News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

DZone.com:
Hardening PHP SQL injection - Complete walkthrough
August 12, 2011 @ 09:20:13

On DZone.com today there's a new post from Krzysztof Kotowicz sharing a presentation of his about protecting your application from SQL injection.

The materials teach how to use prepared statements, how to escape and write secure stored procedures. Many PHP projects are covered - PDO, Propel, Doctrine, Zend Framework and MDB2. Multiple gotchas and caveats are included. I discuss why escaping is usually the wrong choice, which practices to avoid or follow and how stored procedures sometimes offer no protection at all.

The presentation (as posted to Slideshare) starts with some of the basics - what SQL injection is and an example of how it could be used to bypass security. He covers how to use prepared statements in each of the technologies (with code snippets), methods for escaping data and how to create stored procedures that are protected from the same threats.

0 comments voice your opinion now!
harden application sqlinjection pdo doctrine zendframework mdb2 presentation


David Coallier's Blog:
Simple DBAL, PHP5, Light, Fast, Simple.
August 28, 2007 @ 09:32:00

David Coallier has posted about a database abstraction layer that he's been developing for PHP 5.2.x only systems and wants some opinions on his methods:

I made a very light DBAL that uses PHP5.2.x only (Since many people seem to want that) and it has the exact same DSN syntax as MDB2 for now and the query method are also called the same (No API Changes). [...] The main goal of the DBAL is to have a very effective and light way of switching RDBMS but also the possibility to change your DBAL to something more "0feature complete" as such as MDB2.

He includes the list of query method names and the types of databases that he wants it to support (as well as mentioning the fact that it would be unit tested for reliability).

1 comment voice your opinion now!
database abstraction layer dbal php5 light simple fast mdb2 database abstraction layer dbal php5 light simple fast mdb2


Ifeghali's Blog:
Adding FK support to MDB2_Schema_Writer
August 10, 2007 @ 08:41:00

On the Planet SoC blog today, there's this look at how ifehhali added foreign key support to the MDB2_Schema_Writer as a part of his Summer of Code project to improve the PEAR::MDB2_Schema package.

MDB2_Schema_Writer is the responsible for dumping a database schema to a XML file. It walks into a database definition and outputs the correspondent XML tags.

He gives an example of checking a table (in $table) to see if it has constraints and check its validity. If everything's okay, the script pushes data into a buffer of specially formatted XML data.

0 comments voice your opinion now!
mdb2 foreignkey support mdb2schemawriter mdb2 foreignkey support mdb2schemawriter


CodePoets.co.uk:
How to use PHP and PEAR MDB2 (Tutorial)
June 07, 2007 @ 13:56:00

On CodePoets.co.uk, there's a new tutorial posted by David Goodwin showing how to use PHP with the PEAR MDB2 component to access your database backend.

While writing some PHP Training materials for Pale Purple, I thought I'd add an updated guide on PHP and database access. I've already done one on PEAR::DB, but PEAR::MDB2 is it's successor and has a slightly different API.... and as PEAR::DB is now deprecated, it's probably about time I rewrote it anyway.

David looks at what the MDB2 package is, how to install it, connecting to your database and including some error handling as well. He (thankfully) also touches on one of the most handy features of the package - the prepared statements and the security they can offer.

0 comments voice your opinion now!
pear component mdb2 database tutorial security preparedstatement pear component mdb2 database tutorial security preparedstatement


David Coallier's Blog:
PEARDB is Deprecated, Got It?
June 04, 2007 @ 15:21:00

In response to several other posts lately about the PEAR::DB package in PEAR (and things that could be done to improve it), David Coallier got a bit fed up and shared his opinion - "PEAR::DB is deprecated, got it?"

All new features are made into MDB2 and not DB, the only thing that is being done on DB is security fixes. So MDB2 is first of all, faster, smaller (Because of it's driver and modularity), easier, and has more features (LOB handling, Iterator, etc) and better end-user documentation, quite solid docs indeed.

Of course, the comments of the post are full of people arguing to keep it around and others that agree with David, especially in light of a MDB2 driver for the Zend Framework he mentions.

0 comments voice your opinion now!
pear db database mdb2 deprecated pear db database mdb2 deprecated


PHP.net:
The PHP.net Google Summer of Code
April 16, 2007 @ 12:41:00

The PHP.net site has made the official announcement of the PHP projects involved with this year's Google Summer of Code:

The PHP team is once again proud to participate in the Google Summer of Code. Seven students will "flip bits instead of burgers" this summer:

On the list this year are:

  • LiveDocs - mentor Michael Wallner, student Hannes Magnusson
  • The PHP Interpreter - mentor Derick Rethans, student David Wang
  • XDebug - mentor Derick Rethans, student Adam Harvey
  • Doctrine - mentor Lukas Smith, student Konsta Vesterinen
  • PHPUnit - mentor Sebastian Bergmann, student Mike Lewis
  • MDB2_Schema - mentor Lukas Smith, student Igor Feghali
  • Jaws - mentor David Coallier, student Nicolas Bérard-Nault
Also, be sure to check out some of the other organizations and students participating on the Summer of Code website.

0 comments voice your opinion now!
googlesummerofcode2007 xdebug jaws mdb2 livedocs googlesummerofcode2007 xdebug jaws mdb2 livedocs


Zend Developer Zone:
Book Review - PHP Programming with PEAR
February 02, 2007 @ 19:04:00

Cal Evans of the Zend Developer Zone has posted a new book review of one of Packt Publishing's latest PHP-related offerings - "PHP Programming with PEAR".

For those who have been living under a virtual rock for a while now, PEAR is the "PHP Extension and Application Repository". In a nutshell, it is a collection of classes, it's a framework, and it's a distribution system. Most importantly though, it's an excellent place to find the classes you need so you don't have to re-invent the wheel. (Ok, beginner's time is over, I promise).

PHP Programming with PEAR, written by Stephen Schmidt, Carsten Lucke, Stoyan Stefanov and Aaron Wormus, takes a look at some important PEAR classes and how you can use them.

He mentions what the book covers (which packages) and highlights some of his favorite bits, including the chapter on web services.

0 comments voice your opinion now!
pear book review packt package webservice mdb2 xml pear book review packt package webservice mdb2 xml


David Coallier's Blog:
Zend Framework Without PDO
January 09, 2007 @ 15:04:00

David Coallier has written up a quick post on his blog today with a helpful hint on getting the Zend Framework up and running without the use of PDO for the database connection.

For those who wanted to use the Zend Framework on server but didn't have all the access to install PDO or such will now be able to do so. I have a fix that now MDB2 (PHP5 Only) can be used instead of PDO.

He gives an example of its usage (creating a factory object) and how to get the MDB2 adapter installed correctly to get the Zend Framework to recognize and use it.

0 comments voice your opinion now!
zendframework database pdo connection mdb2 php5 zendframework database pdo connection mdb2 php5


Stoyan Stefanov's Blog:
Reusing an existing database connection with MDB2
January 08, 2007 @ 12:33:00

In this new blog post, Stoyan Stefanov shares a method he's found to reuse an existing database connection with the MDB2 library.

This is a follow up to a question posted by Sam in my DB-2-MDB2 post. The question was if you can reuse an exisitng database connection you've already established and not have MDB2 creating a second connection.

He gives two different methods, one for persistent connections and the other for non-persistent ones - including some code.

0 comments voice your opinion now!
mdb2 reuse connection persistent database method existing mdb2 reuse connection persistent database method existing


Jacques Marneweck's Blog:
PEARDB alike wrapper for PEARMDB2
January 08, 2007 @ 09:02:00

Users of the PEAR::DB module now have another easy choice for upgrading their code to work with another database package - MDB2. According to this post from Jacques Marneweck, there's a wrapper Lukas Smith created to help ease the transition.

The wrapper functionality has been included in the MDB2 package for a while now, and is designed to make things simple when switching from one package to another (as seamless as possible).

You can download the latest version of MDB2 from its page on the PEAR site.

0 comments voice your opinion now!
peardb pearmdb2 mdb2 package wrapper peardb pearmdb2 mdb2 package wrapper



Community Events





Don't see your event here?
Let us know!


language deployment podcast framework update interview install community introduction zendserver library tips laravel symfony package opinion list series release api

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework