1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
  2. To combat forum spam, we are temporarily disabling the ability to create new accounts for the forums. Please feel free to open a support ticket through out client area with any support issues. You can also search the forums for answers to many questions.

Re-written code, works w/ security ON

Discussion in 'General Support' started by revoemag, Dec 11, 2003.

Thread Status:
Not open for further replies.
  1. revoemag

    revoemag New Member

    I have re-written various parts of the code and would like permission to either post it here or give a URL to the updated code.

    I have re-coded certain small parts to allow for register_globals to be OFF and short_open_tags to be OFF.

    Some changes include:
    * $PHP_SELF changed to $_SERVER['PHP_SELF']
    * variables properly initialized prior to use
    * If...else statements using undeclared variables re-written using the ternary ( ? : ) operator. IMHO, this allows for shorter, safer, and easier to understand portions of code.
    * All <? changed to <?php
    * "Command-line" variables initialized from $_GET global array.

    These are all small but significant changes. That should allow this code to work on most (if not all) configurations out-of-the-box.

    Perhaps v4.3 will have these features, but this should hold anyone over until then.

    Some thing I would like to see or add myself is the use of more functions. Certain portions of the code would be better served in a function.

  2. Brian

    Brian EPC Developer Staff Member

    Please see this post regarding the changes in Version 4.3:


    It will be released very soon and should address the globals problem that occurs with the more secure PHP installations.

    $PHP_SELF is no longer used in Version 4.3.

    Thanks for the suggestion about the <?php in lieu of <?. Although I haven't heard of anyone having a problem with this it would be best for everyone if it's included.

    I'll look into the suggestion about the if...else statements. I've never considered using that syntax before.

    What portions of the code would you make into functions?

    Again, thank you for your suggestions. I look forward to your response. :)
  3. revoemag

    revoemag New Member

    I made the following function (condensed from the event file read in)
     * @return void
     * @param unknown $filename
     * @desc Get events for current month from comma-delimited file
    function readEventFile($filename) {
       global $es;
       global $ee;
       global $eTitle;
       $es = "";
       $ee = "";
       $eTitle = "";
       if (file_exists($filename)) {
          $fp = fopen ($filename,"r");
          while ($datas = fgetcsv($fp, 1000, ",")) {
             $es .= "$datas[0]x";
             $ee .= @$datas[1] ? $datas[1] . "x" : $datas[0] . "x";
             $eTitle .= eregi_replace("\"", "''", @$datas[2]) . "||";
          fclose ($fp);
    } // end readEventFile() function
    This takes the file you want to process as an argument but sets the global variables $es, $ee, and $eTitle. Also shortens some lines. The same can be done with reading from the db. You would pass it $dbHost, $dbUserLogin, $dbPassword, $dbName instead of reading it from a file. That way the same code can be used for multiple db connections without having to include a different file for each connection.

    Also, I am re-writing the actual display code into a function. I have replaced all of the "echo" statements with "$calDisplay .= ". I can then return the $calDisplay function and "echo" it when I want. This gives me the ability to place the calendar anywhere on the page I like.

    The JavaScript code (for the pop-up event) I broke into a function and echo that in the head of my document. That way the script stays in the head and the calendar stays in the body.


    I condensed the following code:
          if (!$et[$start]) {$et[$start] = $eTitle[$i];}
       else {$et[$start] = ">> Multiple Events <<";}
          $et[$start] = @$et[$start] ? ">> Multiple Events <<" : $eTitle[$i];
    I think that this way is a little more understandable and much easier on the eyes.

    Please let me know if I can be of more assistance. I would not mind assisting with the development of the code either. I can help make it object-oriented if you'd like (as a 2nd project) so that people would have an option of using linear or OO.

    After looking for calendar code all over the net, this is some of the best that I've found.

Thread Status:
Not open for further replies.

Share This Page