URL. The IETF,
in RFC-1738, calls it the "searchpart".
> That is followed by a variable with an assigned value.
> such as ?page=123
The <variable list> consists of one or more variables. Each variable /may/
have an associated value, but it is not necessary.
Obviously, the code needs to have foreknowledge of the variable name.
However, it doesn't need to extract information from that variable; it's
presence or absence in the URL can be detected and used as information all
on it's own.
Consider
if (exists($_GET('123'))
{
// We can do useful work, knowing that the query asked for 123
echo "Found the variable"
if (is_set($_GET('123'))
echo "The variable is set to $_GET('123')"
else
echo "The variable is not set"
}
else echo "Did not find the variable"
Now, invoke the php page this code is in, with the following queries
?
?123
?123=456
?999
The first query ("?") should print out
"Did not find the variable"
The second query ("?123") should print out
"Found the variable"
and
"The variable is not set"
The third query ("?123=456") should print out
"Found the variable"
and
"The variable is set to 456"
And, the fourth query ("?999") should print out
"Did not find the variable"
--
Lew Pitcher
"In Skills, We Trust"
PGP public key available upon request
Beauregard T. Shagnasty
Apr 15, 2015, 4:57:48 PM4/15/15
to
richard the sto0pid wrote:
> I once had a college professor
I don't believe that for an instant.
> I once had a college professor
--
-bts
-This space for rent, but the price is high
Lew Pitcher
Apr 15, 2015, 5:14:48 PM4/15/15
to
On Wednesday April 15 2015 15:40, in comp.lang.php, "Lew Pitcher"
Oops... that was sort of my pseudo-code
Here's the real deal
if (isset($_GET['123']))
if (empty($_GET['123']))
printf("<p>The variable is not set</p>");
else
printf("<p>The variable is set to %s</p>",$_GET['123']);
}
else printf("<p>Did not find the variable</p>)";
Here's the real deal
if (isset($_GET['123']))
{
// We can do useful work, knowing that the query asked for 123
printf("<p>Found the variable</p>");
// We can do useful work, knowing that the query asked for 123
if (empty($_GET['123']))
printf("<p>The variable is not set</p>");
else
printf("<p>The variable is set to %s</p>",$_GET['123']);
}
else printf("<p>Did not find the variable</p>)";
richard
Apr 15, 2015, 8:06:46 PM4/15/15
to
Denis McMahon
Apr 15, 2015, 9:26:19 PM4/15/15
to
On Wed, 15 Apr 2015 15:04:52 -0400, richard wrote:
> On Mon, 13 Apr 2015 19:47:36 -0700 (PDT), Paul Knaggs wrote:
>> The code is an extract from function.php used in a dynamic page
>> "request.php?=123"
> I just have to ask.
> What exactly is =123?
I don't know, the url being shown is "request.php?=123" with the ?
> On Mon, 13 Apr 2015 19:47:36 -0700 (PDT), Paul Knaggs wrote:
>> The code is an extract from function.php used in a dynamic page
>> "request.php?=123"
> I just have to ask.
> What exactly is =123?
preceding the =123.
? starts the query string in a GET request which is usually one or more
name=value pairs separated by ampersands, and which can be accessed with
php using the $_GET[] array. Additionally the whole query string is
accessible as $_SERVER['QUERY_STRING'], in which case php code can parse
it as a string, rather than by using the $_GET[] array.
"request.php?=123" will generate an empty $_GET[] array, but will place
the string "=123" in $_SERVER['QUERY_STRING'].
The following php can be used to demonstrate this (if it formats
correctly, or maybe even if if it doesn't).
<?php
$get = print_r($_GET, true);
echo <<< EOT
<!doctype html>
<html lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>"qs vs get"</title>
<style type="text/css">
body{margin: 1em 3em}
table{border-collapse: collapse}
td{border: thin solid black; padding:1em}
</style>
</head>
<body>
<table>
<tr>
<td>\$_SERVER['QUERY_STRING']:</td>
<td>{$_SERVER['QUERY_STRING']}</td>
</tr>
<tr>
<td>\$_GET[]:</td>
<td><pre>{$get}</pre></td>
</tr>
</table>
</body>
</html>
EOT;
--
Denis McMahon, denismf...@gmail.com
Denis McMahon
Apr 16, 2015, 11:19:43 AM4/16/15
to
On Wed, 15 Apr 2015 15:40:11 -0400, Lew Pitcher wrote:
> Consider
> if (exists($_GET('123'))
> {
> // We can do useful work, knowing that the query asked for 123
>
> echo "Found the variable"
> if (is_set($_GET('123'))
> echo "The variable is set to $_GET('123')"
> else
> echo "The variable is not set"
> }
> else echo "Did not find the variable"
Lew, you're missing the point. The url was "request.php?=123" which
> if (exists($_GET('123'))
> {
> // We can do useful work, knowing that the query asked for 123
>
> echo "Found the variable"
> if (is_set($_GET('123'))
> echo "The variable is set to $_GET('123')"
> else
> echo "The variable is not set"
> }
> else echo "Did not find the variable"
results in a query string of =123 which doesn't set $_GET['123'], because
php is looking for key=value pairs, doesn't populate the $_GET array with
values for which no key exists.
What it does do however (and in this case the only way to access the
data) is set $_SERVER['QUERY_STRING'] to '=123'
As an example, using the query string '?=123&x=99&=176&d=&f=1' on the
code I posted for richard's education results in the following outputs:
$_SERVER['QUERY_STRING']:
=123&x=99&=176&d=&f=1
$_GET[]:
Array
(
[x] => 99
[d] =>
[f] => 1
)
Of course you can parse the query string yourself, here's a very simple
query string parser:
$data = array();
$bits = explode('&', $_SERVER['QUERY_STRING']);
foreach ($bits as $bit) {
$kv = explode('=', $bit);
if ($kv[0] == '') // no key, assign next numeric key
$data[] = $kv[1];
else if (!isset($data[$kv[0]])) // key and key not repeat, use key
$data[$kv[0]] = $kv[1];
else { // repeat key, get creative
$i = 0;
while (isset($data[$kv[0].'_'.$i]))
$i ++;
$data[$kv[0].'_'.$i] = $kv[1];
}
}
When fed a query string such as:
$_SERVER['QUERY_STRING']: =123&x=99&=176&d=&f=1&x=6&x=8
it responds:
$data[]:
Array
(
[0] => 123
[x] => 99
[1] => 176
[d] =>
[f] => 1
[x_0] => 6
[x_1] => 8
)
compared to:
$_GET[]:
Array
(
[x] => 8
[d] =>
[f] => 1
)
However, consider the following very carefully before trying to write or
use such a parser:
(1) Injection attacks - could you be missing something that happens in
the parsing of $_SERVER['QUERY_STRING'] into the $_GET array that exposes
an injection attack?
(2) Do you really need to handle duplicated or missing key names in the
post query? Surely it's better to fix those in the requesting page /
form / link, and assume that any extras that do happen are attempts at
query manipulation and should be discarded.
In other words, the best use of this may be to detect discrepancies
between $_GET and $mget and if there are such discrepancies, abandon
processing and return an "anomolous input detected, please try again"
page.
--
Denis McMahon, denismf...@gmail.com
Message has been deleted
richard
Apr 17, 2015, 11:56:44 AM4/17/15
to
On Fri, 17 Apr 2015 07:35:19 -0700, Evan Platt wrote:
> On Wed, 15 Apr 2015 15:04:52 -0400, richard <nor...@example.com>
> wrote:
>
>>I once had a college professor
>
> You did not go to college.
>
> If you went to college, you'd now what quotation marks mean. It means
> the person said EXACTLY what was in the quotation marks.
>
> Do you maybe mean the professor said "There's God's way and my way"?
>
> If you don't understand the difference, which I doubt you do, there's
> no way you went to college.
> that to someone else?
>
> If you DID go to college, you should have no problem showing an alumni
> site with your name on it.
Evan. I do not answer to you.
I do not have to explain to you every damn little thing I ever did.
You are an ignorant cuss who has nothing better to do than go online and
harass people just because that is your nature.
At your former employer, you spent better than half the time online instead
of doing your job.
And you claim to be so damned smart.
Then why are you working in IT?
You're so smart, start your own damn business.
> On Wed, 15 Apr 2015 15:04:52 -0400, richard <nor...@example.com>
> wrote:
>
>>I once had a college professor
>
>
>>say there was "God's way and his way".
>
> Who is "his" in this context?
>>say there was "God's way and his way".
>
>
> If you went to college, you'd now what quotation marks mean. It means
> the person said EXACTLY what was in the quotation marks.
>
> Do you maybe mean the professor said "There's God's way and my way"?
>
> If you don't understand the difference, which I doubt you do, there's
> no way you went to college.
>
>>"So WTF are you doing here then?"
>
> What, were you mopping the floor of a college when a professor said
>>"So WTF are you doing here then?"
>
> that to someone else?
>
> If you DID go to college, you should have no problem showing an alumni
> site with your name on it.
Evan. I do not answer to you.
I do not have to explain to you every damn little thing I ever did.
You are an ignorant cuss who has nothing better to do than go online and
harass people just because that is your nature.
At your former employer, you spent better than half the time online instead
of doing your job.
And you claim to be so damned smart.
Then why are you working in IT?
You're so smart, start your own damn business.
Message has been deleted
Jerry Stuckle
Apr 17, 2015, 1:22:19 PM4/17/15
to
On 4/17/2015 1:04 PM, Evan Platt wrote:
>
Neither did Bill Gates. So what?
>> At your former employer, you spent better than half the time online instead
>> of doing your job.
>> And you claim to be so damned smart.
>> Then why are you working in IT?
>
> Lots of smart people work in IT.
>
So do lots of dumb people.
>> You're so smart, start your own damn business.
>
> Let's see. I can make good money, working 40 hours a week, or I can
> start my own business, work 70-80 hours a week, and maybe make a tiny
> bit more money? No thanks.
>
Smart people can start a company and make a lot more than they do as an
employee. Do you think Bill Gates would have made as much money as an
employee? How about Michael Dell? Or Ray Kroc?
Dumb people and lazy people are satisfied just doing a mediocre job for
someone else. Which are you?
> On Fri, 17 Apr 2015 11:52:37 -0400, richard <nor...@example.com>
> wrote:
>
>> On Fri, 17 Apr 2015 07:35:19 -0700, Evan Platt wrote:
>> Evan. I do not answer to you.
>> I do not have to explain to you every damn little thing I ever did.
>> You are an ignorant cuss who has nothing better to do than go online and
>> harass people just because that is your nature.
>
> So you didn't graduate from college. Gotcha.
> wrote:
>
>> On Fri, 17 Apr 2015 07:35:19 -0700, Evan Platt wrote:
>> Evan. I do not answer to you.
>> I do not have to explain to you every damn little thing I ever did.
>> You are an ignorant cuss who has nothing better to do than go online and
>> harass people just because that is your nature.
>
>
Neither did Bill Gates. So what?
>> At your former employer, you spent better than half the time online instead
>> of doing your job.
>> And you claim to be so damned smart.
>> Then why are you working in IT?
>
>
So do lots of dumb people.
>> You're so smart, start your own damn business.
>
> start my own business, work 70-80 hours a week, and maybe make a tiny
> bit more money? No thanks.
>
Smart people can start a company and make a lot more than they do as an
employee. Do you think Bill Gates would have made as much money as an
employee? How about Michael Dell? Or Ray Kroc?
Dumb people and lazy people are satisfied just doing a mediocre job for
someone else. Which are you?
Message has been deleted
richard
Apr 17, 2015, 2:54:25 PM4/17/15
to
highly educated.
Dave Thomas of the Wnedhy's burger chain didn't even finish high school.
And there are many more millionaires who never finished high school or even
attended one day of college.
richard
Apr 17, 2015, 3:00:18 PM4/17/15
to
On Fri, 17 Apr 2015 10:30:26 -0700, Evan Platt wrote:
> On Fri, 17 Apr 2015 11:52:37 -0400, richard <nor...@example.com>
> wrote:
>
> On Fri, 17 Apr 2015 11:52:37 -0400, richard <nor...@example.com>
> wrote:
>
>>And you claim to be so damned smart.
>>Then why are you working in IT?
>>You're so smart, start your own damn business.
>
> Wait - you're the one who claims to have a 160 IQ.
>>Then why are you working in IT?
>>You're so smart, start your own damn business.
>
Liar!
I've never claimed that. YOU were the one who claimed that.
My claim is 125.
