News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Simon Champion:
PHP Upgrade Broke My Data Importer
June 27, 2013 @ 12:13:45

In his latest post Simon Champion recounts some of the issues he had when upgrading to PHP 5.4, what's usually a smooth transition from PHP 5.3. His specific problem came in a difference between the previous mysql_query call and the more-correct PDO usage.

Our office is in the thoes of a large-scale upgrade of the servers in our data center. The new version of Debian (version 7, or "Wheezy") has been officially released, having been in beta for the last few millenia, and our Ops team are slowly installing it across all our servers. This is great news, as it means we get to upgrade to PHP 5.4. Woohoo! New shininess. [...] We were ready. The upgrade should have been a breeze. But it wasn't.

He talks about his process of digging through the code trying to figure out why a call to import a CSV file into MySQL was failing. Their Data Importer component started failing with an error from MySQL about the "LOAD INFILE" not being allowed for use. He shares a "work around" that's not ideal (using exec) that manually imports the file into the database. He does point out that it could be something Debian-specific as they don't upgrade the version, just apply security patches retroactively.

We're making an effort to stick to modern PHP coding standards, so we're using PDO throughout, which makes is all the more galling. [...] Given that we do have a work-around now and everything is back up and running, I'm going to have to let this one drop; I don't have the time to try chasing it any more. But I hope this blog post will prove useful to anyone else having the same issue.
0 comments voice your opinion now!
upgrade data importer mysql infile load pdo mysqlquery

Link: http://spudley.com/blog/php-upgrade-broke-my-data-importer

Benjamin Eberlei's Blog:
Test your Legacy PHP Application with Function Mocks!
March 31, 2009 @ 11:18:31

Benjamin Eberlei has a suggestion for testing your application without having to mess around with creating new resources just for testing - use mocks.

Much talking is going on about Unit testing, Mocks and TDD in the PHP world. For the most this discussions surround object-oriented PHP code, frameworks and applications. Yet I would assert that the reality for PHP developers (me included) is dealing with PHP 4, PHP 5 migrated, or non-object oriented legacy applications which are near to impossible to bring under test.

He includes a "proof of concept" for a replacement mysql_query function (as created inside of Runkit) that sets up a "mocker" object that returns a "hello world" message when the mysql_query function is called.

0 comments voice your opinion now!
mock function runkit proofofconcept mysqlquery resource


Stefan Esser's Blog:
CORE GRASP - PHP Tainted Mode
August 22, 2007 @ 16:19:27

Stefan Esser points out a new patch today - CORE GRASP - from the Core Security Technologies group that provides taint support surrounding the mysql_query function.

Their implementation adds a tainted or not flag for every byte so that it is possible on invocation of mysql_query() to determine any kind of injection.

Unfortunately, Stefan also mentions two big issues it might have from the get-go: the overhead for the memory needed can slow things down and an incorrect parsing in their query handler could lead to injection attacks.

1 comment voice your opinion now!
core grasp patch php5 taint support mysqlquery security technologies core grasp patch php5 taint support mysqlquery security technologies


Internet Super Hero Blog:
PHP mysqli_stmt_get_result()
August 22, 2007 @ 13:48:00

Frustrated with the lack of something simple (like mysql_fetch_assoc) in the new mysqli extension, this new function was created an posted about on the Internet Super Hero blog - mysqli_stmt_get_results.

By help of the new function, you can create a mysqli_result object from a statement that returns data (SELECT and other - version dependent!). Then you can use the mysqli_result object to process the returned data: fetch results, access meta data - all you can also do using a mysqli_result object returned by mysqli_query().

Included in the post are a few code examples showing the simplicity of the function and how it can still be used with the standard mysql_* functions to grab the results.

0 comments voice your opinion now!
bind value mysqlstmtgetresult object mysqlquery simple bind value mysqlstmtgetresult object mysqlquery simple



Community Events





Don't see your event here?
Let us know!


list code interview install opinion refactor laravel threedevsandamaybe introduction series configure testing language podcast release framework symfony2 community unittest developer

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework