I started to try and break the 10 charset limit of PHP non-alpha after @InsertScript showed me that PHP Dev supports [] syntax for arrays. I wondered if it would be possible to break the limit within production PHP. At first I thought you could but then after some testing I found that there was no way to concat without "." and no way to call a string as a function without $ and =. However since I got into PHP Non-alpha again I thought why not try and improve it and make the code tweetable.

He works through the whole process of his discovery - starting with the creation of a non-alpha version of "0" (zero), moving into letter creation and finally all the way up to a full word..."assert". The result is tweetable code that echoes that string and contains more symbols than letters. If you're interested in more of this non-alpha kind of coding, check out some of the other posts on his blog.

Underscore.php provides a utility library for PHP that provides a lot of the functional programming support that a programmer would expect in Ruby, but without adding much overhead during execution. The only caveat is that underscore.php requires PHP 5.3 or greater. Although you could accomplish some of the things using PHP's built in functions, the functional approach looks intuitive and easy to work with.

He gives a few simple code examples - one using the "pluck" method to pull certain values out of an array, the "map" method to apply a transformation to each item in an array and some OOP examples showing the use of the "max" and "template" methods.

I think the underscore-prefix for protected and private is a good convention to keep. As with many things about programming, this convention is not for the program, it is for for the programmer. For example, limiting your line length to about 80 characters is a good idea, not for reasons of "tradition", but because of cognitive limitations of human beings who have to read code. Likewise, using the underscore prefix is an immediate and continuous reminder that some portions of the code are not public. Its purpose is as an aid to the programmer.

He suggests that it offers something similar to the thought process behind the magic methods like __get or __set that both work on a private scope. Check some of the comments for opinions both for and against the idea from other community members.

The question which comes instantly to my mind is: why? Is there any reason why this convention should be kept when PHP object oriented programming has gone a long way since PHP 4 (when there was no access modifiers and such underscore was the only fast way to distinguish public from, hmm, not public methods and properties) ? Are, for instance (as one of major OOP languages), Java coding standards pushing towards such naming convention? No!

He, like many other developers, are pushing to drop this kind of convention as an outdated reminder of the PHP4 days when "private" didn't exist in the language. Scope modifiers have done away with the need for that underscore completely.

Use of vendor() function to load third party libs in CakePHP has been deprecated for some time now... It has been replaced with the more generic App::import() the usage is simple.

There's also a little trick you'll need to know for files with underscores (drop it and replace with an uppercase) and how to get it to be a bit more flexible and recognize vendor files in subdirectories or ones differently named.

PHP's support for sessions make adding "state" to your web application super easy. Bus because the illusion of state is maintained by storing a Session ID via a user's cookies, you might find yourself losing potentially productive hours chasing down bizarre client side bugs or opening up a potential security hole. Here are 4 tips to help you avoid wasting your time and securing your site.

Items on the list are:

• Don't use underscores in host names
• Commit your sessions before redirects
• Prevent session fixation (great security tip!)
• Don't expose session_id's