I am in the midst of writing a simple job board and I have the URL's filtering and working how I want, everything works - I just want to know if I can improve it, if there are any security concerns, and if it is horribly inefficient.
Take the following URL section - foo.com/in/london/at/google/do/design
I assign each section a variable and work out the location, company, and category.
Other use cases that work:
Switching the order - foo.com/at/google/in/london/do/design
Having less parameters - foo.com/in/london/at/google
My code to figure out all these variables is:
// Get the different possible page parameters
// Only allow alphanumeric, dashes, and commas
$regex = "[^a-zA-Z0-9,-]";
$a = isset($_GET["a"]) ? preg_replace("/".$regex."/", "", $_GET["a"]) : "";
$aa = isset($_GET["aa"]) ? preg_replace("/".$regex."/", "", $_GET["aa"]) : "";
$b = isset($_GET["b"]) ? preg_replace("/".$regex."/", "", $_GET["b"]) : "";
$bb = isset($_GET["bb"]) ? preg_replace("/".$regex."/", "", $_GET["bb"]) : "";
$c = isset($_GET["c"]) ? preg_replace("/".$regex."/", "", $_GET["c"]) : "";
$cc = isset($_GET["cc"]) ? preg_replace("/".$regex."/", "", $_GET["cc"]) : "";
if ($a == "in" && $aa != null) { $searchLocation = $aa; }
if ($b == "in" && $bb != null) { $searchLocation = $bb; }
if ($c == "in" && $cc != null) { $searchLocation = $cc; }
if ($a == "at" && $aa != null) { $searchCompany = $aa; }
if ($b == "at" && $bb != null) { $searchCompany = $bb; }
if ($c == "at" && $cc != null) { $searchCompany = $cc; }
if ($a == "do" && $aa != null) { $searchCategory = $aa; }
if ($b == "do" && $bb != null) { $searchCategory = $bb; }
if ($c == "do" && $cc != null) { $searchCategory = $cc; }
if ($a == "missinghtml") { $errorUrl = true; }
I'm looking at this thinking there must be a better to do this, and is this section secure?
Any thoughts on this are much appreciated. Like I say it works, but can it be better? Thanks :)
Related
I am trying to hide the following message that keeps on showing when I load any wordpress page:
Force Word Wrapping. For support / comments / whatever, visit the support forums. Version: 1.0.0 Author: Jim Wigginton Author URI: http://www.frostjedi.com/ */ function word_wrap_pass($message) { $wrapAt = 70; $tempText = ''; $finalText = ''; $curCount = $tempCount = 0; $longestAmp = 9; $inTag = false; $ampText = ''; $len = strlen($message); for ($num=0;$num<$len;$num++) { $curChar = $message{$num}; if ($curChar == '<') { for ($snum=0;$snum') { $tempText .= '>'; $inTag = false; } elseif ($inTag) { $tempText .= $curChar; } elseif ($curChar == '&') { for ($snum=0;$snum= $longestAmp || $curChar == ';') { for ($snum=0;$snum= $maxChars) { $finalText .= $tempText . ' '; $tempText = ''; $curCount = 1; } else { $tempText .= $curChar; $curCount++; } // the following code takes care of (unicode) characters prohibiting non-mandatory breaks directly before them. // $curChar isn't a " " or "\n" if ($tempText != '' && $curChar != '') { $tempCount++; } // $curChar is " " or "\n", but $nextChar prohibits wrapping. elseif ( ($curCount == 1 && strstr($wrapProhibitedChars,$curChar) !== false) || ($curCount == 0 && $nextChar != '' && $nextChar != ' ' && $nextChar != "\n" && strstr($wrapProhibitedChars,$nextChar) !== false)) { $tempCount++; } // $curChar and $nextChar aren't both either " " or "\n" elseif (!($curCount == 0 && ($nextChar == ' ' || $nextChar == "\n"))) { $tempCount = 0; } if ($tempCount >= $maxChars && $tempText == '') { $finalText .= ' '; $tempCount = 1; $curCount = 2; } if ($tempText == '' && $curCount > 0) { $finalText .= $curChar; } } add_filter('the_content', 'word_wrap_pass'); add_filter('comment_text', 'word_wrap_pass'); ?>
I've tried many different things including what is in this How can I stop PHP notices from appearing in wordpress?.
