News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Joseph Scott's Blog:
Why PHP Strings Equal Zero
March 15, 2012 @ 09:47:49

Joseph Scott has a new post to his blog looking at "why PHP strings equal zero" - that when you use the "==" operator on a string to compare to zero, it's true.

The issue of PHP strings equaling zero has come up a few times recently. [...] Running that will display Equals zero!, which at first glance probably doesn't make much sense. So what is going on here?

He gets into the specifics of what's happening - a bit of type jugging, less strict comparison since it's the "==" versus "===" and how the PHP manual talks about strings being converted to numbers.

While I still think it is odd that the string gets cast as an integer instead of the other way around, I don't think this is a big deal. I can't recall a single time where I've ever run into this issue in a PHP app. I've only seen it come up in contrived examples like the ones above.
0 comments voice your opinion now!
string equal zero type juggling conversion


Brandon Savage's Blog:
An XSS Vulerability In The Making
March 07, 2012 @ 12:02:46

Brandon Savage has a new post to his blog about what he calls a XSS vulnerability in the making, something to watch out for when you're doing validation in PHP involving the possibility of numbers as strings.

Back in September, Socorro received a security bug relating to the method we were using for processing inputs for the duration of certain reports. The vulnerability included a proof of concept, with an alert box popping up on production when the link was followed. [...] I was quite surprised at the root cause of the vulnerability. We had opted to compare the incoming data against a known set of valid values - a common practice when whitelisting certain inputs. [...] As expected, when this [example] code is tested, a string of '3' and an integer of 3 work equally well, and a string of '5' and an integer of 5 fail equally.

This automatic casting that PHP does internally caused another issue as well - if the string passed in even started with a valid number from their whitelist set, it still passed.

At first we thought this surely had to be a bug in PHP. However, Laura Thomson told me "If comparing two values, type juggling is performed first, which means that the string is converted to a number. This is done by taking the first number found in the string. So this may be confusing/a quirk/a gotcha, but it isn't a bug." And she's right: this isn't a bug per se, but it's certainly an interesting "gotcha."
0 comments voice your opinion now!
crosssitescripting xss type juggling string conversion internal


Symbiotix.net:
Wherein We Muse Over a Case Study of a One Day Wordpress-to-Drupal Conversion
January 15, 2010 @ 13:09:58

In this new post to Symbiotix.net they take a look at a migration they made taking their site and content over from a WordPress installation into a new Drupal site.

We've been running a small educational non-profit - Edulogos - for over three years now. Until recently edulogos.org has been little more than a Wordpress blog with a few extra pages and an off the shelf theme. [...] We decided it was high time to redesign the site and move it over to Drupal to give it room to grow. Like repotting a plant. "Liefde en substral", as they used to say in our home country.

They talk about the planning stages of the move - what version control they were going to use, which Drupal modules they were going to install - and walk you through the installation and configuration process step by step. They used git and github as their chosen method for deploying the site.

0 comments voice your opinion now!
wordpress drupal conversion casestudy


Tiffany Brown's Blog:
Collecting e-commerce conversion data with Zen Cart and Google Analytics
February 19, 2009 @ 11:18:38

Tiffany Brown has a new post today showing how you can gather some statistics about the (successful) use of your e-commerce Zen Cart website with the help of Google Analytics.

Google Analytics allows you to collect pretty robust data about how users move through your e-commerce site. Here's how to make it work with Zen Cart, an open source shopping cart.

You'll need to already have a Google Analytics account set up for the application, a Zen Cart instance installed and have at least a passing knowledge with using PHP and MySQL. There's two steps to the process - a creation of a custom functions file (code provided) and a modification to two other files (the checkout success page and global footer) to send additional information to the Analytics service.

0 comments voice your opinion now!
zencart ecommerce statistic conversion data google analytics


Tilllate.com Blog:
tilllate.com is now all Zend Framework
May 20, 2008 @ 10:28:28

The tilllate.com blog has a new post about a milestone in their development process - the removal of two old legacy components with ones from the Zend Framework making it running 100% on the Framework code.

The gallery and the user registration. The whole site tilllate.com is now running on Trevi, our extension of Zend Framework. With a reach of 2.5 million unique clients a month, tilllate.com is one of the world's biggest installation of Zend Framework.

They talk about the two upgraded parts of their older system - the move up to the Zend_Db database abstraction layer and a change to use memoization in the Zend_Date and Zend_Config components.

0 comments voice your opinion now!
zendframework tilllate conversion trevi extension


Andrei Zmievski's Blog:
50% There
December 20, 2006 @ 08:08:02

Andrei Zmievski has posted an encouraging note on his blog about the progress of PHP6 concerning the number of functions that have been correctly converted to support Unicode.

Well, PHP boys and girls, this feels like quite a milestone: 50% of the 3084 functions that are bundled with PHP 6 have been upgraded to support and work safely with Unicode.

He includes a small chart beside the post as well showing where things are currently at like the safe vs unsafe functions.

0 comments voice your opinion now!
unicode conversion function safe half unicode conversion function safe half


Sara Golemon's Blog:
PHP6 News from the front...
September 26, 2006 @ 07:16:58

Sara Golemon brings us some news from the front about PHP6 in her latest blog entry today.

While everyone else has been busily gearing up for the release of PHP 5.2 and the new features that are going to come with it, Andrei and his small band of merry babelonians (yours truly included) have been making inroads on preparing PHP6 for a preview release. In the past week we've managed to roughly double the number of builtin functions (those which are part of the main distribution) that have been reviewed for unicode safety, either flagging them as good or upgrading their functionality

She also talks about what kinds of functions this entailed and how far along they are total (around 22%). She also encourages anyone that wants to get involved to help to jump right in.

0 comments voice your opinion now!
news php6 conversion unicode function news php6 conversion unicode function


SitePoint PHP Blog:
Hot PHP UTF-8 tips
August 10, 2006 @ 14:50:03

Following up on some of his previous posts to the SitePoint PHP Blog, Harry Fuecks has posted this quick guide with some "hot UTF-8 tips" to share with the community.

As a result of all the noise about UTF-8, got an email from Marek Gayer with some very smart tips on handling UTF-8. What follows is a discussion illustrating what happens when you get obsessed with performance and optimizations (be warned - may be boring, depending on your perspective).

He talks mainly about using the native PHP functionality to avoid the mbstring issues that could arise by restricting locale behavior and using a fast case conversion function to handle strings correctly. The other tip involves delivery methods to those not able to recieve UTF-8 formatted content - checking their character set and responding accordingly.

0 comments voice your opinion now!
utf8 tips mbstring native locale behavior case conversion character set utf8 tips mbstring native locale behavior case conversion character set



Community Events





Don't see your event here?
Let us know!


introduction podcast threedevsandamaybe code bugfix wordpress community library framework developer install language configure release interview laravel api application series list

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework