Need php beta testers

Discuss how to write good code, break bad code, your current pet projects, or the best way to approach novel problems

Need php beta testers

Post by DrRoach on Fri Aug 30, 2013 10:39 pm
([msg=77129]see Need php beta testers[/msg])

I have written a PHP library, albeit small at the moment, which makes coding in html and php ALOT easier and was wandering if anyone could test it for me and also let me know what you think. Thanks in advance.
DrRoach
Poster
Poster
 
Posts: 155
Joined: Fri Feb 22, 2013 6:53 pm
Blog: View Blog (0)


Re: Need php beta testers

Post by tgoe on Fri Aug 30, 2013 10:50 pm
([msg=77130]see Re: Need php beta testers[/msg])

OK, so where is it?
User avatar
tgoe
Contributor
Contributor
 
Posts: 661
Joined: Sun Sep 28, 2008 2:33 pm
Location: q3dm7
Blog: View Blog (0)


Re: Need php beta testers

Post by -Ninjex- on Fri Aug 30, 2013 10:51 pm
([msg=77131]see Re: Need php beta testers[/msg])

Details and source baby, details and source.
If you're not willing to learn, no one can help you. If you're determined to learn, no one can stop you.⠠⠵
The absence of evidence is not evidence of absence.
I can explain it for you, but I can't understand it for you.
User avatar
-Ninjex-
Addict
Addict
 
Posts: 1353
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: Need php beta testers

Post by Goatboy on Sat Aug 31, 2013 9:45 am
([msg=77135]see Re: Need php beta testers[/msg])

DrRoach wrote:I have written a PHP library, albeit small at the moment, which makes coding in html and php ALOT easier and was wandering if anyone could test it for me and also let me know what you think. Thanks in advance.
DrRoach wrote:which makes coding in html and php ALOT easier and was wandering if anyone could test it for me
DrRoach wrote:coding in html and php ALOT easier and was
DrRoach wrote:html and php ALOT



html and php html and php html and php html and php html and php html and php html and php html and php html and ph
p html and php html and php html and php html and php html and php html and php html and php html and php html and
php html and php html and php html and php html and php html and php html and php html and php html and php html an
d php html and php html and php html and php html and php html and php html and php html and php html and php html
and php html and php html and php html and php html and php html and php html and php html and php html and php htm
l and php html and php html and php html and php html and php html and php html and php html and php html and php h
tml and php html and php html and php html and php html and php html and php html and php html and php html and php
html and php html and php html and php html and php html and php html and php html and php html and php html and p
hp html and php html and php html and php html and php html and php html and php html and php html and php html and
php html and php html and php html and php html and php html and php html and php html and php html and php html a
nd php html and php html and php html and php html and php html and php html and php html and php html and php html
and php html and php html and php html and php html and php html and php html and php html and php html and php ht
ml and php html and php html and php html and php html and php html and php html and php html and php html and php
html and php html and php html and php html and php html and php html and php html and php html and php html and ph
p html and php html and php html and php html and php html and php html and php html and php html and php html and
php html and php html and php html and php html and php html and php html and php html and php html and php html an
d php html and php html and php html and php html and php html and php html and php html and php html and php html
and php html and php html and php html and php html and php html and php html and php html and php html and php htm
l and php html and php html and php html and php html and php html and php html and php html and php html and php h
tml and php html and php html and php html and php html and php html and php html and php html and php html and php
html and php html and php html and php html and php html and php html and php html and php html and php html and p
hp html and php html and php html and php html and php html and php html and php html and php html and php html and
php html and php html and php html and php html and php html and php html and php html and php html and php html a
nd php html and php html and php html and php html and php html and php html and php html and php html and php html
and php html and php html and php html and php html and php html and php html and php html and php html and php ht
ml and php html and php html and php html and php html and php html and php html and php html and php html and php
html and php html and php html and php html and php html and php html and php html and php html and php html and ph
p html and php html and php html and php html and php html and php html and php html and php html and php html and
php html and php html and php html and php html and php html and php html and php html and php html and php html an
d php html and php html and php html and php html and php html and php html and php html and php html and php html
and php html and php html and php html and php html and php html and php html and php html and php html and php htm
l and php html and php html and php html and php html and php html and php html and php html and php html and php h
tml and php html and php html and php html and php html and php html and php html and php html and php html and php
html and php html and php html and php html and php html and php html and php html and php html and php html and p
hp html and php html and php html and php html and php html and php html and php html and php html and php html and
php html and php html and php html and php html and php html and php html and php html and php html and php html a
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2823
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Need php beta testers

Post by DrRoach on Sun Sep 01, 2013 6:00 am
([msg=77153]see Re: Need php beta testers[/msg])

Sorry about not adding the code straight away I was just finishing a few pieces up and wasn't sure if anyone would test it but thanks to those that do. The files are in two parts so I'll merge them into one just for you guys.

Code: Select all
<?php

// Adds a function to see if supa functions are working correctly
function supa_test(){
   echo "Test";
};

// Function to connect to mysql database
function supa_connect($host,$supaUsername,$supaPassword,$dbname){
   // set to global as it's used widely in php
   global $con;
   $con = mysqli_connect($host,$supaUsername,$supaPassword,$dbname);
};

// function to create php login script
function supa_create_login($username,$password,$tableName){
   global $con;
   $checkLogin = "SELECT * FROM $tableName WHERE username = '$username'";
   $checkLoginResult = mysqli_query($con,$checkLogin);
   // if loginExists == 0 creates new login in table
   $loginExists = 0;
   while($row = mysqli_fetch_assoc($checkLoginResult)){
      // Adds username and password info to variables to be later accessed by function
      $loginExists++;
      $dbUsername = $row['username'];
      $dbPassword = $row['password'];
   };
   if($loginExists == 1){
   // If login does exist, do nothing - YET
   
   } else if($loginExists == 0){
      // if login doesn't exist, add it, will probably only ever used once by first site visitor
      mysqli_query($con,"INSERT INTO $tableName (`username`,`password`) VALUES ('$username','$password')");
   };
}

// Creates login table
function supa_create_login_form($tableName){
   // Checks to see if submit has been clicked in table
   if(ISSET($_POST['login'])){
      global $con;
      //Gets user and pass info from form
      $user = $_POST['user'];
      $pass = $_POST['pass'];
      // Compares username and password
      $compareLogin = "SELECT * FROM $tableName WHERE username = '$user'";
      $compareLoginResult = mysqli_query($con,$compareLogin);
      // Checks to see if user is logged in, later upgrade to sessions
      $loginStatus = 0;
      while($row = mysqli_fetch_assoc($compareLoginResult)){
         if($row['username'] == $user && $row['password'] == $pass){
            $loginStatus = 1;
            echo("You are now logged in");
         };
      } if($loginStatus == 0){
         echo("Your username or password seems to be incorrect");
      };
   };
   //Creates actual table
      echo("<form method='post' action=''>
         <input type='text' name='user' value='Username'>
         <input type='password' name='pass' value='Pas'>
         <input type='submit' name='login' value='login'>
      </form>");
};

function supa_start_html(){
   //Checks to see how many args are added and what is in them
   $argNum = func_num_args();
   $args = func_get_args();
   // Writes out basics for html doc
   echo("<!DOCTYPE html>
<html>
   <head>
   ");
   //TITLE
   // If it has one arg and the arg isn't blank addstitle, if the arg is blank then skips this line
   if($argNum >= 1 && $args[0] != "blank"){
      echo("   <title>".$args[0]."</title>
      ");
   };
   //STYLESHEET
   //If there are 2 args and the second arg doesnt = "" then add a stylesheet. .css is automatically added
   if($argNum >= 2 && $args[1] != ""){
      echo("<link rel='stylesheet' href='".$args[1].".css'>
      ");
   };
   //CHARSET
   //  If there are 3 args then enter these checks, if there aren't 3 it cuts out excessive else if
   if($argNum >= 3){
      //If there are 3 or more args and the 3rd arg doesnt = blank and it doesnt = ""
      if($argNum >= 3 && $args[2] != "blank" && $args[2] != ""){
         echo("<meta charset='".$args[2]."'>
         ");
      //If the 3rd arg = "" add utf-8 charset
      } else if($argNum >= 3 && $args[2] == ""){
         echo("<meta charset='utf-8'>
         ");
      //If arg 3 = blank then leave the charset line out
      } else if($argNum >= 3 && $args[2] == "blank"){
      
