Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy. This forum is not for asking programming related questions.
Once upon a time I used to use extract a lot! But i realised, hang on this this is <span style='color:blue' title='I'm naughty, are you naughty?'>smurf</span>.
Use unbraced ifs that are indented as if there should be more than one statement.
Will do thanks.
what are you trying to accomplish with this demonstration?
I think you did it a couple of days ago. I remember thinking that I wanted to PM you a congrats, but I must have gotten wrapped up upping my post count. Oh well, I guess it'll just have to wait for 2000 posts. Let's see, is there anyone with 200 posts I can congratulate... hmm... Oh yeah! Ambush....
Yeah AC, 2000 posts! W00t, good job man!
@: Ole
As for making your code worse, how about letting the user choose the database table. And how about a call to session_start() or setcookie() after the <body> HTML output? Now that's some bad stuff. Or comparisons with undeclared vars, hmmm.
He guys, what about this: after this piece of code cannot be made any worse, why not make it better again? Step by step, to show everyone who doesn't see why the code is bad, how it can be better? And why? Refactoring seems a popular word here ..
As for making your code worse, how about letting the user choose the database table. And how about a call to session_start() or setcookie() after the <body> HTML output? Now that's some bad stuff. Or comparisons with undeclared vars, hmmm.
Too late now. I did take off a semicolon on the mysql_connect and remove '</li>' on the penultimate line though.
He guys, what about this: after this piece of code cannot be made any worse, why not make it better again? Step by step, to show everyone who doesn't see why the code is bad, how it can be better? And why? Refactoring seems a popular word here .. Smile
You're spoiling the surprise, cause that's what I'm going to do. But not for quite a while. But to keep you happy for now, how many unique items for improvement can you find?
1. Body tag uses "marginheight"; a non-standard attribute
2. Value for the attribute isn't quoted
3. PHP code block begins after output
4. PHP block opened with short-tag
5. include used to get required variables
6. File requested with include is named poorly
7. File requested with include has INC extension; exposure vulnerability
8. Use of extract function
9. Function call and parenthesis separated by space
10. Use of dollar underscore request
11. Database connection vulnerability
12. Redundant double quotes around variable name
13. Strings not making use of any double quote functionally are nonetheless double quoted
14. Visible password
15. Very weak password
16. Missing semi-colon after mysql connect call
17. Database connection is assumed to be successful
18. Database selection is assumed to be successful
19. Unclear as to what the comment is referring to
20. Should you realise that it the comment referring to the call to mysql query you will notice the comment is utterly superfluous
21. Dollar R is a cryptic, non-conventional variable name
22. SQL query entered directly into mysql query call
23. SQL query keywords in lowercase
24. Origin of dollar text author id unknown (this is because of that extract dollar underscore request call some lines back); SQL injection vulnerability.
25. Dollar text author id not escaped
26. Dollar R 2; variable name ending in a number
27. If control structure's condition is checking for truth on a variable containing an integer; that's only minor
28. If control structure is missing braces
29. Repeat call of already stored data
30. Use of mysql fetch row when mysql fetch assoc or similar would be preferred
31. Array subscript used without braces inside a double quoted string
32. TMP zero has not been HTML escaped before being output; cross site scripting vulnerability
33. List item tag not closed
34. Unnumbered list tag is closed but the echo statement appears on the same line as a while yet not inside it
35. lowercase L for location in header call
36. Missing space between location colon and value
37. Header injection vulnerability