|
Sewer Adventure posted:Either way, not using an ORM is just making more work for yourself. How do these ORMs work on master-slave setups? We need to get a new version of our site up quick, and ORMs enable us to do it.
|
# ¿ Apr 13, 2008 15:27 |
|
|
# ¿ May 6, 2024 10:38 |
|
fletcher posted:Is it better to let the database (mysql) handle timezone conversions by setting the session timezone than to do it in PHP? I believe there is some stupidity in PHP using timezones if you are naive about it. You must use a putenv statement to only do it in the script you are currently running, else it affects all threads executing. MySQL only supports a single timezone - UTC?
|
# ¿ May 21, 2008 07:35 |
|
sonic bed head posted:I have an image that was created from imagecreatefromjpeg() in a php script. I have PHPMailer up and running but I can't figure out how to send the image as an attachment without first writing the file to disk. Is it possible to send it without it being a file? I can't seem to find any real good documentation for phpmailer and I also don't really know how encoding attachments works so any help would be greatly appreciated. Thanks. PHPMailer is defunct. SwiftMailer is the way to go.
|
# ¿ Oct 15, 2008 20:23 |
|
I suggest using bcrypt instead of devising your own salt method.
|
# ¿ May 1, 2009 07:46 |
|
PHPLinq can do that - http://www.codeplex.com/PHPLinq
|
# ¿ Aug 12, 2009 21:22 |
|
|
# ¿ May 6, 2024 10:38 |
|
Interesting comments here. From my perspective and what I've had to deal with in the past from penetration tests: * You certainly need to be on the look-out for broken UTF-8 sequences. Things like %C2 (or was it %A3; whatever a GBP sign is) will screw with htmlspecialchars whatever encoding options you set. The iconv function that is run against all input is a good way to cope. * Some functions do act funny with arrays being passed unless you explicitly cast. Even with the patch that allows primitive type checks in PHP, it will act weird. Always check/cast. * Hilarity also ensues when you allow the PHP session cookie value to be changed. Use FireCookie on almost any PHP site and stick a random character in the middle of it and you'll cause some kind of error; very few check that the PHPSESSID value is 'valid' before calling session_start. Valid also differs between machines depending on the hash settings in php.ini (much fun debugging that one)!
|
# ¿ Jun 16, 2010 22:22 |