Coding Critique is the place to post source code for peer review by other members of DevNetwork. Any kind of code can be posted. Code posted does not have to be limited to PHP. All members are invited to contribute constructive criticism with the goal of improving the code. Posted code should include some background information about it and what areas you specifically would like help with.
Popular code excerpts may be moved to "Code Snippets" by the moderators.
Over the past several month I have written multiple tutorials in PHP, I have gone into details on virtually every line on most tutorials and I have then put them in PDF format so they can be easily downloaded and printed off for reference.
Below is the link to the user system tutorial part 1.
I am currently writing the second part of the user system tutorial, and will be updating all the tutorials templates within the coming weeks as the current one is plain and boring so I will be adding a bit of colour to it .
Hi, one suggestion would be to show the tutorials on your site itself (in HTML). Giving users the option to safe as PDF is a nice extra, but if they can't first read the tutorial on your site itself, that's just a barrier to read it. Instead of reading immediately I have to click, download, look up the file in my downloads folder, open it, if it's nothing good I have to throw it away, if it is good I have to file it in my system somewhere where I remember it, etc
Also a visitor might wonder whether it's safe to download these files. Should he download and scan it for a virus? Etc etc
matthijs wrote:Hi, one suggestion would be to show the tutorials on your site itself (in HTML). Giving users the option to safe as PDF is a nice extra, but if they can't first read the tutorial on your site itself, that's just a barrier to read it. Instead of reading immediately I have to click, download, look up the file in my downloads folder, open it, if it's nothing good I have to throw it away, if it is good I have to file it in my system somewhere where I remember it, etc
Also a visitor might wonder whether it's safe to download these files. Should he download and scan it for a virus? Etc etc
I have started going through changing them over to HTML as I did think that but want to wait for peoples opinions first.
Hi sorry about the errors, I am currently away and just before I left is disabled a plugin on my wordpress site but due to the pages being cached. It did not update I have now fixed that. Sorry for the inconvenience.
- mysqli is preferred over mysql. It allows OOP style usage. http://uk3.php.net/manual/en/mysqli.overview.php
- Why do you define MYSQL_SELECTDB? All that will ever be is TRUE or FALSE. I don't believe you need to "or die()" it either, as the define() function won't ever fail.
- You should use mysql_real_escape_string(), not mysql_escape_string. mysql_escape_string() was deprecated in 4.3 and throws an E_DEPRECATED error in 5.3. Not to mention mysql_real_escape_string() is better.
- under register.php, your "if ($_POST['submit-register'])" line will throw an error if error reporting is set to include E_NOTICE, and $_POST['submit-register'] doesn't exist.
Real programmers don't comment their code. If it was hard to write, it should be hard to understand.
The salting scheme is not very good either (I've read only part one). You should use an additional unique per user salt. Here's why: viewtopic.php?t=62782