newb question: why php?

Everything related to the visual and coding aspects of websites.
User avatar
Mikari
Posts: 3249
Joined: Thu Jun 21, 2012 6:30 pm
Location: Coruscant
Contact:

Thu Dec 15, 2016 1:11 pm

I also use php for easy layout editing. It can also be used to give the option of multiple layouts or "skins" and contact forms as well as other server side tricks like text/images that change depending on the date/time.

User avatar
Crystal
Posts: 2377
Joined: Thu Jul 19, 2012 5:02 pm
Location: Alberta Canada
Contact:

Sat Jan 07, 2017 5:20 pm

Masao wrote:The other easy vulnerability is if you dynamically include files (like a page.php?name or a page.php?x=name), if you don't check that it's only including files on your server, someone could try to load an external file by typing it in the browser page.php?[insert full url of a malicious file]
I'm kinda confused by this because I use the page.php?name on all my sites. Could you explain it to me? :o
There are shadows before us - but only because the light is at our back.

User avatar
Masao
Host
Posts: 589
Joined: Thu Jun 16, 2011 12:29 am
Contact:

Sun Jan 08, 2017 4:27 am

On mobile, or else I'd include full code explanation, sobs I'm going to be without internet for a few more days :sob:

But basically, depending on how you include your page, it might not check for if the file you're including is locally existing or not.

So instead of including your own subpage.php, someone could include their remote file. But if your dynamic include is just using one file that splits content in itself, then it's not a problem.

Basically the stuff after the ? is the page query, so when you type that in your browser and it gets sent back to your server and php interprets it as a query, and your code can so whatever it likes with that info.

For url includes, it usually means the name of a file to include, or something to request back from the database. Our forum URL is an example of that: the numbers after their labels are the id of the correct forum section or topic to find in the database. And the code behind the scenes uses that id to fill in a SQL command that retrieves the info from the database.
THE FATE OF DESTRUCTION IS ALSO THE JOY OF REBIRTH.

User avatar
Crystal
Posts: 2377
Joined: Thu Jul 19, 2012 5:02 pm
Location: Alberta Canada
Contact:

Sun Jan 08, 2017 5:41 pm

Okay yeah mine is just one file. I think I understand. Thanks for explaining it to me Masao! :D
There are shadows before us - but only because the light is at our back.

jacky999
Posts: 18
Joined: Fri Mar 17, 2017 11:26 am

Fri Mar 24, 2017 9:44 am

Hi everyone!

I have a relevant question about PHP. I know there are PHP5 and PHP6... I read that PHP7 is much faster than previous versions. True? What about other advantages of PHP7?

User avatar
nyxmidnight
Communications Staffer
Posts: 1144
Joined: Sat Oct 13, 2012 7:55 pm
Location: Canada
Contact:

Fri Mar 24, 2017 1:43 pm

Actually there isn't any PHP6! PHP went directly from 5.6 to 7.

But yes, PHP7 is much faster than the previous versions! You can check out what is new on the PHP.NET Manual.
Join in the Tale, in the Blight, of Conquest and Lies
Come the Sun, to Tarnish in the Sky
Vow that we shall Tear the Light - Dark seizes the Throne
Lost in thoughts, all alone

jacky999
Posts: 18
Joined: Fri Mar 17, 2017 11:26 am

Mon Mar 27, 2017 4:11 am

Thank you! I read that all php codes are handled server side. What does it mean?

I am new to php. I hope my question does not look too silly.

User avatar
Mikari
Posts: 3249
Joined: Thu Jun 21, 2012 6:30 pm
Location: Coruscant
Contact:

Fri Mar 31, 2017 5:55 pm

jacky999 wrote:Thank you! I read that all php codes are handled server side. What does it mean?

I am new to php. I hope my question does not look too silly.
It means that everything is processed by the server rather than by the person's computer and the page displays the end result. That's why if you view the source you'll see the code that was generated rather than the php itself.

Post Reply
  • Information
  • Who is online

    Users browsing this forum: No registered users and 2 guests