PHPDeveloper.org

MaltBlue.com: Zend Framework 2 Core Concepts - Dependency Injection

Mon, 17 Dec 2012 10:09:53 -0600

In this new post Matthew Setter has posted about one of the core concepts behind the structure and use of Zend Framework 2, its use of dependency injection to handy object relationships and access (via Zend/Di).

As Zend Framework 2 is well and truly here, before some of us who are new to it dive right on in, whether you're completely new or, like me, migrating from Zend Framework 1, it's really important to ensure that we understand the core concepts on which it's based. [...] In this, the first part in the series, I'm going to go through what dependency injection (DI) is. However, as there are a number of great posts already available on the topic by some very experienced developers, [...] I'm not going to rehash them.

Instead he extracts out useful tips from posts of a few other sources on ZF2 and dependency injection in general: Matthew Weier O'Phinny, the ZF2 manual, Martin Fowler on dependency injection, Wikipedia and more. He also includes lots of links to more great articles on the subject, both ZF2-specific and for DI iin general.

NETTUTS.com: Are You Making These 10 PHP Mistakes?

Wed, 04 Feb 2009 09:33:51 -0600

All of you developers out there, NETTUTS.com has a question for you - are you making any of these ten PHP mistakes in your day to day development? Which ones, you ask? Read on...

Here are 10 PHP mistakes that any programmer, regardless of skill level, might make at any given time. Some of the mistakes are very basic, but trip up even the best PHP programmer. Other mistakes are hard to spot (even with strict error reporting). But all of these mistakes have one thing in common: They're easy to avoid.

Here's the list (as Glen Stanberry sees it):

Single quotes, double quotes
Semicolon after a While
NOT Using database caching
Missing Semicolon After a Break or a Continue
Not Using E_ALL Reporting
Not Setting Time Limits On PHP Scripts
Not Protecting Session ID's
Not Validating Cookie Data
Not Escaping Entities
Using Wrong Comparison Operators

Arpad Ray's Blog: The adventure of PHP and the magic quotes

Wed, 17 Dec 2008 12:03:07 -0600

One of the things that's been hanging around PHP's neck since its early days is the magic_quotes setting that was introduces to try to make things easier. In this interesting post Arpad Ray takes a look at this setting and why its a bad thing for PHP to have around.

Like register_globals, it helped lower the barrier of entry to building a dynamic website by removing some of the complexity. However it certainly wasn't without sacrifice, problems with the implementation quickly appeared and continued to abound for the next ten years. Finally in PHP 5.2.2 we got an implementation which (as far as its intentions went) seemed to be bug free, but of course by then it was turned off by default and was already slated to be dropped in PHP 6.

He looks at a few reasons they're bad (not good enough for escaping, inconsistent, performance issues) and some methods - code snippets - on how to deal with it being turned on on your server.

PHP.net: PHP 5.2.7 has been removed from distribution

Mon, 08 Dec 2008 06:40:57 -0600

From an important notice posted on the main PHP.net page - a bug has been found with PHP 5.2.7 and it has been "recalled":

Due to a security bug found in the PHP 5.2.7 release, it has been removed from distribution. The bug affects configurations where magic_quotes_gpc is enabled, because it remains off even when set to on. In the meantime, use PHP 5.2.6 until PHP 5.2.8 is later released.

The 5.2.7 downloads have been removed from the downloads page but you can now redownload the PHP 5.2.6 source and binaries if you need them.

You can also find out more about the issue in this post on Stefan Esser's blog