Re: Re: [PHP] A Review Request
On 20 May 2011 at 04:03, Alex Nikitin niks...@gmail.com wrote:
but here is a brief example:
(!DEBUG) || error_log(Fetch Data: .memory_get_usage()/1048576);
reads and writes a lot better and faster then:
if(DEBUG) {
$memory = memory_get_usage()/1048576;
error_log(Fetch Data: .$memory);
}
Not to me it doesn't. I find such usage incomprehensible.
tim
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re: [PHP] A Review Request
On 19 May 2011 at 23:47, Adam Richardson simples...@gmail.com wrote: You did make several other great points (session hijacking, multiple login attempts), but to be fair to Tedd, there are many levels of security, and I doubt he's trying to educate PHP developers with your background. In the same way that someone's first foray into the world of database access using PHP likely avoids a 20 table database with complex transactions for atomic operations and in-memory queues for eventually consistent data where performance is a must, I see this as a reasonable first exposure to the general principles of how one might use the features of PHP to password protect a group of pages in a site. I think this is the salient point. Provided the example is correct in itself, is marked as being aimed at the novice, and at the same time lists some of the areas that deliberately haven't been addressed in the example provided, then that should suffice. The difficulty IME is finding more advanced examples, which would help the transition from learning mode to preparing for a production environment. tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re: [PHP] A Review Request
On 20 May 2011 11:20, Tim Streater t...@clothears.org.uk wrote: *snip* [...] is marked as being aimed at the novice, and at the same time lists some of the areas that deliberately haven't been addressed in the example provided, then that should suffice. Apart from the above that would make great additions, would also be great to see some links of where to get info on the subjects that are not covered (such as security) so that people could find out more on those topics. Regards Peter -- hype WWW: plphp.dk / plind.dk LinkedIn: plind BeWelcome/Couchsurfing: Fake51 Twitter: kafe15 /hype -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re: [PHP] A Review Request
On 18 May 2011 at 20:31, Joshua Kehn josh.k...@gmail.com wrote: On May 18, 2011, at 3:22 PM, tedd wrote: What do you people think? I can say I really don't like your bracing style. I completely disagree - having the braces lined up is the only way to go. Means I don't have to search all over creation for the matching one :-) More constructively: you might want to say Copy/Paste rather than Cut/Paste. I've found examples of this type to be very helpful in the past, btw. Much of my learning is done by poking around for information to solve problems I may have with some combination of PHP, ajax, javaScript, CSS, and/or HTML, so good for you is what I say. Tedd: you have written who's instead of whose on your √ website. tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re: [PHP] A Review Request
On 18 May 2011 at 22:22, Peter Lind peter.e.l...@gmail.com wrote: On 18 May 2011 23:12, tedd t...@sperling.com wrote: This is just one way to give-back. Suggesting people that they copypaste your code is a very bad way of giving back. Suggesting that they read and understand the code is a great way. I hope you see the difference. Not obvious. If I have copy/pasted code and it hasn't worked, that's been no-one's fault but mine, and I've then gone back and looked at it more carefully. Any example given on the web, seems to me, is likely to be copy/pasted unless you take steps to make it not possible. tim -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re: [PHP] A Review Request
On 18 May 2011 23:28, Tim Streater t...@clothears.org.uk wrote: On 18 May 2011 at 22:22, Peter Lind peter.e.l...@gmail.com wrote: On 18 May 2011 23:12, tedd t...@sperling.com wrote: This is just one way to give-back. Suggesting people that they copypaste your code is a very bad way of giving back. Suggesting that they read and understand the code is a great way. I hope you see the difference. Not obvious. If I have copy/pasted code and it hasn't worked, that's been no-one's fault but mine, and I've then gone back and looked at it more carefully. Any example given on the web, seems to me, is likely to be copy/pasted unless you take steps to make it not possible. I personally don't care if someone comes back whining to Tedd after copypasting the code. I would think it sad but it doesn't affect me as such. What I do care about are the people that will mindlessly copypaste the code, get it into halfworking state mixed with some other strange stuff that they picked up from some other site, then throw the whole together on a server and start telling their friends how awesomely easy php is and that they should just copypaste *their* code (not Tedd's because his only does a bit of the job). As is probably clear by now, in my opinion it would be much better to go the motions of the script a bit at a time, with comments of *why* things are done (not *what* is done) - and why you really should spend a bit more time learning about security, because if you copypaste Tedd's script and just change the password to 'mypass', you won't have learned a thing even as your script is bruteforced in 2 seconds flat. Anyway, I doubt I have much more to add to this so I'll refrain from it. Regards Peter -- hype WWW: plphp.dk / plind.dk LinkedIn: plind BeWelcome/Couchsurfing: Fake51 Twitter: kafe15 /hype -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: Re: [PHP] A Review Request
On Wed, May 18, 2011 at 2:38 PM, Peter Lind peter.e.l...@gmail.com wrote: As is probably clear by now, in my opinion it would be much better to go the motions of the script a bit at a time, with comments of *why* things are done (not *what* is done) - and why you really should spend a bit more time learning about security . . . Ah yes, books. Yes I love books too and think they're great. This isn't a book to teach you how to be a professional PHP developer. This is a how to get X done example, at least in my view. It's perfect for a professional developer who needs to quickly get up to speed on how to do X in PHP, someone who can copy-and-paste the code, read it, and understand how to take it to the next level. David
Re: Re: [PHP] A Review Request
At 2:44 PM -0700 5/18/11, David Harkness wrote: On Wed, May 18, 2011 at 2:38 PM, Peter Lind mailto:peter.e.l...@gmail.competer.e.l...@gmail.com wrote: As is probably clear by now, in my opinion it would be much better to go the motions of the script a bit at a time, with comments of *why* things are done (not *what* is done) - and why you really should spend a bit more time learning about security . . . Ah yes, books. Yes I love books too and think they're great. This isn't a book to teach you how to be a professional PHP developer. This is a how to get X done example, at least in my view. It's perfect for a professional developer who needs to quickly get up to speed on how to do X in PHP, someone who can copy-and-paste the code, read it, and understand how to take it to the next level. David David: That's certainly part of it. I want to show web developers simple things they can use in their web sites. I think most of these people aren't stupid, but rather they are simply not informed about some very easy things that can help them tremendously. Am I going to get some flack for this? Certainly, some people won't get it, but that's not my target audience. Cheers, tedd -- --- http://sperling.com/ -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
