1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
|
<?xml version="1.0" encoding="utf-8"?>
<!-- $Revision: 297557 $ -->
<chapter xml:id="faq.using" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
<title>Using PHP</title>
<titleabbrev>Using PHP</titleabbrev>
<para>
This section gathers many common errors that you may face
while writing PHP scripts.
</para>
<qandaset>
<qandaentry xml:id="faq.using.parameterorder">
<question>
<para>
I cannot remember the parameter order of PHP functions, are they random?
</para>
</question>
<answer>
<para>
PHP is a glue that brings together hundreds of external libraries, so sometimes
this gets messy. However, a simple rule of thumb is as follows:
</para>
<para>
<link linkend="book.array">Array function</link> parameters are ordered
as "<emphasis>needle, haystack</emphasis>" whereas
<link linkend="book.strings">String functions</link> are the opposite,
so "<emphasis>haystack, needle</emphasis>".
</para>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.anyform">
<question>
<para>
I would like to write a generic PHP script that can handle data coming
from any form. How do I know which POST method variables are available?
</para>
</question>
<answer>
<para>
PHP offers many <link linkend="language.variables.predefined">
predefined variables</link>, like the superglobal <varname>
$_POST</varname>. You may loop through <varname>$_POST</varname>
as it's an associate array of all POSTed values. For example, let's
simply loop through it with &foreach;,
check for <function>empty</function> values,
and print them out.
<programlisting role="php">
<![CDATA[
<?php
$empty = $post = array();
foreach ($_POST as $varname => $varvalue) {
if (empty($varvalue)) {
$empty[$varname] = $varvalue;
} else {
$post[$varname] = $varvalue;
}
}
print "<pre>";
if (empty($empty)) {
print "None of the POSTed values are empty, posted:\n";
var_dump($post);
} else {
print "We have " . count($empty) . " empty values\n";
print "Posted:\n"; var_dump($post);
print "Empty:\n"; var_dump($empty);
exit;
}
?>
]]>
</programlisting>
</para>
¬e.superglobals;
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.addslashes">
<question>
<para>
I need to convert all single-quotes (') to a backslash
followed by a single-quote (\'). How can I do this with a
regular expression? I'd also like to convert " to \" and
\ to \\.
</para>
</question>
<answer>
<para>
Assuming this is for a database, use the escaping mechanism that
comes with the database. For example, use
<function>mysql_real_escape_string</function> with MySQL and
<function>pg_escape_string</function> with PostgreSQL. There is
also the generic <function>addslashes</function> and
<function>stripslashes</function> functions, that are more
common with older PHP code.
</para>
¬e.magicquotes.gpc;
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.stripslashes">
<question>
<para>
All my " turn into \" and my ' turn into \', how do I get rid of all
these unwanted backslashes? How and why did they get there?
</para>
</question>
<answer>
<para>
Most likely the backslashes magically exist because the PHP directive
<link linkend="ini.magic-quotes-gpc">magic_quotes_gpc</link> is on.
This is an old feature of PHP, and should be disabled and not relied
upon. Also, the PHP function <function>stripslashes</function> may be
used to strip the backslashes from the <type>string</type>.
</para>
¬e.magicquotes.gpc;
</answer>
</qandaentry>
<qandaentry xml:id="faq.register-globals">
<question>
<para>
How does the PHP directive register_globals affect me?
</para>
</question>
<answer>
<para>
First, an explanation about what this ini setting does. Let's say the
following URL is used:
<literal>http://example.com/foo.php?animal=cat</literal>
and in <filename>foo.php</filename> we might have the following
PHP code:
</para>
<para>
<programlisting role="php">
<![CDATA[
<?php
// Using $_GET here is preferred
echo $_GET['animal'];
// For $animal to exist, register_globals must be on
// DO NOT DO THIS
echo $animal;
// This applies to all variables, so $_SERVER too
echo $_SERVER['PHP_SELF'];
// Again, for $PHP_SELF to exist, register_globals must be on
// DO NOT DO THIS
echo $PHP_SELF;
?>
]]>
</programlisting>
</para>
<!-- FIXME PHP_6 register_globals removal alert -->
<para>
The code above demonstrates how register_globals creates a lot of
variables. For years this type of coding has been frowned upon, and for
years it's been disabled by default. Note that PHP will eventually remove this
deprecated feature. So although most web hosts disable register_globals,
there are still outdated articles, tutorials, and books that require it
to be on. Plan accordingly.
</para>
<para>
See also the following resources for additional information:
<simplelist>
<member>The <link linkend="ini.register-globals">register_globals</link> directive</member>
<member>The <link linkend="security.globals">security chapter about register globals</link></member>
<member><link linkend="language.variables.external">Handling external variables</link></member>
<member>Use <link linkend="language.variables.superglobals">superglobals</link> instead</member>
</simplelist>
</para>
<note>
<para>
In the example above, we used an <acronym>URL</acronym> that contained
a QUERY_STRING. Passing information like this is done through a GET HTTP
Request, so this is why the superglobal <varname>$_GET</varname> was used.
</para>
</note>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.wrong-order">
<question>
<para>
When I do the following, the output is printed in
the wrong order:
<programlisting role="php">
<![CDATA[
<?php
function myfunc($argument)
{
echo $argument + 10;
}
$variable = 10;
echo "myfunc($variable) = " . myfunc($variable);
?>
]]>
</programlisting>
what's going on?
</para>
</question>
<answer>
<para>
To be able to use the results of your function in an expression (such
as concatenating it with other strings in the example above), you need
to <function>return</function> the value,
not <function>echo</function> it.
</para>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.newlines">
<question>
<para>
Hey, what happened to my newlines?
<programlisting role="php">
<![CDATA[
<pre>
<?php echo "This should be the first line."; ?>
<?php echo "This should show up after the new line above."; ?>
</pre>
]]>
</programlisting>
</para>
</question>
<answer>
<para>
In PHP, the ending for a block of code is either "?>" or
"?>\n" (where \n means a newline). So in the example above,
the echoed sentences will be on one line, because PHP omits
the newlines after the block ending. This means that you need to
insert an extra newline after each block of PHP code to make
it print out one newline.
</para>
<para>
Why does PHP do this? Because when formatting normal HTML, this
usually makes your life easier because you don't want that newline,
but you'd have to create extremely long lines or otherwise make the
raw page source unreadable to achieve that effect.
</para>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.headers-sent">
<question>
<para>
I get the message 'Warning: Cannot send session cookie - headers already
sent...' or 'Cannot add header information - headers already sent...'.
</para>
</question>
<answer>
<para>
The functions <function>header</function>, <function>setcookie</function>,
and the <link linkend="ref.session">session
functions</link> need to add headers to the output stream but headers
can only be sent before all other content. There can be no output
before using these functions, output such as HTML. The function
<function>headers_sent</function> will check if your script has already
sent headers and see also the <link linkend="ref.outcontrol">Output Control
functions</link>.
</para>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.header">
<question>
<para>
I need to access information in the request header directly.
How can I do this?
</para>
</question>
<answer>
<para>
The <function>getallheaders</function> function will do this if
you are running PHP as an Apache module. So, the following bit
of code will show you all the request headers:
<programlisting role="php">
<![CDATA[
<?php
$headers = getallheaders();
foreach ($headers as $name => $content) {
echo "headers[$name] = $content<br />\n";
}
?>
]]>
</programlisting>
</para>
<para>
See also
<function>apache_lookup_uri</function>,
<function>apache_response_headers</function>, and
<function>fsockopen</function>
</para>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.authentication">
<question>
<para>
When I try to use authentication with IIS I get 'No Input file specified'.
</para>
</question>
<answer>
<para>
The security model of IIS is at fault here. This is a problem
common to all CGI programs running under IIS. A workaround is
to create a plain HTML file (not parsed by PHP) as the entry page
into an authenticated directory. Then use a META tag to redirect
to the PHP page, or have a link to the PHP page. PHP will
then recognize the authentication correctly. With the ISAPI
module, this is not a problem. This should not effect other
NT web servers. For more information, see:
<link xlink:href="&url.iis;">&url.iis;</link> and the manual
section on <link linkend="features.http-auth">HTTP Authentication
</link>.
</para>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.iis.sharing">
<question>
<para>
Windows: I can't access files shared on another computer using IIS
</para>
</question>
<answer>
<para>
You have to change the <literal>Go to Internet Information
Services</literal>. Locate your PHP file and go to its properties.
Go to the <literal>File Security</literal> tab, <literal>Edit -<
Anonymous access and authentication control</literal>.
</para>
<para>
You can fix the problem either by unticking <literal>Anonymous
Access</literal> and leaving <literal>Integrated Window
Authentication</literal> ticked, or, by ticking <literal>Anonymous
Access</literal> and editing the user as he may not have the access
right.
</para>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.mixml">
<question>
<para>
How am I supposed to mix XML and PHP? It complains
about my <?xml tags!
</para>
</question>
<answer>
<para>
In order to embed <?xml straight into your PHP code, you'll have to turn off
short tags by having the PHP directive
<link linkend="ini.short-open-tag">short_open_tags</link> set to
<literal>0</literal>. You cannot set this directive with
<function>ini_set</function>. Regardless of
<link linkend="ini.short-open-tag">short_open_tags</link> being on or
off, you can do something like: <literal><?php echo '<?xml'; ?></literal>.
The default for this directive is <literal>On</literal>.
</para>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.variables">
<question>
<para>
Where can I find a complete list of variables are available to me
in PHP?
</para>
</question>
<answer>
<para>
Read the manual page on <link linkend="language.variables.predefined">
predefined variables</link> as it includes a partial list of predefined
variables available to your script. A complete list of available
variables (and much more information) can be seen by calling the
<function>phpinfo</function> function. Be sure to read the manual
section on <link linkend="language.variables.external">variables from
outside of PHP</link> as it describes common scenarios for
external variables, like from a HTML form, a Cookie, and the URL.
</para>
¬e.registerglobals;
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.freepdf">
<question>
<para>
How can I generate PDF files without using the non-free and
commercial libraries like
<link linkend="ref.pdf">PDFLib</link>? I'd like something that's
free and doesn't require external PDF libraries.
</para>
</question>
<answer>
<para>
There are a few alternatives written in PHP such as
<link xlink:href="&url.pdf.fpdf;">FPDF</link> and
<link xlink:href="&url.pdf.tcpdf;">TCPDF</link>.
</para>
<para>
There is also the <link linkend="book.haru">Haru</link> extension
that uses the free libHaru external library.
</para>
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.cgi-vars">
<question>
<para>
I'm trying to access one of the standard CGI
variables (such as <varname>$DOCUMENT_ROOT</varname> or
<varname>$HTTP_REFERER</varname>) in a user-defined
function, and it can't seem to find it. What's wrong?
</para>
</question>
<answer>
<para>
It's important to realize that the PHP directive <link
linkend="ini.register-globals">register_globals</link> also affects
server and environment variables. When register_globals = off (the
default is off since PHP 4.2.0), <varname>$DOCUMENT_ROOT</varname>
will not exist. Instead, use <varname>$_SERVER['DOCUMENT_ROOT']
</varname>. If register_globals = on then the variables
<varname>$DOCUMENT_ROOT</varname> and
<varname>$GLOBALS['DOCUMENT_ROOT']</varname> will also exist.
</para>
<para>
If you're sure register_globals = on and wonder why
<varname>$DOCUMENT_ROOT</varname> isn't available inside functions,
it's because these are like any other variables and would
require <literal>global $DOCUMENT_ROOT</literal> inside the
function. See also the manual page on
<link linkend="language.variables.scope">variable scope</link>. It's
preferred to code with register_globals = off.
</para>
¬e.superglobals;
</answer>
</qandaentry>
<qandaentry xml:id="faq.using.shorthandbytes">
<question>
<para>
A few PHP directives may also take on shorthand byte values, as opposed
to only <type>integer</type> byte values. What are all the available
shorthand byte options? And can I use these outside of &php.ini;?
</para>
</question>
<answer>
<para>
The available options are K (for Kilobytes), M (for Megabytes) and G (for
Gigabytes; available since PHP 5.1.0), these are case insensitive.
Anything else assumes bytes.
<literal>1M</literal> equals one Megabyte or <literal>1048576</literal>
bytes. <literal>1K</literal> equals one Kilobyte or
<literal>1024</literal> bytes. You may not use these shorthand
notations outside of &php.ini;, instead use an <type>integer</type>
value of bytes. See the <function>ini_get</function> documentation for
an example on how to convert these values.
</para>
</answer>
</qandaentry>
</qandaset>
</chapter>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:t
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
indent-tabs-mode:nil
sgml-parent-document:nil
sgml-default-dtd-file:"~/.phpdoc/manual.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:nil
sgml-local-ecat-files:nil
End:
vim600: syn=xml fen fdm=syntax fdl=2 si
vim: et tw=78 syn=sgml
vi: ts=1 sw=1
-->
|
