Forum

Notifications
Clear all

[Sticky] Tips for Modding Your Site

Tammy
(@tammy)
Member Moderator

Note: This was originally posted in the 2.0 Modding Forum.

1.  Don't start modding until you've got eFiction installed and confirmed that everything's working.

2.  Install one mod at a time.

3.  If the mod requires additions/modifications to the database, do those first.  This way when you get to modifying the .php files you won't get errors from the database when you follow the next piece of advice.

4.  Test each step along the way.  For example, if you need to modify the user.php and viewuser.php.  Don't start modifying viewuser.php until you're sure the changes to user.php are working. Likewise if there are six steps in modifying user.php, test for errors after each step.  Hit refresh and make sure the page still loads.  It's easier to find your mistake when you've only edited 5 lines than when you've edited 50. 

5.  Errors are our friends.  If you get an error look for the line number.  Most of the time that's where you'll find the error. (Ctrl-G will take you to that line in most programs)  If you can't find the error on that line, check the line directly above it.  If that doesn't work keep working upwards, the error will in almost every case be either on the line it says or above.

6.  Check for characters that should be paired and aren't: "", '', ( ), [ ], { }.  If you opened it, you must close it.

7.  If you get an error like:

Parse error: parse error, unexpected $end in PATH/TO/YOUR/FILE.php on line ###

You're most likely missing a closing } in your script somewhere.

8.  Make sure you escape nested " and ' characters by adding a in front of them.


$test = "Say "Hello World!"";

Wrong.


$test = "Say "Hello World!"";

Right.

9. Don't trust user input.  If information is being passed by $_GET, $_POST, $_COOKIE, $_SESSION (anything the user can touch) don't trust that it's safe.  Use the functions built into eFiction to make this information safe. 

If you're expecting a number use the "isNumber" function to check.


if(isset($_GET['mynumber']) && !isNumber($_GET['mynumber']) accessDenied();

If you're inserting text into the database use the "escapestring" function on the text before insertion.


$mystring = escapestring($mystring);

10.  If you can't find your error, comment out everything in that section and remove the commenting one line at a time until the error re-appears.  The error is on that line.  Take this example:


function(str) {
$bug = false;

$bug2 = "There's a bug on this line;

$bug3 = false;
}

Now comment out the section between the { and }


function(str) {
/* This is the start of the comment.
$bug = false;

$bug2 = "There's a bug on this line;

$bug3 = false;
This is the end of the comment */
}

Move the start of the comment down one line at a time until you find the line that causes the error.


function(str) {
$bug = false;
/* This is the start of the comment.

$bug2 = "There's a bug on this line;

$bug3 = false;
This is the end of the comment */
}

No error.  There's no error on the line beginning with $bug.


function(str) {
$bug = false;

$bug2 = "There's a bug on this line;
/* This is the start of the comment.

$bug3 = false;
This is the end of the comment */
}

The error re-appeared.  The error is on the line beginning with $bug2.

If you use this technique make sure your comments don't comment out the opening or closing { }, [ ], "", '', ( ) as that will give you different errors.  Using the same example as above:


function(str) {
/* This is the start of the comment.
$bug = false;

$bug2 = "There's a bug on this line;

$bug3 = false;
}
This is the end of the comment */

This would cause an error because the closing  } is inside the comment.

Quote
Topic starter Posted : 21/03/2007 5:05 am
Anonymous
 Anonymous
(@Anonymous)
Guest

Another very important tip:
Before modding a production site, test all modifications on a testing environment (local webserver or a separate eFic install on your webhost). If something goes wrong there, you always can begin with a fresh install and don't have to worry about damaged sql tables, restoring database backups and so on.
I'm using the XAMPP distribution by apachefriends, a pakage wich allows easy setup of an apache webserver with php and MySQL. Great for testing things locally before bringing them to public.

ReplyQuote
Posted : 27/04/2008 6:00 pm
Share: