PHPBuilder has posted an excerpt from an Apress book today - "Beginning Ajax with PHP: From Novice to Professional". It's from the third chapter that introduces the PHP and Ajax combination.

While the concept of Ajax contains a handy set of functionality for creating actions on the fly, if you are not making use of its ability to connect to the server, you are really just using basic JavaScript. Not that there is anything truly wrong with that, but the real power lies in joining the client-side functionality of JavaScript with the server-side processing of the PHP language using the concept of Ajax.

The article's pretty light on the code, but it does give a full example of showing and hiding dynamic content pulled from a backend PHP script (calendar information). Outside of that they just discuss general topics like "Why PHP and Ajax?" and the difference between client-side and server-side processing.

DevShed wraps up their look at databases in PHP (a excerpted from "Programming PHP, Second Edition") with this new tutorial showing how to insert and work with PDO prepared statements.

Concluding our discussion of databases and PHP, we'll finish building the [administration portion of the website] example that we started last week.

They start with the code for the administration page for adding a new record to the table - in this case, a business. They give the code to handle the submit and how to display a list of the current businesses. They wrap it up with a look at working with PHP Data Objects (PDO) and using them to create prepared statements.

Continuing on from this previous post, DevShed has this new tutorial posted. Another excerpt from O'Reilly's "Programming PHP, Second Edition" (by Kevin Tatroe, Rasmus Lerdorf, and Peter MacIntyre), this section gets more into connecting to the database, making a query and returning some information.

They start off looking at the DSNs mentioned previously and include a bit of error checking around it to handle anything that might come up. The next step is, of course, to make a query against the information in your database. They also include an example of the fetchRow method to push the returned results into a variable.

The variable is built out as an array, so they show what that array looks like "on the inside" and how you can reference the different values that make it up.

DevShed has started a new series looking at working with PHP and databases with this new tutorial posted today, an excerpt from the O'Reilly book "Programming PHP, Second Edition".

We focus on the PEAR DB system, which lets you use the same functions to access any database, rather than on the myriad database-specific extensions. In this chapter, you'll learn how to fetch data from the database, how to store data in the database, and how to handle errors. We finish with a sample application that shows how to put various database techniques into action.

In this first part of the series, they look at what kinds of things are possible with the database connection, some of the basics of using the PEAR DB class and working with data source names to help with the connection.

DevShed has a new book excerpt from a good standby security resource from O'Reilly - Chris Shiflett's "Essential PHP Security". This time, they focus on the chapter talking about sessions and cookie security.

This chapter discusses sessions and the inherent risks associated with stateful web applications. You will first learn the fundamentals of state, cookies, and sessions; then I will discuss several concerns - cookie theft, exposed session data, session fixation, and session hijacking-along with practices that you can employ to help prevent them.

The chapter talks about how the statelessness of HTTP causes problems, how cookies can be stolen because of it and what kinds of things you can do to keep you and your users safe (like session fixation).

Filed under their "Advanced Topics" sections today is a new article from WebReference.com that looks at some security techniques developers can use in their apps to help keep their and their user's information safe from prying eyes. It's an excerpt from Larry Ullman's book "PHP 5 Advanced: Visual QuickPro Guide".

This chapter will begin by rehashing the fundamentals of secure PHP programming. These are the basic things that I hope/assume you're already doing. After that a quick example shows ways to validate different kinds of data that might come from an HTML form.

The third topic is the new-to-PHP 5 PECL library called Filter. Its usage isn't very programmer-friendly, but the way it wraps all of the customary data filtering and sanitizing methods into one interface makes it worth knowing. After that, two different uses of the PEAR Auth package show an alternative way to implement authorization in your Web applications. The chapter will conclude with coverage of the MCrypt library, demonstrating how to encrypt and decrypt data.

The security tips in this part of the series range from turning off register_globals (you do have it off, don't you?) to form validation with things like regular expressions and the ctype functions.

The Zend Developer Zone has posted the final part of their excerpts from the Manning Publishing book "PHP in Action" today with part three of the Design Patterns chapter.

You know you've been waiting for it, here it is. The final installment of Chapter 7 of PHP in Action by Dagfinn Reiersol. Without further comment, here's the introduction to this section in Dagfinn's own words: "In this section we discuss an Iterator and a Composite."

Dagfinn briefly mentions what the two patterns are about - a "canned loop" and making tree structures easy. Check out the PDF for the remainder of the chapter.

On the Zend Developer Zone, there's a new post pointing to the second part of their look at the Manning Publishing book "PHP in Action".

If you've been anxiously awaiting part two of this series then your wait is over. Here's a short introduction to the section part of this series written by the author of the book, Dagfinn Reiersol. I had the privilege of meeting Dagfinn at phpuk last week. Below the introduction is the link I know you've been waiting for.

The new PDF they link to focus on two different patterns - the Decorator (a wrapper class) pattern and the Null Object (an object that works like the others but does nothing behind the scenes) pattern.

PHPBuilder.com has posted a new article (an excerpt from the "Foundations of PEAR" book from APress) focusing on the authentication aspect and components PEAR has to offer.

After all, nearly all authentication is identical in its basic functionality, and there's usually no good reason to spin off your own code if it's already written for you.

They talk about three packages - the Auth package, Auth_HTTP, and the Auth_PrefManager. They describe the Auth package in depth in this article - common uses, related packages, required packages, what the constructor is like and descriptions of the functions the package provides.

PHPBuilder.com is back with part two of their look at building an application combining PHP and Ajax (as excerpted from the Apress book "Beginning Ajax with PHP: From Novice to Professional"). Part one for the series is here.

A nice feature that I first noticed as being received positively by the Internet community is the auto-complete feature in Gmail. [...] The next example will show you how to do the same thing - although it's not quite as in-depth as the Gmail solution.

They start with the CSS and Javascript to make the application work, including a simple XMLHttpRequest object for the Ajax connection. The "autocomplete" function is called via an onKeyPress event in the form on the page, grabbing the content and firing off a request to the backend script. The also include a series of screenshots that show the different steps of the process from entering the information down to outputting the results.