News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Community News:
PHP Manual Masterpieces (Humor)
October 16, 2012 @ 10:10:52

A new blog has started up that mentions some of the "masterpieces" that occur in the PHP manual - phpmanualmasterpieces.tumblr.com:

Sparkling gems found in the official PHP documentation, mostly in the user-submitted comments. Not meant to pick on anyone, just to serve as a source of wonderment.

There's already several posts to the blog including:

You can subscribe to their RSS feed if you'd like to keep up.

0 comments voice your opinion now!
humor manual quote funny blog


Working Software Blog:
Escaping single and double quotes for use with XPath queries in PHP
August 19, 2011 @ 13:50:14

On the Working Software blog there's a new post showing a solution to a issue with escaping quotes in XPath queries that's not just an issue in PHP.

I've been working with the Basecamp API to plugin our IRC bot that we use for time tracking and I'm astounded to learn that escaping single and/or double quotes for XPath queries in PHP does not have a well documented, best practices solution. In fact, it seems as though this is not peculiar to PHP. I took a look around and found this excellent article by "Kushal": http://kushalm.com/the-perils-of-xpath-expressions-specifically-escaping-quotes.

He's put together his own (PHP) solution to the problem - running the entire XPath query through a filtering method that splits it up, replaces the quote characters and combines it back down to a single string.

0 comments voice your opinion now!
escape quote double single xpath query tutorial


PHPBuilder.com:
Six Cool PHP Tricks You May Not Know
April 23, 2010 @ 08:44:24

On PHPBuilder.com there's a new article with a few things - six things, to be exact - that you might not know about the PHP language as written up by Chris Roane.

Over the years I've come across some useful tricks in PHP that are not obvious, but are worth mentioning. This is not meant to be a comprehensive list of all the useful tricks that you can do with PHP.

The list of six includes:

  • Count Characters in a String
  • Use Single Quotes When Possible
  • Use Arrays in Form Fields
  • PHP Output Buffering
0 comments voice your opinion now!
trick quote array output buffering


PHPBuilder.com:
The ABC's of PHP Part 5 - Strings & Text
April 16, 2009 @ 09:31:25

PHPBuilder.com has the latest in their series looking at beginner level PHP and some of the core concepts that go with it ("The ABC's of PHP"). This latest tutorial looks at string and text handling.

In the last part of this series we looked at what a variable was in general. Today we'll be covering strings and text. We'll look at the contents those variables would typically hold.

Topics include the differences between single and double quotes, appending to a string and special characters (like line feeds and tabs). Code snippets are provided for each to help you visualize what they mean.

0 comments voice your opinion now!
beginner introduction string text quote special character tutorial


Rob Allen's Blog:
Hooks in Action Helpers
November 05, 2008 @ 09:34:40

Rob Allen has posted this look at using hooks inside of action helpers (a follow-up from his previous article on action helpers):

Hooks are a feature of action helpers that allow you to automatically run code at certain points in the dispatch cycle. Specially, there are two hook functions available for action helpers: preDispatch and postDispatch. These allow you to ensure that some functionality is always run for each request.

He creates a simple action helper that grabs a random quote from an array and drops it into a property of the helper. By defining a preDispatch method inside of the helper, the HelperBroker knows to pull the method in an execute it immediate before the rest of the actions are executed. A calls to addHelper with the hooks defined is all it takes to glue it together with the execution.

0 comments voice your opinion now!
hook action helper random quote tutorial addhook helperbroker zendframework


Evan Sims' Blog:
TwitterBash launches
June 20, 2008 @ 11:25:24

Evan Sims has posted about the launch of a CodeIgniter-driven application that brings the bash.org quoting abilities to the world of Twitter.

Today marks the launch of TwitterBash, a concept conceived and design by my good friend Judson Collier. [...] TwitterBash takes the concept of the long Internet-famous bash.org, which allows folks to post snippets and quote conversations from IRC, and applies it to Twitter. Just sign up for an account, then head to the submit page. Pop in the permalink for a tweet you want to quote and you're done.

The site runs on the PHP5 CodeIgniter framework allowing for fast and easy development. There's already a pretty good amount of content, so go over and check it out (and submit some of your own).

0 comments voice your opinion now!
twitterbash php5 codeigniter framework bashorg twitter quote


Christopher Jones' Blog:
PHP 5.3 "NOWDOCS" make SQL escaping easier
February 14, 2008 @ 11:18:00

Christopher Jones has posted about an update to the development for PHP 5.3 that makes escaping SQL even easier in scripts - NOWDOCS.

Escaping quotes or other meta characters in SQL can be painful unless you get lucky with your quoting style. [...] Even with PHP's "Heredoc" syntax something will need escaping, but with PHP 5.3's new "Nowdoc" syntax no escaping is needed.

The only difference between HEREDOC and NOWDOC is that the initial keyword (like the first END in this statement: <<<'END' text here END;) that can make worrying about complex quoting rules a thing of the past.

2 comments voice your opinion now!
nowdocs sql escape nowdoc heredoc php5 quote


Gareth Heyes' Blog:
htmlentities is badly designed
November 26, 2007 @ 10:23:00

Gareth Heyes has a quick new post to his blog today about the use of htmlentities and the false assumptions some developers have about it:

When someone uses htmlentities I've seen it time and time again that they expect that it filters variables from all XSS. This is wrong of course because the function requires a second parameter ENT_QUOTES which correctly replaces quote characters. Some developers aren't even aware that quotes can lead to XSS injection.

He reminds developers of the second parameter - the ENT_QUOTES parameter that correctly replaces quotes. Other people have mentions things in the comments as well like another optional parameter to force an encoding type and opinions about the function's use.

0 comments voice your opinion now!
htmlentities design quote xss injection entquotes encoding htmlentities design quote xss injection entquotes encoding


Terry Chay's Blog:
Ed Finkler agrees with me
May 01, 2007 @ 12:38:00

Terry Chay has some of his own comments surrounding the latest episode of the Pro::PHP Podcast, an interview with Ed Finkler about the state of PHP security.

Ed Finkler agrees with me. Thanks Ed. :-) Listen to the podcast. It's a realistic assessment of the state of security in PHP.

He also includes a favorite quote from the podcast (as said by Ed):

If web developer doesn't understand common security issues they shouldn't be considered developers...[Web applications] essentially are dealing with data that someone is inputting there. As a developer of web applications, you are essentially stewards of that data.
0 comments voice your opinion now!
prophppodcast edfinkler comments quote interview prophppodcast edfinkler comments quote interview



Community Events





Don't see your event here?
Let us know!


language series community laravel release interview zendserver package podcast tips install update framework library symfony deployment introduction list opinion api

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework