symfony1 is well and alive and many developers are now using it for projects hosted on Git. But as the official symfony 1 repository is hosted on Subversion, it's not always easy to get things versioned easily. As of today, this becomes much more easier. If you are using Git and symfony1, you can now use the official symfony1 Git clone.

There are branches for each of the major 1.x releases as well as tags for some of the minor releases. You can, of course, still access the latest packages directly via the symfony website.

Magento is one of the most popular PHP eCommerce solutions available for web developers. In their own words, it's the fastest growing eCommerce platform in the world. Packt Publishing has generously donated a handful of copies of their latest Magento book, called "Magento 1.3: PHP Developer's Guide".

The book goes into the depth PHP developers will need to really get into the heart of Magento and create customized modules with advanced functionality to make it just what you need.

Duplicated code in projects is a frequent thing and also the one ripe for factoring out in a new class or function. Cut/Paste coding is a common development practice among programmers, a lot of which can lead to code size increase and maintenance nightmares. PHPCPD (php copy paste detector) is a PEAR tool that makes it easier to detect duplicate code in php projects. Below is a short tutorial on the PHPCPD package.

You can either install the tool via a PEAR channel or directly from the github site. Once its downloaded and extracted you can immediately run it on the subdirectory of your choice. He also includes a more extended example - a search on a minimum of 5 lines of 70 tokens found to trip the filter in finding cloned functionality.

In addition to [a local copy of your source] being faster to develop, it lets you work without needing to be connected to the Internet. But what about the tools you use while developing? If you're a PHP developer then the manual at php.net is an invaluable tool. It only make sense to have it available for when you're not online.

His example follows the official mirroring part of the PHP.net website and uses a slightly modified rsync command to fetch the manual information from the php.net site and drops it in a location locally. He throws in an Apache configuration too for a simple VirtualHost to get it up and running.

If you're among the crowd who have migrated an OOP based application from PHP4 to PHP5, then I'm sure you've heard the expression "Objects are copied by reference by default in PHP5". Whoever told you that, was lying.

As she explains, the truth is more that they behave that way, not that they are actually like that. She talks about what objects actually are and how things are handled differently from PHP4 to PHP5. She also "lies" a little also about the "copying" part, and explains the internal structure of a variable to show why.

She also includes a bit on why referencing variables when it's not really a must is a bad idea - the main idea of it being a waste of space and memory in the application.

The errors are:

• A problem with copy() that circumvents the "Safe Mode" for users who are logged in at the system.
• A possible issue with tempname() that could ignore the "Safe Mode" setting also
• a third leak that could lead to a web server process crashing (recusive function calls)
• and an XSS attack issue with the standard phpinfo() page

The 4null4.de post has a summary of the issues, but the original article from heise has the complete info (as well as links to examples of the problems as documented on SecurityReason.com).