|
Thread Rules
1. This is not a "do my homework for me" thread. If you have specific questions, ask, but don't post an assignment or homework problem and expect an exact solution.
2. No recruiting for your cockamamie projects (you won't replace facebook with 3 dudes you found on the internet and $20)
3. If you can't articulate why a language is bad, don't start slinging shit about it. Just remember that nothing is worse than making CSS IE6 compatible.
4. Use [code] tags to format code blocks. |
On December 11 2012 08:18 3FFA wrote:
Thank you so much guys! This was amazingly helpful to me. :D
edit especially Mr.Fish above! You made me realize I forgot to check that the user wasn't stupid >.>;; while teaching a few things!
Stupid proofing interfaces and input is something you'll spend a lifetime doing.
|
On December 10 2012 09:19 Poopi wrote:Hey guys. So I just finished a project (well there is this problem so it's not literally finished) in PHP with some mySQL. However I had a problem with a basic search bar. It won't matter since I already sent my project, with the problem, because of the deadline, but my curiosity wants to know what was the solution for this problem. I could not really find the right key words on google so here I ask you if you can help me. So I want the request to search in a precised table the word typed, but I want it to only show the results from this table associated with the current userid. Here is my request showing it but for every id : SELECT * FROM products WHERE name LIKE '%$search%' ORDER BY name (not sure about the syntax Im on mobile don't have access to the files). I would like something like that instead : SELECT * FROM products WHERE fournid='$fournid' AND name LIKE etc $search the $_post of the searchbar and $fournid the $_cookie['userid'] of the current user. Problem this request won't work and I know it but I don't know how I'm supposed to do it. Any ideas? Thanks in advance.
On December 11 2012 01:04 FFGenerations wrote:does this help?
SqlCommand sqlCom = new SqlCommand("UPDATE StudentInfo SET StudentFirstName ='" + takeStudentFirstName + "', StudentSurname ='" + takeStudentSurname + "', CourseID ='" + takeCourseID + "'WHERE StudentID = " + combospStudentID.Text, dbconn);
do shit WHERE studentID = (name of your combo box.Text) my whole page + Show Spoiler +
using System;
using System.Collections.Generic;
using System.ComponentModel; // *****************************
using System.Data; //
using System.Drawing; //
using System.Linq; // *****************************
using System.Text;
using System.Windows.Forms;
using System.Data.SqlClient; // We're going to be using sqlclient library
namespace WindowsFormsApplication1
{
public partial class StudentPage : Form // Here's our StudentPage form
{
private string connectionString = "user id=TestUser;password=password;server=PERCY-PC\\SQLEXPRESS;Trusted_Connection=yes;database=Enrolment";
// Here we give our database connection info, including path, title; in this case we've called the database "Enrolment"
public StudentPage()
{
InitializeComponent();
combospStudentID.Items.Clear(); // Make sure our combo box is clear
SqlConnection dbconn = new SqlConnection(connectionString); // Create the database connection using our (connectionString)
try
{
dbconn.Open(); // Open the connection
}
catch // If the above fails, show this error message..
{
MessageBox.Show("Connection to database failed. Please check and try again.");
}
SqlDataAdapter sqlAdapt = new SqlDataAdapter("SELECT * FROM StudentInfo", dbconn);
// Query the database. We are wanting to fill our combobox with StudentIDs, so we retrieve all from the database...
DataTable dt = new DataTable();
sqlAdapt.Fill(dt); // ...and put this data into a temp datatable.
foreach (DataRow dr in dt.Rows) // We can now fill our combobox with StudentIDs (do it for each row in the datatable until exhausted).
{
combospStudentID.Items.Add(dr["StudentID"] ;
}
dbconn.Close(); // Close the database connection now it is no longer needed.
}
private void button2_Click(object sender, EventArgs e)
{
this.Close();
AddStudent ac = new AddStudent(); // This button closes the current page and takes us on to Add Student page.
ac.ShowDialog();
}
private void button1_Click(object sender, EventArgs e)
{
this.Close(); // This is our "back" button which will get us back to the Welcome page menu.
