Migrating away from register globals

If you are luckily enough to work in a Web 2.0 start up, you probably won’t have to deal with too much legacy code. But for the rest of us, we can often find ourselves working with code which can be even decades out of date.

One of the big issues in PHP has been the deprecation of register globals. Of course, this happened quite a long time ago, because the idea of register globals was just plain stupid, but recent versions of PHP (5.3 onwards), will now throw a deprecation error.

So, we need to find a way to turn register globals off.

The end solution is of course to refactor the code so it doesn’t use register globals at all. Anything short of this is going to be a security nightmare, it’s like a ticking time bomb sitting on your server. But until then, there is a way you can emulate it in your PHP code while you work to get rid of it, allowing you to turn the register global settings off.

All you need is something like this in your code.

foreach ($_REQUEST as $key => $val) {
	$$key = $val;
}

A simple hit counter in ASP

This tutorial will show you how to build a simple hit counter. It does not use any SQL or databases; it stores the hits in a text file.

Allou need to create for this script is your ASP file and a text file. In the text file, simply enter the number 0 and save it in the same directory as count.txt. Take a look at the basic source code.

<%@ Language="VBScript" %>
<% Response.Expires= -1
Response.AddHeader "Cache-Control", "no-cache"
Response.AddHeader "Pragma", "no-cache" %>
<%
if Session("ct") = "" then
fp = Server.MapPath("db\count.txt")
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)
ct = ct + 1
Session("ct") = ct
a.close
Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close
Set a = Nothing
Set fs = Nothing
else
ct = Clng(Session("ct"))
end if 
%>

Now lets break it down into three sections.

<%@ Language="VBScript" %>

This just states that the page is a VB script page.

<% Response.Expires= -1
Response.AddHeader "Cache-Control", "no-cache"
Response.AddHeader "Pragma", "no-cache" %>

This section stops the user refreshing the page to clock up hits.

<%
if Session("ct") = "" then
fp = Server.MapPath("count.txt")
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)
ct = ct + 1
Session("ct") = ct
a.close
Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close
Set a = Nothing
Set fs = Nothing
else
ct = Clng(Session("ct"))
end if 
%>

This is the main section which adds the hits.

fp = Server.MapPath("count.txt")

This tells the server where to find the file. You can modify the file location by changing count.txt. So for instance if you wanted to to be called hitcounter.txt and in the directory db you would use:

fp = Server.MapPath("db\hitcounter.txt")

All you have to do is alter the file path in the quote marks.

Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)

This section opens the file using FileSystemObject and reads the first line. It then sets the variable ct to the amount of hits it has already had.

ct = ct + 1

This line adds one hit to the total number of visitors.

Session("ct") = ct
a.close

This part saves a session variable as the new click through with the new amount of visitors and closes the text file.

Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close

This code creates a new text file over the old one and adds in the new amount of visitors to it. Then it closes the text file.

Now you have a working hit counter. All you need to do is add the hit counter into your page:

You are a visitor number <%=ct%>!

This would display the amount of visitors. Now to save confusion, here is the full source code for the page:

<%@ Language="VBScript" %>
<% Response.Expires= -1
Response.AddHeader "Cache-Control", "no-cache"
Response.AddHeader "Pragma", "no-cache" %>
<%
if Session("ct") = "" then
fp = Server.MapPath("db\count.txt")
Set fs = CreateObject("Scripting.FileSystemObject")
Set a = fs.OpenTextFile(fp)
ct = Clng(a.ReadLine)
ct = ct + 1
Session("ct") = ct
a.close
Set a = fs.CreateTextFile(fp, True)
a.WriteLine(ct)
a.Close
Set a = Nothing
Set fs = Nothing
else
ct = Clng(Session("ct"))
end if 
%>
<html>
<body>
You are a visitor number <%=ct%>!
</body>
</html>

A very, very short introduction to JavaScript

JavaScript allows you to adding programming functions to your web pages. Browsers will read the HTML and interpret the JavaScript. JavaScript can also produce dynamic effects using variables. JavaScript can also react to events, write HTML code and validate data.

The key parts of JavaScript are functions and events. Functions are mini scripts that can be executed by an event such as a timer or a user clicking on a link. Take a look at this basic script that brings up a gray dialog box saying ‘Yay! javaScript Rules!’

<script language="JavaScript">
<!--

function yay() {
alert('Yay! JavaScript rules!');
}

// -->
</script>

The java is in a standard script tag (which you will read about next) and also has comment tags around it. This hides the script from old browsers who don’t understand JavaScript.