Secure PHP

Hide PHP version in http header: (X-Powered-By)

Edit php.ini

expose_php = off

Get User IP using PHP

 $client  = $_SERVER['HTTP_CLIENT_IP'];
 $remote  = $_SERVER['REMOTE_ADDR'];

What is the difference between HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR? – it is impossible to say. Different proxies may implement these, or may not. The implementations may vary from one proxy to the next, and they may not. A lack of a standard breeds question marks.
If more than one proxy was involved – the X-Forwarded-For: header might then contain a complete track of the forwarding chain, whereas the Client-IP: header would contain the actual client IP. This is pure speculation, however.

ezSQL Functions and Variables


ez_sql help


  1. $db->get_results
  2. $db->get_row
  3. $db->get_col
  4. $db->get_var
  5. $db->query
  6. $db->debug
  7. $db->vardump
  8. $db->select
  9. $db->get_col_info
  10. $db->hide_errors
  11. $db->show_errors
  12. $db->escape (mysql_real_escape_string – mysqli_real_escape_string)
  13. $db = new db


  • $db->num_rows
  • $db->insert_id
  • $db->rows_affected
  • $db->num_queries
  • $db->debug_all
  • $db->cache_dir
  • $db->cache_queries
  • $db->cache_inserts
  • $db->use_disk_cache
  • $db->cache_timeout