PHP Tips 2
ereg vs preg
When it comes to the regular expression functions, ereg* and preg*, the preg functions are the clear choice. The preg functions are generally twice as fast as their ereg counterpart. They also support more advanced regular expression operations. I can't think of any reason why you would need to use the ereg functions. Read more about preg at http://www.php.net/manual/en/ref.pcre.php
Validate Numeric Data
If your program accept numeric data with GET and use in SQL query, you must make sure the value is always numeric to prevent SQL injection.
To make sure that only a number is used in the query by first type-casting the data as int
// If id is being passed in the URL
$id = (int) $_GET['id'];
$result = mysql_query("SELECT * FROM table WHERE id=$id");
|