Re: [WD]: Template strategy for website

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Matt Robinson wrote:

On 8 Aug 2011, at 22:56, Beth Lee wrote:

On Mon, Aug 8, 2011 at 9:51 AM, Matt Robinson <matt@xxxxxxxxxxx> wrote:

On 8 Aug 2011, at 16:33, Beth Lee wrote:

[bad code! go stand in the corner]

Sorry to run in with all guns blazing, essentially off-topic, but I can't
stress enough how much you should never, ever run the code you've just
written above.



Good points. And important.

[…]

Given that, would this be an improvement, or do you think more needs
to be done? It seems like belt-and-suspenders to have the htmlentities
statement there too.

<?php
if (in_array($_GET['page'], array('products', 'about', 'contact')))
	{
	include('pages/' . htmlentities($_GET['page'], ENT_QUOTES, 'UTF-8') . '.php');
	}
else
	{
	include('pages/frontpage.php');
	}
?>


The htmlentities() call is unnecessary (and wrong) because once you know it's
either "products", "about", or "contact", you also know it doesn't have any
entities, and in any case htmlentities() escapes HTML, not filenames. :)

One simpler approach is to make each page its own PHP file with its own URL
(e.g. http://example.com/products.php), and then use something like (shameless
self-promotion) https://github.com/inanimatt/kisskiss-light to wrap the
current page's content in a template. Then you're not taking user input to
derive a file to load, and you can wrap pages in a template just by doing a
require() at the top of each page.

But really, if you're serving flat content in a template you could avoid PHP
entirely and generate your pages offline (if they aren't dynamic) then upload.
For most basic sites, using PHP is wasteful and way over the top. :) It breaks
HTTP caching, and massively reduces the amount of load you can handle. If you
generate offline, you still have the advantage of being able to keep your
template and content separate, but you aren't pointlessly regenerating them
for each request when they probably only update at most a few times a day.


And you can use PHP offline to generate the static pages.

--
David
gnome@xxxxxxxxxxxxx
authenticity, honesty, community
_______________________________________________
Linux-audio-user mailing list
Linux-audio-user@xxxxxxxxxxxxxxxxxxxx
http://lists.linuxaudio.org/listinfo/linux-audio-user
[Index of Archives]     [Linux Sound]     [ALSA Users]     [Pulse Audio]     [ALSA Devel]     [Sox Users]     [Linux Media]     [Kernel]     [Photo Sharing]     [Gimp]     [Yosemite News]     [Linux Media]

  Powered by Linux