PHP 5.6 default_charset change may break HTML output

An important note for everyone who’s upgrading from PHP 5.4 and PHP 5.5, to PHP 5.6: the PHP default_charset in php.ini changed from “empty” to UTF-8, making UTF-8 the default charset in PHP. This may break HTML output if you try to set a different charset in your HTML head. It may also break functions like htmlentities() and htmlspecialchars. For example:

Continue reading “PHP 5.6 default_charset change may break HTML output”

PHP, MySQL and IPv6: still slow

Years ago, I noticed that PHP connections to MySQL were significantly slower over IPV6 (where a hostname has an IPv6 address or AAAA record), when no MySQL service is listening on that address. The connection is refused, and PHP has to fallback to IPv4. The fallback takes a significant amount of time. Too much time if you’d asked me. Unfortunately this fallback to IPv4 is still slow today…

Continue reading “PHP, MySQL and IPv6: still slow”

Set PHP realpath_cache_size and tune PHP performance

The PHP setting realpath_cache_size sets the size of the realpath cache to be used by PHP. Increasing realpath_cache_size may greatly improve PHP performance, as PHP states: this value should be increased on systems where PHP opens many files. Setting a correct value for PHP realpath_cache_size can greatly improve PHP performance and optimize WordPress – and other CMS’s – websites.

Continue reading “Set PHP realpath_cache_size and tune PHP performance”

Set or remove the read-only attribute assigned to files with PHP chmod

Chmod.php, change file attributes with PHP, to make files read only or normally accessible on Windows IIS servers. Sometimes you need chmod to make files read only on your website, or make them normally accessible in case they already are read only. For instance Drupal’s settings.php configuration file, or WordPress Contact Form 7 temporary captcha files, are examples of read-only files.

Continue reading “Set or remove the read-only attribute assigned to files with PHP chmod”

Validate MIME types with PHP Fileinfo

PHP file upload security: How to validate MIME types in PHP. It is important to validate the MIME type of files in your web application. Especially MIME types of files uploaded by an upload form on your website. With PHP, the best way to validate MIME types is with the PHP extension Fileinfo. Any other method might not be as good or secure, and unfortunately those other methods are still wildly used…

Continue reading “Validate MIME types with PHP Fileinfo”

Optimize all MySQL tables with PHP/MySQLi multi_query

The PHP MySQLi extension supports multiple queries, which are concatenated by a semicolon, with mysqli->multi_query. We use this to optimize all MySQL tables, in a single multi-query statement. Neat! Optimizing MySQL tables is important to keep tables small and fast. This boosts MySQL, PHP and website performance and we all love that, don’t we? :)

Continue reading “Optimize all MySQL tables with PHP/MySQLi multi_query”

Don’t turn off CURLOPT_SSL_VERIFYPEER, fix your PHP configuration

An often heard solution to PHP cURL errors with SSL is to turn off CURLOPT_SSL_VERIFYPEER. Please don’t turn off CURLOPT_SSL_VERIFYPEER, but fix your PHP config instead. This article provides you with two solutions to solve CA certificate validation errors with PHP cURL and OpenSSL. For system administrators and end-users.

Continue reading “Don’t turn off CURLOPT_SSL_VERIFYPEER, fix your PHP configuration”

Connect to MS SQL Server with PHP 5.3+

Connect to an SQL Server database with PHP 5.3+ using the SQLSRV API and sqlsrv_connect. As of PHP 5.3.2 you have to use the SQLSRV API functions to connect to an MS SQL Server database from PHP. For example, use sqlsrv_connect() to create a connection resource and open a connection. The main difference with the older mssql functions of PHP is that SQLSRV requires an Array() with connection information, instead of strings.

Continue reading “Connect to MS SQL Server with PHP 5.3+”

PHP declareren van variabelen

PHP input validation, voorkomt PHP notices zoals undefined index: help in … Het vooraf declareren van variabelen in PHP is belangrijk. Je voorkomt hiermee notices en warnings over niet-ge├»nitialiseerde variabelen: lelijke meldingen waar je jouw websitebezoekers niet mee wilt lastigvallen. Door vooraf variabelen te declareren in PHP functioneert jouw PHP-website en applicatie ook beter, omdat variabelen waarmee wordt gewerkt al aanwezig zijn.

Continue reading “PHP declareren van variabelen”