Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Phil Sturgeon:
The Neverending Muppet Debate of PHP 6 v PHP 7
Jul 24, 2014 @ 15:18:14

Phil Sturgeon has posted about something he calls the "neverending muppet debate of PHP 6 versus PHP 7. As the PHP language moves forward, the PHP 5.x series is coming to a close. The discussion as started up whether to name it "PHP 6" or "PHP 7" and both sides have their proponents.

There are a few major, important conversations happening in the PHP internals mailing list as we speak: The Facebook lot heading up a specification based off of PHP 5.6 Should phpng be moved into master to be the base of the next major PHP version How can we best go about scalar typehinting? There is also another conversation: Should it be PHP 6 or PHP 7 Wait... what?

He goes on to provide a little context, pointing out that back in 2010 PHP 6 was being slated for release as the next major version of the language (this was around the PHP 5.2 days). Unfortunately, it stalled out and some of what was planned went into PHP 5.3. This didn't stop publishers from releasing books and articles about "PHP 6" though. It's already being put up for a vote with "PHP 7" pulling ahead. Phil also includes more context around the discussions, sharing the main points of each side and snippets from the RFC and mailing list thread currently ongoing.

tagged: debate php6 php7 naming internals rfc version

Link: http://philsturgeon.uk/blog/2014/07/neverending-muppet-debate-of-php-6-v-php-7

PHP Town Hall:
Episode 22: The Great Joomla! License Battle of 2014
Mar 26, 2014 @ 14:59:17

The PHP Town Hall podcast has released their latest episode today - Episode 22, The Great Joomla! License Battle of 2014 with guests David Stanley and Don Gilbert.

This week Ben Edmunds is joined by new guest David Stanley and recurring guest Don Gilbert to discuss the latest Joomla! framework licensing drama. Phil was too busy having a real world life to join us this week, boo! Don does a great job of articulating why switching the Joomla! Framework to an LGPL license would be best for everyone and just might cure cancer. Ben tries to play devil’s advocate but eventually can’t even maintain the ruse. David talks now and then, mostly about his new found love of the AeroPress.

You can catch this latest episode in a few different ways: either through the in-page audio player, by downloading the mp3 or you can watch the video of the live recording.

tagged: phptownhall ep22 joomla license debate davidstanley dongilbert podcast

Link: http://phptownhall.com//blog/2014/03/25/episode-22-the-great-joomla-license-battle-of-2014/

Josh Adell's Blog:
GetSet Methods vs. Public Properties
Mar 05, 2012 @ 15:50:21

Josh Adell has a new post to his blog talking about a debate between developers over which is the better method - using public properties or getters and setters to work with values on your objects.

I was recently having a debate with a coworker over the utility of writing getter and setter methods for protected properties of classes. On the one hand, having getters and setters seems like additional boilerplate and programming overhead for very little gain. On the other hand, exposing the value properties of a class seems like bad encapsulation and will overall lead to code that is more difficult to maintain. I come down firmly on the get/set method side of the fence.

In his opinion, the getter/setter method provides an explicit interface to the class that describes what it can do and how you can work with it. He gives code examples, comparing the two methods - simple setting of properties on one object and using get*/set* methods on the other. He brings up the point that, if ever in the future you wanted to handle the data for a property differently, say always make it an array or object. He also points out that this still doesn't prevent the setting of new properties directly, so he uses the magic __get and __set to deal with that.

tagged: getter setter public property debate example

Link:

DZone.com:
Debate - How to Interface the PHP World
Oct 26, 2011 @ 13:33:53

In a new post to DZone.com today Mitchell Pronschinske responds to some comments that were made by Lukas Smith about working with interfaces in PHP and what he sees as an ideal "drop in" solution.

The PHP community was reacting to Lukas Smith's "Interfacing the PHP world" for most of last weekend. [...] It's a pretty major propositon to start 'interfacing the PHP' world. Catch up on the conversation and let us know what you think.

Mitchell summarizes Lukas' thoughts into three points - interfaces in separate repositories, PHP frameworks not adopting 5.3 yet and the customization of method names/naming conventions across frameworks and tools. Another response to Lukas came from Herman Radtke with Lukas following up his original post with "Why Bother?"

tagged: debate interface lukassmith common functionality framework

Link:

SeeIT.com:
The include() include_once() performance debate
Jun 11, 2010 @ 17:42:44

From the SeeIT.org blog today there's a new post rehashing an old topic that pops up from time to time in the PHP community - the include vs include_once performance debate.

The conventional wisdom always said that PHP’s include()/require() was quicker than include_once()/require_once(), but recently I came across an interesting post by Arin Sarkissian which suggests otherwise. [...] So in keeping with the spirit of quick and dirty experimentation I hacked up some code and ran some tests on include()/require() against include_once()/require_once() and on the relative/absolute path issue. The results are pretty surprising and I love to hear some views.

He includes the testing methodology consisted of creating 10,000 files with a simple variable assignment in them and a loop to run through all of them to record the time (as reported by microtime) switching out the different times of inclusion each time - include, include_once, require, require_once. You'll have to visit the post yourself to see the results of the tests. There's charts and tables showing the differences in results based on things like using APC and PHP4 versus PHP5.

tagged: include includeonce performance debate benchmark

Link:

Community News:
The Rev=Canonical Debate
Apr 13, 2009 @ 14:31:58

This past weekend there was quite a bit of discussion around the "rev=canonical" proposal (see here) and how, despite the advantages (URL shortening) it seems to have there are still some downsides to be considered. Here's what some of the PHP community have been saying:

tagged: rev canonical debate link shortening community

Link:

SitePoint PHP Blog:
Tim Bray on PHP
Feb 21, 2006 @ 12:53:06

Harry Fuecks has posted his brief opinion on the comments that Tim Bray made recently about PHP over on the SitePoint PHP blog.

Tim Bray kicked off a big blog debate on the pros and cons of PHP (see links in his post to everyone who commented). If you’ve been around PHP for a while, there's basically nothing new here but you might find cause for optimism in how things are being said—there’s far more informed discussion happening than you might have found even two years ago.

Harry also mentions that there's not much more he wants to add other than a comment on the "PHP is too easy" comment Tim made. Be sure to check out the comments on this post for some great opinions.

tagged: tim bray opinions blog debate too easy tim bray opinions blog debate too easy

Link:

SitePoint PHP Blog:
Tim Bray on PHP
Feb 21, 2006 @ 12:53:06

Harry Fuecks has posted his brief opinion on the comments that Tim Bray made recently about PHP over on the SitePoint PHP blog.

Tim Bray kicked off a big blog debate on the pros and cons of PHP (see links in his post to everyone who commented). If you’ve been around PHP for a while, there's basically nothing new here but you might find cause for optimism in how things are being said—there’s far more informed discussion happening than you might have found even two years ago.

Harry also mentions that there's not much more he wants to add other than a comment on the "PHP is too easy" comment Tim made. Be sure to check out the comments on this post for some great opinions.

tagged: tim bray opinions blog debate too easy tim bray opinions blog debate too easy

Link:

Ilia Alshanetsky's Blog:
mysql_real_escape_string() versus Prepared Statements
Jan 23, 2006 @ 12:58:18

Ilia Alshanetsky also has hos own look today at the "mysql_real_escape_string versus addslashes" debate that's going on, looking more at why there's even an issue here (with addslashes).

Chris has written a compelling piece about how the use of addslashes() for string escaping in MySQL queries can lead to SQL injection through the abuse of multibyte character sets. In his example he relies on addslashes() to convert an invalid multibyte sequence into a valid one, which also has an embedded ' that is not escaped. And in an ironic twist, the function intended to protect against SQL injection is used to actually trigger it.

The problem demonstrated, actually goes a bit further, which even makes the prescribed escaping mechanism, mysql_real_escape_string() prone to the same kind of issues affecting addslashes().

He shows code examples, creating a simple SQL injection that uses mysql_real_escape_string to cause the same issue - all based around the default characterset that the MySQL server uses. His suggested solution? Prepared statements... (like what things such as PDO offer)

tagged: addslashes mysql_real_escape_string debate prepared statements addslashes mysql_real_escape_string debate prepared statements

Link:

Ilia Alshanetsky's Blog:
mysql_real_escape_string() versus Prepared Statements
Jan 23, 2006 @ 12:58:18

Ilia Alshanetsky also has hos own look today at the "mysql_real_escape_string versus addslashes" debate that's going on, looking more at why there's even an issue here (with addslashes).

Chris has written a compelling piece about how the use of addslashes() for string escaping in MySQL queries can lead to SQL injection through the abuse of multibyte character sets. In his example he relies on addslashes() to convert an invalid multibyte sequence into a valid one, which also has an embedded ' that is not escaped. And in an ironic twist, the function intended to protect against SQL injection is used to actually trigger it.

The problem demonstrated, actually goes a bit further, which even makes the prescribed escaping mechanism, mysql_real_escape_string() prone to the same kind of issues affecting addslashes().

He shows code examples, creating a simple SQL injection that uses mysql_real_escape_string to cause the same issue - all based around the default characterset that the MySQL server uses. His suggested solution? Prepared statements... (like what things such as PDO offer)

tagged: addslashes mysql_real_escape_string debate prepared statements addslashes mysql_real_escape_string debate prepared statements

Link:


Trending Topics: