This section gathers many common errors that you may face while writing PHP scripts.
PHP is a glue that brings together hundreds of external libraries, so sometimes this gets messy. However, a simple rule of thumb is as follows:
Array function parameters are ordered as "needle, haystack" whereas String functions are the opposite, so "haystack, needle".
PHP offers many predefined variables, like the superglobal $_POST. You may loop through $_POST as it's an associate array of all POSTed values. For example, let's simply loop through it with foreach, check for empty() values, and print them out.
<?php
$empty = $post = array();
foreach ($_POST as $varname => $varvalue) {
if (empty($varvalue)) {
$empty[$varname] = $varvalue;
} else {
$post[$varname] = $varvalue;
}
}
print "<pre>";
if (empty($empty)) {
print "None of the POSTed values are empty, posted:\n";
var_dump($post);
} else {
print "We have " . count($empty) . " empty values\n";
print "Posted:\n"; var_dump($post);
print "Empty:\n"; var_dump($empty);
exit;
}
?>
Assuming this is for a database, use the escaping mechanism that comes with the database. For example, use mysql_real_escape_string() with MySQL and pg_escape_string() with PostgreSQL. There is also the generic addslashes() and stripslashes() functions, that are more common with older PHP code.
<?php
function myfunc($argument)
{
echo $argument + 10;
}
$variable = 10;
echo "myfunc($variable) = " . myfunc($variable);
?>
To be able to use the results of your function in an expression (such as concatenating it with other strings in the example above), you need to return the value, not echo it.
<pre>
<?php echo "This should be the first line."; ?>
<?php echo "This should show up after the new line above."; ?>
</pre>
In PHP, the ending for a block of code is either "?>" or "?>\n" (where \n means a newline). So in the example above, the echoed sentences will be on one line, because PHP omits the newlines after the block ending. This means that you need to insert an extra newline after each block of PHP code to make it print out one newline.
Why does PHP do this? Because when formatting normal HTML, this usually makes your life easier because you don't want that newline, but you'd have to create extremely long lines or otherwise make the raw page source unreadable to achieve that effect.
The functions header(), setcookie(), and the session functions need to add headers to the output stream but headers can only be sent before all other content. There can be no output before using these functions, output such as HTML. The function headers_sent() will check if your script has already sent headers and see also the Output Control functions.
The getallheaders() function will do this if you are running PHP as an Apache module. So, the following bit of code will show you all the request headers:
<?php
$headers = getallheaders();
foreach ($headers as $name => $content) {
echo "headers[$name] = $content<br />\n";
}
?>
See also apache_lookup_uri(), apache_response_headers(), and fsockopen()
The security model of IIS is at fault here. This is a problem common to all CGI programs running under IIS. A workaround is to create a plain HTML file (not parsed by PHP) as the entry page into an authenticated directory. Then use a META tag to redirect to the PHP page, or have a link to the PHP page. PHP will then recognize the authentication correctly. This should not affect other NT web servers. For more information, see: » http://support.microsoft.com/kb/q160422/ and the manual section on HTTP Authentication .
You have to change the Go to Internet Information
Services
. Locate your PHP file and go to its properties.
Go to the File Security
tab, Edit -<
Anonymous access and authentication control
.
You can fix the problem either by unticking Anonymous
Access
and leaving Integrated Window
Authentication
ticked, or, by ticking Anonymous
Access
and editing the user as he may not have the access
right.
In order to embed <?xml straight into your PHP code, you'll have to turn off
short tags by having the PHP directive
short_open_tags set to
0
. You cannot set this directive with
ini_set(). Regardless of
short_open_tags being on or
off, you can do something like: <?php echo '<?xml'; ?>
.
The default for this directive is On
.
Read the manual page on predefined variables as it includes a partial list of predefined variables available to your script. A complete list of available variables (and much more information) can be seen by calling the phpinfo() function. Be sure to read the manual section on variables from outside of PHP as it describes common scenarios for external variables, like from a HTML form, a Cookie, and the URL.
There are a few alternatives written in PHP such as » FPDF and » TCPDF.
The available options are K (for Kilobytes), M (for Megabytes) and G (for
Gigabytes), and are all case-insensitive.
Anything else assumes bytes. 1M
equals one Megabyte or
1048576
bytes. 1K
equals one
Kilobyte or 1024
bytes. These shorthand notations may
be used in php.ini and in the ini_set() function.
Note that the numeric value is cast to int;
for instance, 0.5M
is interpreted as 0
.
Note: kilobyte versus kibibyte
The PHP notation describes one kilobyte as equalling 1024 bytes, whereas the IEC standard considers this to be a kibibyte instead. Summary: k and K = 1024 bytes.