      };
   //If there aren't 3 args add utf-8 charset automatically - makes the code more correct
   } else {
      echo("<meta charset='utf-8'>");
   };
   //GOOGLE FONTS
   //If there are 4 args
   if($argNum >= 4){
      //Loop through to add link to google font for each font
      for($i=0;$i<$argNum-3;$i++){
         //Replaces " " with "+" for the google fonts url
         $fontFam = str_replace(" ","+",$args[$i+3]);
         echo("<link rel='stylesheet' href='http://fonts.googleapis.com/css?family=".$fontFam."'>
         ");
      };
   }
//Ends the head and starts body
echo("</head>
   <body>
   ");
};

function supa_create_tag(){
   //Gets argument info
   $argNum = func_num_args();
   $args = func_get_args();
   
   //Adds tag with the wanted tag
   echo("<".$args[0]);
      //If there are at least 2 args then add the class to the tag
      if($argNum >= 2){
         echo(" class='".$args[1]."'>
         ");
      //If there aren't 2 args then just end the opening tag
      } else {
         echo(">
         ");
      };
      //Add font tags and text for as many as there are
      if($argNum >= 3){
         $argNum = $argNum - 2;
         //Loops through as long as there are functions added in
         for($i=0;$i<$argNum;$i++){
            //Echos the text tag
            echo("<".$args[$i+2].">
            ");
            //Adds 1 to $i so that it skips the text to be added between the tags
            $i++;
            //Adds the text between the text tags
            echo($args[$i+2]
            );
            //Ends the text tag
            echo("
         </".$args[$i+1].">
            ");
         }
      }
};

function supa_finish($tag){
   //Ends tags that are open
   echo("</".$tag.">
   ");
};

function supa_end_html(){
//Ends html document
   echo("</body>
</html>");
};

?>


And documentation so you know what the functions are called :

Code: Select all
<!DOCTYPE html>
<html>
   <head>
      <title>Supa HTML Functions</title>
   </head>
   <body>
      <section class="function">
         <h2>supa_start_html()</h2>
         <p class="desc">Use supa_start_html() to begin your html document in a well layed out manner. If you want to add a google font but not a charset or similar, you will have to enter "" these will be ignored by the function. Charset is set to utf-8 by default to override this enter the charset you want or "blank".</p>
         <p class="goodDesc">You can use the supa_start_html() function to add a title, stylesheet, charset and google fonts all in one line of code. To add a google font you need to add at least 4 arguments but you can leave arguments blank so to add just the Kavoon google font and no other code apart from html tags add supa_html_start("blank","","blank","Kavoon");  also you don't need to add .css for your stylesheet or the google font link, just it's name even for fonts with spaces</p>
         <xmp class="example">supa_start_html("title","stylesheet","charset","google fonts");</xmp>
         <xmp class="workingExample">supa_start_html("Home","style","utf-8");</xmp>
      </section>
      <section class="function">
         <h2>supa_end_html()</h2>
         <p class="desc">Use supa_end_html() to end your html document</p>
         <xmp class="example">supa_end_html();</xmp>
      </section>
      