Any help would be appreciated
Hard to tell with just the code you are showing... we'd need more information to properly answer this. But, this message appears to be coming from one of your plugins that has been improperly coded. I would disable all plugins, then enable one at a time until this message shows again. That will be your faulty plugin. Permanently disable it/delete it... or contact the author to ask them to fix it if you really need it.
Here is my function that makes the first character of the first word of a sentence uppercase:
function sentenceCase($str)
{
$cap = true;
$ret = '';
for ($x = 0; $x < strlen($str); $x++) {
$letter = substr($str, $x, 1);
if ($letter == "." || $letter == "!" || $letter == "?") {
$cap = true;
} elseif ($letter != " " && $cap == true) {
$letter = strtoupper($letter);
$cap = false;
}
$ret .= $letter;
}
return $ret;
}
It converts "sample sentence" into "Sample sentence". The problem is, it doesn't capitalize UTF-8 characters. See this example.
What am I doing wrong?
The most straightforward way to make your code UTF-8 aware is to use mbstring functions instead of the plain dumb ones in the three cases where the latter appear:
function sentenceCase($str)
{
$cap = true;
$ret = '';
for ($x = 0; $x < mb_strlen($str); $x++) { // mb_strlen instead
$letter = mb_substr($str, $x, 1); // mb_substr instead
if ($letter == "." || $letter == "!" || $letter == "?") {
$cap = true;
} elseif ($letter != " " && $cap == true) {
$letter = mb_strtoupper($letter); // mb_strtoupper instead
$cap = false;
}
$ret .= $letter;
}
return $ret;
}
You can then configure mbstring to work with UTF-8 strings and you are ready to go:
mb_internal_encoding('UTF-8');
echo sentenceCase ("üias skdfnsknka");
Bonus solution
Specifically for UTF-8 you can also use a regular expression, which will result in less code:
$str = "üias skdfnsknka";
echo preg_replace_callback(
'/((?:^|[!.?])\s*)(\p{Ll})/u',
function($match) { return $match[1].mb_strtoupper($match[2], 'UTF-8'); },
$str);
Is there any way to make this code shorter ?
If ($Item_1 != "_") { $items1 = explode("_", $Item_1); } Else {}
If ($Item_2 != "_") { $items2 = explode("_", $Item_2); } Else {}
If ($Item_3 != "_") { $items3 = explode("_", $Item_3); } Else {}
If ($Item_4 != "_") { $items4 = explode("_", $Item_4); } Else {}
If ($Item_5 != "_") { $items5 = explode("_", $Item_5); } Else {}
If ($Item_6 != "_") { $items6 = explode("_", $Item_6); } Else {}
If ($Item_7 != "_") { $items7 = explode("_", $Item_7); } Else {}
If ($Item_8 != "_") { $items8 = explode("_", $Item_8); } Else {}
If ($Item_9 != "_") { $items9 = explode("_", $Item_9); } Else {}
If ($Item_10 != "_") { $items10 = explode("_", $Item_10); } Else {}
If ($Item_11 != "_") { $items11 = explode("_", $Item_11); } Else {}
If ($Item_12 != "_") { $items12 = explode("_", $Item_12); } Else {}
I try it make shorter with For but it doesnt work example:
For ($i = 1; $i <= 12; $i++) {
If (${$Item_ . $i} != "_") .... dont work for me :/
}
Any ideas?
The idea is good. You just had a little error while building the variable name. Use the following code:
for ($i = 1; $i <= 12; $i++) {
if (${"Item_$i"} != "_") .... should work
}
What you are doing is called variable variables in php. Check the manual about that for further info and examples.
