common.php

1. <?php
2.  
3. // These variables define the connection information for your MySQL database
4. $username = "root";
5. $password = "";
6. $host = "localhost";
7. $dbname = "website";
8.  
9. // UTF-8 is a character encoding scheme that allows you to conveniently store
10. // a wide varienty of special characters, like ¢ or €, in your database.
11. // By passing the following $options array to the database connection code we
12. // are telling the MySQL server that we want to communicate with it using UTF-8
13. // See Wikipedia for more information on UTF-8:
14. // http://en.wikipedia.org/wiki/UTF-8
15. $options = array(PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES utf8');
16.  
17. // A try/catch statement is a common method of error handling in object oriented code.
18. // First, PHP executes the code within the try block. If at any time it encounters an
19. // error while executing that code, it stops immediately and jumps down to the
20. // catch block. For more detailed information on exceptions and try/catch blocks:
21. // http://us2.php.net/manual/en/language.exceptions.php
22. try
23. {
24. // This statement opens a connection to your database using the PDO library
25. // PDO is designed to provide a flexible interface between PHP and many
26. // different types of database servers. For more information on PDO:
27. // http://us2.php.net/manual/en/class.pdo.php
28. $db = new PDO("mysql:host={$host};dbname={$dbname};charset=utf8", $username, $password, $options);
29. }
30. catch(PDOException $ex)
31. {
32. // If an error occurs while opening a connection to your database, it will
33. // be trapped here. The script will output an error and stop executing.
34. // Note: On a production website, you should not output $ex->getMessage().
35. // It may provide an attacker with helpful information about your code
36. // (like your database username and password).
37. die("Failed to connect to the database: " . $ex->getMessage());
38. }
39.  
40. // This statement configures PDO to throw an exception when it encounters
41. // an error. This allows us to use try/catch blocks to trap database errors.
42. $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
43.  
44. // This statement configures PDO to return database rows from your database using an associative
45. // array. This means the array will have string indexes, where the string value
46. // represents the name of the column in your database.
47. $db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC);
48.  
49. // This block of code is used to undo magic quotes. Magic quotes are a terrible
50. // feature that was removed from PHP as of PHP 5.4. However, older installations
51. // of PHP may still have magic quotes enabled and this code is necessary to
52. // prevent them from causing problems. For more information on magic quotes:
53. // http://php.net/manual/en/security.magicquotes.php
54. if(function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc())
55. {
56. function undo_magic_quotes_gpc(&$array)
57. {
58. foreach($array as &$value)
59. {
60. if(is_array($value))
61. {
62. undo_magic_quotes_gpc($value);
63. }
64. else
65. {
66. $value = stripslashes($value);
67. }
68. }
69. }
70.  
71. undo_magic_quotes_gpc($_POST);
72. undo_magic_quotes_gpc($_GET);
73. undo_magic_quotes_gpc($_COOKIE);
74. }
75.  
76. // This tells the web browser that your content is encoded using UTF-8
77. // and that it should submit content back to you using UTF-8
78. header('Content-Type: text/html; charset=utf-8');
79.  
80. // This initializes a session. Sessions are used to store information about
81. // a visitor from one web page visit to the next. Unlike a cookie, the information is
82. // stored on the server-side and cannot be modified by the visitor. However,
83. // note that in most cases sessions do still use cookies and require the visitor
84. // to have cookies enabled. For more information about sessions:
85. // http://us.php.net/manual/en/book.session.php
86. session_start();
87.  
88. // Note that it is a good practice to NOT end your PHP files with a closing PHP tag.
89. // This prevents trailing newlines on the file from being included in your output,
90. // which can cause problems with redirecting users.