keep calm and sanitizeSometimes it is better to use a clear and simple solution that has better readability over a ‘template thinking’. over-thinking is a good thing, it keeps your mind sharp.

considering the fact that using FILTER_SANITIZE_SPECIAL_CHARS with FILTER_FLAG_STRIP_HIGH will probably send you co-friend/team-mate programmer to dig through, which is not nice..

…sometimes RegEx is just the better choice, especially when you are working on a custom solution,

Here is a clean filter_input to SANITIZE YouTube Video-ID-like value,

$video_id = filter_input(INPUT_GET, 'video_id', FILTER_CALLBACK, ['options' => function ($value) {
  return preg_replace("#[^_0-9a-z\-]#im", "", $value);

JavaScript Beautiful Code Part #2/3 – Proper Coding – Avoiding Implicit Type Conversion

icompile.eladkarako.com_i_always_follow_the_proper_dress_codeMaybe only best used @ the end-point compile-script) to minify/obfuscate your code even more..

point mentioning that those *might* gives you a little street credit, but are considered a really bad practice,
and in no-way you should use those in actual live-code, at least, out of common courtesy for your fellow developers :]


  • :( x = !!y;
  • :) x = Boolean(y);

  • :( x = +y;
  • :) x = Number(y);

  • :( x = '' + y;
  • :) x = String(y);

  • :( x = ~s.indexOf('.');
  • :) x = s.indexOf('.') !== -1;

consider reading more about:
JSCS (JavaScript Code Style)
GJSLint (Google JavaScript Linter)

if you see those abominations,
be a pal, and fix it :)

JSONIP Simple Alternative is simple yet brilliant.
it just response with an IP, in a JSON format, or JavaScript (for callback).

this enables either mobile or web applications to use some more extensive information,
as part of analytics and track the IP, along with other parameters..

its so simple to generate the same result using a PHP script,
optionally wrapping it with callback.

this aside, the service is totally unprotected, and can be EASILY be used to inject JavaScript code,
at client-side.

for example:{alert(%22you%20suck%20as%20a%20service!%22);}())%3C/script%3Econsole.log

will generate:

<script>(function(){alert("you suck as a service!");}())</script>console.log({"ip":"","about":"/about","Pro!":""})

ready to be executed..