Floating point comparisons or why prices need to be stored in cents

Posted by Stanislav Furman on September 5, 2013

In PHP you should be careful working with floating point number comparisons because sometimes the result that you get can be unexpected and unpredictable even if it looks pretty obvious. Here is an example. Can you guess what will be the result?

$a = 0.7;
$b = 0.1;
$c = $a + $b;
if ($c == 0.8) {
   echo '$c == 0.8';
} else {
   echo '$c!=0.8';
Continue reading

File search and wildcards in PHP

Posted by Stanislav Furman on June 7, 2013

This post will continue one of my previous posts Reading file list from a mapped Windows network drive.

Recently, I have had a challenge with reading files from a directory using a wildcard pattern (i.e. " *.jpg "). Obviously, regular is_file() or file_exists() functions do not work in this case. So, I started looking for a solution that could help me with my problem.

Luckily, there is a function glob() that searches for the pathnames matching given pattern.

foreach(glob('*.jpg') as $image) {
  if( !is_dir($image) ) {
    $images[] = $image;
Continue reading

Do you use Skype? Then Microsoft reads everything you write!

Posted by Stanislav Furman on May 21, 2013

More or less, every clever IT professional understands that big corporations such as Microsoft and Google are able to read correspondences of Gmail and Skype users.

Recently, I found a post where guys from The H Security explain how they found out that Microsoft actually monitors what you write in Skype.

Actually, it is not a big secret. Everyone who uses Skype, must agree with the item that Microsoft could read everything you write (see privacy statement in Skype). Especially I liked that "Skype may capture and manually review instant messages or SMS in connection". However, it's interesting why they pay their attention to HTTPS links and ignore HTTP.

So, if you use Skype for Internet communication, you should know that it is not 100% private.

Concatenating NULL and blank fields in MySQL

Posted by Stanislav Furman on May 17, 2013

If you ever need to concatenate fields that are empty or equal null, you may run into troubles because MySQL doesn't concatenate NULL-fields as you might expect - if there is one of the concatenating fields equals NULL, the whole concatenating value will be NULL.

See the following dummy table:

firstname | middlename | lastname | email
John        J.           Smith      [email protected]
Amanda      NULL         Smith      [email protected]

As you can see Amanda Smith doesn't have middle name. So, if you now run a query that will try to concatenate first name, middle name and last name, you'll get NULL value instead of expected concatenated value.

Continue reading

How to protect against SQL injection, and why SQL injection is dangerous

Posted by Stanislav Furman on May 14, 2013

I am quite sure that most of web developers know what the SQL injection is, and nowdays it seems that even junior developers know basics on how to protect web applications against this type of hacker attack. However, I often see web developers underestimate the level of potential threat. Some web developers think: "We are too small to be interesting for hackers", but they forget that security wholes in their applications can be used to attack other resources, systems and users.

In this post I am not going to show how to attack web applications using an SQL injection, but I'd like to show why SQL injection is dangerous and also how to protect against SQL injection.

Continue reading

jQuery 2.0 has released!

Posted by Stanislav Furman on April 24, 2013

In this release JQuery core developers threw out the support for Internet Explorer 6, 7 and 8 (Yay!). Thanks to this, the size of the library has decreased by 12% and now it's smaller and faster. It can be even smaller if you make your own build, disabling some of  built-in default modules (there is 12 of them).

Those who need old IE support should remain on the branch 1.x, which will continue supporting old IE versions.

Continue reading

How to trim array elements in PHP in one shot

Posted by Stanislav Furman on April 17, 2013

If you are looking for a method to trim leading and trailing white spaces in all elements of a PHP array, you could use the following code:

// custom function to trim value
function _trim(&$value) 
    $value = trim($value);    

$data = array('  a  ',' b',' c   d ');


array (size=3)
  0 => string 'a' (length=1)
  1 => string 'b' (length=1)
  2 => string 'c   d' (length=5)


This works, but might look a little long. If you want a shorter solution, here it is:

Continue reading

How to get most accurate visitor's IP address in PHP

Posted by Stanislav Furman on April 15, 2013

Web developers often need to get visitor's IP address to use it in web applications. This can be used in internal traffic analytics tools, or as a part of security measures.

Most common and standard method of getting visitor's IP address is getting the value "REMOTE_ADDR" from the global PHP array $_SERVER:

$visitor_ip = $_SERVER['REMOTE_ADDR'];

However, standard PHP $_SERVER['REMOTE_ADDR'] value not necessarily contains the originating visitor's IP address because, for example, visitor can use a proxy server to access your web site. Using PHP we could try to detect user's IP address even if he uses proxy, but keep in mind that there is no guarantee that IP address that you get is 100% accurate (e.g. proxy can be anonymous).

Continue reading

Why start and run your own blog?

Posted by Stanislav Furman on April 1, 2013
Why people would start and run blogs. What would be the benefits of running a web blog.

Reading file list from a mapped Windows network drive

Posted by Stanislav Furman on March 25, 2013

Last week I ran into a situation when I had to read directory file list from a mapped Windows network drive. At your very first look it may seem pretty simple. It is! However, there is a little trick - Windows may require your network/domain credentials, and then standard PHP functions such as opendir() won't be able to access the directory. Fortunately, the solution is pretty simple:

Continue reading