Php Things

A little function that does some basic checking for data input by a user. Should get rid of code injection ;-)

Anti-QSL Injection. I'm sure it could be better, so any improvements are welcome.

This is a quick and easy method to generate a somewhat random password. This simply generates the MD5 hash for the integer returned by the time() function and then truncates it to the specific length.

This is a faily simple function to validate a URL being passed into your scripts. It will allow for http, https, and ftp. The beginning www. of a URL is optional as well. It will also validate if you have an IP address in place of the domain name. I'm sure this can be improved upon as this is my first attempt at regular expressions but it has worked good for me so far. Please comment or improve if your able.

Thanks!

By this class you can make a RSS FEED page in your website.

This class is a simple authentication scheme which makes it easy to add authentication to any page by including one class and adding one table to your MySQL database.

The following functions are employed by this authentication class:

auth()

this is the default constructor; it automatically checks for the POST vars "username" and "password", it also checks to see if the user passed the GET variable "logout", which would prompt it to set the authentication status to un-authenticated.

is_authorized()

Checks the SESSION variable "authorized" and returns true or false depending on that variable.

mysql_bind()

This is automatically called by the constructor each time the class is instantiated and $_POST['username'] and $_POST['password'] are present. It queries the db for a valid username and MD5 encoded password.

user_create($username,$email,$password)

Creates a user, if the username is available, and creates an MD5 hash based on username, password and date, to be used in the "activation" of the account.

user_activation_message($username)

Sends the custom activation message to the email address for the username specified

user_activation($activation_hash)

Checks to see if the activation hash is valid, if it is, the activation_hash variable is set to NULL, thus signifying that the account is active.

user_password_change($username,$password_old,$password_new)

Quick and easy way to change the user's password with one function call.

user_logout()

Sets the authorization status in $_SESSION['authorized'] to FALSE

is_username_available( $username )

Returns TRUE or FALSE depending on whether or not the username is free.

I use this method for keeping my sql templates away from my code.

You can extend upon the idea, as I have done in the past, by placing SQL handing classes between your scripts and the template library.

Things to note here:

The lesser userd heredoc string method. The reason this is used is to keep the SQL clear and well laid out, and not as messy as using quotes.

vsprintf() is a very handy function if you don't want to hard code the number of parameters to interpolate your string with.

The use of sprintf templates offers you additional security. For example, only allowing numbers to be placed where a %d falls. This, of course, shouldn't be the only security on user supplied variables, but comes in extra handy for debugging purposes.

Regarding the TODO in there, it would take a check of the number of % placeholders there are in the template. One caveat is remembering to remove the count of %%'s that appear (the literal percentage).

Get the count of records from DB

This multiple-use PHP script will randomly generate content based on a randomly generated number.