In the latest post to her site, Lorna Mitchell walks you through the creation of a first Phing plugin, an extension to the popular PHP-based build tool.

I'm a huge fan of Phing and use it regularly for build and deployment tasks. Often, I'll ask about a plugin that I wish existed, and get a very courteous "patches welcome" from the nice people in the #phing channel on freenode. This has happened a few times, so I thought I should probably look at how to make a new phing plugin, this article shows you how to make the simplest thing I could think of: a simple "hello world" plugin.

She points you to the location to grab the latest version of the tool (the github repository) and how to define a configuration file for your test runs. Then she includes the sample code showing how to create the "HelloTask" plugin. It takes an input value of "name" and displays a greeting when executed. She shows the syntax for defining this in the XML build file and the sample result when executed.

On PHPMaster.com today there's a new tutorial introducing you to SimpleXML, a handy bit of functionality included with the base PHP install to make working with XML (well, reading it) much simpler.

Parsing XML essentially means navigating through an XML document and returning the relevant data. An increasing number of web services return data in JSON format, but a large number still return XML, so you need to master parsing XML if you really want to consume the full breadth of APIs available. Using PHP's SimpleXML extension that was introduced back in PHP 5.0, working with XML is very easy to do. In this article I'll show you how.

He starts with some basic usage of the SimpleXML parsing, giving an example XML to parse, the resulting object and how to access the data inside it. There's also a bit about dealing with namespaces in the XML you're parsing and a more practical example - parsing the output of a YouTube feed to get links to various videos.

Andrew Podner has a new post to his site today introducing you to Phing, a PHP-based build tool (designed after on Apache Ant) that makes automating builds of your applications easy.

One of the things I have been focusing on lately is trying to to a better job of mechanizing and automating the process of building and deploying an application. The reason for this is pretty simple: applications just seem to keep getting more and more complicated and intricate as time goes on. [...] Phing is a "project build system" that helps developers manage repetitive tasks associated with preparation and deployment of applications. Phing uses XML based files to allow you the ability to customize the build process to the individual application.

He walks you through the Phing installation (from PEAR, note that you can install it via Composer now too) and how to set up your first project XML definition. He shows you how to add a "target" or step to the build with the basic example of running your app's PHPUnit tests. He also includes a list of other things Phing can do and work with including CodeSniffer checks, FTP handling, version control interfaces and automated documentation.

PHPMaster.com is back with the third part of their series looking at Aspect Oriented Programming with the CodeIgniter framework. (Part 1, Part 2)

In the previous parts of the series we learned about AOP concepts and the need for using AOP in large scale projects and I introduced CodeIgniter's hooks as a convenient mechanism for creating AOP functionality from scratch. In this part I'll show you how to use both XML and comment-based techniques to create custom AOP functionality when a dedicated AOP framework is not available.

They start with the XML configuration that defines a few aspects and pointcuts for the application. This is then read in via the "applyBeforeAspects" and the aspects that should be executed first are extracted, loaded and run. Following this, they take the other approach - based on docblock comments - and pull in the comments (the @before and @after tags) and load/execute the aspects that way instead.

Nikita Popov has posted a plea to developers and project maintainers alike to stop using XML for their configuration files in their PHP-based applications.

I recently tried using Phing (a PHP build system) to do some simple release automation. Just creating a PEAR package and doing a few string replacements here and there. The result? After several wasted hours I ended up using Phing only for PEAR packaging and doing everything else in a custom PHP build script. The reason? Phing uses XML files to configure what it should do during a build.

He advocates a more native solution - a PHP script that defines the configuration options as a part of an object that can be injected into the parts of your app without the need for external dependencies.

Based in some recent issues found with the Zend_XmlRpc component of the Zend Framework, the project has release an update, version 1.11.12 that includes a fix for the component to prevent an XXE injection attack.

Zend_XmlRpc is vulnerable to XML eXternal Entity (XXE) Injection attacks. The SimpleXMLElement class (SimpleXML PHP extension) is used in an insecure way to parse XML data. External entities can be specified by adding a specific DOCTYPE element to XML-RPC requests. By exploiting this vulnerability an application may be coerced to open arbitrary files and/or TCP connections.

This security advisory describes the problem as well as the steps taken to correct it and provide the update. It is recommended that anyone using this component upgrade immediately to prevent issues. You can download the latest issue from the Zend Framework download page.

On PHPMaster.com there's a new tutorial posted about using XML in PHP, an introduction to using the DOM functionality in PHP to work with your XML content.

PimpleXML allows you to quickly and easily work with XML documents, and in the majority of cases SimpleXML is sufficient. But if you're working with XML in any serious capacity, you'll eventually need a feature that isn't supported by SimpleXML, and that's where the PHP DOM (Document Object Model) comes in.

He starts with a brief introduction to XML and DTDs including an example of each (defining a sample book information he'll use in the rest of the tutorial). He helps you create a simple class that takes in the XML content, working with construction/destruction of the object and using it to find, add and delete a book by things like ISBN or genre.

On the MaltBlue blog Matt has posted the latest part of the "Zend_Form with Zend_Config" series, part four looking at using and configuring some form validators.

Welcome to the fourth and final part in the Zend Form Mastery with Zend Config series. Previously we looked at the basic form options, element and form wide prefixes, filters and element options. In this installment, we're going to look at configuring Zend Validators via our XML config. [...] To go in to all of them will take more time than is allowed in the confines of this article. So we're going to work through 5 of the more interesting and likely used ones.

He covers the validation for: email addresses, postal codes, seeing if a record exists in the database, IBAN validation and checking to see if a value is in an array. He gives XML examples for each of these validation methods including the definitions of options and error/feedback messages.

Chris Hartjes, a big proponent of testing in the PHP community, has a new post to his blog about a new testing tool he's released to make it easier for you to know what needs testing - Tricorder.

I've hacked together a little CLI script that I think will be of use to many people who are trying to answer the question "just what should I do to test this thing anyway?" as they learn how to write PHPUnit tests to go along with their code. [...] I've created something that I am calling PHP-Tricorder, a CLI utility that can be used in conjunction with phpdoc structure.xml files to make suggestions on testing scenarios. It's at a 0.1 release right now, so I anticipate it will grow and add more features as time goes on.

The post includes an example of the output generated from the phpdoc's XML output, recommending things like:

• Mocking certain objects
• Testing for data types and contents
• Recommending testing ideas for private/protected methods

You can grab (or contribute to!) the latest version of the tool over on github.

On the MaltBlue.com blog they've posted the latest part of their series on using Zend_Config configuration files to create Zend_Form elements. In this latest article, they show how to set some of the other properties on the elements (like "readonly" or "required").

We've looked at custom form filters and we've looked at the core form configuration. But what about the other form properties? What about: setting an element as readonly, an element as required, ignoring an element and love them or hate them, what about decorators.

He shows how to update the XML file to add these new attributes into the structure and the resulting form. Also included are a few examples of using decorators to configure the look, feel and modify the attributes.