Page 1 of 3 123 LastLast
Results 1 to 16 of 42

Thread: Efficiency of PHP code

  1. #1
    Senior Member Kezzer's Avatar
    Join Date
    Sep 2003
    Posts
    4,863
    Thanks
    12
    Thanked
    5 times in 5 posts

    Efficiency of PHP code

    Ok the following code is my database connection which is stored in dbconn.inc. Now I can't store the file in a dir which is above httpdocs as i don't have the permission to do so and doing so would require an upgrade of my web host so it's less secure but is this a good way to do it? Also, there will be more questions to follow in this thread it's just i'm working on the scripts at the moment

    PHP Code:
    <?php

    $dbconnect 
    mysql_connect('localhost''****''****');

      if(!
    $dbconnect
          die(
    '<p>Unable to connect to database</p>');

    $select mysql_select($dbconnect'****');

      if(!
    $select
          die(
    'Unable to find database'); 
    ?>

  2. #2
    Bigger than Jesus Norky's Avatar
    Join Date
    Feb 2005
    Posts
    1,579
    Thanks
    1
    Thanked
    8 times in 8 posts
    Using a .inc file extension will display the code as plain text, as seen here (20 seconds of Googling produced that)

  3. #3
    Senior Member Kezzer's Avatar
    Join Date
    Sep 2003
    Posts
    4,863
    Thanks
    12
    Thanked
    5 times in 5 posts
    Doh! That's a bit stupid then, i'll change it to .php. Fortunately i haven't used it yet

  4. #4
    Bigger than Jesus Norky's Avatar
    Join Date
    Feb 2005
    Posts
    1,579
    Thanks
    1
    Thanked
    8 times in 8 posts
    Post away with any other questions, I'll be on for a bit

  5. #5
    Senior Member Kezzer's Avatar
    Join Date
    Sep 2003
    Posts
    4,863
    Thanks
    12
    Thanked
    5 times in 5 posts
    Hehe, well i just wanted to see if that script was a good way for connecting to a database and selecting the database?

  6. #6
    Bigger than Jesus Norky's Avatar
    Join Date
    Feb 2005
    Posts
    1,579
    Thanks
    1
    Thanked
    8 times in 8 posts
    Can't see anything wrong with it, in fact that's exactly how I do it, although I don't use die(), I simply display an error message within the template file.

  7. #7
    Senior Member Kezzer's Avatar
    Join Date
    Sep 2003
    Posts
    4,863
    Thanks
    12
    Thanked
    5 times in 5 posts
    using mysql_error() function to display the last error? I prefer to supress my errors. Plus, die() is good as it stops parsing any more PHP code if it's executed

  8. #8
    Agent of the System ikonia's Avatar
    Join Date
    May 2004
    Location
    South West UK (Bath)
    Posts
    3,736
    Thanks
    39
    Thanked
    75 times in 56 posts
    kezzer you could always make a dir in the web root and change the permissions to something that your the web user can read but the web user group can't.

    Most webservers are setup with a user seeing all, but the pages served by the users group.
    It is Inevitable.....


  9. #9
    Senior Member Kezzer's Avatar
    Join Date
    Sep 2003
    Posts
    4,863
    Thanks
    12
    Thanked
    5 times in 5 posts
    The whole idea of it was followed by my sitepoint book, it said that putting it in a .inc file in a dir above your dir which contains the web documents then it should be secure so i dunno

  10. #10
    daft ideas inc. scottyman's Avatar
    Join Date
    Jul 2003
    Location
    Charming and Exotic Bracknell
    Posts
    1,576
    Thanks
    2
    Thanked
    3 times in 3 posts
    i think in fairness - if you didn't use asp style short tags - you can prevent the file being indexed and shown.
    for security I would not define my functions inside the config.inc file - simply define the site constants and globals. everything else should be encapsulated in classes

    i.e
    PHP Code:
    <?php

    /*
    * set system constants according to what type of mail server auth you're using.
    * define mail_auth if your mail server requires it (and not running locally)
    * do not need to define user and pass if not using auth.
    *
    *  define('MAIL_HOST', $mail_srvr);
    *  define('MAIL_AUTH', false);

    */
    define('MAIL_HOST'$mail_srvr);
    define('MAIL_AUTH'true);
    define('MAIL_USER'$mail_user);
    define('MAIL_PASS'$mail_passwd);

    ?>
    this way I can reference these variables from a secured config file - but this provides the globals that I need - where I only need to modify my stored paths - the secured information is held elsewhere.

