In class object pattern we can use scope resolution at two places.
For access static methods that do not require object initialization.
And for calling parent class constructor.
SQL injection is technique through which malicious code is placed inside SQL data. It entersvia poor scripting to SQL databases. Good scripting and PHPs PDO areoptions to prevent SQLinjection.
First, parent constructor is not called in the child class directly; we have to call it specifically.
There is built in PHP function for sending email.mail() is the function name which takes few parameters for sending email. The first parameter is ‘to’ and second parameter is subject and third parameter is’ headers’.
There are few variables which are built-in in PHP and these are called global variables.
Session is a way of storing data into server and fetching it from server to client computer.
Using session, we can store data which will be accessible to across the website. Once browser is closed, session data is lost.
session_start() is the function which we must write in the beginning of the PHP page to initialize session.
The default session time is 24 minutes or 1440 seconds. Default session storage path is /temp folder.
session_unset :This removes the session variables and does not delete the session data.
$a = “1234”;
$_SESSION[a] = $a;
Output : 1234
session destroy : This deleted the session data. The complete session.
$a = “1234”;
$_SESSION[a] = $a;
$_SESSION[a] is NULL.
Sessions automatically end when the PHP script finishes executing but can be manually ended using the session_write_close().
The session_unregister() function deregister a global variable from the current session and the session_unset() function frees all session variables.
session_unregister has been deprecated after PHP 5.x version.
$_REQUEST is the combination of $_POST, $_GET and $_COOKIES. Any of these content can be fetch using $_REQUEST global variable.
$_SERVER[‘HTTP_REFERER’] is the global variable using which we can get the url of referring page.
$_FILES sends file related information data in an associate array format. To work with this global variable, we must include enctype=”multipart/form-data” in the HTML form.
Before uploading the file to actual server destination, first the file is stored in local computer’s temporary directory, usually in ‘temp’ folder. So, we get temp file name using $_FILES[‘image][‘tmp_name’] for uploading the file because the move_uploaded_file() function takes two parameters. The first parameter is temp name of image/file.
$_FILES[file_name][‘error’] contains the error code along with the uploaded file.
We need to change the maximum file size value in php.ini. One can find this into PHP.ini upload_max_filesize.
PDO is acronym of PHP ObjectData .It is a database access layer providing a uniform method of access to multiple databases. It uses prepared statements which is less vulnerable for malicious code into database.
Cookies are a simple text file which is stored in client’s computer with some information like user name, password and expiry etc.
@ is used supress the error. If @ is placed before the statement then runtime error is handled by PHP.