>
> So if you're so damn smart, then how come all of your jobs you've ever
> had were menial jobs? Gas station attendant. Taxi driver. Truck
> driver. Convenience store clerk. Security guard.
>
> What business did YOU run on your own?
>
> <Crickets>
What's it to you buttface?
You're the one who got fired from a cushy job because you spent 80% of your
time online harassing people.
When your company lost their number one client, your boss made a wise
choice to kisk your lazy ass out the door.
Message has been deleted
Message has been deleted
Jerry Stuckle
Apr 17, 2015, 3:27:36 PM4/17/15
to
it anyway.
Jerry Stuckle
Apr 17, 2015, 3:29:12 PM4/17/15
to
On 4/17/2015 3:25 PM, Evan Platt wrote:
> your stupidity, I'll repeat it:
>
> The company has essentially gone under. Everyone was let go at the
> same time I was. You'll notice there's no longer a photo of their
> office in Pleasanton. You'll notice the company address is a UPS Store
> in Walnut Creek.
>
> I've had every job I've ever been at for 5 years - minimum. And with
> the exception of that one, left on my own will. Going on 5 years now
> with my current company.
>
> Can YOU say the same?
>
> You wanted to build a dome home, but mommy and daddy knew you are a
> miserable failure and would just waste the money and never accomplish
> it. So you failed.
>
> You don't want to pick a fight with me bullis, you'll lose every time.
>
With someone like you working there, I can understand why they went
under. Good management would have canned your a$$ long ago.
> On Fri, 17 Apr 2015 14:56:02 -0400, richard <nor...@example.com>
> wrote:
>
>> Liar!
>> I've never claimed that. YOU were the one who claimed that.
>> My claim is 125.
>
> Liar! Your IQ is closer to 12.5.
> wrote:
>
>> Liar!
>> I've never claimed that. YOU were the one who claimed that.
>> My claim is 125.
>
>
>> What's it to you buttface?
>>
>> You're the one who got fired from a cushy job because you spent 80% of your
>> time online harassing people.
>> When your company lost their number one client, your boss made a wise
>> choice to kisk your lazy ass out the door.
>
> We've been over this a few dozen times now bullis. But just to satisfy
>> What's it to you buttface?
>>
>> You're the one who got fired from a cushy job because you spent 80% of your
>> time online harassing people.
>> When your company lost their number one client, your boss made a wise
>> choice to kisk your lazy ass out the door.
>
> your stupidity, I'll repeat it:
>
> The company has essentially gone under. Everyone was let go at the
> same time I was. You'll notice there's no longer a photo of their
> office in Pleasanton. You'll notice the company address is a UPS Store
> in Walnut Creek.
>
> I've had every job I've ever been at for 5 years - minimum. And with
> the exception of that one, left on my own will. Going on 5 years now
> with my current company.
>
> Can YOU say the same?
>
> You wanted to build a dome home, but mommy and daddy knew you are a
> miserable failure and would just waste the money and never accomplish
> it. So you failed.
>
> You don't want to pick a fight with me bullis, you'll lose every time.
>
With someone like you working there, I can understand why they went
under. Good management would have canned your a$$ long ago.
Message has been deleted
Thomas 'PointedEars' Lahn
Apr 22, 2015, 11:19:41 AM4/22/15
to
Lew Pitcher wrote:
> […] "richard" […] wrote:
>> On Mon, 13 Apr 2015 19:47:36 -0700 (PDT), Paul Knaggs wrote:
>>> I was looking at using Angular to try and do this but was told by a
>>> developer my code was not very good is there a better way?
>>>
>>> The code is an extract from function.php used in a dynamic page
>>> "request.php?=123"
>> I just have to ask.
>> What exactly is =123?
>> the ? begins a variable list.
>
> In PHP terms, yes.
In PHP terms, _no_. How did you get that idea?
> As defined by the W3C, the '?' begins the "query" part of the URL.
The World Wide Web Consortium (W3C) does _not_ define Internet standards
such as URIs, and associated terminology; the Internet Engineering Task
Force (IETF) and the Internet Engineering Steering Group (IESG) do.
The W3C defines *Web* standards by publishing specifications they eventually
call Recommendations. Web standards make use of Internet standards because
the Web is an application of the Internet. One of several.
> The IETF, in RFC-1738, calls it the "searchpart".
RFC 1738 (one does _not_ write a hyphen-minus there; either one writes a
space between or omit the space), since it was published in 1994 (CE), has
been updated by RFCs 1808, 2368, 2396, 3986, 6196, 6270, and obsoleted by
RFCs 4248 and 4266.
<http://tools.ietf.org/html/rfc3986>
The current Internet standard on Uniform Resource Identifiers (URIs) in
general is STD 66 (from RFC 3986) of 2005, which says:
,-<http://tools.ietf.org/html/std66#section-3.4>
|
| The query component contains non-hierarchical data that, along with
| data in the path component (Section 3.3), serves to identify a
| resource within the scope of the URI's scheme and naming authority
| (if any). The query component is indicated by the first question
| mark ("?") character and terminated by a number sign ("#") character
| or by the end of the URI.
|
| query = *( pchar / "/" / "?" )
|
| The characters slash ("/") and question mark ("?") may represent data
| within the query component. Beware that some older, erroneous
| implementations may not handle such data correctly when it is used as
| the base URI for relative references (Section 5.1), apparently
| because they fail to distinguish query data from path data when
| looking for hierarchical separators. However, as query components
| are often used to carry identifying information in the form of
| "key=value" pairs and one frequently used value is a reference to
| another URI, it is sometimes better for usability to avoid percent-
| encoding those characters.
>> That is followed by a variable with an assigned value.
>> such as ?page=123
>
> Not quite.
>
> The <variable list> consists of one or more variables. Each variable /may/
> have an associated value, but it is not necessary.
If there ever has been a “<variable list>” (the “register_globals” setting
that is obsolete since PHP 5.3.0 and removed since PHP 5.4.0 would suggest
that there has been: the names did create global variables if this setting
was "on", with all side effects and security issues; however, even RFC 1738
does _not_ contain that term), there is not one anymore.
As you can see above, the format of the query component of a URI is –
intentionally, because of *general* applicability (hence URI and not just
URL) – rather arbitary; however, the historical practice of having a name
associated with a value, whereas those are delimited by “=”, and several
name-values are delimited by “&”, persists. Particularly with PHP where the
names make up /keys/ of /elements/ (_not_ “variables”) of /superglobal/
/arrays/, and the values make up either the associated values, or, if the
key ends with ”[]”, the values of the array that is the value associated
with the name, with ”[]” stripped for the corresponding array key.
> Obviously, the code needs to have foreknowledge of the variable name.
> However, it doesn't need to extract information from that variable; it's
> presence or absence in the URL can be detected and used as information all
> on it's own.
>
> Consider
Considered and rejected.
> if (exists($_GET('123'))
There is no built-in exists() function, and there is no need for a misnamed
user-defined one, because there are appropriate built-in functions.
PHP arrays are subscripted with rectangular brackets (“[…]”), not
parentheses (“(…)”).
> {
> // We can do useful work, knowing that the query asked for 123
>
> echo "Found the variable"
> if (is_set($_GET('123'))
isset(), not is_set(). As a rule of thumb, only identifiers of type-
detection functions start with “is_” in PHP – like is_null(), is_string(),
and is_array(). Therefore, is_set() could be only a future function for
determining if a value was of the “set” type. As such, it should _not_ be
used as the identifier for a user-defined function (at least not without
function_exists() guard).
<http://php.net/manual/en/ref.var.php>
<http://php.net/function_exists>
However, isset() returns TRUE for references whose referred value is not
NULL. And a "variable" that is "not set" in a query component (i.e., the
superglobal $_GET array’s element $_GET[$name], where $name equals the
"variable" name) has the value "" of type string, not NULL of type NULL.
(*All* values are string values there.)
> echo "The variable is set to $_GET('123')"
> else
> echo "The variable is not set"
> }
> else echo "Did not find the variable"
That is not even syntactically valid PHP code, and there is no need to post
pseudo-code here. The actual (recommended) PHP syntax and approach for this
example is straightforward (although the output still uses wrong
terminology):
if (array_key_exists('123', $_GET))
{
/* We can do useful work, knowing that the query asked for 123 */
echo "Found the variable";
if ($_GET['123'] !== '')
{
echo "The variable is set to {$_GET['123']}";
}
<http://php.net/array_key_exists>
It should be noted that isset($a[$b]) never generates a warning if $a is not
defined, while array_key_exists($b, $a) does. But array_key_exists() is
also more appropriate here because $_GET always exists, unless you set the
“variables_order” setting differently (the default and recommended
development and production values all include "G").