}
private void spcomboStudentID_SelectedIndexChanged(object sender, EventArgs e)
// This is going to be what happens when we select an item in the StudentID combo that we filled earlier
{
SqlConnection dbconn = new SqlConnection(connectionString); // Get ready with a new connection
try
{
dbconn.Open(); // Open the connection
}
catch
{
MessageBox.Show("Connection to database failed. Please check and try again."); // Just incase!
}
SqlDataAdapter sqlAdapt = new SqlDataAdapter("SELECT * FROM StudentInfo WHERE StudentID = '" + combospStudentID.Text + "'", dbconn);
// Here we retrieve everything in a row from StudentInfo table where that row's StudentID is equal to the StudentID we
// selected in our combo box!
DataTable dt = new DataTable();
sqlAdapt.Fill(dt); // Stick it in a datatable
foreach (DataRow row in dt.Rows) // And now use it to fill our textboxes, outputting the relevant Firstname, Surname
{
txtspFirstName.Text = row["StudentFirstName"].ToString();
txtspSurname.Text = row["StudentSurname"].ToString();
}
SqlDataAdapter sqlAdapt2 = new SqlDataAdapter("SELECT * FROM StudentInfo INNER JOIN CourseInfo ON StudentInfo.CourseID=CourseInfo.CourseID WHERE StudentID = '" + combospStudentID.Text + "'", dbconn);
// We're not finished yet. We're outputting a Firstname & Surname alongside the associated StudentID..
// But we also want to output a CourseName & CourseID that are associated with our selected student's CourseID.
// We join the StudentInfo table to the CourseInfo table, and the CourseIDs on these match up together, allowing us to retrieve..
DataTable dt2 = new DataTable();
sqlAdapt2.Fill(dt2); // ...fill a datatable...
foreach (DataRow dr2 in dt2.Rows)
{
txtspCourse.Text = dr2["CourseName"].ToString(); // ...and output the relevant values to our GUI textboxes.
txtCourseIDgo.Text = dr2["CourseID"].ToString();
}
dbconn.Close(); // Close the connection. Take a deep breath.
}
private void button4_Click(object sender, EventArgs e) // This is surely our delete button.
{
SqlConnection dbconn = new SqlConnection(connectionString);
try
{
dbconn.Open();
}
catch
{
MessageBox.Show("Connection to database failed. Please check and try again.");
}
SqlCommand sqlCom = new SqlCommand("DELETE FROM StudentInfo WHERE StudentID = " + combospStudentID.Text, dbconn);
// Here we have connected to the database, and are now requesting a deletion from StudentInfo where StudentID is equal
// to the Student ID we have selected in our combo box.
try
{
sqlCom.ExecuteNonQuery();
}
catch // Our code doesn't know what to delete if we don't have a Student ID selected in the combo box (ie if nothing is selected)..
// ..so to avoid any problems we provide an informative error message if the ExecuteNonQuery() fails.
{
MessageBox.Show("Please select a Student ID to delete a student.");
}
dbconn.Close();
this.Close(); // Close the window after the deletion. Necessary to update the form's values, otherwise the changes won't
// be apparent to the user.
}
private void btnspUpdate_Click(object sender, EventArgs e) // Our update button.
{
string takeStudentFirstName = txtspFirstName.Text; // We are going to take whatever values the user inputs into these
string takeStudentSurname = txtspSurname.Text; // textboxes and then submit them for update!
string takeStudentCourse = txtspCourse.Text;
string takeCourseID = txtCourseIDgo.Text;
SqlConnection dbconn = new SqlConnection(connectionString); // Prepare and open connection.
try
{
dbconn.Open();
}
catch
{
MessageBox.Show("Connection to database failed. Please check and try again.");
}
try
{
SqlCommand sqlCom = new SqlCommand("UPDATE StudentInfo SET StudentFirstName ='" + takeStudentFirstName + "', StudentSurname ='" + takeStudentSurname + "', CourseID ='" + takeCourseID + "'WHERE StudentID = " + combospStudentID.Text, dbconn);
sqlCom.ExecuteNonQuery();
// A simple update. Replaces the database values in a row relevant to our selected Student ID. Notice that we don't want
// the user editing/updating CourseName because they could write any old thing in there! CourseName is explicitly linked to
// CourseID and we only want someone to change a Course Name when they go to the appropriate Course Details page. This prevents
// the user from thinking that in order to change the course of a student he can just edit in any old thing on the Student Page
// without adhearing to any formatting standards or realising that an associated Course ID is required for database function.
}
catch
{
MessageBox.Show("Please check your input. Course ID must be a valid Course ID. Refer to Course Page for more information.");
} // Damn right you will check your input.
dbconn.Close();
}
}
}
Just to add, never write SQL like this if you are dealing with user-provided input. ALWAYS use parameters, do not put the values directly to the dynamically created SQL.
|
As others have mentioned, don't use string concatenation for SQL queries.
Since 5.1, PHP finally has a decent database library included per default, so use PDO instead of the mysql_* functions whenever you can.
Proper code would be:
$dbh = new PDO(...); // initialize Database
$query = "
SELECT *
FROM products
WHERE fournid = :fournid
AND name LIKE :name
";
$sth = $dbh->prepare($query);
// values are automatically escaped and all
// you don't need any quotes, mysql_real_escape_string or such stuff
$sth->execute(array(
":fournid" => $fournid,
":name" => "%".$name."%"
));
Most other modern languages have the same system in their default libraries. Another advantage is that for repeat queries, it can be a lot faster since you only need one prepare and then can follow it with multiple executes with different values.
|
On December 11 2012 11:02 Morfildur wrote:As others have mentioned, don't use string concatenation for SQL queries. Since 5.1, PHP finally has a decent database library included per default, so use PDO instead of the mysql_* functions whenever you can. Proper code would be: $dbh = new PDO(...); // initialize Database
$query = "
SELECT *
FROM products
WHERE fournid = :fournid
AND name LIKE :name
";
$sth = $dbh->prepare($query);
// values are automatically escaped and all
// you don't need any quotes, mysql_real_escape_string or such stuff
$sth->execute(array(
":fournid" => $fournid,
":name" => "%".$name."%"
)); Most other modern languages have the same system in their default libraries. Another advantage is that for repeat queries, it can be a lot faster since you only need one prepare and then can follow it with multiple executes with different values.
![[image loading]](http://imgs.xkcd.com/comics/exploits_of_a_mom.png)
It can't be stressed enough how important this is. Especially if you're putting this on the web (as it's PHP I assume you are), aside from providing good comedic material for xkcd, poking about for SQL injection is a standard basic attack method used by hackers. Depending on your SQL server and security configuration you could be handing over your entire network.
Here's one of many explanations of the process.
http://www.unixwiz.net/techtips/sql-injection.html
Manual sanitising of inputs is generally a waste of code unless its providing some kind of secondary validation. Definitely get into the habit of Parameterising your queries however innocuous.
|
On December 11 2012 11:25 mostevil wrote:Show nested quote +On December 11 2012 11:02 Morfildur wrote:As others have mentioned, don't use string concatenation for SQL queries. Since 5.1, PHP finally has a decent database library included per default, so use PDO instead of the mysql_* functions whenever you can. Proper code would be: $dbh = new PDO(...); // initialize Database
$query = "
SELECT *
FROM products
WHERE fournid = :fournid
AND name LIKE :name
";
$sth = $dbh->prepare($query);
// values are automatically escaped and all
// you don't need any quotes, mysql_real_escape_string or such stuff
$sth->execute(array(
":fournid" => $fournid,
":name" => "%".$name."%"
)); Most other modern languages have the same system in their default libraries. Another advantage is that for repeat queries, it can be a lot faster since you only need one prepare and then can follow it with multiple executes with different values. It can't be stressed enough how important this is. Especially if you're putting this on the web (as it's PHP I assume you are), aside from providing good comedic material for xkcd, poking about for SQL injection is a standard basic attack method used by hackers. Depending on your SQL server and security configuration you could be handing over your entire network. Here's one of many explanations of the process. http://www.unixwiz.net/techtips/sql-injection.htmlManual sanitising of inputs is generally a waste of code unless its providing some kind of secondary validation. Definitely get into the habit of Parameterising your queries however innocuous.
Just a little history of my experience with SQL injection:
I remember 3 companies ago i pointed out the second day i worked there that his login script had a mysql injection vulnerability that allowed anyone to log in as any user. I still made it 1.5 years there eventhough he disliked me from that day on 
Then, a company later, i was installing an open source shop system for a customer and had to make some modifications on the source code... and found 2 holes in the first file i opened. I tested them and they were easily exploitable in default configuration.
Last company, i found so many holes in all of the applications that i fought a year to make people use prepared statements and when i left 3 years after, there were still enough exploits that i could delete their whole database now with a single website call without ever having to log in to anything.
SQL Injection vulnerabilities are so common that i really, really can't emphasise enough how bad string concatenation is for SQL. Don't develop that habit, use prepared statements even in small applications since it's not that much more code and if you use them consistently, you don't accidently do it wrong for stuff where it might bite you because it WILL bite you.
|
On December 11 2012 12:52 Morfildur wrote:Show nested quote +On December 11 2012 11:25 mostevil wrote:On December 11 2012 11:02 Morfildur wrote:As others have mentioned, don't use string concatenation for SQL queries. Since 5.1, PHP finally has a decent database library included per default, so use PDO instead of the mysql_* functions whenever you can. Proper code would be: $dbh = new PDO(...); // initialize Database
$query = "
SELECT *
FROM products
WHERE fournid = :fournid
AND name LIKE :name
";
$sth = $dbh->prepare($query);
// values are automatically escaped and all
// you don't need any quotes, mysql_real_escape_string or such stuff
$sth->execute(array(
":fournid" => $fournid,
":name" => "%".$name."%"
)); Most other modern languages have the same system in their default libraries. Another advantage is that for repeat queries, it can be a lot faster since you only need one prepare and then can follow it with multiple executes with different values. It can't be stressed enough how important this is. Especially if you're putting this on the web (as it's PHP I assume you are), aside from providing good comedic material for xkcd, poking about for SQL injection is a standard basic attack method used by hackers. Depending on your SQL server and security configuration you could be handing over your entire network. Here's one of many explanations of the process. http://www.unixwiz.net/techtips/sql-injection.htmlManual sanitising of inputs is generally a waste of code unless its providing some kind of secondary validation. Definitely get into the habit of Parameterising your queries however innocuous. Just a little history of my experience with SQL injection: I remember 3 companies ago i pointed out the second day i worked there that his login script had a mysql injection vulnerability that allowed anyone to log in as any user. I still made it 1.5 years there eventhough he disliked me from that day on Then, a company later, i was installing an open source shop system for a customer and had to make some modifications on the source code... and found 2 holes in the first file i opened. I tested them and they were easily exploitable in default configuration. Last company, i found so many holes in all of the applications that i fought a year to make people use prepared statements and when i left 3 years after, there were still enough exploits that i could delete their whole database now with a single website call without ever having to log in to anything. SQL Injection vulnerabilities are so common that i really, really can't emphasise enough how bad string concatenation is for SQL. Don't develop that habit, use prepared statements even in small applications since it's not that much more code and if you use them consistently, you don't accidently do it wrong for stuff where it might bite you because it WILL bite you.
I had a good fortune of my first job being in a bank working on a rather big app with good team and it instilled a lot of good habits into my coding. And while we are at SQL stories. We were working there with Oracle and it still had a lot of optimization hints in it. One guy was looking at the SQLs (stored procedures as dynamic SQL was forbidden) and saw a lot of comments that made little sense, so he deleted them DBAs were not happy when databases completely died. Only dev and testing DB, but still a lot of fun He was being teased few years after that.
|
France12904 Posts
Thanks for the info guys. I will definitively use it if I ever put something on the internet using PHP/MySQL, however I forgot to precise that it was a school project which I send in .zip and will be tested in local. Thus protecting properly isn't really necessary since well, the only person who will see this will have access to every file anyways.
However we were told about security, but only about mysql_real_escape_string so I did use it even though in this case it's pointless we had to do this at least.
By the way for these type of SQL injects, the "malicious" user (lol) has to know or guess your table names, hasn't he?
|
On December 11 2012 17:56 Poopi wrote:
Thanks for the info guys. I will definitively use it if I ever put something on the internet using PHP/MySQL, however I forgot to precise that it was a school project which I send in .zip and will be tested in local. Thus protecting properly isn't really necessary since well, the only person who will see this will have access to every file anyways.
However we were told about security, but only about mysql_real_escape_string so I did use it even though in this case it's pointless we had to do this at least.
By the way for these type of SQL injects, the "malicious" user (lol) has to know or guess your table names, hasn't he?
Are you using MySQL? Try running the query SELECT * FROM information_schema.TABLES;
|
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
|
On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML 5 offers better error handling (Corporations used to have to reverse engineer through HTML 4 code, that's not as much of an issue any more), better defined semantics (Basically means your code becomes a lot more organized), and also has lots of small little added features that allow for a more dynamic feel to your website rather than having to use little third party programs to do so.
I am not a professional with HTML, but I have done a course for it at university, and personally I find HTML4 elements to be easier to understand than HTML 5. So for a learning platform, I would learn HTML 4 elements first, and if you like what you see, you can make the jump to HTML 5 with ease if you have a solid understanding of HTML 4.
If you want more information then don't be afraid to ask.
|
On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML5 and HTML is the same thing. HTML5 is just the most recent version of HTML, what you mean is probably HTML4 which is old. The differences are usually pretty minor, HTML5 just have some extra tags to work with. Obviously, there are huge differences in the background though.
You should definitely learn HTML5, everything else is outdated, including XHTML.
|
On December 11 2012 18:45 Tobberoth wrote:Show nested quote +On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML5 and HTML is the same thing. HTML5 is just the most recent version of HTML, what you mean is probably HTML4 which is old. The differences are usually pretty minor, HTML5 just have some extra tags to work with. Obviously, there are huge differences in the background though. You should definitely learn HTML5, everything else is outdated, including XHTML.
This. 100%.
lonelyPotato, please don't give advice about things you don't understand.
HTML5 does include some features/tags that aren't currently well supported in all browsers, but these are mostly extravagant things. For basic tags, all modern browsers will support them just fine. If you do get into learning about the more advanced stuff, this site: http://caniuse.com/ is really useful for figuring out which browsers support what.
|
On December 11 2012 18:50 tec27 wrote:Show nested quote +On December 11 2012 18:45 Tobberoth wrote:On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML5 and HTML is the same thing. HTML5 is just the most recent version of HTML, what you mean is probably HTML4 which is old. The differences are usually pretty minor, HTML5 just have some extra tags to work with. Obviously, there are huge differences in the background though. You should definitely learn HTML5, everything else is outdated, including XHTML. This. 100%. lonelyPotato, please don't give advice about things you don't understand. HTML5 does include some features/tags that aren't currently well supported in all browsers, but these are mostly extravagant things. For basic tags, all modern browsers will support them just fine. If you do get into learning about the more advanced stuff, this site: http://caniuse.com/ is really useful for figuring out which browsers support what.
I don't really know what I said wrong?
|
HTML5 is HTML, it's just the newest specification of the language. HTML5 is basically backwards compatible to earlier specifications, but it adds new features that are not supported in all current browsers. So you should learn HTML, including the features specified by the HTML5 standard, but whenever you use a feature you've never used before, you should look to see which browsers support that feature, and ask yourself whether it's acceptable to you to exclude that browser from your audience (or at least that people using that browser will see an uglier or less feature-rich version of your page).
If you're just starting to play around, though, you're probably still at the level of learning how to style a basic page layout. All of the basic tags like <div>, <span>, <p> and such work exactly the same in HTML5 as in earlier standards, so you can follow any tutorial and not worry about it.
I will give you one hint that I give to every new programmer who starts in my team: Never ever ever use <table> elements for page layout. If you literally have data that you want to display tabulated, that's the appropriate use of a <table>, but if you're trying to make a grid-shaped page layout, you are always better off using <div>s and styling them appropriately.
|
On December 11 2012 18:53 lonelyPotato wrote:Show nested quote +On December 11 2012 18:50 tec27 wrote:On December 11 2012 18:45 Tobberoth wrote:On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML5 and HTML is the same thing. HTML5 is just the most recent version of HTML, what you mean is probably HTML4 which is old. The differences are usually pretty minor, HTML5 just have some extra tags to work with. Obviously, there are huge differences in the background though. You should definitely learn HTML5, everything else is outdated, including XHTML. This. 100%. lonelyPotato, please don't give advice about things you don't understand. HTML5 does include some features/tags that aren't currently well supported in all browsers, but these are mostly extravagant things. For basic tags, all modern browsers will support them just fine. If you do get into learning about the more advanced stuff, this site: http://caniuse.com/ is really useful for figuring out which browsers support what. I don't really know what I said wrong?
