Category: PHP

PHP cleaning strings with “preg_replace()” function and more resources for REGEX

09/20/2014 Aaron Belchamber No Comments

Cleaning strings by removing anything that is not a letter or number can be very useful, like building clean URLs based on customer data.

This will replace anything that isn’t a letter, number or space. Then, you can further clean the spaces by replacing with dashes (“-“) for better URL readability.


$stringToClean = preg_replace("/[^a-zA-Z 0-9]+/", "", $stringToClean);

Note that “preg_replace” uses the REGEX patterns and matching rules which is also used in .htaccess files. If sometimes you struggle with getting REGEX right, visit this excellent REGEX Cheatsheet: http://www.cheatography.com/davechild/cheat-sheets/regular-expressions/


Typical way to send CURL POST data in PHP

09/19/2014 Aaron Belchamber No Comments

Here is a typical way to send PHP data to another script and have that data returned via CURL POST. Keep in mind there are a lot of server security restrictions that may impede CURL from working properly. Visit the PHP cURL book to learn more.


function curlPost ($url,$valsArr)
{
   //create name / value pairs
   foreach($valsArr as $key => $val)
   {
      $postDataArr[]= $key . ‘=’.$val;
   }

$postData=implode("&",$postDataArr);

$ch = curl_init();

curl_setopt($ch,CURLOPT_URL,$url);
curl_setopt($ch,CURLOPT_RETURNTRANSFER,true);
curl_setopt($ch,CURLOPT_HEADER, false);
curl_setopt($ch, CURLOPT_POST, count($postData));
curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);

$output=curl_exec($ch);

curl_close($ch);
return $output;

}

// Call function like so:

$valsArr = array(
   “sampleField1” => “value1”,
   “sampleField2” => “value2″,
   “sampleField3” => “value3”
);

echo curlPost(“http://www.prolificfutility.com/path-to-curlPost.php”,$valsArr);

The basic way to work with file attachments for users to download files via hyperlinks in PHP

09/05/2014 Aaron Belchamber No Comments

This is always something that seems to be overcomplicated, if you generate PDFs or other files and use some form of AJAX to call that file, how do you force the user’s browser to treat the link as an attachment for them to save on their computer? You have to make sure the script hasn’t sent any output and send the headers along with the file data in the following sequence:

// "pdf" can be any other type of valid file
header('Content-type: application/pdf');

// File will be called "document.pdf"
header('Content-Disposition: attachment; filename="document.pdf"');

// The actual PDF file on the server can be called anything.  This is a clever way to obfuscate the real file name from the public, by using a different naming convention.

readfile('/path/to/source/file.pdf');

Mysql PDO standard insert (persist) of data to a table with placeholders to protect from MySQL injection attacks

07/02/2014 Aaron Belchamber No Comments

This is a much more secure way to insert records and prevent MySQL injection.  This assumes that $this-conn is your MySQLi PDO database connection object that you’ve already initialized:



Please note that a lot of the PHP snippets on this site assume you have some level of PHP experience.  I use this site as a repository of many frequent code snippets and things I find I look up a lot as a central way to reference materials.  Feel free to use and share as you see fit!
- Aaron Belchamber

Redirect a webpage with PHP

03/15/2014 Aaron Belchamber No Comments

There are plenty of reasons to need to redirect a page.  If you do, you here is a sample PHP code snippet that will allow you to point a page to another page on your site or any other site quickly and easily.

This script needs to be the first lines of the script, before any headers or any characters for that matter are sent to the browser.  This means, make sure there is NO SPACE before your opening “<?php” tag.  This happens more frequently than you think, yes, a single simple lonely ” ” space character will make sure this redirect will never work…


<?php

header(“HTTP/1.1 301 Moved Permanently”);
header(“Location:http://newlocation.com“);
exit;

?>

I know it flies in the face of standard coding conventions, but one day we might create a syntax and structure built into our language where a stray space character or semi-colon won’t violate the structural principles and somehow be auto-corrected.  Of course, one may argue that they want a web developer who can notice such details, on the other hand, wouldn’t it be great if your brilliant web developer didn’t have to spend so much time and energy hunting down stray characters that perhaps less experienced coders inadvertently through into their code?  I guess this is one of the best arguments for using a PHP framework since the constructs are tighter so it would be more difficult for developers in a collaborative environment to be taxed with the burden that comes from having too open of a development environment.

Then again, it seems like frameworks such as Symfony and Cake often create more work for simple projects than if your web development team stuck to some standards and developed new content using OOP and MVC patterns.  Using OOP and MVC combined can create an excellent and reliable pseudo-framework but still give your web development team enough flexibility to push new scripts out quickly.