Excepting that in those cases what you have for code wouldn't work, so why would you even TRY to deploy THIS code there?
well, I see no problem in checking the availability of the data and exit if there is none to deal with... I think it's a good habit to learn.
Perhaps... but again since it would be non-functional and would need a rewrite for other systems of doing it, what's the point of adding that check to code that you wouldn't RUN on non-apache systems without a rewrite?
IMHO too complex for a tutorial version -- you're gonna confuse/lose people on that.
Maybe I am, I still don't think it's complex to put the code in a function. It isn't beginners level, but then the subject is a bit over beginners level to start with.
I think that loose/generic is where you lose people -- it's a lesson I learned the hard way back in the '90's writing tech manuals for Marstek. Assume the person learning knows nothing, fail to do that they'll learn nothing. "generic" code can be too case non-specific for the beginner to turn into a working example on their own -- which is where I think "lokilust" got lost. I'm pretty well... seasoned at this, and I'd have a hard time turning your tutorial into a working example!
really? strange. I pasted those two code blocks into the files and it ran right away. Where was the trouble, as you are looking with other eyes at my code?
Which is where we differ -- User friendly is good to a point, but not when it ends up leaving the barn door open. Is it REALLY so hard to whitelist allowed files? No, it isn't... anyone who can't manage that, probably has no business using these methods in the first place; and if that means "You have to be 'this' smart" to use it? OH WELL.
Well, my code don't execute anything either. It just parses the URL. Nothing else. So the security issues are to deal with in another part of the code. But, yes, it let all files and directories be as they are and be executable if they are. I should problably have informed of that! Good point!
Not 100% sure what that statement has to do with the block it was quoting -- only thing I can figure is my safename routine -- and you're passing values in the URL, a subset of US-ASCII (characters 32..127) is all that's valid there in the first place, you want other language characters you'd have to have them as entities ANYWAYS! Wait? Are you referring to getData, something mine doesn't need to parse? Yeah, your next part:
Don't have to with mine as $_GET is parsed normally regardless of how my redirect handles it. You send mine getdata, $_GET exists and is filled in properly. That's why I strip it clear off before parsing $_SERVER['REQUEST_URI'] as we don't need it!
You do /test/west?best=vest on mine, and $_GET['best'] will return 'vest', because of how my .htaccess method is crafted.
It might be cute to store the HASH if present though -- since you ARE correct there, more datapoints is a good thing... It's just yours seemed to be reinventing the wheel on a lot of things.
-- split -- too many quotes error? REALLY?
Having to switch to italics because of some stupid "too many quotes on merge" error in this forum software.
Well, true, $_GET will work as usual. Still, I see a point in showing the parsing of all parts of the URL. But you're right, that part isn't needed.
That's pretty bad. *sigh* I'll notify Roger and see if it's hard coded or a setting.
Well, that's not REALLY how I'd do it -- I'd have a singleton with getters, but that's a bit complicated for demo code for beginners.
True, true, but this code could be a method to run in that class.
Thing is this is a append in any case, might as well have a working demo they can integrate or work from -- Though IMHO (YMMV) this technique is too specific in function to be used as anything BUT the core of a system. Trying to mix and match or integrate it to existing code is just asking for it to be bloated, broken and insecure... Again though, YMMV. My experience says otherwise.
Well, yes, the core parts of the system is probably where you want this kind of functionality, That's why I wanted it to be as separated as possible while still working.
Which given the illegible colors, narrow little stripes, broken wordwraps of posting code on a forum, much less breaking up the code so you can't follow the logic or indents, it's HARDER to work from in my experience. That's why in addition to the .rar download there's the viewable source directory full of phps files:
with HEAVILY documenteds source:
Hm. to striped? That's why I had the complete code blocks to start with, and then processing them line by line to try to explain what they do. I think that is a good way of showing what's happening, but maybe it's not so good? About colors, is it good or bad with syntax highlighting? I like it. especially in a tutorial so you can easily see the different parts of the code. But, maybe it gets the code harder to read?
I could see how lokilush could have had issues -- A lot of what you are doing over-complicates it -- I know how to do this, and I had trouble making sense of yours. It's... very different from what I'm used to seeing, especially all that futzing around with UTF-8 encode/decode and getData parsing; something my technique doesn't even need to bother with since $_GET is preserved/working... I didn't even figure out that's what you were doing until you mentioned it separately!
It is a good point about it polluting the global namespace though -- Was thinking it might make sense to put what I have as the $ACTION array into $_GET (you can add values to $_GET), or as you did wrap it in a function, but that's the sort of thing I'd expect people to be able to figure out on their own... again real world I'd have it in a singleton with getters, the only setter being the constructor -- so that if it's called more than once it only runs the parsing code once; but I wouldn't put that in THIS tutorial except as a 'lesson 2'... which might not be a bad idea.
Yes, the utf8 part is over-complicating things, you are right. but still, as I just said, I wanted to parse the whole URL. But still, $_GET does it for you (and even better), that's very true.
On the other hand, with just this part, it can be ran over and over again without doing any harm. just taking extra time. But of course, putting it into a initialization class will give the next level to it, as you say, lesson 2. Or 5.
I think that's a lot of it, we have different expectations of what people are able to figure out on their own. Comprehension varies from person to person, which is why it helps to have different views and approaches. Yours would work for some, mine others. Really there's room for both.
Different views on matters are always a good thing, but I believe they are better off discussed part by part like this, so each part can be discussed one by one. On the other hand, these long posts are somewhat hard to follow as well.