Archive for September, 2004

FAQ is online

The PHP Sourcery Knowledgebase is now online, live right here and is working well, with almost 100 articles for your viewing and searching pleasure. It is currently hard coded in some areas to work with JaxHosting, which I will need to modify in the upcoming weeks.

I completed updating the FAQ with Security in mind… The online magazine PHP Architect has a section entitled “Security Corner” that I highly recommend, as it pretty much cuts to the chase on security issues with PHP apps.

September 21, 2004 at 4:06 pm Leave a comment

Slow progress

I’ve finished up the basics of the FAQ system.. It now actually works, right down to the search feature… (It doesn’t count up each time an item is viewed or anything too fancy yet. Just basic functionality.)

BUT, the next piece that I must dive into is security… At this point, I’ve not put a lot of effort into securing this application from would-be hackers. Now, it’s not likely that too many people would be interested in hacking your FAQ, but I wouldn’t put it past some to attempt to deface it, requiring you to either restore your database (you did make a backup, didn’t you?) or manually fix the things they messed up.

The biggest issue with security in Web applications is that the data you receive from the user can not *AT ANY TIME* be trusted. I can’t stress this enough. It doesn’t matter what use the variable has, it can probably be exploited if you don’t escape your user input. This goes for any form where they can enter data (search, etc.) as well as anything passed in the URL.

September 13, 2004 at 4:03 pm Leave a comment

Trim text down for the web

I was busy working on the routine to display the results a search in my FAQ web application when I realized that I needed to cut the results short… This was painfully obvious during my testing as one of my test questions has an extremely long answer. Displaying each matching question and answer in its entirety would be a bit much…

Of course, there are simple ways of cutting your text short, but PHP’s built-in functions aren’t very smart about it and will cut the text EXACTLY where you tell it to. This can result in a topic like “Fun things to do with sextants”, if trimmed at 25 characters, to be “Fun things to do with sex”… This type of thing could offend some site visitors, and would likely embarrass some site owners.

In my question to keep from re-inventing the wheel, I ran across a good free routine released by the fine folks at Silver Orange. It intelligently trims text along spaces and accounts for a wide variety of issues that can come up. I was able to easily drop it right into my FAQ project and it works beautifully. I highly recommend it!

September 5, 2004 at 4:02 pm Leave a comment


September 2004

Posts by Month

Posts by Category