<http://php.net/manual/en/ini.core.php#ini.variables-order>
> The second query ("?123") should print out
> "Found the variable"
> and
> "The variable is not set"
It should be noted that, if your code would resemble PHP code, in the way I
suggested above, it would print out “Found the variableThe variable is not
set” because you forgot the trailing "\n" (or something to that effect)
*again*.
I suggest you either refrain from posting or prepare your postings more
carefully; in particular, if you post, *verify* the information and *test*
the code before posting it. When PHP newbies come here, and especially
“richard”, they are confused already; there is no need to confuse them
further, or confirm their misconceptions.
--
PointedEars
Zend Certified PHP Engineer
Twitter: @PointedEars2
Please do not cc me. / Bitte keine Kopien per E-Mail.
> […] "richard" […] wrote:
>> On Mon, 13 Apr 2015 19:47:36 -0700 (PDT), Paul Knaggs wrote:
>>> I was looking at using Angular to try and do this but was told by a
>>> developer my code was not very good is there a better way?
>>>
>>> The code is an extract from function.php used in a dynamic page
>>> "request.php?=123"
>> I just have to ask.
>> What exactly is =123?
>> the ? begins a variable list.
>
> In PHP terms, yes.
> As defined by the W3C, the '?' begins the "query" part of the URL.
such as URIs, and associated terminology; the Internet Engineering Task
Force (IETF) and the Internet Engineering Steering Group (IESG) do.
The W3C defines *Web* standards by publishing specifications they eventually
call Recommendations. Web standards make use of Internet standards because
the Web is an application of the Internet. One of several.
> The IETF, in RFC-1738, calls it the "searchpart".
space between or omit the space), since it was published in 1994 (CE), has
been updated by RFCs 1808, 2368, 2396, 3986, 6196, 6270, and obsoleted by
RFCs 4248 and 4266.
<http://tools.ietf.org/html/rfc3986>
The current Internet standard on Uniform Resource Identifiers (URIs) in
general is STD 66 (from RFC 3986) of 2005, which says:
,-<http://tools.ietf.org/html/std66#section-3.4>
|
| The query component contains non-hierarchical data that, along with
| data in the path component (Section 3.3), serves to identify a
| resource within the scope of the URI's scheme and naming authority
| (if any). The query component is indicated by the first question
| mark ("?") character and terminated by a number sign ("#") character
| or by the end of the URI.
|
| query = *( pchar / "/" / "?" )
|
| The characters slash ("/") and question mark ("?") may represent data
| within the query component. Beware that some older, erroneous
| implementations may not handle such data correctly when it is used as
| the base URI for relative references (Section 5.1), apparently
| because they fail to distinguish query data from path data when
| looking for hierarchical separators. However, as query components
| are often used to carry identifying information in the form of
| "key=value" pairs and one frequently used value is a reference to
| another URI, it is sometimes better for usability to avoid percent-
| encoding those characters.
>> That is followed by a variable with an assigned value.
>> such as ?page=123
>
> Not quite.
>
> The <variable list> consists of one or more variables. Each variable /may/
> have an associated value, but it is not necessary.
that is obsolete since PHP 5.3.0 and removed since PHP 5.4.0 would suggest
that there has been: the names did create global variables if this setting
was "on", with all side effects and security issues; however, even RFC 1738
does _not_ contain that term), there is not one anymore.
As you can see above, the format of the query component of a URI is –
intentionally, because of *general* applicability (hence URI and not just
URL) – rather arbitary; however, the historical practice of having a name
associated with a value, whereas those are delimited by “=”, and several
name-values are delimited by “&”, persists. Particularly with PHP where the
names make up /keys/ of /elements/ (_not_ “variables”) of /superglobal/
/arrays/, and the values make up either the associated values, or, if the
key ends with ”[]”, the values of the array that is the value associated
with the name, with ”[]” stripped for the corresponding array key.
> Obviously, the code needs to have foreknowledge of the variable name.
> However, it doesn't need to extract information from that variable; it's
> presence or absence in the URL can be detected and used as information all
> on it's own.
