Tag Archives: php

The 4 Most Used Programming Languages

The-4-Most-Used-programming-languages_ywf

Nowadays, software developers are in high demand. This makes good developers are hard to find, yet they have the luxury of choosing from more than one job offer. So, what makes a ‘good developer’? A good developer should at least know some of the following skills. If you wish to become a good web developer, make sure you have mastered below skills.

  1. C#

C# is designed to be relatively easy and straightforward which makes it incredibly popular among developers and employers alike. C# is primarily used to develop web, mobile and enterprise applications while supporting imperative, functional and object-oriented paradigms.

Above all, there are two reasons why C# developers are terribly needed. First, it is because of its flexibility and usability. Second, it is firstly developed by Microsoft to build apps on the Microsoft platform.  So, it surely will fit in most common Microsoft IT infrastructure, which many companies have set in their system.

  1. PHP

PHP is another popular option; it’s an open source, server-side scripting language. In fact, PHP have powered millions of websites across the world, including high-profile sites such as Facebook and Wikipedia. Moreover, PHP is a language that is so popular that is used extensively in WordPress.

Over the years, PHP’s popularity has increased and there are no signs that this demand will slow down. That is why many companies will offer high salary for getting a good PHP talent.

  1. Java

Java is one of the oldest language programs that are favorable among developers. Because it is relatively easy and versatile, Java has become an attractive proposition for corporations and developers. Besides, it has many users, many existing applications and such a vast ecosystem.

Furthermore, Java is a stable language which makes the job market shows sustained hunger for developers in this field.

  1. JavaScript

Another language program that has gained everlasting popularity is JavaScript. It’s a versatile, object-orientated programming language that is built into most major browsers, including Firefox and Safari. Even though, JavaScript has been around for years but it can manage to hold its own against the existence of so many new languages. In fact, many regard it as one of the need –to-know language to help further a career. With so many developers have acquired this language, you need to double your work to stand out from the crowd.

5 ways for Creating Better, Faster and More Optimized WordPress Websites

Creating better faster and more optimized wordpress websites

There are always new updates in WordPress, so that every developer should learn the latest optimization practices.  But, mostly seasoned developers focus on what they are good at. Then, neglect or don’t have time to learn the latest optimization practices. If you happen to be one among those kinds of web developers, you need to read the following tips. This article can help you create better, faster and more optimized WordPress sites.

  1. Switching Hosts Isn’t Always a Quick Fix

If you think that switching hosts will automatically fix certain problems, you may need to reconsider your opinion. In fact, you still experience some code issues or compatibility problems with specific plugins even though you have changed your host. A managed host will provide as much assistance as they can, but won’t debug an issue with a bad plugin or code for you. Therefore, you need a WordPress developer to dig into it and make a determination as to what the issue is. In fact, to solve these problems, many hosts provide third-party partners and developers.

  1. Don’t Try Editing Your Code

To avoid WordPress sites go down, you need to make sure that no one is editing a PHP file directly from the appearance editor in the dashboard. But, how? You can use the following code in your wp-config.php file, removing the edit_themes, edit_plugins, and edit_files capabilities for all users. This method will prevent users to hack away at the code and break the site.

define(‘DISALLOW_FILE_EDIT’, true);

Take this process one step further to update themes or install plugins and remove the functionality for clients to update. Place the following code in your wp-config.php file to restrict these capabilities.

define(‘DISALLOW_FILE_MODS’, true);

  1. Don’t Cut Corners on Your Themes and Plugins

WordPress might be the foundation of your site, but the themes and plugins are also important elements. Therefore, you need to choose your plugins carefully. Do a little research and look for its ratings and reviews beforehand.

Recent research even shows that nearly 50% of the plugins in the repository haven’t been updated in over 2 years. This makes these themes and plugins are easy to get infected with malware. Another thing to be on the lookout for is a bundled plugin that should be updated. This surely will cause a huge problem for WordPress users who buy things via online marketplace. On the other hand, this method will open a wide chance for hackers and site owners are extremely vulnerable.

  1. Watch Your Admin AJAX Calls

Inspect any plugins that may utilize AJAX, for instance, the WordPress Heartbeat API uses /wp-admin/admin-ajax.php to run AJAX calls from the web-browser. Mostly these kind of files occurs during  traffic spikes, CPU load, and can bring your site to a crawl.

If you find there are 3rd party plugins that utilize admin-ajax.php, make sure that everything runs in the correct way. Besides, you can figure out what plugins might be causing it by looking at the HTTP POST request action and quickly determine, based on its name. However, AJAX does load after the page loads.  So, this is not always a bad thing to see this in a speed test.

  1. Ensure PHP 7/HHVM Compatibility Before Jumping on Board

Nothing can beat PHP7 and HHVM when it comes to boosting WordPress performance. But, before you are tempted to use these programs, you need to make sure that your site is compatible with the program. This means before you are upgrading from PHP 5.6 to 7, you need to test all functionalities of your WordPress site in a staging environment or locally to ensure there aren’t any compatibility issues.

PHP Prepared Statements

Print

Somehow for web developers, doing a query can be more complicated if it should face a large amount of data since you may have to repeat the same query for several times. Therefore, if you would like to input a large amount of database into your query, you can try using prepared statements to optimize your query process and prevent hacker from corrupting your database through SQL injection method. Besides, in order to execute the same (or similar) SQL statement repeatedly with high efficiency, a prepared statement is the best feature for it which it basically works like this:

  1. Prepare: An SQL statement template is created and sent to the database. Certain values are left unspecified, called parameters (labeled “?”). Example: INSERT INTO MyGuests VALUES(?,?,?)
  2. The query optimization on the SQL statement template are parsed, compiled, and performed by the database which in the end the result will be stored without the need to execute it.
  3. Execute: In the future, the application binds the values to the parameters, and the database executes the statement. The application may execute the statement as many times as it wants with different values.

There are two main advantages that prepared statements can offer when it is compared to executing SQL statements directly:

  • This technique will be suitable if you wish to reduce parsing time since you only need to make the preparation on the query once.
  • As you need send only the parameters each time and not the whole query, bound parameters will minimize bandwidth to the server.
  • Because parameter values, which are transmitted later using a different protocol, need not be correctly escaped, prepared statements are very useful against SQL injections. Besides, SQL injection cannot occur if the original statements template is not derived from external input.

Prepared Statements in MySQLi

The following example uses prepared statements and bound parameters in MySQLi:

Example (MySQLi with Prepared Statements)

<?php
$servername = “localhost”;
$username = “username”;
$password = “password”;
$dbname = “myDB”;

// Create connection
$conn = new mysqli($servername, $username, $password, $dbname);

// Check connection
if ($conn->connect_error) {
die(“Connection failed: ” . $conn->connect_error);
}

// prepare and bind
$stmt = $conn->prepare(“INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)”);
$stmt->bind_param(“sss”, $firstname, $lastname, $email);

// set parameters and execute
$firstname = “John”

$lastname = “Doe”;
$email = “john@example.com”;
$stmt->execute();

$firstname = “Mary”;
$lastname = “Moe”;
$email = “mary@example.com”;
$stmt->execute();

$firstname = “Julie”;
$lastname = “Dooley”;
$email = “julie@example.com”;
$stmt->execute();

echo “New records created successfully”;

$stmt->close();
$conn->close();
?>

Code lines to explain from the example above:

“INSERT INTO MyGuests (firstname, lastname, email) VALUES (?, ?, ?)”

We insert a question mark (?) in our SQL where we want to substitute in an integer, string, double or blob value.

Then, have a look at the bind_param() function:

$stmt->bind_param(“sss”, $firstname, $lastname, $email);

This function binds the parameters to the SQL query and tells the database what the parameters are. The “sss” argument lists the types of data that the parameters are. The s character tells mysql that the parameter is a string.

The argument may be one of four types:

  • i-integer
  • d-double
  • s-string
  • b-BLOB

We must have one of these for each parameter. By telling mysql what type of data to expect, we minimize the risk of SQL injections.

Prepared Statements in PDO

The following example uses prepared statements and bound parameters in PDO:

Example (PDO with Prepared Statements)

<?php
$servername = “localhost”;
$username = “username”;
$password = “password”;
$dbname = “myDBPDO”;

try {
    $conn = new PDO(“mysql:host=$servername;dbname=$dbname”, $username, $password);
    // set the PDO error mode to exception
    $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 // prepare sql and bind parameters
    $stmt = $conn->prepare(“INSERT INTO MyGuests (firstname, lastname, email) 
    VALUES (:firstname, :lastname, :email)”);
    $stmt->bindParam(‘:firstname’, $firstname);
    $stmt->bindParam(‘:lastname’, $lastname);
    $stmt->bindParam(‘:email’, $email);

    // insert a row
    $firstname = “John”;
    $lastname = “Doe”;
    $email = “john@example.com”;
    $stmt->execute();

    // insert another row
    $firstname = “Mary”;
    $lastname = “Moe”;
    $email = “mary@example.com”;
    $stmt->execute();

// insert another row
    $firstname = “Julie”;
    $lastname = “Dooley”;
    $email = “julie@example.com”;
    $stmt->execute();

    echo “New records created successfully”;
    }
catch(PDOException $e)
    {
    echo “Error: ” . $e->getMessage();
    }
$conn = null;
?>