    PHP Code:
    $path '../' $physical_path;
    $wpath 'http://' $_SERVER["SERVER_NAME"] . '/' $physical_path;
    /**
    * Smarty template directories
    */
    define('TEMPLATE_DIR'$path 'templates/');
    define('COMPILE_DIR'TEMPLATE_DIR 'templates_c/');
    define('CONFIG_DIR'TEMPLATE_DIR 'configs/');
    define('CACHE_DIR'TEMPLATE_DIR 'cache/');
    /**
    * Site directories
    */
    define('IMAGE_DIR'$wpath 'images/');
    define('CSS_DIR'$wpath 'css/');
    define('ROOT_DIR'$wpath);
    define('INCLUDES_DIR'$path 'includes/');
    /**
    * Site pages
    */
    define('INDEX_PAGE'ROOT_DIR 'index.php');
    define('HELP_PAGE'ROOT_DIR 'help.php');
    /*define('HELP_PAGE', USER_DIR . 'help.php');*/ 

  11. #11
    HEXUS.net Webmaster
    Join Date
    Jul 2003
    Location
    UK
    Posts
    3,108
    Thanks
    1
    Thanked
    0 times in 0 posts
    call the file dbconn.inc.php that way you can tell it's an include file but the webserver will treat it as a PHP file and not parse it as a text file

  12. #12
    HEXUS.net Webmaster
    Join Date
    Jul 2003
    Location
    UK
    Posts
    3,108
    Thanks
    1
    Thanked
    0 times in 0 posts
    And Scottyman is correct, classes are far better but they are probably a step too far for you at the moment

  13. #13
    Senior Member Kezzer's Avatar
    Join Date
    Sep 2003
    Posts
    4,863
    Thanks
    12
    Thanked
    5 times in 5 posts
    Quote Originally Posted by Iain
    And Scottyman is correct, classes are far better but they are probably a step too far for you at the moment
    Hehe, not really, i do OO in my course, a lot of it. In fact i'm working on a full OO project at the moment I just never touch classes with PHP for some reason. Well, that's a lie because i have a script written which is in a class. I'll have a look into it though

  14. #14
    Senior Member Kezzer's Avatar
    Join Date
    Sep 2003
    Posts
    4,863
    Thanks
    12
    Thanked
    5 times in 5 posts
    Quote Originally Posted by scottyman
    this way I can reference these variables from a secured config file - but this provides the globals that I need - where I only need to modify my stored paths - the secured information is held elsewhere.
    That's a damn good idea. The thing is, where would i store the file which held all the constants?

  15. #15
    daft ideas inc. scottyman's Avatar
    Join Date
    Jul 2003
    Location
    Charming and Exotic Bracknell
    Posts
    1,576
    Thanks
    2
    Thanked
    3 times in 3 posts
    i store it in the root, so it's a common location to reference. this way I know that as I navigate through the tree, the root location is always the same.
    i.e. in the user directory %root%/users/user.php

    PHP Code:
    <?php
    /**
     * User.php
     * Either registers and new user, or allows existing user to edit their own details.
     * Matches functionality provided for admin purposes
     * 
     *   @author Scott Harman
     *   @copyright Scott Harman 2004
     *   @version 1.0a
     */
    session_start( );
    require_once 
    "DB.php";
    require_once 
    "../config.inc" ;
    require_once ( 
    INCLUDES_DIR "template.inc");
    require_once ( 
    INCLUDES_DIR "functions.inc");
    require_once ( 
    INCLUDES_DIR "mail.inc");
    so this loads the required files, pulls in the constants, and starts instantiating the old objects

    PHP Code:
    $smarty = new PasTVTemplate( );
    // create db connection
    $connect DB::connect$db);
    // test db error
    if ( DB::isError$connect))
        die( 
    $connect->getMessage( ));
    // being edit section if user has already registered and simply wants to change details.
    $query "SELECT * FROM title";
    $result $connect->query$query);
    if ( 
    DB::isError$result))
        die( 
    $result->getMessage( ));
    while ( 
    $row $result->fetchRowDB_FETCHMODE_ASSOC)) {
        
    $titles[] = $row['titles'];

    it's not the most well written, or clear code I've ever written, but illustrates the encapsulation quite nicely. just a really good way of re-using loads of code. some of the db stuff isn't very elegant - but based on my php parsing, I ended up writing a simple and elegant class that would pull data from a csv, and insert it into a database using named tables (for safety)

    worked quite nicely, and it's just an easy way of accessing the PEAR DB class.
    Last edited by scottyman; 26-02-2005 at 01:46 PM.

  16. #16
    Senior Member Kezzer's Avatar
    Join Date
    Sep 2003
    Posts
    4,863
    Thanks
    12
    Thanked
    5 times in 5 posts
    Wow, that is a nice script. I understand that perfectly. How does the isError() function in the DB class able to tell the difference between connecting to the db and doing a query? Are you overloading the functions? Not sure if it's possible in PHP as i mainly work with Java

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Linux code help!
    By nvening in forum Software
    Replies: 18
    Last Post: 26-02-2005, 12:30 AM
  2. PHP Questions and a book recommendation
    By Dorza in forum Software
    Replies: 2
    Last Post: 02-09-2004, 01:26 PM
  3. Need help, php masters!
    By Allen in forum Software
    Replies: 10
    Last Post: 07-07-2004, 07:16 AM
  4. another php troubleshoot
    By killgORE in forum Software
    Replies: 3
    Last Post: 27-06-2004, 05:57 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •