In this recent post to Reddit.com, the question of application security is asked - the poster wants recommendations on how he should keep his app safe from would-be attackers:I can code fairly well in PHP these days, but my security isn't so hot. Is there a tutorial or plugin you guys can recommend as to how I should be protecting my php pages/inputs? I want to avoid common attacks like XSS, inputs with NULL or DROP TABLE etc?Responses on the post include recommendations related to:
Using the Chorizo...
Klaus Silveira has submitted a project he's been working on to make browsing through git repositories a bit simpler with a local tool - gitlist.GitList is an elegant and modern web interface for interacting with multiple git repositories. It allows you to browse repositories using your favorite browser, viewing files under different revisions, commit history, diffs. It also generates RSS feeds for each repository, allowing you to stay up-to-date with the latest changes anytime, anywhere. GitList was...
On the Nerdery blog today there's a new post about the recent Minnesota PHP User Group's latest meeting where the topics were "When SQL Meets Developers" and "Message Queues & Distributed Job Processing".In their May meeting, the Minnesota PHP User Group heard two talks on "When SQL Meets Documents" [above] and "Message Queues & Distributed Job Processing" [below]. MNPHP meets once a month at The Nerdery's office in Bloomington.Both of the presentations were recorded - you can find the videos over on...
Popular posts from PHPDeveloper.org for the past week:Tom Barrett's Blog: WordPress is more than a CMS, it is a PHP Framework
Community News: Drafts of PSR-1 (and prelim PSR-2)
NetTuts.com: Aspect-Oriented Programming in PHP
Developer.com: Creating a Custom ACL in PHP
Jeremy Cook's Blog: Implementing IteratorAggregate and Iterator
Anson Cheung's Blog: Create nodes in eZ Publish using PHP
Gonzalo Ayuso's Blog: Building a simple SQL wrapper with PHP
Fabien Potencier's Blog: Sami: Yet another PHP API...
The Symfony Project is running a community survey for developers using the framework. It asks some generic questions including "how long have you been working with Symfony?" and "how did you get to know Symfony?"Symfony 2.0 has been released for quite a long time now, and so we would like to conduct a quick survey to get a better understanding of the Symfony community. I'm going to use some of the aggregated results for my Symfony Live keynote, and all the aggregated results will be published on this...
The Atlanta PHP User Group has announced their latest meeting for June 2012 - an introduction to the Larvel framework from Ben Edmunds.Are you ashamed to admit you're a PHP developer? Have you been using the same old, boring PHP framework for years? Tired of your PHP applications turning into enormous beasts? Maybe you've heard about Laravel but haven't made the effort to dive into it? In this presentation, we'll walk through what makes Laravel an elegant, fun, and exciting framework to make PHP...
My Sitemap Generator
[You may have heard about the Magento fork Mage+.]
Lee, just tell us: who are you and what are you doing?
I'm a Magento technical architect, developer and contributor to Magento CE. I specialise in architecting and building large scale and complex installations of Magento - having built enterprise Magento platforms for Warner Music Group both in Europe & USA, and for Rebate Networks, who operate a collection of localised flash-sales websites throughout the world. I'm also the founder of the...
I spent the better part of this afternoon trying to figure out why a Composer installation wasn't working and finally figured out the problema€¦it wasn't mine.
First, a little context - I'm currently working on a testing presentation for some folks at work and I wanted to show them how to work with the Behat testing tool to create some handy functional/integration tests for our framework-based apps. I threw together a little framework (yes yes, I know) and got the PHPUnit tests set up and running in no...
On PHPMaster.com today there's a new tutorial posted, the first part of a series, looking at the use of the Standard PHP Library (SPL) in PHP. In this first part of the series, Stefan Froelich looks specifically at two of the more common uses for iterators - working with arrays and directories.When I first came across the term iteration and saw the overwhelming list of classes related to it in the SPL, I was taken aback. It seemed maybe iteration was too complex for me to grasp. I soon realized it was...
In his previous post to the MaltBlue.com blog Matt introduced the concept of configuration-driven Zend_Form instances. He's back with a second part to the series, enhancing his original examples by covering some of the base-level form configuration settings.Ok, this should have been part one, but irrespective, here's the second installment in zend form mastery with zend config - core form configuration. As the W3c Form spec says, there are 8 attributes applicable to forms.These attributes, including...
In this new post to his blog Sean Coates talks about PHP as a templating language and why he (and Gimmebar) have decided to go another, more frontend-based direction.For many years, I was a supporter of using PHP as a templating language to render HTML. However, I really don't buy into the idea of adding an additional abstraction layer on top of PHP, such as Smarty (and many others). In the past year or so, I've come to the realization that even PHP itself is no longer ideally suited to function as the...
Fabien Potencier has released a new tool to the open source community today - a documentation generation tool called Sami.Nowadays, phpDocumentor version 2 is probably the best option out there as it has a good architecture, it works fine, it is extensible, and quite a few big PHP projects is already using it. And that's fine. I don't want to compete with it, I don't want to replace it, I'm just open sourcing some code used by Symfony, Twig, and Silex because I'm not comfortable with closed-source...
The Voices of the ElePHPant podcast has released their latest episode - an interview with Derick Rethans of 10gen and XDebug fame.Cal's "three questions" for Derick involve
How did you come up with the idea and how did the project get started?
What's been the most fun and interesting part about building the community around XDebug?
What's the hardest lesson you've learned about running a project like XDebug?
You can listen to this latest episode either via the in-page player or by downloading the mp3...
Users of MySQL Replication sometimes throttle client requests to give slaves time to catch up to the master. PECL/mysqlnd_ms 1.4, the current development version, features some throttling through the quality-of-service filter and global transaction identifier (GTID). Both the plugins client-side GTID emulation and the MySQL 5.6 built-in GTID feature can be used to slow down PHP MySQL requests, if wanted.
How its done
The replication plugin has a neat feature called quality-of-service filter. If, for...
Latest PECL Releases:
Today is my "let open source some of my private Github repositories" day,
and more specifically, I'm releasing a bunch of code related to documentation.
Earlier today, I've released the Sphinx
extensions I'm using to generate the
And now, I'm releasing my API documentation
generator. Yes, I know that PHP already has
a bunch of such generators, but I started to work on this project several
years ago, when the only viable option was the old phpdocumentor.
So in working up a new RESTful service I've been tinkering with, I wanted to provide some kind of a€oauthenticationa€¯ system for it. I started to look into OAuth, but got a bit overwhelmed by everything that was involved with it. Looking for something a bit more lightweight (and simpler to implement a bit more quickly) I came across this older article with a suggestion of a private key/hash combination. I figured that could do the job nicely for a first shot, so I set to implementing it.
On the Server...
In a recent post to his blog Jeremy Cook has gotten back into looking at some of the SPL functionality that comes with PHP. In this new post he looks specifically at the IteratorAggregate and Iterator object types.After a bit of a break I'm finally able to get back to writing about the predefined interfaces in PHP. PHP provides two interfaces that allow you to define how your objects behave in a foreach loop: IteratorAggregate and Iterator. Before taking a look at IteratorAggregate I'll briefly discuss...
Latest PHP Tweets