PHP Image Uploads – Better File Type Checking

When working on a project I came across a neat snippet of code that will uses PHP’s image manipulation functions to check the uploaded image type. The majority of the time the filetype is checked using PHP’s string functions on the file name, as a string E.g.

$myFile = $_FILES['myFile']['name'];
$allowed_filetypes = array('.gif', '.JPEG');
$ext = substr($myFile, strpos($myFile,'.'), strlen($myFile)-1);

This is fine, but the contents of $myFile can be faked. A much better check for allowing only image file uploads would be to do the following – I thought this was quite neat:

if (!$img = @imagecreatefromgif($path_to_image)) {
  /* NOT a .GIF image */
}

imagecreatefromgif will return false if the image is not a GIF. A similar thing can be done for checking PNGs (see imagecreatefrompng) and JPEGs (see imagecreatefromjpeg).

Populate Select Boxes using a Global Associative Array with PHP

The following post is being written because today I’ve been annoyed, very annoyed. I’ve been working on updates to a previous developers mini CRM system that I inherited, unfortunately. Basically, the customer wanted to amend the list of options that appear in a HTML select box, on pretty much every page. In this case, 24 pages.

Ok, easy job – or so I thought. If the previous developer hadn’t been a total mong this simple update would have taken a minute or so – simply update a common function, database or global array to repopulate the drop down list options. No luck in the least – the developer had hard coded each drop down into every page, using HTML – **** great! So I just spent close to 40 minutes wading through include files and HTML to make my changes – so unecessary.

So, what follows is a very simple method to have a common drop down list that will be included on any page you want, with the data stored in a global array (could be a database, but a global array is quickest:

The include, model or config file – simple an associative array that will be accessible throughout your application (lets call this file includes.php):

Continue reading

Passing Arguments as an Associative Array to a Function

Sometimes is it useful and slightly cleaner to pass arguements to a function via an associative array as opposed to a list of variables. There are a variety of methods to achieve this, such as using PHP’s extract function – but the below is cleaner in my opinion. Please note, the following functionality is common place when using a good MVC framework, or a good CodeIgniter base class. Take a sample PHP class:

class setOptions {

    var $temp = '/default_temp/';
    var $upload = '/default_upload/';
    var $cache_time = '0';
    var $cache_status = '0';
    var $cache_file = 'users.txt';

    function __construct($user_settings)
    {
        if (is_array($user_settings)) {
            foreach($user_settings as $k=>$v)  {
                $this->assignSetting($k, $v);
            }
        } else {
            die('Config Error!');
        }
    }

    function assignSetting($name, $value)
    {
        $whitelist = array('temp', 'upload', 'cache_time', 'cache_status', 'cache_file');

        if (in_array($name, $whitelist)) {
            $property = $name;
            $this->$property = $value;
        }
    }

}

In lines 3 – 6 we set the default values of our settings that are used an our class. We can choose to leave these as they are, or pass the class an array of new setting, to overwrite them.

In line 8 the settings array, as an associative array, is passed to the magic construct function so all the settings are available when the class is called. On line 10, we check to ensure that the data passed to the function is actually an array and on line 11 we simply through each key/value of the array.

On each iteration, the assignSetting function is called (line 17). The function takes a setting name and value as it’s arguements. On line 19 a whitelist of allowed settings is created as an array. Line 20 checks to ensure the setting we are attempting to add is within this whitelist.

Continue reading

The Importance of Client Requirement Analysis

Recently I developed a small bespoke CRM system for a client, based on list of requirements gathered by a colleague approximately 2 months ago. The CRM was nothing out of the oridinary – a maintable customer database, customer login system, email marketing functionality, customer account reminders, invoice associatiion with specific customers etc.

Overall, did the customer get what they? Yes. Did the project take a lot longer than it should have? Definately! The reason for the latter – poor initial requirements analysis from my colleague.

Continue reading

PHP Email Template with Flat Files

It’s quite common when sending an email message to see the following code to set the message body:

$body = "Hi $firstname $lastname,<br /><br />
	Thank you for you recent order - reference <strong>$order_id</strong><br /><br />
	A secure payment for your order of <strong>&pound;$order_value</strong> was successfully processed.<br /><br />
	The estimated delivery date is <strong>$order_date</strong>.<br /><br />
	The Admin";

This is quite messy and mixes html and php, which isn’t ideal – ideally, we’d want a php email template for use across our whole site. Additionally, this code is time consuming to update as you need to manually go back to the raw PHP code if you needed to change the email.

A very simple solution is to use a flat file (.txt file for example, although could be a html or .tpl file) to store the basic email content with placeholders to replace various bits of information that change. For example, part of a template may contain:

Hi {firstname} {lastname},

All the information srrounded by the curley brackets (I’m sure they have a proper name) are the parts of the email that will change. All we need to are pass information to each of these using our very very simple email templating system:

Firstly include the path to your template file. If the file doesn’t exist, stop the script immediately:

Continue reading

Associate Products with Multiple Categories Using MySQL

Having a database structure that allows a product to be associated with more than one category is a very common scenario in any eCommerce website. However, after working on a couple of truely awful bespoke solutions from other developers recently, whose methods to store and retreive such data were so convoluted, have inspired me to write this article.

Story such data need to not be overly complicated. The following, simple, table structure is required (in a real ecommerce system you would definately have additional fields – these have been omitted here for thae sake of the example):

Product
product_id (PK)
name

Category
category_id (PK)
name

Products_Category
product_id (PK)
category_id (PK)

The products_category table is a simple linking table that allows a many-to-many relationship between the product and category table. It contains to two primary keys to ensure every combination of product and category is unique. for example, this table will contain many unique number pairs and a row may be 1,4 or product_id 1 and category_id 4. The files to create and populate this table structure with sample data can be found here.

Now it is simplay a case of running a series of MySQL statements (I’d advise converting them to stored procedures for more security and better application seperation) to retreieve the appropriate data. For example:

Products Within a Certain Category (E.g. category_id 1):

SELECT p.product_id, p.name FROM product p
INNER JOIN product_category pc
ON p.product_id = pc.product_id
WHERE pc.category_id = '1';

Count Products Within a Certain Category (E.g. category_id 1):

SELECT COUNT(p.product_id) As myCount FROM product p
INNER JOIN product_category pc
ON p.product_id = pc.product_id
WHERE pc.category_id = '1';

…and that’s it. Extremely simple, can be expanded to any eCommerce system and not convoluted at all :)

Multiple Categorisation for SEO

A very common technique in ecommerce, is for products to be assigned a single category – part of the filing cabinet approach to site development. This works for niche ecommerce stores, but not for the majority. For example, a tshirt might belong equally in the following categories:’ red tshirts’, ‘logo tshirts’, ‘mens tshirts’ etc. Additionally there are times when it makes sense to have a multiple categories for a product and can help with conversions(a totally different topic).

The special care of multiple categories and SEO is that category pages contain a huge amount keyword rich anchor text. Yes, the majority of ecommerce software and system will allow filtering of results, but the canonical url tag is often used and results in messy links that are not ignored by search engines.

The major issue here is duplicate content – frowned upon by Google and can cause real issues for your site. Yes, a small numbers of pages is within acceptable limits, but when you have store that has hundreds of products duplicate content really can become an issue.

Using our tshirt example from above, say we place a product called ‘super baggy tshirt’ into the ‘red tshirts’ and ‘logo tshirts’ categories – the following two urls would be produced by our ecommerce software – the below structure is very common):


http://www.shop.com/tshirts/red-tshirts/super-baggy-tshirt/


http://www.shop.com/tshirts/logo-tshirts/super-baggy-tshirt/

At first glance, this all looks well: SEO friendly URLs, well structured, organised and keyword rich. All this correct, apart from the fact that both URLs represent the same product Рhere is our duplicate content issue. The duplicate content issue will get worse if the product is placed into more categories.  The easiest solution is to rewrite our product URL to something much simpler:


http://www.shop.com/super-baggy-tshirt/

This will allow us to place the product into as many categories as we need without creating any duplicate content at all – there will always be a single version of the product URL.

Create a CSS Hover Effect Image Gallery

After browsing through a a few web portfolios lately I’ve noticed a rather noce efefct – whereby when the user hovers over a thumbnail an image appear – this may be a zoom icon (for images) or a play button (for videos). In thus article I’ll quickly run through the simple steps on who we create a a funky css hover effect image gallery. This is a very useful technique for any sort of site that display thumbnails links.

The HTML

<div class="thumb_wrap">
<a href="#link" class="thumb_link">
<span><img src="play.png" alt="play" class="play_video" /></span>
<img src="thumb.jpg" alt="thumbnail" />
</a>
</div>

I’ve simply nested a span tag containing the hidden play button. Additionally, to keep everything XHTML valid, the hyperlink doesn;t contain block level elemnts.

