In an earlier article on the strong typing I've described the typehint mechanism that provides data type enforcement for the values sent to the methods and functions. Unfortunately said implementation does not protect against another problem associated with the dynamic typing of variables: a lack of type enforcement when overwritting value of an existing variable. In order to control the type of data, I decided to introduce to PHP the concept of autoboxing known from other languages such as C# and Java.

He talks briefly about what autoboxing is (wrapping primitive types into objects automatically) and links to a library that can be used to accomplish it. A bit of sample code is included showing how to create an AutoBoxedObject and how to use it in practice on some string values.

Without a little background in programming languages or computer science in general, it's entirely possible that typing systems are not something that have crossed your mind. I thought I'd take a blog entry to share some of my thoughts on how it's affecting the creation and evolution of languages.

He walks through history a bit, mentioning C, Java, Python and PHP and how they differ in their default type handling. He especially focuses on the "blurred line" between strong and weak typing and how some if offers special features to the language that uses the method.

The push to create a new generation of young PHP programmers and PHP-driven Web applications on the IBM System i is moving forward according to plan, according to Zend Technology, the company commercializing the open source scripting language and providing support and training services. "Things are going phenomenally well," Zend business development vice president Mike Pinette says, giving evidence of that early success. "We're firing on all cylinders."

They go on to talk about other offerings Zend is making available for the platform including their popular Zend Platform package. There's talk of how Zend's effort is spreading (across countries) and their additional focus on the "bread and butter" shops - "manufacturers, distributors, retail chains, banks, and financial institutions that have heavily invested in OS/400 and RPG over the years".

Andrew van der Stock has written a strong criticism of PHP's insecurity. Andrew is a seasoned security expert and a major contributor to OWASP, and he states:

"After writing PHP forum software for three years now, I've come to the conclusion that it is basically impossible for normal programmers to write secure PHP code. It takes far too much effort."

He continues, citing specific areas where he thinks PHP is weak and asserting that "PHP must now mature and take on a proper security architecture."

Chris also mentions that some of the reasons Andrew mentions include register_globals, magic_quotes_gpc, and safe_mode - all due to be removed in the latest PHP version (6). Also, be sure to check out the comments on the post for a good bit more information and discussion...]]> Tue, 24 Jan 2006 06:34:00 -0600