In a five part series on the symfony blog, Fabien Potencier relates a call to the expert, a refactoring story where he helped out a fellow symfony developer with their first application.

Some time ago, Vince, a seasoned PHP developer, asked me to have a look at his very first symfony project, a product store. As the mistakes he did were quite common, I decided to tell you the story of this refactoring session in the hope you will learn as much as Vince did

Here's links to each of the five parts:

• Part 1
• Part 2
• Part 3
• Part 4
• Part 5

DevShed starts off a new series today focusing on security in web applications, specifically in PHP-based ones, with this first article - an overview.

With the web and web sites open to everyone -- including malicious hackers -- the security of web applications sits at the top of the list of issues on any web developer's mind. In this eight-part series, we will look at the security concerns of PHP developers, and what they can do to make their web applications more secure.

They talk about the importance of having a security plan from the start and look at a few simple steps to get started with in enhancing your application's security - the proper use of register globals, using error reporting to correctly catch problems and how to minimize the code exposure of your app.

DevShed has posted the next part of their series focusing on the CodeIgniter framework. This new tutorial looks at the Active Record class that sits at the heart of the framework.

Welcome to the sixth installment of the series entitled "Introducing the Code Igniter PHP Framework." By using a hands-on approach, this series of articles walks you through the main features that come packaged with this friendly yet powerful development software that lets you quickly build robust PHP applications.

They show a simple example of how to pull information out of your database, how to get a little more complex with conditional select statements and how to use a where to narrow down your results.

Mike Willbanks has posted another part in his "PHP performance" series today. In his previous article, he talked about caching techniques including things like opcode caching and database memory tables. This time he talks about getting the most out of your MySQL database.

Application level SQL performance is much different than the performance of the SQL query itself but rather how it has been designed to work in the application. Many of the items I will be addressing in this area is designing your application to make less queries thus improving scalability and likely performance. However, performance does not always equal scalability as the same with scalability does not always equal performance.

He looks at a few different topics like lazy connections, iterating queries, need-based selects, normalization and a few simple things that you can apply to every SQL your application uses to optimize it as much as possible.

Jake Blauzier has just posted the last part of his series focusing on the creation of an event-based Ajax framework that works with PHP. It allows for calls to static functions, can return Javascript representations of PHP objects and a "call queue" system to keep things from overlapping.

Here's the list of the parts of the series:

• Part 1 - introduction, sample usage
• Part 2 - problems in making an event-based ajax callback model (and his solutions)
• Part 3 - the use of JSON in the framework
• Part 4 - implementation of the Scriptifiable interface
• Part 5 - implementing the Remotable interface

You can download the latest version of his Ajax framework directly from his blog.

Syllogistic has released a series of PHP tutorials on video to help you learn the language:

What's the best way to learn a new skill like PHP programming? By spending days reading a boring technical book? Or perhaps sifting through hundreds of small web tutorials - some outdated, or even just wrong. Of course not! The best way to learn is by watching someone who really knows what they're doing, and then following their example!

Unfortunately, the videos aren't free, but they're only about $50 CDN and cover all of the topics you'll need to get started with PHP:

• Programming for the Web
• Arrays
• Loops
• Functions
• and how to tie it all together.

You can find out more about the videos on their site as well as place your order

The PHP development team has released the latest version in the PHP 5.2.x series today - version 5.2.6:

This release focuses on improving the stability ofthe PHP 5.2.x branch with over 120 bug fixes, several of which are security related.All users of PHP are encouraged to upgrade to this release. Further details about the PHP 5.2.6 release can be found in the release announcement for 5.2.6, the full list of changes is available in the ChangeLog for PHP 5.

Security updates include prevention of a buffer overflow in FastCGI mode, an integer overflow in printf, correction for a safe_mode bypass method in cURL and the bundling of PCRE 7.6 to update the regular expression functionality of the language.

You can grab this latest release from the downloads page on PHP.net (or your favorite mirror) - both the source and the Windows binaries.

The Developer Tutorials blog has posted a series they've worked up to show bloggers out there running WordPress how to create a custom theme from scratch:

In this multi-part series I'll detail how to create and design a Wordpress theme from nothing more than your imagination using Photoshop, CSS, XHTML and PHP.

Here's the list so far:

• Part 1 - getting the tools and an overall layout idea
• Part 2 - splitting it up to make the layout parts
• Part 3 - converting the Photoshop template to XHTML
• Part 4 - cleaning up the XHTML and doing some styling with CSS
• Part 5 - how to preload some images with Javascript to make the page load faster
• Part 6 - creating the WordPress-specific markup
• Part 7 - working up the PHP functionality
• Part 8 - integrating PHP into the template
• Part 9 - marking up the "framework" of the site (header/footer/sidebar)
• Part 10 - adding additional files like a links page and changing the posting template
• Part 11 (?) - deploying the theme out to the public view

On PHPBuilder.com today there's a new tutorial posted showing how to combine the Javascript power of Prototype along side PHP's adaptability to create a simple, ajax-driven shopping cart for your site.

In the latest installment of this ongoing PHP series, I'll show you how to build a shopping cart using PHP, session handling, and the Prototype JavaScript library. The cart allows users to add and delete products from the cart, as well as change cart quantities. And of course, the interaction is seemingly instantaneous, allowing for the user to continue shopping without waiting for the page to reload.

They start from the ground up - making the database tables, inserting some data - before writing up the simple PHP class with methods like deleteFromCart and getCart. This lays the foundation for the next article in the series where they add in a splash of ajax to make it a bit more user-friendly.

Tony Freixas continues his introductory look at "booting" a PHP script with part two of his series (here's part one) looking at using libraries.

In the good old days, if you wanted to create re-usable code, you would create a library of related functions or objects. Now, the excitement is all around frameworks. Everyone has one. What is the difference between the two?

He compares a library and a framework, pointing out key differences like how they fit with the application (controlled by or controlling) and dependencies they require. He rounds out his boot sequence, adding a few new parts to the structure of his example application.