The while loop executes a block of code while a condition is true.
Syntax
while (condition) {
//Block of codes
}
Example
<?php
$i=1;
while($i<=10) {
echo $i++.” t”;
}
?>
Output
1 2 3 4 5 6 7 8 9 10
Tag Archives: PHP
Loops
Loops execute a block of code a specified number of times, or while a specified condition is true.
Below given are the looping statements
SQL injection
SQL injection is a technique often used to attack databases through a website. This is done by including portions of SQL statements in a web form entry field in an attempt to get the website to pass a newly formed rogue SQL command to the database (e.g. dump the database contents to the attacker). SQL injection is a code injection technique that exploits a security vulnerability in a website’s software. The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed. SQL commands are thus injected from the web form into the database of an application (like queries) to change the database content or dump the database information like credit card or passwords to the attacker. SQL injection is mostly known as an attack vector for websites but can be used to attack any type of SQL database.
• SQL code is injected into the sql query
• Allows attacker to do almost anything the database user is permitted
• Example sql statement will return all the data from the ‘users’ table:
$sql = "SELECT * FROM users WHERE username='$user' AND password='$pass'"; $user and $pass contain the value ' OR 1=1"
• Further attack possibilities: insert data, delete data, read data, denial of service…
Counter Measures
• Use prepared statements when supported by the database
• Use database-specific escaping functions when creating the sql statement ex: mysqli_real_escape_string()
• Addslashes() is not a sufficient approach
CURTIME() Vs NOW()
CURTIME() returns the TIME part of the current time.
NOW() returns the date and time portions as a timestamp in various formats, depending on how it was requested
Example
mysql> SELECT NOW(),CURDATE(),CURTIME();
+———————+————+———–+
| NOW() | CURDATE() | CURTIME() |
+———————+————+———–+
| 2012-06-18 14:14:01 | 2012-06-18 | 14:14:01 |
+———————+————+———–+
1 row in set (0.03 sec)
The difference between MySQL CURTIME() and NOW()
CURTIME() returns the TIME part of the current time.
NOW() returns the date and time portions as a timestamp in various formats, depending on how it was requested
Example
mysql> SELECT NOW(),CURDATE(),CURTIME();
+———————+————+———–+
| NOW() | CURDATE() | CURTIME() |
+———————+————+———–+
| 2012-06-18 14:14:01 | 2012-06-18 | 14:14:01 |
+———————+————+———–+
1 row in set (0.03 sec)
MySQL CURDATE() Vs NOW()
CURDATE() returns the DATE part of the current time.
NOW() returns the date and time portions as a timestamp in various formats, depending on how it was requested
Example
mysql> SELECT NOW(),CURDATE(),CURTIME();
+———————+————+———–+
| NOW() | CURDATE() | CURTIME() |
+———————+————+———–+
| 2012-06-18 14:14:01 | 2012-06-18 | 14:14:01 |
+———————+————+———–+
1 row in set (0.03 sec)
The difference between MySQL CURDATE() and NOW()
CURDATE() returns the DATE part of the current time.
NOW() returns the date and time portions as a timestamp in various formats, depending on how it was requested
Example
mysql> SELECT NOW(),CURDATE(),CURTIME();
+———————+————+———–+
| NOW() | CURDATE() | CURTIME() |
+———————+————+———–+
| 2012-06-18 14:14:01 | 2012-06-18 | 14:14:01 |
+———————+————+———–+
1 row in set (0.03 sec)
Language Constructs
Language constructs are used and behave almost similar to built-in functions .
The real difference lies in how PHP engine interprets a language construct and a built-in function. language constructs are relatively faster over built-in functions since they are bound to the language.Language Constructs Don’t Need Parenthesis .Language constructs are faster than built in functions
Below given are the examples
echo
die
if
print
unset
isset
empty
include
require
Class
A class is used to specify the form of an object and it combines data representation and methods for manipulating that data into one neat package. The data and functions within a class are called members of the class.
Use classes to encapsulate code and represent objects, and namespaces to avoid symbol name collisions
A. A class can not extend more than one class.
B. A class can not implement more than one class.
C. A class cannot extend more than one interface.
D. A class can implement more than one interface.
Example
<?php
class a{
function function_a(){
echo "Function A";
}
}
a::function_a();
?>
Data Abstraction
Data abstraction is a mechanism of exposing only the interfaces and hiding the implementation details from the user.