Basically, recommending someone to learn HTML4 over HTML5 is like telling someone who wants to learn photoshop that it's better to learn it using Photoshop CS3 over using CS5. It really makes no sense why you would want to learn using an old outdated version of something. It's not like HTML5 is more complicated, anything written in HTML4 can be rewritten to HTML5 and will look better in the process, such as the new Doctype etc.
|
On December 11 2012 18:43 lonelyPotato wrote:Show nested quote +On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML 5 offers better error handling (Corporations used to have to reverse engineer through HTML 4 code, that's not as much of an issue any more), better defined semantics (Basically means your code becomes a lot more organized), and also has lots of small little added features that allow for a more dynamic feel to your website rather than having to use little third party programs to do so. I am not a professional with HTML, but I have done a course for it at university, and personally I find HTML4 easier to use than HTML 5. So for a learning platform, I would learn HTML 4 first, and if you like what you see, you can make the jump to HTML 5 with ease if you have a solid understanding of HTML 4. If you want more information then don't be afraid to ask.
Almost nothing you said in this post is accurate or useful.
|
On December 11 2012 18:55 Tobberoth wrote:Show nested quote +On December 11 2012 18:53 lonelyPotato wrote:On December 11 2012 18:50 tec27 wrote:On December 11 2012 18:45 Tobberoth wrote:On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML5 and HTML is the same thing. HTML5 is just the most recent version of HTML, what you mean is probably HTML4 which is old. The differences are usually pretty minor, HTML5 just have some extra tags to work with. Obviously, there are huge differences in the background though. You should definitely learn HTML5, everything else is outdated, including XHTML. This. 100%. lonelyPotato, please don't give advice about things you don't understand. HTML5 does include some features/tags that aren't currently well supported in all browsers, but these are mostly extravagant things. For basic tags, all modern browsers will support them just fine. If you do get into learning about the more advanced stuff, this site: http://caniuse.com/ is really useful for figuring out which browsers support what. I don't really know what I said wrong? Basically, recommending someone to learn HTML4 over HTML5 is like telling someone who wants to learn photoshop that it's better to learn it using Photoshop CS3 over using CS5. It really makes no sense why you would want to learn using an old outdated version of something. It's not like HTML5 is more complicated, anything written in HTML4 can be rewritten to HTML5 and will look better in the process, such as the new Doctype etc.
True, you didn't have to say I didn't know what I was talking about though. I stated the difference between the languages and what I found different.
Honestly, HTML 4 elements were for me easier to use, and if you want to get a solid understanding of Web based programming you should have a solid understanding of both of the versions elements, especially since so many people still are using HTML 4.
|
On December 11 2012 18:56 AmericanUmlaut wrote:Show nested quote +On December 11 2012 18:43 lonelyPotato wrote:On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML 5 offers better error handling (Corporations used to have to reverse engineer through HTML 4 code, that's not as much of an issue any more), better defined semantics (Basically means your code becomes a lot more organized), and also has lots of small little added features that allow for a more dynamic feel to your website rather than having to use little third party programs to do so. I am not a professional with HTML, but I have done a course for it at university, and personally I find HTML4 easier to use than HTML 5. So for a learning platform, I would learn HTML 4 first, and if you like what you see, you can make the jump to HTML 5 with ease if you have a solid understanding of HTML 4. If you want more information then don't be afraid to ask. Almost nothing you said in this post is accurate or useful.
Wait are you serious! HTML doesn't offer better defined semantics? Are you really saying that is wrong?
Are you saying that HTML 4 Wasn't retardedly hard to reverse engineer relative to that of HTML 5?
Are you saying that HTML 5 doesn't offer a more dynamic feel without having to access third party programs as much?
How is any of what I said wrong?
User was warned for this post
|
On December 11 2012 18:58 lonelyPotato wrote:Show nested quote +On December 11 2012 18:55 Tobberoth wrote:On December 11 2012 18:53 lonelyPotato wrote:On December 11 2012 18:50 tec27 wrote:On December 11 2012 18:45 Tobberoth wrote:On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML5 and HTML is the same thing. HTML5 is just the most recent version of HTML, what you mean is probably HTML4 which is old. The differences are usually pretty minor, HTML5 just have some extra tags to work with. Obviously, there are huge differences in the background though. You should definitely learn HTML5, everything else is outdated, including XHTML. This. 100%. lonelyPotato, please don't give advice about things you don't understand. HTML5 does include some features/tags that aren't currently well supported in all browsers, but these are mostly extravagant things. For basic tags, all modern browsers will support them just fine. If you do get into learning about the more advanced stuff, this site: http://caniuse.com/ is really useful for figuring out which browsers support what. I don't really know what I said wrong? Basically, recommending someone to learn HTML4 over HTML5 is like telling someone who wants to learn photoshop that it's better to learn it using Photoshop CS3 over using CS5. It really makes no sense why you would want to learn using an old outdated version of something. It's not like HTML5 is more complicated, anything written in HTML4 can be rewritten to HTML5 and will look better in the process, such as the new Doctype etc. True, you didn't have to say I didn't know what I was talking about though. I stated the difference between the languages and what I found different. Honestly, HTML 4 elements were for me easier to use, and if you want to get a solid understanding of Web based programming you should have a solid understanding of both of the versions elements, especially since so many people still are using HTML 4.
I never said you didn't know what you were talking about, I agree with the person saying you gave bad advice though. I don't see how HTML4 elements can be easier to use, HTML5 uses the exact same elements, the only difference is that you can add in extra elements if you want, such as <section>, <header> and <footer>. If you have any idea how tags work, which you should obviously learn if you learn HTML, you realize that that these tags, all tags, are extremely simple. Outside of CSS usage, it's just basic semantics. "I want my email in the footer of the website, maybe I should add it in a <footer> element at the bottom so I can later style it". Perfect. You can put it in a div in HTML4 for the same reason if you find that simpler for some reason, but nothing stops you from doing that in HTML5 if the <footer> tag scares you.
As for a lot of people using HTML4, that's true. A lot of people still use outdated versions of Internet Explorer. Just because other people are dumb and ignorant doesn't mean it's a good idea to go that route yourself.
|
On December 11 2012 19:00 lonelyPotato wrote:Show nested quote +On December 11 2012 18:56 AmericanUmlaut wrote:On December 11 2012 18:43 lonelyPotato wrote:On December 11 2012 18:31 Coal wrote:
Hello! I just started playing around with HTML for fun (I intend to learn how to create simpler websites one day), and I have a question. Since I just started, should I learn HTML or HTML 5? What are the differences between the two?
HTML 5 offers better error handling (Corporations used to have to reverse engineer through HTML 4 code, that's not as much of an issue any more), better defined semantics (Basically means your code becomes a lot more organized), and also has lots of small little added features that allow for a more dynamic feel to your website rather than having to use little third party programs to do so. I am not a professional with HTML, but I have done a course for it at university, and personally I find HTML4 easier to use than HTML 5. So for a learning platform, I would learn HTML 4 first, and if you like what you see, you can make the jump to HTML 5 with ease if you have a solid understanding of HTML 4. If you want more information then don't be afraid to ask. Almost nothing you said in this post is accurate or useful. Wait are you serious! HTML doesn't offer better defined semantics? Are you really saying that is wrong? Are you saying that HTML 4 Wasn't retardedly hard to reverse engineer relative to that of HTML 5? Are you saying that HTML 5 doesn't offer a more dynamic feel without having to access third party programs? How is any of what I said wrong?
How does HTML 5 offer better error handling? HTML is a markup language: it has no error handling.
What do you mean by "reverse engineering"? You don't have to reverse engineer anything in HTML. Reverse engineering means looking at a result and then creating a system to generate that result, that doesn't even make sense as something that you would do in the context of HTML, which is served in plain text - if you want to know how a result is generated, you read the served markup.
How is HTML4 "easier to use" than HTML5? HTML5 is basically a superset of HTML4, so you're saying it's easier to learn a subset of a language's features, but that's self-evident, and the way you write it implies that writing markup to generate a result in HTML4 is simpler than writing markup to generate the same result in HTML5, which is absurd because HTML4 markup works in an HTML5-compliant browser.
Edited: For niceness and grammar.
Also: I do agree that HTML5's additional tags make markup more semantic.
|
|
|
|
|
|
EPT
