All your PHP scripts will blow up one day! Seriously!
 

Every single PHP programmer alive makes the same mistake.
The mistake is posted all over the internet like it is correct but it's not.
The mistake shows a lack of understanding of variable types returned from functions
as well as what a boolean value is.

I'm not kidding.
One day the data your script is looking for to determine what to do will be in the first byte position of the data.

Then all your php will blow up.

You are getting away with it for now, or at least you think.
Do you know what data you missed?

So, here is the incorrect code used by every PHP programmer alive :

if (stripos($string,'hello')) { ....

See php script below for the correct code.

Now if someone really understands "if statements" and the stripos command then they should immediately know this is wrong.

Why?

Because "if statements" only do boolean test and stripos will return non-boolean values as well as boolean false.


It says that in the manual : http://us2.php.net/manual/en/function.stripos.php

Read boolean values conversion : http://us2.php.net/manual/en/language.types.boolean.php


0 evaluates as false in an if statement; 0 is the first position of a string however.
Meaning you get "false" when the string is there and starts in position 0.

Don't believe me?
Ok, then run this code :


<?
$string = "hello";

// wrong code
if (stripos($string,'hello')) {
echo "True";
}
else {
echo "false";
}


echo "<br><br>";


// correct code

if (stripos($string,'hello') !== false ) {
echo "True";
}
else {
echo "false";
}
?>



Notice the "!== false" and NOT "!=false"

Don't believe what I said about "if statements"?
Then run these :

<?

if ("1") {
echo "true";
}
else {
echo "false";
}

?>

<?

if ("-1") {
echo "true";
}
else {
echo "false";
}

?>

<?

if ("0") {
echo "true";
}
else {
echo "false";
}

?>



Happy PHP blow up day!

:1orglaugh

PHP is kinda lazy. For my lazy, I use .css and run block-script find/replace programs. That way, no exploits or FTP exploits on upload, etc...

:D

LOL!

You php will blow the fuck up.


:1orglaugh

That has nothing to do with this.
And it's not php, it's the programmer.

@blackmonsters

Sorry my friend but when you talk about the code I should paste some facts about design.

It looks like you got stuck with FrontPage, 1997 edition :)

http://www.jegsworks.com/lessons/web...sindexhtml.gif

No offense, but you should really let someone else do design :upsidedow

Post a design thread, tell us all about it.

:thumbsup

anyway strpos is supposed to return a number, i always check the result with a number

No, it can return boolean false which is not a number.

it CAN... yes it can

LOL -- you'd be surprised how many people don't actually know this. It's sad. I actually use it as an interview question to separate junior-level developers from people I would actually hire.

Good tip to help people learn!

Yeah and when you do a false test with a number, say "-1" then the if statement evals to true when false is returned from stripos.

<?
$string = "ello";

if (stripos($string,'hello') != -1 ) {
echo "True";
}
else {
echo "false";
}
?>

Like I said, the correct way to do it is !== false

Just be careful with this .. a lot of people here have a "sort of" understanding of PHP. If you use the exact match syntax with other variable types, PHP acts in unexpected ways. For example, even though PHP has a very forgiving manner of variable typing (string versus float, etc) when compared to C or Java, it acts strictly when using ===.

$variable = '5';
if ($variable === 5) will react differently than if ($variable == 5) or if ($variable === '5')

(false, true, true)

I see it all the time and I'm sure you do too.
But when you post about it people still don't listen.

Also note that the notation syntax doesn't affect the outcome:

$var = 7;
$result = ($var == 7) ? true : false;
$result = ($var === 7) ? true : false;
$result = ($var === '7') ? true : false;

Versus

if ($var == 7) {
return true;
} else {
return false;
}

In this industry? CONSTANTLY.

Are there good PHP programmers here? Yes. Are there many? Fuck no. There are guys using mysql() in major products here, not even mysqli() or PDO. It's sickening! No unit testing, no dependency injection, no discernible design patterns, no standardization (PSR, Zend, or otherwise!), no autoloading, no name spacing .. and people HIRE them! :Oh crap

Another weird thing in PHP that I run into sometimes:

$number = 012;
echo $number / 4;

What's that evaluate to? 2.5. Numbers preceded by 0 are treated as octal. 012 in octal is decimal 10. Someone who hasn't run into it would answer that it'd be 3, and they'd be wrong.

OP claims that "every single programmer alive" does that. How many in reality? 50/50?

There is no reason for a string position to be negative.

Correct, quoted 5 is not type integer; the variable type must match for exact match.
And that pretty much sums up what the thread is about.
Doing the correct test on the returned value, which this time requires type.

In PHP? 85%. Most PHP coders are not true programmers. Those who come from a C/Java background are unlikely to make the mistake, but it is VERY common for new developers (or someone who never really needed to learn how to program because they are just hacking around).

If you're still making this mistake, you don't have enough experience to be developing your own apps (which is 85% of PHP guys), if that gives you an idea.

Hyperbole for views.

:1orglaugh

Remember that it can also be cast:

$var = '5';

$result = ((int) $var === 5) ? true : false;

This will also result in a true evaluation, although it's not readily apparent to junior-level guys.

"Lose 85 lbs in a week with this one simple trick. Personal trainers hate him!"

Duh, yeah, that's why people try to use it as false.
PERL actually returns -1 for false for some functions so people think they can use it in php.

I'd prefer to use a more specific function to reduce the chance of mixups. For example, strstr() returns only two possible values - false, or a non empty string. No chance of an ambiguous return there.

This is not a good solution for business use. strstr() is more memory-intensive than strpos(), and thus slower and less scalable. Here's some benchmarking:

http://net-beta.net/ubench/index.php?t=strpos1

From the PHP manual: "If you only want to determine if a particular needle occurs within haystack, use the faster and less memory intensive function strpos() instead."

You may want to research functions you use more carefully, if you're creating anything but the smallest programs for personal use. I wouldn't accept this choice from a contractor, personally. :2 cents:

:thumbsup

Really the problem with adult industry it is that it uses PHP.
Check any mainstream startup launched in the past 3 years and they use all except PHP really.

I know this is GFY and all, but ... seriously? W3 reports that as of the end of May, 2014, PHP is used by 82.0% of all the websites it indexes. There's a reason for that. PHP is a very strong language for the web.

Facebook, Yahoo, Wikipedia, and MANY more rely on PHP. Is this because they're not very bright?

Yes, PHP programmers are usually ridiculously weak, but that doesn't make it a bad language to launch sites with.

Can you give an example of a problem in adult that you're solving in a different language because PHP couldn't get the job done?

My brain just blew up so i'm calling my programmer first thing in the morning...

I don't think this is as widespread as you might think - I haven't personally seen that happen very many times.

Nobody uses that code in PHP. The comparison "===" operator is mandatory in this case. Just sayin' :2 cents:

PHP is a fine language and all but I'm finding Java and Scala to be better for many reasons, type-safety and thread-safety among the biggest reasons. Scala is nice because the syntax is clean and it allows you to program in the functional paradigm which allows for highly reusable code among many other benefits. The JVM does exceptionally well with RESTful web apps. I find that I like programming for the JVM much better than PHP.

I think it's also important to add that perhaps the reason PHP is so widely used isn't because it's the best option. It's probably one of the easiest languages to learn as a beginner because it's so basic. The LAMP stack isn't bad, but it's rather slow unless you make some optimizations.

Another thing that someone failed to mention is that, Facebook had to create their own compiler to reduce PHP down into C++ byte code because it was so slow and scaled so poorly. This is called hPHP (the HipHop Virtual Machine) and they faced a lot of challenges and spent a lot of money to create it. The only reason they stuck with PHP was because they didn't want to introduce instability in switching languages. Most new big services aren't being written with PHP for good reasons.

I'm sorry, but that's a ridiculous comparison. Bring me a site doing the volume Facebook is, and we'll talk. Until then, you're over-engineering and making maintenance more of an issue than it needs to be. PHP is widely used and well represented in the development community. Getting another coder to extend or repair your code is very easy. By moving to another language, you unnecessarily narrow your potential candidates and/or raise their average price.

Don't "solve" non-problems; adult isn't that sophisticated, nor are its problems overly-complex to address. PHP scales very well for all but the largest applications, and I won't pretend it doesn't.

Nop he described it pretty accurate.The reason why facebook is in php it's because it's founder was php programmer so it was an obvious reason to use it.If i would build something new,i would always use PHP simply because i have expertise in it and while other languages are better and faster,those advantages are not big enough to justify learning and using them.

thats why i use code snippets from stackoverflow

Sorry, but I made this post after looking at your tube script.

This is your code :

admin/functions.general.php

function detectMobile() {
...
...
...


case (stripos($user_agent,'android'));
$isMobile = true;
break;
case (stripos($user_agent,'iphone')||stripos($user_agen t,'ipod'));
$isMobile = true;
break;
case (stripos($user_agent,'opera mini'));
$isMobile = true;
break;
case (stripos($user_agent,'blackberry'));
$isMobile = true;
break;
...
...
...
...
...
...
}
return $isMobile;
}


It works just fine but only because the string is never in the first byte.

Based on how this thread is going that code is probably in every thing you ever wrote.

:1orglaugh

That's where I find the bad code that everybody copied.

:1orglaugh

Disclaimer : Stackoverflow is rock solid but nothing is 100%

http://profiles.wordpress.org/cyberseo/#content-plugins ;)