News:

The anti-spam plugins have stopped being effective. Registration is back to requiring approval. After registering, you must ALSO email me with your username, so that I can manually approve your account.

Main Menu

Is this safe/useful?

Started by Omega0, August 28, 2006, 07:44:29 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Omega0

Given the size of the database I'm using, it can take PHP a little bit of time to build the page.  I thought of this method: Check the timestamps on the database & parsed.html, if the database is more recent create a new parsed.html with the guts to the table.  Then dump parsed.html into the table.


$fmtime1 = filemtime( "../../parsed.html" );
$fmtime2 = filemtime( "../../database.db" );

if( $fmtime1 < $fmtime2 )
{
$fh = fopen( "../../parsed.html", "w" );
$db = sqlite_open('../../database.db');
$sql = "SELECT * FROM database";
$res = sqlite_query( $db, $sql );
while( $row = sqlite_fetch_array( $res ) )
{
$line = "
" . $row['col1'] . "" . $row['col2'] . "";
fwrite( $fh, $line );
}
fclose($fh);
}
include( "../../parsed.html" );
?>
First, I've never used the PHP fopen/fclose routines before, so are there any special hazards to watch?

Secondly, is the difference between reading a file and reading a database enough to make this worth using?

Xepher

Looks safe, in that you're not taking ANY user input, or undeclared variables. That's where most cross-site-scripting hacks come in. As for efficency, I'd say it'd probably a bit better on the whole, if you don't update the DB much. Obviously, when there IS an update, you're reading everything twice. But on the whole, it probably helps. Only way to tell is to try it out. Check out http://us3.php.net/manual/tw/function.microtime.php for info on timing execution.

Omega0

Gratia.

It looks like there's a pretty good difference, I'm getting 3/1000 sec. for the include() and about ten times that for the db query, with only a small difference between writing the new file & the straight query.  I have a semi-legit excuse to screw around with something that's already works, not a bad way to start the week.