[katzgrau]

Someone's going to kill me for saying this: The biggest opportunity you could hit in the shortest amount of time is probably with PHP/Wordpress.

Learn how to write smart, clean PHP (if there is such a thing), and learn writing Wordpress plugins and themes inside out. And build a portfolio to woo clients. A lot of developers think they're above this type of work, or that it's soul-sucking and pointless. It is. But if you're willing to buck up, and you want to be a free man/woman, and hit a (fairly average) target rate of $35 - $50 an hour, it's the fastest path.

Keep in mind, there's little respect for PHP and Wordpress development on HN, but there's a ton of demand for it among the growing number of novice bloggers who need help with their site. I get asked all the time, and I usually refer the work to a WP dev I trust (the quality varies quite a bit).

[shire]

This made me laugh, Is true everyone hates PHP on here but in my hometown Seattle all the jobs on craigslist or anything other domain is mostly populated by PHP requests for a lot of jobs. How long does it take to get into PHP freelancing for someone who has experience with some Java.

[roansh]

If you are familiar with another programming language, and able to DO programming, then, on average, it wouldn't take longer than a month. That would be sufficient, I GUESS. I built a social networking site in PHP in the last semester. And it was my first PHP web-application! I did learn PHP (and Relational databases) in a month before that. I made a post about it, if you want to see (http://xworkspace.blogspot.in/2013/01/build-your-own-social-...)

But it all really depends on the amount of time (with brain) you spend on learning. :)

[krapp]

    $email = $_POST['email'];
    $password = $_POST['password'];
    $query = "SELECT emailAddress, password, userID FROM users
    WHERE emailAddress = '$email' AND password = '$password'";
    $result = $db->query($query);

Um... not to digress but it looks to me like there's a SQL injection hole here. Please use PDO and a bit more validation, this doesn't properly escape anything. You could validate the email address with filter_var, for instance.

Otherwise, it looks neat, good job. You might want to learn to code more defensively though. Especially if you're putting something up on Github.

Refer to: - https://www.owasp.org/index.php/SQL_Injection_Prevention_Che...

- http://stackoverflow.com/questions/60174/how-to-prevent-sql-...

for some direction towards better practices.

[roansh]

Hey krapp, thanks for your input :D It's a great example of quick & dirty job. There's still a LOT of work to do, I accept. The images are not scaled, passwords are not `hashed', and no validation, of course. I should have had worked on it later on, but I really didn't look in to it later.

I guess, I am also on the same path as with the author of this post. But yeah, thanks again, I will improve it as soon as I can. :-)

[krapp]

Bear in mind, that since it's on github, even though it's a 'quick and dirty job', people WILL just download it, run it and expect it to work, and if it works, not care about auditing the code.

Those people deserve what they get, maybe, but still. Getting into a habit of never releasing anything that doesn't at least have basic security is a good idea.

When you come around to hashing the passwords consider https://github.com/rchouinard/phpass

[roansh]

Right krapp. I will absolutely take care of that from now on, and also, I will fix that code ASAP. :)

[krapp]

Oh, definitely. Everyone hates PHP, and all the 'real' coders won't even learn the language or take the ton of jobs for it.

Although those jobs also tend not to pay much. Wordpress especially.