Some regular expressions and how to use them in PHP

This isn't a guide about how to create regular expressions (although I would like to make one). These are a few regular expression that I made some time ago, when I had access to a list of names, addresses, phone numbers, etc. They were formatted in very different ways (special the phone numbers) so, the simpler regular expressions that I was using before that, had to be improved. I also talk about to use this regular expressions to validate input fields in PHP scripts.

Prepared MySQL statements in PHP (object oriented examples)

I find sad how many online systems are out there unprotected against even the simplest type of attack, SQL injections. This is a guide and a set of examples about the use of prepared MySQL statements in PHP. If you want to see how an SQL injection attack works you can read the previous article An SQL injection attack. There is a similar guide to this but using the regular structured functions from the MysqlI library at Prepared MySQL statements in PHP (structured examples).

Prepared MySQL statements in PHP (structured examples)

I find sad how many online systems are out there unprotected against even the simplest type of attack, SQL injections. This is a guide and a set of examples about the use of prepared MySQL statements in PHP. If you want to see how an SQL injection attack works you can read the previous article An SQL injection attack. There is a similar guide to this but using the object oriented interface of MysqlI in the examples at Prepared MySQL statements in PHP (object oriented examples).

An SQL injection attack

Since I wrote two different guides about the use of prepared MySQL statements in PHP, and one of the reasons for use this is to prevent SQL injection attacks, I am going to write a little about these attacks that many websites has suffer and continue to suffer even today. More than define what this attack is, the objective is to show how it works.

The confusing prefixes for binary multiples

Expressing sizes in informatics can be confusing at times, this is due to the lack of standardization among hardware manufacturers, programs and operating systems regarding the use of prefixes (K, M, G) when expressing binary multiples. A standard does exist, this is what ISO/IEC 80000-13:2008 is about, it defines a standard for the use of prefixes for binary multiples, however, it has not been widely adopted as of the writing of this post.

This confusion originates from the early days of informatics. In computing, the most basic unit of information is the bit, which could be think of as a switch, it has only two states, on and off (1 and 0). Because you can't store but a certain state (on or off) in a bit, a bigger unit was created, the byte, which is just a group of bits. A byte consists of 8 bits, and this allows to represent a value, from 0 to 255.

The SI (International System of Units) defines that K (Kilo) denotes 1000, and M (Mega) represents 1000×1000, this is based in our base-10 numeric system. Originally 1 kilobyte meant 1000 bytes (103) and there was no confusion. However, in the world of computing, because everything is based on the bit, the numeric system in use is base-2. People noticed the convenience of denote 1 kilobyte as 1024 bytes (210), and one megabyte as 1024×1024 (220); instead of the SI Kilo and Mega convention, which denotes 1KB as 103 bytes, and 1MB 106 bytes.

Managing MySQL from the command line

If our hosting service offer us a SSH shell and have MySQL installed, or if we have MySQL installed in our computer, we can administer a database from the Command Line Interface. If we develop programs that require the use of a MySQL database, most likely we are already familiarized with SQL statements. By the use of the mysql command we can send this queries to the database.

How to create scaled thumbnails in PHP

It's always a good idea to generate as many different sizes of thumbnails as are required in a web based system, right after an image is uploaded. Some of the advantages of generating and storing the thumbnails are that you can reduce the processing time that your server needs to use if you generate the thumbnails on demand, and of course you can reduce the consumed bandwidth by not sending the full size image when this is not necessary.

Working with UTF-8 in PHP, MySQL and Apache

As I have previously posted in this website, I believe it is a good idea to standardize in one character encoding across all parts of a system, and as my preferred character encoding is UTF-8, when I create a PHP system I check the following things:

  • That the browser receives and interprets the output of my PHP scripts as UTF-8.
  • That the (X)HTML forms accept UTF-8.
  • That PHP treats the data received from a MySQL database as UTF-8.