I’m currently using Dreamweaver CS5.5 and I ‘d like some information about the PHP code that Dw generates, ’cause I find it a little bit confusing and find it a little bit difficult to understand.
1st. About the Authorization or the login script that dw generates. Do I have to sanitize the given username or encrypt/hash the password before doing the check with the ones that are in database, or Dreamweaver does already this for me? If I have to do it by myself where exactly can I apply my own code?
2nd. When creating a query from the bindings, Dreamweaver also generates a GetSQLValueString function which, to tell the truth, confuses me a lot. If I remove this code completely, and keep only the query( or queries in case i want to have more than one), will this have any effect on the rest functionality of the page? Or what if I put it in a seperate file and inlude it in the pages i want to?
3rd. I’ve also noticed that creates some folders like _mmServerScripts, _notes in the site. Is it also ok if I delete them from the site, or will have an effect on my code?
And one last thing. When I sometimes type an if statement like this:
<?php if(a_condtition): ?>
<p>Hello</p>
<?php endif; ?>
I get the syntax error highlight. Is this somekind of bug?
Dreamweaver assumes that the password is in the database in plain text. It dates back to the days when people habitually made that mistake.
GetSQLValueString is Dreamweaver’s simplistic way of cleansing strings to prevent injection attacks. It works pretty well.
The various extra directories that DW makes are partly for versioning and access; and partly for configuring the test environment. Remove them from the live site by filtering them in FTP.
The if statement you show is not recognised as syntactically correct in DW