DigitalDave

Members
 View Profile  See their activity

  • Content

    211

  • Joined

  • Last visited

  • Feedback

    0%

Posts posted by DigitalDave

  9. Quote

    Rick D? Sounds like some sort of gangsta rapper from the upper west side who is into Hello Kitty....no
    First name Shah, Shah D, that's Dr. D to you (insert gang sign from North NJ) and soon to be Master D.



    Your rap name should be Rick Shah.

  17. PHP by itself is not necessarily a secure language. It's no more secure than any other high level language. All languages offer the programmer ample opportunity to code in security flaws. But, suggesting that a new programmer use pre-built libraries and CMS's with tons of publicly available and exploitable code to setup their website is wrong.

    Quote

    I didn't mean for him to use an IDE like dreamweaver or frontpage. Those generally create trash code that takes more time to clean up than just to do it manually.



    As do most, if not all CMS's.

    Quote

    The TurboGears Software has these tools available. It uses Repoze.what and Repoze.who to setup the users, hashes + salts the passwords, and allows the developer to set up predicates to allow/deny function access.



    That can be done with a call to MD5 and an IF statement on a $_SESSION variable.

    Quote

    1: dojo.xhrGET and dojo.xhrPOST, javascript functions that will convert your outgoing data into Unicode and package it up into a JSON message (like XML but quicker according to some)



    Awesome .. It knows the PHP unicode_decode function. I'm not sure how that is even relevant in the scope of this thread, but ok.

    Quote

    The Dijit library in Dojo will allow the programmer to take advantage of things that he will probably not be able/want to code himself, such as complex FX effects(slides, fade, dim, tabs, resizable and movable JS popups, trees, form validation, etc)



    Using Javascript for form validation is simply wrong, and is in no way secure.

    Quote

    but writing out the raw SQL + connection code is just tedious. If the platform allows, tools like SQLAlchemy allows the programmer to keep the same syntax and code if they want to switch to a new DBMS on a whim



    An SQL query is the same no matter what SQL DBMS you use. Granted there are slight sytactical differences, but "SELECT * FROM my_table;" works the same in PostGres, Oracle and MySQL. Regardless, I have never seen a web dev decide to switch from MySQL to Oracle on a whim. The small difference of forty thousand dollars usually seals that deal.

    Quote


    LAMP proved to be a great system, but systems like Django and TubroGears are a viable alternative



    You're comparing an operating system, webserver, scripting enging and DB to CMSes that uses the Python language. This doesn't even make sense. Apples to oranges.

  19. Loading files is pretty simple. Read up on using the proper ENCTYPE (encoding) in your FORM tag (usually multipart/form-data) and throw in a FILE tag to get the browse button form element. Keep the MAXFILESIZE variable in mind. Then, access the HTTP POST'ed file through the PHP $_FILES superglobal variable. Here's the PHP manual page on it.

    http://www.php.net/manual/en/features.file-upload.post-method.php

    At that point, you'll want to move the file onto the filesystem and probably store a reference to it in the DB. Do not put files directly into the DB, only store string references to them in the DB. Later, you'll query the DB, pull out the URL for the file and use it to create a link to the file in your HTML output.

  20. I disagree about not using PHP. There is nothing inherently more insecure about using PHP for backend than Python. Error checking on user submitted data is something that all programmers should learn to do manually. There are tons of arguments over which is a better scripting language. But that's outside the scope of this thread.

    The OP said he wanted to learn how to do the programming. Learning how to use editors that create code for you is counterproductive to learning how to code. I know guys that have been using Dreamweaver for years and still can't hand code an HTML table properly, let alone create a DB query and process the results into HTML output.

    Learn basic HTML, it's not complex. Then wrap your brain around HTTP requests using GET and POST. After that, pick a scripting language (PHP, ASP, Python .. whatever) and practice handling the request data on the server and returning stuff back to the browser. Then, read up on the basics of SQL and learn how to create databases and setup basic tables. By then, you'll be ready to learn the DB functions in your scripting language and use them to get the data you need to process for HTML output.

    Having a noob programmer to start using editors at the very beginning is a bad idea IMHO.

  22. I'm a backend developer and I primarily use PHP/MySQL. You can host a LAMP (Linux, Apache, MySQL, PHP) website at godaddy.com for like $76.00 for two years.

    PHP is easy to learn and has a built in image manipulation library (GD) for resizing, resampling, cropping etc.

    Typically, you'll load images through an HTML form and grab the file from the $_FILES superglobal variable. You'll store the file on the hard drive and the path in the DB. Then you'll query the DB to extract the file path to "build" the HTML output with. There are plently of free image gallery scripts out there, but it's simple enough to create your own.

    I'm not sure what you mean by "embed a website", but I can help you if you have specific questions.

  25. It was a few pages back, but this one made me laugh my spleen out.

    Quote

    As the reserve opens and I start to stuff handles into my collar he suddenly says: "Are you still there?"
    "What do you mean am I still there? But of course..."
    "Well I noticed it opened and then you started cursing and all and then I felt that I was in freefall again, so I was convinced - with my luck lately - that you chopped me from the parachute in order to deal with the problem..."