>
> Consider
> if (exists($_GET('123'))
There is no built-in exists() function, and there is no need for a misnamed
user-defined one, because there are appropriate built-in functions.
PHP arrays are subscripted with rectangular brackets (“[…]”), not
parentheses (“(…)”).
> {
> // We can do useful work, knowing that the query asked for 123
>
> echo "Found the variable"
> if (is_set($_GET('123'))
detection functions start with “is_” in PHP – like is_null(), is_string(),
and is_array(). Therefore, is_set() could be only a future function for
determining if a value was of the “set” type. As such, it should _not_ be
used as the identifier for a user-defined function (at least not without
function_exists() guard).
<http://php.net/manual/en/ref.var.php>
<http://php.net/function_exists>
However, isset() returns TRUE for references whose referred value is not
NULL. And a "variable" that is "not set" in a query component (i.e., the
superglobal $_GET array’s element $_GET[$name], where $name equals the
"variable" name) has the value "" of type string, not NULL of type NULL.
(*All* values are string values there.)
> echo "The variable is set to $_GET('123')"
> else
> echo "The variable is not set"
> }
> else echo "Did not find the variable"
pseudo-code here. The actual (recommended) PHP syntax and approach for this
example is straightforward (although the output still uses wrong
terminology):
if (array_key_exists('123', $_GET))
{
/* We can do useful work, knowing that the query asked for 123 */
echo "Found the variable";
if ($_GET['123'] !== '')
{
echo "The variable is set to {$_GET['123']}";
}
else
{
echo "The variable is not set";
}
}
else
{
echo "Did not find the variable";
else
{
echo "The variable is not set";
}
}
else
{
}
<http://php.net/array_key_exists>
It should be noted that isset($a[$b]) never generates a warning if $a is not
defined, while array_key_exists($b, $a) does. But array_key_exists() is
also more appropriate here because $_GET always exists, unless you set the
“variables_order” setting differently (the default and recommended
development and production values all include "G").
<http://php.net/manual/en/ini.core.php#ini.variables-order>
> The second query ("?123") should print out
> "Found the variable"
> and
> "The variable is not set"
suggested above, it would print out “Found the variableThe variable is not
set” because you forgot the trailing "\n" (or something to that effect)
*again*.
I suggest you either refrain from posting or prepare your postings more
carefully; in particular, if you post, *verify* the information and *test*
the code before posting it. When PHP newbies come here, and especially
“richard”, they are confused already; there is no need to confuse them
further, or confirm their misconceptions.
--
PointedEars
Zend Certified PHP Engineer
Twitter: @PointedEars2
Please do not cc me. / Bitte keine Kopien per E-Mail.
Richard Yates
May 24, 2015, 6:22:47 PM5/24/15
to
On Fri, 17 Apr 2015 07:35:19 -0700, Evan Platt
<ev...@theobvious.espphotography.com.invalid> wrote:
>On Wed, 15 Apr 2015 15:04:52 -0400, richard <nor...@example.com>
>wrote:
>
>On Wed, 15 Apr 2015 15:04:52 -0400, richard <nor...@example.com>
>wrote:
>
>>I once had a college professor
>
>
>You did not go to college.
>
>
>>say there was "God's way and his way".
>
>
>Who is "his" in this context?
>
>If you went to college, you'd now what quotation marks mean. It means
>the person said EXACTLY what was in the quotation marks.
>
>Do you maybe mean the professor said "There's God's way and my way"?
>
>If you don't understand the difference, which I doubt you do, there's
>no way you went to college.
>
>
>If you went to college, you'd now what quotation marks mean. It means
>the person said EXACTLY what was in the quotation marks.
>
>Do you maybe mean the professor said "There's God's way and my way"?
>
>If you don't understand the difference, which I doubt you do, there's
>no way you went to college.
>
>>"So WTF are you doing here then?"
>
>
>What, were you mopping the floor of a college when a professor said
>that to someone else?
>
>If you DID go to college, you should have no problem showing an alumni
>site with your name on it.
Really? I certainly graduated from college (Penn, '73), but I would be
>that to someone else?
>
>If you DID go to college, you should have no problem showing an alumni
>site with your name on it.
very surprised to find my name on a public alumni site.
0 new messages