Most of our features and services are available only to members, so we encourage you to login or register a new account. Registration is free, fast and simple. You only need to provide a valid email. Being a member you'll gain access to all member forums and features, post a message to ask question or provide answer, and share or find resources related to mobile phones, tablets, computers, game consoles, and multimedia.
All that and more, so what are you waiting for, click the register button and join us now! Ito ang website na ginawa ng pinoy para sa pinoy!
PHP TUTORIAL TAGALOG
( Procedurals / Raw )
Human ----> To -----> Demi-Human
------------------------------------------------
SEASON 1
"The Step in Stone"
LESSON 1 VALIDATION
LESSON 2 DATABASE
LESSON 3 DATABASE CONNECTION
LESSON 4 INSERT
LESSON 5 VIEW OR RETRIEVE
LESSON 6 EDIT OR UPDATE
LESSON 7 DELETE
LESSON 8 FOREACH LOOP
LESSON 9 SEARCH
LESSON 10 LOGIN
LESSON 11 SESSION
Download Season 1
------------------------------------------------
SEASON 2
"Road to Amateur"
LESSON 1 IF ISSET BUTTON
LESSON 2 UPGRADED VALIDATION
LESSON 3 UPGRADED RETRIEVE
LESSON 4 HTACCESS ( .htaccess )
LESSON 5 NAVIGATION TECHNIQUE
LESSON 6 UPGRADED UPDATE
LESSON 7 UPGRADED DELETE
LESSON 8 UPGRADED LOGIN
LESSON 9 UPGRADED SESSION
LESSON 10 UPLOAD
LESSON 11 THE CHECKBOX
LESSON 12 DYNAMIC DROPDOWN
LESSON 13 SENDING EMAIL
LESSON 14 SMS
Download Season 2
------------------------------------------------
SEASON 3
"Road to PHP Lord"
LESSON 1 IMPORT DATA FROM EXCEL TO DATABASE ( EXCEL TO WEB )
LESSON 2 EXPORT DATA FROM DATABASE TO EXCEL ( WEB TO EXCEL )
LESSON 3 AUTO COMPUTE PRICE CHECKBOX
LESSON 4 ONLINE PAYMENT
LESSON 5 TCPDF ( WEB PDF )
Download Season 3
------------------------------------------------
SEASON 4
"The Teaching of the Living Wizard from the Far Land"
(Coming Soon...)
------------------------------------------------
paano yan boss mawawala na ung symbianize
saan kna namin hahanapin?
sa facebook nyo ko hahanapin hahahaha
ano link ng profile mo paps?
pa send
Sa second figure mo, napansin ko lang sa conditions mo,
if(empty($_POST["name"]))
suggest lang, cguro gamitin mo ang mga functions ng php para maging secure ang system. For now cguro oke lang yan kc basi panaman.
try mo to sa baba
1. Problem with empty value
<?php
$_POST["name"]=" "; ////puro space walang laman na character
if(!empty($_POST["name"])) //check if empty
{
echo "Your name is =". $_POST["name"]; ////echo the value
}
else
{
echo "Your name is ="empty"; ////echo the value
}
?>
OUTPUT: Your name is
So ang space ay valid value.
-> correct
a) if(!empty(trim($_POST["name"])) //trim spaces before checking if empty :note space between letters are not trim sample trim("he llo") = he llo
b) $name = trim($_POST["name"]; //trim spaces before checking if empty trim(" hello") = hello, trim(" hello ") = hello, trim(" h e l l o") = h e l l o
if(!empty($name)){}
FIX: gamit ka ng trim() function
ltrim() = trim spaces/empty value on left
rtrim() = trim spaces/empty value on right
trim() = trim spaces/empty value both sides
2) HTML tags will be inserted XSS attack
$_POST['"><script>document.write(document.cookie());</script>'];
so "><script>document.write(document.cookie());</script> is valid input
you can add htmlspecialchars()
htmlspecialchars($_POST['"><script>document.write(document.cookie());</script>'])
OUTPUT : "><script>document.write(document.cookie());</script>
3) SQL injection
dangerous when executed
$_POST['' or 1=1; --'];
$_POST['' or 1=1 drop table_users; --']; ' or 1=1 drop table_users; --
$_POST['' or 1=1 drop database ; --'];
str_replace('"', "", $string);
str_replace("'", "", $string);
Otherwise, go for some regex, this will work for html quotes for example:
preg_replace("/<!--.*?-->/", "", $string);
C-style quotes:
preg_replace("/\/\/.*?\n/", "\n", $string);
CSS-style quotes:
preg_replace("/\/*.*?\*\//", "", $string);
bash-style quotes:
preg-replace("/#.*?\n/", "\n", $string);
echo $_POST['lastname']; // O\'hack
echo addslashes($_POST['lastname']); // O\\\'hack
if (get_magic_quotes_gpc()) {
$lastname = stripslashes($_POST['lastname']);
}
else {
$lastname = $_POST['lastname'];
}
mysql_real_escape_string($user),
mysql_real_escape_string($password));
Marami pa....
-> dito kayo mag test online
https://eval.in/877730