Category Archives: PHP - Page 2

PHP 5.5 Password Hashing API

Most of the applications or websites today have a user registration system which requires storing usernames, passwords etc. A developer of the application should always store passwords securely and never in plain text. There are many methods to encrypt or hash passwords and store in the database but which method to use? The methods that are currently used are hashing password using algorithms like MD5(), SHA1(), BCRYPT.

MD5() and SHA1() methods are now considered weak. BCRYPT is currently considered the best algorithm to use for password hashing. However, correctly implementing it can be difficult (prior to PHP 5.5). In PHP 5.5 there is a new Password Hashing API which can be used very easily for hashing the passwords using BCRYPT algorithm.
Read more »

Encryption using PHP and OpenSSL

In this post we will see how to encrypt and decrypt data using PHP OpenSSL. We will be using asymmetric (public/private key) encryption. In this encryption a user generates a pair of public / private keys and gives the public key to anyone who wants to send the data. The sender of the data will encrypt the data using the public key of the receiver. The receiver will then unencrypt the received data using his own private key. The data encrypted using the public key can only be decrypted using the corresponding private key.
Read more »

Big forms and PHP max_input_vars

Recently I was working in WordPress to create a big menu, with over 75 links in it. When I created it and tried to save it got save only partially, few menu items at the end got truncated. I was not sure what happened. So then I tried to add 1 more link and it was not saving. Then I decided to check if there were any PHP errors. I found the following in the error logs:

PHP Warning: Unknown: Input variables exceeded 1000. To increase the limit change max_input_vars in php.ini. in Unknown on line 0, referer:

Then I found out that there is a PHP setting “max_input_vars” (available since PHP 5.3.9) which limits the number of variables that PHP will process. If this value is 1000 (default is 1000) PHP will process first 1000 variables and drop the remaining. This was the reason why some menu items were saved and some not.
Read more »

How to apply a function to every array element in PHP

I often come across situations in which I need to apply some function to every element of an array in PHP. For example, to sanitize the user input, function like htmlentities can be used. We can easily use this function on a single variable or a single dimension array by simply applying the function or doing a foreach loop respectively. However, to do that on a multi-dimensional array is not very easy using foreach loop. In this article I will discuss the various methods we can use to apply the htmlentities function to a single variable and different types of arrays. The methods that I will discuss can be used to apply any default PHP function or any user defined function to every element of an array.

Read more »

PHP double quotes vs single quotes

Strings in PHP can be specified in four different ways: single quoted, double quoted, heredoc syntax and (since PHP 5.3.0) nowdoc syntax, the first two of them being by far the most frequently used.

It is important to know the difference between using single quotes and double quotes. In this post we will see the difference between them and which should be used when.

Read more »