      <h2>supa_create_tag("header","headerBar","h2","Test hea\"der","p","Another Test");</h2>
      <h2>supa_finish("header");</h2>
   </body>
</html>
<!DOCTYPE html>
<html>
<head>
   <title>Supa Functions Index</title>
   <link rel="stylesheet" href="styl.css">
</head>
<body>
   <header>
      <h1>SupaFunctions Codex</h1>
   </header>
   <section class="function">
      <h2>How to add supa_functions</h2>
      <p class="desc">Including supa_functions on your site is simple, all you need to do is use the include_once() method</p>
      <xmp class="example">include_once("supa_functions.php");</xmp>
   <section class="function">
      <h2>supa_test()</h2>
      <p class="desc">Use supa_test() to see if you have succesfully connected supa_functions</p>
      <xmp class="example">supa_test();</xmp>
   </section>
   <section class="function">
      <h2>supa_connect()</h2>
      <p class="desc">Use supa_conmnect() to connect your site to a mysql database, supa_connect connects using mysqli</p>
      <xmp class="example">supa_connect("host","username","password","database name");</xmp>
   </section>
   <h2>supa_create_login("username","password","table name");</h2>
   <h2>supa_create_login_form("table name");</h2>
</body>
</html>


Sorry about the stupid amounts of code and the documentation being in html but I've just copied it from where I am writing it, if you want to ask me anything just send me a pm or post it on here. Thanks.
DrRoach
Poster
Poster
 
Posts: 155
Joined: Fri Feb 22, 2013 6:53 pm
Blog: View Blog (0)


Re: Need php beta testers

Post by Goatboy on Sun Sep 01, 2013 4:27 pm
([msg=77156]see Re: Need php beta testers[/msg])

First and foremost: Security is not an option.

Code: Select all
// function to create php login script
function supa_create_login($username,$password,$tableName){
   global $con;
   $checkLogin = "SELECT * FROM $tableName WHERE username = '$username'";
   $checkLoginResult = mysqli_query($con,$checkLogin);
   // if loginExists == 0 creates new login in table
   $loginExists = 0;
   while($row = mysqli_fetch_assoc($checkLoginResult)){
      // Adds username and password info to variables to be later accessed by function
      $loginExists++;
      $dbUsername = $row['username'];
      $dbPassword = $row['password'];
   };
   if($loginExists == 1){
   // If login does exist, do nothing - YET
   
   } else if($loginExists == 0){
      // if login doesn't exist, add it, will probably only ever used once by first site visitor
      mysqli_query($con,"INSERT INTO $tableName (`username`,`password`) VALUES ('$username','$password')");
   };
}

Anyone with even a basic understanding of SQL injection can break that with a single quotation mark and some simple math/logic.

http://codular.com/php-mysqli

^ Read that.

This happens later on in your code as well when you create the login form. Also, you have a field labeled "Pas". Are we French? Parlez-vous français mon frere? Utilisez-vous le français partout? J'pas.

Second, while these might be useful to you they're sort of hard to integrate into a project. In order to use this library I would need to change row names either in my DB or in your code. What if I call them 'user' and pass'? Or 'resu' and 'ssap' in Da Vinci fashion? It would be better to have a configuration section where users can decide what row name to use.

Third, using a function to write/end a tag seems a bit like driving a thumbtack into a wall with a sledgehammer. Why would I want to write "supa_finish("p");" when I can just write "echo "</p>";"? Why would I ever need to use PHP to finish a tag in the first place? If I have a function that creates tags (one or many) why do I need a separate function just to close them?

I won't get into design issues because all the code I write is horribly sloppy and disorganized, but it works for me. However when writing code for another person to use you need to keep in mind readability, usability, and security.

tl;dr - I like that people are still writing their own libs instead of just taking for granted what's out there, but do some code review and make a few changes.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2823
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Need php beta testers

Post by DrRoach on Sun Sep 01, 2013 5:17 pm
([msg=77158]see Re: Need php beta testers[/msg])

Goatboy wrote:Anyone with even a basic understanding of SQL injection can break that with a single quotation mark and some simple math/logic.


I had written in a function to strip all characters which are widely used in hacking, such as ' and " but I did it on my work laptop and clearly haven't transferred it.

