Text truncating function that secures both HTML tags and full words

Akshaya K Sahu’s answer to this question at Stack Overflow is a great example of text parsing function that can truncate any HTML-encoded string at given length, taking care of all the needed aspects, i.e.:

• full words,
• properly closed HTML tags and
• respected UTF-8 encoding (double-byte characters!)

I have actually nothing to add to it, so I keep a copy of this code only for my own reference. And only because the original answer lacks some comments.

Read More “Text truncating function that secures both HTML tags and full words”

The unlink function returns TRUE on non-existing files!

Is seems, that unlink() returns FALSE only, if file, that is about to be deleted, exists and there was a problem removing it. If file wasn’t there, when unlink tried to remove it, it still does return TRUE. Keep that in mind!

This seems to be reasonable. Logic, that I see here is:

You wanted me to delete that file and… swoosh… it is gone. It doesn’t matter, that I had nothing to do with its deletion, right?

For some this could be surprising — unlink() function returns logic value about whether file, that should be deleted is deleted. It’s return value says nothing about whether actual deletion process occurred.

For me this is not only surprising, but also wrong! Dear PHP, I wanted you to “delete” this file (which you didn’t). Not, to “make sure it is gone” (which, we may agree, that you did).

Round functions in PHP still returns float!

When you round any float number to integer, rounding function (for example floor) still returns float type variable! What?

Well… on second thought, this is reasonable (and explained). PHP does it, because “the value range of float is usually bigger than that of integer“.

So, for example, if you would try to round a number bigger, that integer type can handle (> 2 147 483 647), PHP wouldn’t be able to do anything with the result of such rounding, if it would return it as integer.

Two-way encryption in PHP

I found two quite interesting examples at Stack Overflow about two-way encrytion / hashing in PHP. While two-way encryption is never as secure as one-way version (some claim, that two-way encryption methods are not secure at all), it is still a good alternative to not using encryption at all. For certain simple tasks, you may find it quite useful.

Read More “Two-way encryption in PHP”

Never allow users to transfer files with non-Latin characters in name

I have received a PM message at Yii forum asking about possibility of transferring (via HTTP upload) files with non-English characters in filename. In this particular example, a Greek and Chinese (and English), but with option to support all the languages, that exists.

Conclusion: No f*ing way! But, if you wish to read something more about this, follow with this article.

Read More “Never allow users to transfer files with non-Latin characters in name”

Timed or delayed scripts in PHP

Many PHP developers believes, that PHP is purely request-response language, that can generate exactly one respone to each request. In other words, that it is impossible to write timed PHP scripts. The ones, that does something in portions and return many results to one request. Well, that is not quite true.

Read More “Timed or delayed scripts in PHP”

Downloading large files with PHP

First define, what do you mean, by “large” and “huge”? In this post I present the quickest solution of using file chunking. It works fine (tested!) for files of size up to 2 GB. If this is enough for you, fine — go ahead. If you need to download something bigger, consider using mod-xsendfile (only on Apache — more here and here).

Chunking files is the fastest / simplest method in PHP, if you can’t or don’t want to make use of something a bit more professional like cURL, mod-xsendfile on Apache or some dedicated script.

Read More “Downloading large files with PHP”

Common hashing functions are unsuitable for passwords

According to PHP team, common hashing functions such as md5() and sha1() are unsuitable for passwords. Why? They’re to fast and by this, not so secure and open to brute-force decrypt. No matter, what you think about this, we must admit, that md5() function is listed among “Text Functions” in PHP’s docs, so it doesn’t even touch “Encryption” or “Security” parts in documentation.

Mcrypt seems to be good alternative to those. And mcrypt-module-open function contains good example on both crypting and decrypting with mcrypt. See mentioned article for more details and other alternatives.

Serialize or encode data in PHP to be used in URLs

As you search the Internet, you’ll find many sources (like BinaryTides blog) with many useful (or not) tips on how to serialize or encode variables and data in PHP.

The problem is, that not all of these methods are useful, when we’re dealing with URLs.

Read More “Serialize or encode data in PHP to be used in URLs”

Three ways for setting PHP globals and settings

There are generally three different ways, how you can set PHP globals and settings. You can use PHP’s configuration file, .htaccess file or set it directly in PHP code, using ini_set() function. Which way to use depends mainly on your approach and server configuration, as not all of solutions mentioned here are available on every hosting.

Read More “Three ways for setting PHP globals and settings”

Get first character of a string… fast!

Strings can be used as arrays of characters in PHP, which allows to use the [] to get character at particular position. Whenever you know exact position of the character you’re looking for, you should use $str[n], instead of substr($str, n, 1), where n is character position. This is much faster method. More here.

Example of using cURL for converting a webpage to a pure text

The preg-replace function takes a URL and returns a plain-text version of the page. It uses cURL to retrieve the page and a combination of regular expressions to strip all unwanted whitespace.

This function will even strip the text from <style> and <script> tags, which are ignored by PHP functions such as strip_tags (which strips only tags, leaving the text in the middle intact).

Read More “Example of using cURL for converting a webpage to a pure text”

Avoiding “Max upload file size limit exceeded” error in PHP

There are many reasons and situations which can lead to “Max upload file size limit exceeded” error in PHP.

This article tries to point out the most obvious ones. Take it as a base check-list to analyse your problem.

Read More “Avoiding “Max upload file size limit exceeded” error in PHP”

Convert string into key-value array

I was looking for a function or solution, that would convert a string into associative array, i.e. respecting both keys and values. To be successfull, such function would have to operate on two delimiters. One for separating each key-value pair from surronding one. And second — for spliting keys from values. Which is, where PHP’s build-in explode function fails. Lucky I am, my two favorite uncles — Uncle Google and Uncle Stack Overflow — helped me in this case as well.

Read More “Convert string into key-value array”

Use file_get_contents to simulate form submissions or POST requests

Testing your website, written in PHP, for GET request is a very easy task. All you have to do, is to manipulate your browser’s URL bar. And what about testing POST requests? Impossible?

Well… This Stack Overflow answer shows, that it is not only possible, but also fairly easy.

Read More “Use file_get_contents to simulate form submissions or POST requests”

Application works fine on localhost but fails on web server

If you ever run into situation, that your application works fine on localhost (or one of webhosting) but fails completely on webhost (or another server) then first thing, you should look for, is to check, if you don’t have an extra XHTML line in on of your files that you’re loading using include or require.

Meaning, that your loading and PHP-parsing these files. Because problem doesn’t exist, if you’re loading this files as simple text files, using file_get_contents for example.

Situation, I’m talking about most times causes a PHP syntax error saying, that there is an unexpected T_STRING in first line of one of the files used in an application.

Read More “Application works fine on localhost but fails on web server”

Simple page rendering class

I have created a simple CPage class, which I use in my non-Yii projects for easily rendering views, templates and whole pages using object-oriented approach. This class can render given contents into given view and embeded it in a selected layout file. These are very limited versions of Yii framework’s view and layout rendering mechanisms. I have also added a simple alerting system, this time taken from Twitter Bootstrap.

Read More “Simple page rendering class”