The CSS

a img {
border:none;
}

.thumb_wrap {
width:194px;
height:110px;
margin:0 25px 0 0;
float:left;
}

img.play_video {
position: absolute; 
margin:40px 0 0 80px;
display: none;}

The CSS is simply sets the image’s position absolutely (to ensure nothing gets pushed out of line).

The JQuery

The give the show effect a nice fade in style and in order the show our hidden image I’ll add a small piece of JQuery that finds the image within our span tag and fades it in. The latter is done when the user hovers over the image, when the mouse leaves, the image is hidden again. The folllwing would go within the head tag (I’ve also let Google CDN host my JQuery file):

<script type="text/javascript">
$(document).ready(function() {

$(".thumb_link").mouseover(function(){
 $(this).find('img.play_video').fadeIn('slow');
});

$(".thumb_link").mouseout(function(){
 $(this).find('img.play_video').hide();
});

});
</script>

…..and that’s it. You now have a cross browser compatible (IE 6 plus) image gallery effect, that is very easy to implement. See the image gallery in action.

PHP Caching with PEAR Cache Lite

Last week I was given the task my a client to speed up their website – they had paid for literally a single hours work, so not much time at all. The site in question was a company website that had various dyamic boxes of content – namely an area for latest events, latest news and latest clients – aswell as a custom content management solution running for the main page content. Additionally, the database is hosted by (for me), argueably the worse and slowest webhost around – streamline.net – so database lookups are slower than usual to begin with.

Each time a page was served, many unecessary requests were being made to the MySQL database. The site gets quite a lot of passing traffic from search engines, with all the content be created byn the site owner. As a result, databse lookups for the same content each time as not needed and some simple caching was to be used – nameley, PEAR Cache_Lite.

PEAR Cache_Lite is a small yet powerful PHP caching system that will cache (or save on disk) our dynamic PHP pages. Subsequent requests for complex and database intensive pages are not required due to our cache. This will speed up the site no end.

Firstly, you’ll need to download the latest Cache_Lite package and include the file Lite.php on your page. Also, create a folder called ‘cache’ within your site structure. The general idea of Cache_Lite is very simple, giving each page a unique ID – there is no set rule for this and the creation of this ID is left to the developer.

The actual code to cache a complex page is very simple:

Continue reading

W3C Validation and SEO Benefits – My Opinion

The link between full W3C Validation and it’s important upon SEO is commonly discussed topic and a huge taboo. This is the notion that¬† having a valid site according to the W3C Standards is either critical (or not) to your website’s SEO.The first thing to note that a site passing W3C Validation will have met the following criteria: will not use depreciated tags and will not have syntax errors – essentially a syntax check.

I physically cringe when I hear quotes such as ‘valid xhtml will help your users’. Valid xhtml will not help your users, to help your users a site needs to adhere to web coding standards – this is an entirely different beast. The main difference here is the practice of seperating content from presentation, thus giving the content increased meaning. For example, a page using tables to layout the whole web page would not adhere to web coding standards because using tables for layout is semantically incorrect and requires a lot more code. Tables should be used for tabular data, simple. Another example is the use of paragraph and header tags. Visually they are very similar but have a very very different meaning sementically. However, yet again, semantically incorrect pages will pass validation. The main Google webpage doesn’t even validate (interestingly, Google does’t even quote html attributes in order to save on page size). In my opinion, as long this is the case W3C validation will be a none issue, SEO wise.

Understanding which semantic elements add value to the document will affect the onsite of a website and is an SEO ranking factor.I have read several artuicles that describe W3C validation and SEO as a match made in heaven, this simply isn’t the case, although web semantics and SEO are.

There are many websites (40% is a figure thrown around a lot) that do not validate, yet perform quite well in search engines as they have a range of high quality content. Take a quick example. I searched for a very competitive term “houses”. The number one result was rightmove.co.uk. Rightmove even has an authorative listing for that term too – SEO wise there can’t be too many issues here. Running that site through the validator throws up 33 errors and 22 warnings. – see the result. These are mainly smaller syntax errors that quite rightly, the developers of that site have ignored. There are endless examples where sites a lot worse appear at the top of the SERPs, even though they fail to validate and sometimes, don’t follow web standards at all.

Continue reading