Another idea: Why not using an array? this should suite better here:
$item = array (
'foo', 'bar', 'test', 'xyz', ...
);
for ($i = 1; $i <= count($item); $i++) {
if ($item[$i] != "_")
}
Further note, that you can use the ternary operator to shorten the if statement. (note that I wouldn't do that in this situation because it is less readable, but I'll at least mention it for completeness):
$item[$i] != "_" ? $other[$i] = 'something' : 1; // no else block, just a `NOP 1`;
For clarity try this:
$item_var = "Item_".$i;
If ($$item_var != "_"){}
You should probably be using arrays instead if var1, var2, etc. You could easily use a loop too.
$start = true;
$new = "";
foreach($array as $val)
{
if($start = true && $val != " ")
{
$start = false;
$new .= strtoupper($val);
}
elseif($val == " ")
{
$new .= " ";
$start = true;
}
else
{
$new .= strtolower($val);
}
$start = false;
}
Basically what happens is $start NEVER becomes false AND everything becomes capitalized. So it looks like the first if IS running, but for some reason NEVER SETS $start to false.
I cannot stress it enough: use the yoda condition
if(true == $var)
or generally:
if(CONSTANT == $VARIABLE)
and not
if($VARIABLE == CONSTANT) //which you'd wrongly type as "="
PHP would have told you what went wrong in that case - no matter how tired you are.
Looking for this bug (it happens to the best of the best too) is frustrating.
Let the tool (PHP) be supportive to you, don't make it work against you.
That was on a more general note. As for your problem, it's doable with a one-liner:
<?php
$array = "hEllo woRlD";
var_dump(ucwords(strtolower($array)));
$start = true is an assignment, not a comparison. Use ==.
You're using a single equals in your test, which means "assignment". You probably meant == (equality), but in this case, with booleans, you don't need to compare at all:
$start = true;
$new = "";
foreach($array as $val)
{
if($start && $val != " ") // <-- remove the = true here
{
$start = false;
$new .= strtoupper($val);
}
elseif($val == " ")
{
$new .= " ";
$start = true;
}
else
{
$new .= strtolower($val);
}
$start = false;
}
Right now, it's getting interpreted as "Set $start to true && $val != " "" - definitely not what you intended.
$start = true && $val != " " means:
$start = (true && $val != " ")
$start = ($val != " ")
$start = !($val == " ") // $start is true except when $val is a single space.
I believe you meant $start == true.
Are you just trying to upper case the first character of every word? If so, look into ucwords.
I'm new to php and I would like to have a conditional statement like this:
if ($foo != 'Any') { $condition .= '$this_foo == $foo &&';}
if ($bar != 'Any') { $condition .= '$this_bar == $bar &&';}
if ($txt != 'Any') { $condition .= '$this_txt == $txt &&';}
$condition .= '$num1 > 0 && $num2 < 1000';
if (...[php would parse the $condition variable])
{
someoperations
}
What is the proper syntax for the if statement to parse the variable $condition? So the conditional statement depends on the other variables and to prevent a long nested conditional statement.
Thanks in advance!
Well it's not exactly parsing, but you could evaluate your condition as the code is executed.
$condition = true;
if ($foo != 'Any') { $condition = $condition && ($this_foo == $foo);}
if ($bar != 'Any') { $condition = $condition && ($this_bar == $bar);}
if ($txt != 'Any') { $condition = $condition && ($this_txt == $txt);}
$condition = $condition && ($num1 > 0 && $num2 < 1000);
if ($condition)
{
someoperations
}
So let's say that $foo != 'Any' is true, that would result in
$condition = true && ($this_foo == $foo) && ($num1 > 0 && $num2 < 1000);
Let's pretend $this_foo == $foo, $num1 == 45 and $num2 == 2300
$condition = true && true && (true && false);
$condition = false;
and your if won't execute.
I believe what you want is
if (eval("return " . $condition)) {...}
Making sure to check for the FALSE case if the parsing fails.