suggestion:
Revisit your use of include() and consider whether some of some of those calls should be require() instead.
Also consider that in several instances, require_once() and and include_once() are probably the preferable functions to call instead.
suggestion:
Please reconsider your user of "php short tags"
(because, on some webhosts, use of short tags is disabled)
suggestion:
It would be advisable to reference $_REQUEST objects rather than $GLOBALS
(nowadays, register_globals is disabled in many hosting environments)
(it represents a security, er, insecurity issue)
Speaking of security, stripslashes() on the input isn't sufficient.
Instead of reinventing the wheel, check out http ://code.google.com/p/htmlawed/
IMO the code would be more easily readible if it wasn't all double-spaced.
On the other hand, I would spend a few extra lines toward expanding conditionals.
Yeah, "by the book" it's okay to if(condition) dofunction(args);
but
if(condition) {
dofunction(args);
}
is more readible
Friday 14 May 2010 12:48:35
Marc
- I will think about your first suggestion but I don't think it's important.
- have you seen the first line of the .htaccess file? php_value short_open_tag On
- I use $GLOBALS by assigning values manually coming from $_GET or $_POST. WME works with register_globals OFF. Using global variables has nothing to do with using the register_global feature.
Besides, I'll have a look at http://code.google.com/p/htmlawed/
