Hello,
Some of you may find this interesting, a tutorial on creating mysql dbase
and dbase driven template engine: The script still needs some work, is not
yet functional, and I would just love to see this thing finished and available.
Posting this with "high hopes", and will monitor this thread....
http://www.mished.co.uk/showthread.php?t=12
Cal
Database Driven Template Engine Tutorial (needs work)
Moderator: General Moderators
-
calfellows
- Forum Newbie
- Posts: 10
- Joined: Mon Apr 07, 2008 3:10 am
Database Driven Template Engine Tutorial (needs work)
Last edited by calfellows on Tue Apr 08, 2008 12:36 pm, edited 1 time in total.
Re: Database Driven Template Engine Tutorial (needs work)
I just skimmed through it, you should post a demo.
Also, add some security to it. It has inject me written all over it.
Also, add some security to it. It has inject me written all over it.
Re: Database Driven Template Engine Tutorial (needs work)
Also, increasing the text size a bit and using color coding for the code would make it readable. Quite important for an article 
- John Cartwright
- Site Admin
- Posts: 11470
- Joined: Tue Dec 23, 2003 2:10 am
- Location: Toronto
- Contact:
Re: Database Driven Template Engine Tutorial (needs work)
I haven't actually read the tutorial, just took a quick peek. Some glaring issues I see,
1. SQL injection -- you don't escape any of your input parameters, and sometimes even use raw input from the query string without even checking for it's existance first. Ouch.
2. Unquoted arrays will produce E_NOTICE notices, hint.. try putting error_reporting(E_ALL);
3. Use of eval should be avoided at almost all cost
1. SQL injection -- you don't escape any of your input parameters, and sometimes even use raw input from the query string without even checking for it's existance first. Ouch.
2. Unquoted arrays will produce E_NOTICE notices, hint.. try putting error_reporting(E_ALL);
3. Use of eval should be avoided at almost all cost
Code: Select all
eval('$header = "' . fetch_template('header') . '";');
eval('$footer = "' . fetch_template('footer') . '";');
eval('$stylesheet = "' . fetch_template('stylesheet') . '";');Code: Select all
$header = fetch_template('header');
$footer = fetch_template('footer');
$stylesheet = fetch_template('stylesheet');-
calfellows
- Forum Newbie
- Posts: 10
- Joined: Mon Apr 07, 2008 3:10 am
Re: Database Driven Template Engine Tutorial (needs work)
This is not my work or tutorial at all, just something
I found interesting, looks helpful or inspiring to kickstart
people into the php/mysql arena.
Any pros here that can help to get this monster rolling?
It's got several problems and a fatal error, will not run at
all, currently.
Cal...
I found interesting, looks helpful or inspiring to kickstart
people into the php/mysql arena.
Any pros here that can help to get this monster rolling?
It's got several problems and a fatal error, will not run at
all, currently.
Cal...
Last edited by calfellows on Fri Apr 11, 2008 4:55 pm, edited 1 time in total.
-
calfellows
- Forum Newbie
- Posts: 10
- Joined: Mon Apr 07, 2008 3:10 am
Re: Database Driven Template Engine Tutorial (needs work)
Hello,
Chris just posted an update, a working
version with install file to create dbase.
This thread is located at:
http://www.mished.co.uk/showthread.php?p=24
Cal
Chris just posted an update, a working
version with install file to create dbase.
This thread is located at:
http://www.mished.co.uk/showthread.php?p=24
Cal