Wht Are Different Security Methods In Php
What are the different USER security methods which we can follow and how to
manage them, it will be helpful for all of us.
like what i know is to manage session id and to manage the user security along
with it only.
What would you like to suggest to have a user managed security.
I please all to share your views on different methods.
View Complete Forum Thread with Replies
Related Forum Messages:
Good Security Methods?
I'm just finishing up writing a basic content management system, standard stuff really, just pulling info out of a database and allowing priveliged users to login and post it. I wanted to know: what security tips can you guys give me for improving it? I've read somewhere that when using stuff like $_GET['id'] to display a specific row, it's useful to add code to protect it from sql injections and such? I'm obviously md5 encrypting passwords and using cookies/sessions to store user logins. In terms of input validation I'm a little sparse - are there any that I really need to implement? Bear in mind that only trusted and approved staff can access submission forms in the first place. Finally, are there any drawbacks to using mod_rewrite to change urls from foo.php?=bar into /foo/bar/ ? Obviously these look better and are apparently more friendly to search engines, but can it have negative effects on server load etc?
View Replies !
Login Methods/security
I'm just starting to develop a PHP/MySQL-based login system for a website, and being quite new to this side of things I'm looking for some advice on methods, with some measure of security in mind. The guide on this link seems straightforward enough (and not too difficult!), though there is a more security-conscious guide. nvolving more complex coding - at this link. How paranoid should I be? Is it likely that someone may actually try to "sniff the network traffic" and so on? I'd be very grateful for any basic pointers, rules of thumb or trusted tutorials.
View Replies !
PHP Security - Some Common Security Pitfalls That Are Inherent In The Language?
I'm working on developing an application in PHP4/MySQL and I've got very little experience with either. Most of my work is in ASP/Access and compiled programs. The app that I'm developing doesn't need to be perfectly secure, but I want to avoid common pitfalls, and I have no idea where to start. From your experience, what are some common security pitfalls that are inherent in the language? I shouldn't have any trouble with program logic being an issue, just stuff that may be PHP specific. (Like the User being able to put anything that they'd like in the QueryString and having that show up as a variable in the script).
View Replies !
OOP: Methods Within Methods?
I've writing up a class that contains a function that declares a calls another function and then calls this second function. Everything works, but the 2nd function can't see any of the $this variables. PHP Code:
View Replies !
Coding Methods
Im trying to figure out some better coding methods. Maybe you more experienced guys can help me. Right now im working on a new site which is a bit larger than i usually do. Currently i have a main Index.php file which has functions which call functions that display html (footer.php, header.php, main_table.php). And inside these include files, i have php code which call him mysql functions, etc, etc. But after looking at for awhile, i can see some forseeable problems. What are some good coding methods that can help me code better and make it easy for me to update the code with out having to rewite everything.
View Replies !
ORDER BY Methods
Is there a way to ORDER BY the SUM of two or more fields in a row; to exress that in a single query... or must you first sum the fields per row using a standalone script, post that value in the row in its own distinct field and then ORDER BY that value? Does that make sense to anyone?
View Replies !
PHP Search Methods
I'm trying to refine the way I'm using search in my database. Currently I do an exact string search in mysql, display those results, then search for any of the words and display those results. I was wondering if anyone knows other methods, more google/yahoo like where it organizes things by relevance according to the # of keywords, or if there is another way of doing searches anyone likes and uses?
View Replies !
Pattern Methods
can someone list/post methods of patterns? I need to start using preg_match() and such. A link to a list would be cool too.
View Replies !
Methods Within If(isset)
I have a question about isset and methods. I want some variables to be written to a session variable when a button is clicked. I can set variables to the session variable just fine, but problems occur once I use set methods inside the if statement for 'isset'. I imagine this is because the whole script executes, and adds all the data to the session variables, then when the button is clicked the session variables have already been defined and so the new data does not get added, is that right? <?php if (isset($_POST['submit'])) { // this does not work $_SESSION['myTest']->setAnswer("set inside if"); } // this does work $_SESSION['myTest']->setAnswer("set outside if"); ?>
View Replies !
Accessor Methods
I have been working for some time now on a PHP OOP database abstraction layer. Yes I know there are others out there which are maturing but I like reinventing this wheel. The task I have at hand is that I want to specify 'has a' and 'has many' relationships in an array for each class and use these to automagically create the accessor methods and perhaps mutator methods as well. Can anyone point me to a good reference on creating class methods on the fly in PHP? I have spent the afternoon studying how Perl's lovely Class::DBI handles this but I can't get my head around how I would create these methods based on my array values in PHP.
View Replies !
Methods To Pass Variables
I am trying to pass 8 variables from a search form to different pages and I am confuse whether to use: 1) session 2) cookie 3) passing variable through URL 4) Using hidden form field My page#1 is a search form and with 8 Select fields. After press Submit Button, page#2 shows all the search results. Some search would show up 100+ rows so I am using a script to break the result pages. Each display page would limit 20 records with links <<Previous 1 2 3.... Next>> at bottom. However only the first search result page would show up properly but rest of search result won't showup. I read a few threads on this forums and I wonder what is the best method to use in my case??? It seem passing variable through URL is inefficient in my case since there are 8 variables. With session or cookie, what happen if the user decide to do another search (page#1 search form) without closing browser will the session id renew itself. With hidden form field, since my Page#2 (result display page) is not using form, will it work.
View Replies !
Logic Template Methods?
I am in the process of recoding a rather complex DB system into PHP and am wondering if there is an alternative way I could template my logic so I don't have to re-dcode the logic of the various CRUD methods and an action forms. Currently I have two files, the custom code and the logic template: (custom code file) The custom bits of code that fall within the common logic are in various strings containing code segments (i.e. POST filter, validation, create record(s), update data, GET filter, delete confirm, flush data read in db record, etc.) (included template) next I include the template file which has the common logic code for that type of form and uses eval()s on the above strings in appropriate places. (custom code file) and finish with the HTML input form. It has made debugging and development easier, but I wonder if there is a better way that I haven't discovered in PHP, what do you guys do?
View Replies !
How To Call Different Methods In One PHP File?
I'm a PHP newbie coming from experience with ASP.NET. I want to have a separate PHP file to support each HTML PHP page. This would be the equivalent of an ASP.NET code-behind file but using PHP. For one page to do a variety of different things I need to call different methods (or functions) in the PHP code file that is dedicated to this purpose. How do you do this? How do you call just one method?
View Replies !
Static Classes And Methods
I may have more of a design problem, but here goes. I have a class that has 3 methods. One method simply calls the other two. I wanted to make the class static, and to do this in php, you just have to make the function static. So I did that for all three functions. But now I cannot call the other two functions from the...
View Replies !
Concatenating Object Methods
I'm using PHP 5.2. I've created classes to embody HTML elements for a particular project I'm currently working on. All setter methods in the classes return $this so that I can string the methods together in an attempt to reduce "page bloat". Code: ( text )
View Replies !
Methods To Send Information
I want to transfer/send information from one page to another page, Is there any ohter method except post and get to do so- secondly, how can i use a hyperlink to submit a form.
View Replies !
Storage/retrieval Methods
I have a mysql db which holds info for bands; one table for band information and one that holds info for each band's songs. The band_table also has a column called bandpics that stores a path to the band's picture. I have a page that dynamically shows a list of songs for various bands and pulls the info entirely out of the song_table such as: Code:
View Replies !
Calling Object Methods
I was wondering whether anyone else could see anything wrong with this code: <input name="name" type="text" id="name" value="<?php print @$_SESSION['elements']['name']->getValue();?>"> When my browser tries to display this page I get the page and form down to this line where I get this displayed <input name="name" type="text" id="name" value=" and the rendering stops. It worked yesterday, then I suddenly got this problem and I don't know why. It also works on another win2000 pc. Also, if I change the above code to direct variable access like below, it works fine : <input name="name" type="text" id="name" value="<?php print @$_SESSION['elements']['name']->value;?>"> Personally, I'm mystified.
View Replies !
Methods To Include And Return
I am working on a system, where I have sets of templates, and a special php file that reads from a database, and parses the templates, to display data in different formats. The templates are generally used just as an addition to a regular html page (to do things like display latest news etc.), and so are included via SSI: include("http://local-server.com/parser.php?action=show&template=latest_news.html&source=20*num=5); This instucts the parsing code to parse the template, latest_news.html, 5 times using table 20 from the database. Code:
View Replies !
Mysql Backup Methods
I'm currently writing a backup script to backup a specific table from a mysql database. I've tried using: Code: $backup_file = '_backup/'.$table_name.'_backup_'.$timestamp.'.sql' $sql = "SELECT * INTO OUTFILE '".$backup_file."' FROM ".$table_name.""; $result = mysql_query($sql); but I get an 'Access denied for user' message. I've tried using: Code: $command = "mysqldump --opt -h ".$dbhost." -u ".$dbuser." -p ".$dbpass." ".$dbname." [".$table_name."] | mysql > ".$backup_file; system($command); and I get a 'Warning: system() has been disabled for security reasons' message. Will these warnings always happen or am I doing something wrong?
View Replies !
Methods Of Accessing Variables
Okay after reading some text on PHP i have come across my first query... What is the best method in using and accessing varibales... my book gives me three methods but gives pro's and con's for each 1) $myvarb 2) $_POST['myvarb'] 3) $HTTP_POST_VARS['myvarb'] Which is the most robust. i.e. I would obviously like to use mehod 1 buit is that common amongst all versions of PHP?
View Replies !
How Would Php Security Compare To Java Security?
I just want to know how would php security compare to java security? Its because that me and my officemate are developing a site which would handle confidential documents and we just cant decide on whether we should use php or java. Please do post you opinions regarding this and it would even be better if you could also post links to write-ups about php security.
View Replies !
Security - What Security Dangers Should I Be Aware Of?
I am quite new to PHP but I have managed to write a simple page create script. So far the script does not have any user input. It does open/write files and it also accesses my MySQL database. No variables are passed from script to script either. My question is, what security dangers should I be aware of? My other question is, can you download a php file and view the contents?
View Replies !
Getter/setter Methods Not Working
For some reason, I am having trouble retrieving the data that I store in the object that I have created from a database query. I created this class Lead (see below). In the php page, I create and array of Lead objects and later on down the page I iterate through the array of leads, retrieving each Lead and calling the get methods. However the get methods are not returning any values. I think I've copied the important parts of the code below, does anything standout around why my $lead->getFirstName() is returning ""? Thanks in advance. class Lead: ------------------------------------------------- class Lead { var $username; var $password; var $firstName; var $lastName; var $email; var $phone; var $leadID; var $lastLogin; var $dateCreated; var $confirmed; function Leads($firstName, $lastName, $email, $phone, $leadID) { $this->firstName = $firstName; $this->lastName = $lastName; $this->email = $email; $this->phone = $phone; $this->leadID = $leadID; } function setUsername($username) {$this->username = $username;} function setPassword($password) {$this->password = $password;} function setLastLogin($lastLogin) {$this->lastLogin = $lastLogin;} function setDateCreated($dateCreated) { $this->dateCreated = $dateCreated; } function setConfirmed($confirmed) {$this->confirmed = $confirmed;} function getFirstName() {return $this->firstName;} function getLastName() {return $this->lastName;} function getEmail() {return $this->email;} function getPhone() {return $this->phone;} function getLeadID() {return $this->leadID;} } ------------------------------------------------------- php page: ---------------------------------------------------------------------- // $res is the result of a previous query that isn't important in this problem $leads = array(); $nrows = mysql_num_rows($res); for($i = 0; $i < $nrows; $i++) { $row = mysql_fetch_assoc($res); $leadID = $row["Lead_ID"]; $res2 = mysql_query("SELECT * from LEADS where Lead_ID = $leadID", $hd) or die("Unable to run query: " . mysql_error()); $row2 = mysql_fetch_assoc($res2); $firstName = $row2["FirstName"]; $lastName = $row2["LastName"]; $phone = $row2["Phone"]; $email = $row2["Email"];
View Replies !
Upgrade Methods, Php, Pear, Phpdoc
I want to upgrade my version of PHP and with it, to be consistent PECL. I'm assuming, I'll also need to install Pear from scratch Maybe I'll go all the way and upgrade my Apache2 webserver from my current phpinfo() Apache Version Apache/2.0.54 (Win32) PHP/5.0.4 from Apache's website: Apache 2.2.3 Released I think it would be hard to install over my current installation at C:php I'll probably save my .ini/cfg files (Apache also), rename the directory and start from scratch. Since I don't know what Pear does in its installation process, I envision a nightmare, if I tried to move things over manually. Starting from scratch has to be the cleaner, simpler way to go.
View Replies !
Methods For More Accurate User Tracking
I have a database session handling script, and I need to use it to track downloads per user. My problem is having an accurate method of tracking users' sessions. I can't really use IP addresses, since people can be behind proxies (such is the case with many major ISPs), and useragents can also be similar. As well, people can simply turn off cookies for their browser. Is there a unique way of keeping track of users via something like MAC addresses or similar? Something unique to that persons computer? (The reason I need to keep track is because I want to limit the # of downloads per day the users are allowed to do, because my sites new server has a bandwidth limit that I don't wish to exceed.)
View Replies !
Classes: Private Methods And Variables
I have used Java a lot in the passed for Object Orientated Programming and was impressed how well the notion is supported by php. I have one question though. How do you make variables and method private in php Classes PHP Code:
View Replies !
Using The GET And POST Form Methods Correctly
I have a form that I want customers to fill out and submit. Based on the answers to the questions, the results page will display dynamic results. My first instinct was to use the GET method, and append the answers to a URL, and have the results page look for the parameters. After doing some research, it appears that the POST method is cleaner and safer, however, it is not as intuitive for me. My question is this. When using the POST method, how do I get my results page to see the post value. I know how to configure the if statement to display the appropriate result, but I don't know how to get the result page to recognize and read the POST values.
View Replies !
Paypal Or Other E-Commerce Payment Methods..
2 Part Payments and taking a commission out of it? I was told this is possible by one person and that it's not by another. I'm not sure what the real answer is so hopefully someone can help me out. This is what I need: Person 2 buys something from Person 1 Person 1 transfers money that day and money is held in escrow instead of being sent to Person 2 When Person 2 receives it, Person 2 says "Finish Money Transfer" Money goes to Person 1 and 5% charge is taken out for use of this "Service" website they used to meet each other Can that be done? The biggest thing is that the money has to be held for several days in the air until they both agree the service went through okay. If the 5% charge isn't possible, I could still do math on the amount and just do 2 transactions, couldn't I? A built in feature would always be nicer though.
View Replies !
Best Methods For Caching Files To Disk
I have a bigish SQL query executed from example.php that produces something on a homepage and takes a little while to execute (1/2 - 3/4 second). The data changes about 50 times with every 5,000 page views, so prime target for caching. My idea is to have the query run only when needed (so when change_happening.php is executed) and then dump the result to disk in HTML ready to simply be included into the main page. Quite a straightforward thing, but I'm not sure on the best way to do lock out other Apache threads while this is happening, or if I even need to worry about it (perhaps the Linux OS handles file locks on a rewrite anyway?). So far I'm thinking that change_happening.php would work like this:- 1. Run the Query and generate the HTML 2. Open the file "data.html" for rewrite and dump in the generated HTML data. 3. Close the file example.php would then simply have in the relevant section 1. include("data.html"); What happens if an Apache thread is trying to run example.php and trying to include data.html at the same instant that I'm trying to re-write it? Does Apache/Linux OS automatically lock the file once it's been opened for re-write, thereby queuing this thread behind the lock until it's ready, or do I need to explicitly lock the file? We had an interesting thread in here about FLock and it's explicit release here (thanks for the input Coop and Adam):-
View Replies !
Methods For Eliminating Duplicate Rows
I'm looking for methods for removing duplicates. Currently, what I'm using is to add a new column with a sequential number in it to use as a unique key. If your system has some pseudo row number type, like postgresql's oid column you could use that too. After that, I use the following statement to find and eliminate the duplicate rows: Code:
View Replies !
Static Calls To Class Methods
Just wondering if anyone could tell me whether a static call to a classes method will still allow that method to call anything outside the function: e.g. I have a class class MyClass { function a() { $myvar = $this->b(); return $myvar; } function b() { } } If I call it as a static method MyClass::a() can it still talk to MyClass::b() or am I forced to instantiate the class first and use the -> operator?
View Replies !
Comment DB Storage Methods Question
I`m trying to get a site up and going for some students of a friend of mine so they can post about movies that they`ve seen. I`m imagining something between an IMDB Movie Review post, and a Blog comment. I initially thought that the post itself would be stored in a mySQL db in rows with the username, the date of the post, and the content. The other day however on Digg I saw this one guy had commented something like, I wanna say 400 words - in one comment! And that got me thinking and worried. Is the way `everyone` stores comments is really in a big directory of text/xml/proprietary files and the mySQL database is just populated with the filenames - or is everyone using php`s file writing capability?
View Replies !
Methods And Procedures For Flood Control In Forms
I'm interested in having a discussion on how to put in place measures to prevent flood control of HTTP forms, from both bots and humans. I have a current situation with a series of bots hitting a form of mine. Currently at the rate of about 10 "posts" per minute. I've left this running as the form is of little significance and it seemed to me to be a good opportunity to use the problem to test solutions. A "captcha" graphic system would probably fix the issue, but I'm really interested in that as a last line of defence rather than first line of defence measure. It seems to me that there are a lot of things which could be done to prevent basic bot activity before the captcha is even checked. I like multiple lines of defence. Considerations so far:- Cookies Not a lot of good as a defence against bots of course, but as a first line of defence it would at least stop the majority of user problems (clicking submit multiple times for example). Questions and considerations:- What would be a good cookie lifetime for this - are we looking at seconds, or minutes or longer? Tracking by IP Can be spoofed of course but it's an option. I don't think it would be a good idea to ban by IP, although that's something to consider - an auto insert into .htaccess of some kind perhaps? Questions and considerations:- If this is driven by database, it could get big pretty quickly. Is some form of automated process, clearing out entries older than datetime X easy to implement and a good idea? In other words the database would be "revolving", keeping the entries down to a minimum. Would the use of resources, say with a MySQL DB, be significant? Could the form script, and associated HTTP thread, which processes this somehow be made to run low priority? If you implement an auto-ban into the .htaccess sin bin, what is the liklihood of taking out innocents in the cross-fire? Captcha Systems There's some useful information on the Captcha Project website:- http://www.captcha.net/ A challenge was set there for gimpy-r, which resulted in a team building a bot that could breach the system with 78% accuracy. Pretty good (and with a search you can find many other examples of succesful captcha hacking). I found a number of PHP based Captcha scripts on Wikipedia:- http://en.wikipedia.org/wiki/Captcha#PHP Quite a number of them are open-source/GPL. What are the current ones like, and is Captcha overall a system that requires constant updating to keep up with the hackers? In terms of full-defence, and what I've so far considered above, that would give:- 1. Set a cookie 2. Track IP's for multiple hits 3. Implement a Captcha graphic Is there anything else that I've missed?
View Replies !
Two Identical Class Methods, One Produces Segfault
Consider these two classes. Class Accepter in placement_classes.inc.php works as a form validation object, and it works like a charm: PHP: // placement_classes.inc.php - THIS ONE WORKS! class Accepter { function Accepter() { $this->dbAP =& new DBActionPerformer(); $this->dbAP->connect(); $this->validate(); $this->dbAP->disconnect(); $this->dbAP = null; } /** * Perform validation * * @access private */ function &validate() { // STATIC VOID METHOD foreach ($_POST as $key => $val) if (!isset(${$key})) ${$key} = $val; $varErrArray = array(); array_push($varErrArray, 'placement_name|setMandatory~setMinLength~setMaxLe ngth~setPattern|You must enter a location name~Your location name must be 2 or more characters~Your location name must be 50 or fewer characters in length~^(?!.*<[^>]+> )|Your location name configuration is unrecognizable by our system, please re-enter with legitimate characters|'); array_push($varErrArray, 'unique_key|setMandatory|You must have a unique key prior to posting||'); /*--------------------------------------------------------------------------------------------------------------------- createErrorMsgCollection function from formvalidation.inc standalone function returns an array of ErrorMsgCollection objects -----------------------------------------------------------------------------------------------------------------------*/ $this->errorMsgObjArray =& createErrorMsgCollection($varErrArray); // CREATE FORM OBJECT PASSING ARRAY OF OBJECTS AS PARAMETER $this->formValidator =& new FormValidator('', $this->errorMsgObjArray); $this->isValid = $this->formValidator->isValid(); $this->setErrorArray($this->formValidator->getErrorArray()); $this->formValidator = null; $this->errorMsgObjArray = null; /* if (strcmp(strtolower($action), 'add') == 0 || (strcmp(strtolower($action), 'edit') == 0 && $placement_name !== $origPlacementName)) $this->checkDuplicatePlacement($placement_name); // CHECK FOR DUPLICATE PLACEMENT */ } } This is the class Accepter from contacts_classes.inc.php and while it is now identical in code structure to the Accepter classe in placement_classes.inc.php, whenever this class method is invoked, all processes stop (no errors), arrays are unfinished, objects are unfinished, HTTP never produces, Apache goes down, literally everything crashes! PHP: // contacts_classes.inc.php - THIS ONE PRODUCES A POSSIBLE SEG FAULT! class Accepter { function Accepter() { // NEW 8/17/2004: SURROUND validate() METHOD WITH INSTANTIATION OF $this->dbAP OBJECT PROPERTY $this->dbAP =& new DBActionPerformer(); $this->dbAP->connect(); $this->validate(); $this->dbAP->disconnect(); $this->dbAP = null; } /** * Main method. Will perform all other validation methods and set isValid boolean property * * @access public */ function &validate() { // STATIC VOID METHOD foreach ($_POST as $key => $val) if (!isset(${$key})) ${$key} = $val; $varErrArray = array(); array_push($varErrArray, 'placement_name|setMandatory~setMinLength~setMaxLe ngth~setPattern|You must enter a location name~Your location name must be 2 or more characters~Your location name must be 50 or fewer characters in length~^(?!.*<[^>]+> )|Your location name configuration is unrecognizable by our system, please re-enter with legitimate characters|'); array_push($varErrArray, 'unique_key|setMandatory|You must have a unique key prior to posting||'); /*--------------------------------------------------------------------------------------------------------------------- createErrorMsgCollection function from formvalidation.inc standalone function returns an array of ErrorMsgCollection objects -----------------------------------------------------------------------------------------------------------------------*/ $this->errorMsgObjArray =& createErrorMsgCollection($varErrArray); // CREATE FORM OBJECT PASSING ARRAY OF OBJECTS AS PARAMETER $this->formValidator =& new FormValidator('', $this->errorMsgObjArray); $this->isValid = $this->formValidator->isValid(); $this->setErrorArray($this->formValidator->getErrorArray()); $this->formValidator = null; $this->errorMsgObjArray = null; /* if (strcmp(strtolower($action), 'delete_select') == 0 && @sizeof($delete_selected) == 0) { $this->isValid = false; $this->setErrorArray(array('action' => 'You must select at least one contact for deletion')); } */ } } I've been trying to debug this for days now to no avail. I can verify every object property is present and accounted for (and identical in every way), but if you evoke one it's fine, the other and a segfault!
View Replies !
Php:xmlrpc Server Methods Inside My Class?
Hi that mentions about if the php xmlrpc server methods can be put inside of a class. And the javascript client can call the methods. like class Server { var $functionMap; function methodA() { return new xmlrpcresp(xmlrpc_encode(1)); } function Server() { return new xmlrpc_server($this->functionMap); } } $server = new Server();
View Replies !
Application Directory Structure (best Methods/practices?)
Assuming we aren't using a framework like Symphony, CakePHP, CodeIgniter, etc., what do you think is the most logical way to structure our application so that it makes sense, directory-wise? For example: we will most likely have our own classes and functions that we wrote which we'll need to use, but how should we store them? We would also have a header and footer file most likely, along with other "subpages" - but where do we put them? Do you create a 'library' or 'includes' directory which contain our classes and functions in seperate .php files? Do you create a 'templates' directory that stores our header, footer, etc? Code:
View Replies !
FYI: Test Results Comparing Different Methods Of Resizing Images
I posted this in alt.php, but as a reply, so now I'm posting it here for people who might have missed it but still could find it useful. I compared the smooth image resampling used in PHP to create good quality thumbnails of large images, used commonly in image galleries. i compared ImageMagick and PHP (with GD2) and compiled some statistics below. I ran two test. Both used a set of 10 photos around 3MP in size. On the first test, I created two thumbnails for each photo, one 700 pixels in width and another at 120 pixels in width. On the second test, I created just one thumbnail, 120 pixels in width. Time was counted in "minutes.seconds." TEST#1 -- IMAGEMAGICK* ----------------------------------------------------------- METHOD TIME IMAGE QUALITY thumbnail 1.33 good sample 0.24 bad resize 1.33 good size/geometry 0.42 good TEST #1 -- GD2 (PHP) ----------------------------------------------------------- METHOD TIME IMAGE QUALITY Imagecopyresampled 1.57 good TEST#2 -- IMAGEMAGICK* ----------------------------------------------------------- METHOD TIME IMAGE QUALITY thumbnail 0.26 good sample 0.19 bad resize 1.13 good size/geometry 0.06 good TEST #2 -- GD2 (PHP) ----------------------------------------------------------- METHOD TIME IMAGE QUALITY Imagecopyresampled 0.56 good *ImageMagick Command Methods: thumbnail : convert -thumbnail $destSize $sourceFile $targetFile sample : convert -sample $destSize $sourceFile $targetFile resize : convert -resize $destSize $sourceFile $targetFile size/geometry : convert -size $destSize $sourceFile -geometry $destSize $targetFile CONCLUSIONS: ----------------------------------------------------------- There were four different imagemagick commands I tried out in all. Overall, the winner came out to be the imagemagick command. This method beat out PHP by a good margin, creating thumbnails in about 1/3 the time it took PHP with similar quality in the first test, and then taking the cake in the second test by creating thumbnails in about 1/10 the time as PHP. Imagemagick seems to increase in performance compared to PHP when creating a smaller thumbnail versus a relatively large thumbnail, as seen by test #2 versus test #1. This means that a site creating small thumbnails will see even more of an advantage by using Imagemagick.
View Replies !
How Do Methods $_SERVER['HTTP_REFERER'] And RewriteCond %{HTTP_REFERER} !^$ Differ?
1) How do methods "$_SERVER['HTTP_REFERER']" and "RewriteCond %{HTTP_REFERER} !^$" differ? Specifically, does this description for $_SERVER['HTTP_REFERER'] also apply to the .htaccess RewriteCond %{HTTP_REFERER} !^$ method: re: $_SERVER['HTTP_REFERER'] - The address of the page (if any) which referred the user agent to the current page. This is set by the user agent. Not all user agents will set this, and some provide the ability to modify HTTP_REFERER as a feature. In short, it cannot really be trusted. Code:
View Replies !
|
TRACKER