Goatboy wrote:Also, you have a field labeled "Pas". Are we French? Parlez-vous français mon frere? Utilisez-vous le français partout? J'pas.


I added the value to pas so that 3 dots are added to the password field, this could of easily been any 3 characters as they aren't used except for placeholders.

Goatboy wrote:Second, while these might be useful to you they're sort of hard to integrate into a project. In order to use this library I would need to change row names either in my DB or in your code. What if I call them 'user' and pass'? Or 'resu' and 'ssap' in Da Vinci fashion? It would be better to have a configuration section where users can decide what row name to use.


Ok thanks for that I'll edit it so that you can edit what you call the row names :)

Goatboy wrote:Third, using a function to write/end a tag seems a bit like driving a thumbtack into a wall with a sledgehammer. Why would I want to write "supa_finish("p");" when I can just write "echo "</p>";"? Why would I ever need to use PHP to finish a tag in the first place? If I have a function that creates tags (one or many) why do I need a separate function just to close them?


I didn't really add this function to end texttags such as "p" more to end design tags sych as "article" and the such which might hold more than text such as "<img>"

Goatboy wrote:I won't get into design issues because all the code I write is horribly sloppy and disorganized, but it works for me. However when writing code for another person to use you need to keep in mind readability, usability, and security.


I understand this because the code does look disgusting but the main reason for this is to make the source when it's used in html to look better with indenting and the such.

Thanks for the advice I really appreciate it and will definitely make changes and add more on.
One last thing do you have any idea how long it'll take for pages to load if I really start building this library up? thanks again.
DrRoach
Poster
Poster
 
Posts: 155
Joined: Fri Feb 22, 2013 6:53 pm
Blog: View Blog (0)


Re: Need php beta testers

Post by Goatboy on Sun Sep 01, 2013 5:34 pm
([msg=77160]see Re: Need php beta testers[/msg])

DrRoach wrote:I had written in a function to strip all characters which are widely used in hacking, such as ' and " but I did it on my work laptop and clearly haven't transferred it.

Take a look into some existing functions for sanitizing input. They've been refined over time and are generally accepted to be safe. Coding your own security is usually a bad idea.

DrRoach wrote:I added the value to pas so that 3 dots are added to the password field, this could of easily been any 3 characters as they aren't used except for placeholders.

Makes sense, but I tend to avoid default values in user-submitted data. What if someone forgets to erase the contents and appends their password to the end of "Pas"? If HTS did this, my password would be "Passpassword123". That's silly.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2823
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Need php beta testers

Post by Shade_of_Gray on Sun Sep 01, 2013 5:42 pm
([msg=77162]see Re: Need php beta testers[/msg])

I've done a bit of work with web development myself... If you're looking for a way to create cleaner/prettier code, try looking into established design patterns and separating presentation from content. Read up on the Model-View-Controller pattern, for example - once you understand the concept behind the design pattern, you may find it actually changes the way you think about the problems you're working on.

For an example of a PHP framework that uses this design pattern and has great documentation, check out CodeIgniter.

Hope this helps some. =)
Shade_of_Gray
Experienced User
Experienced User
 
Posts: 60
Joined: Mon Oct 22, 2012 11:04 pm
Blog: View Blog (0)


Re: Need php beta testers

Post by DrRoach on Sun Sep 01, 2013 5:51 pm
([msg=77166]see Re: Need php beta testers[/msg])

Goatboy wrote:Take a look into some existing functions for sanitizing input

Ok thanks I'll take a look at them now.
Goatboy wrote:What if someone forgets to erase the contents and appends their password to the end of "Pas"?

I see what you mean now thank you I'll remove it along with my changes.
Shade_of_Gray wrote:Read up on the Model-View-Controller pattern


Ok thanks I'll take a look at it :)
DrRoach
Poster
Poster
 
Posts: 155
Joined: Fri Feb 22, 2013 6:53 pm
Blog: View Blog (0)



Return to Programming

Who is online

Users browsing this forum: No registered users and 0 guests