Trow Grandmaster Cheater Reputation: 2 Joined: 17 Aug 2006 Posts: 957
|
Posted: Sat Jul 30, 2011 3:30 pm Post subject: |
|
|
You might want to consider mysql_real_escape_string instead of adding slashes haphazardly. Also, don't forget to use an abstract database class, not mysql_query directly.
AhMunRa wrote: | Can't really say. If you can look at this and get an idea of what it's doing I'd say PHP will be very easy for you.
Code: | <?php
...
$query = "INSERT INTO guestbook (name, email, url, message, entry_date) " .
"VALUES ('$name', '$email', '$url', '$message', current_date)";
...
mysql_query($query) or die('Error, query failed. ' . mysql_error());
...
?>
|
|
A few things to note before you spend your time on learning PHP instead of, say, Pylons:
- PHP has no rigid naming conventions. Sometimes it's underscore (mysql_query), sometimes it's nothing (htmlspecialchars), and sometimes it's camel case (those who got used to Java).
- PHP is loosely typed - so $i = 5, not int $i = 5. 0 evaluates to false by default (unless you use ===), and floats are not parsed the same way as in other languages.
- Beware of how you use quotes. "$i" is "5", but '$i' is '$i'.
- PHP is a patchwork language derived from Perl syntax. Adding object orientation to PHP is similar to eating vegetables.
- In a software development sense, you should never be using echo.
- The standard PHP parser is a POS. functions within functions are glitchy, classes within functions die, and function definitions within conditional statements are always valid.
_________________ Get kidnapped often.
|
|