With the recent release of the 1.6 version of the Zend Framework, Andi Gutmans has posted some thoughts and highlights of features in the new version.

The Zend Framework Community has delivered another feature-rich release of Zend Framework and I'm extremely proud and happy to see the energy and excitement around this project. The ZF team (Wil Sinclair, Matthew Weier O'Phinney, Ralph Schindler, Alexander Veremyev) along with many others in the ZF community and at Zend, have been doing a superb job and have been working very hard to put this release together.

He mentions the Dojo integration, the updates to the SOAP component, updates to make test-driven development simpler and a reminder about ZendCon08 coming soon that will feature several Zend Framework-centric talks.

On the Ibuildings blog today Lorenzo Alberton takes a look at the Zend Framework, specifically as to how it can mimic regular HTTP calls with the built-in components.

One of the unit testing best practices suggests to break dependencies, so you can test each component separately. The first problem that arises when you want to test controllers might be having a tighter control over the HTTP Request and Response objects.

This problem is overcome with the Zend_Test_PHPUnit_ControllerTestCase. The second problem it with calls to external resources (like models/databases or web services). This is the prime focus of the post and seceral blocks of code are included to make a class to emulate the HTTP responses you might get back from the service.

This recent post from the Mind Tree blog shares a few methods for testing your web application (not unit test, just general things).

Because the Web "environment" is so diverse and contains so many forms of programmatic content, input validation and sanity checking is the key to Web applications security. This involves both identifying and enforcing the valid domain of every user-definable data element, as well as a sufficient understanding of the source of all data elements to determine what is potentially user definable.

They note that the root of most problems is input validation - most applications either just don't do it or do it poorly. They include a few tips on first security the environment the application is running in (like checking the HEAD/OPTIONS values and ensuring you're only allowing known file extensions and directories). They also mention the insecurity behind HIDDEN form elements and some issues surrounding user authentication.

With the recent release of the first alpha of PHP 5.3, the community has been talking and testing this new version - here's just a few:

• Johannes Schluter looking at the actual release
• The PHP 10.0 blog mentioning the impact this new release will have on the language and the web
• and a few tests that Lars Strojny has already run on the release.
• Evert Pot's look at some of the upcoming features of PHP 5.3 (including code)
• Some testing from PHP Freaks
• A note about some testing with the Stubbles framework

You can check out this page on the PHP.net wiki for more information on what's left for the final release and a tentative schedule for the releases in between.

Kae Verens has posted another book review today covering APress' "Pro PHP: Patterns, Frameworks, Testing and More" (by Kevin McArthur).

This book is absolutely jam-packed with information useful to the medium-advanced PHP coder. SPL is described over a few chapters, and a quick intro to Zend's MVC framework is provided. Of particular interest to me were the final chapters, to do with certificate-based authentication, and a chapter near the beginning describing the upcoming features of PHP6. Great book - I really enjoyed it.

The review gets into detail on some of the chapters and some of the shortfalls that Kae saw about them. Things like:

• The title says "frameworks" but only one is really discussed (Zend Framework)
• The testing/continuous development sections weren't long enough
• The "web 2.0" section was a little sparse
• The only real web service protocol talked about is SOAP.

Overall, though Kae found the book to be worthy of a place on any developer's shelf.

Matthew Weier O'Phinney has posted about a project he undertook to make it simple to test "userland projects" built with the Zend Framework as easy to test as the framework's own Front Controller and Dispatcher.

One of my ongoing projects the past few months has been to create an infrastructure for functional testing of ZF projects using PHPUnit. This past weekend, I made the final commits that make this functionality feature complete.

This new functionality allows you to create stub test case classes, use a Zend_Dom_Query object with CSS selectors/XPath for queries and makes available a special PHPUnit test case that handles the interface between some of the custom functionality (boostrapping, dispatching requests, etc) and PHPUnit.

He includes a sample test case that has assertions for calls to a controller with an action, that a page contains a login form and that a page creates a session and redirects to a profile page.

You can get this functionality from the incubator on the subversion repository for the project.

Derick Rethans has posted his wrapup of this year's PHP Vikinger event held in Skien, Norway. Here's some of what happened during the one-day event:

PHP Vikinger is over again. With about 35 attendees, I would think it was a great success. After opening the event, we figured out which topics people were interested in. After voting for the topics, we came up with a nice couple of topics.

Topics included QA/Testing, web application deployment a look at PHP's document object model functionality and some presentations on Project Zero, the new PHP lexer, eZ Components and database abstraction.

Tony Bibbs has posted his own review of a recently released PHP-related book from APress, "Pro PHP: Patterns, Frameworks, Testing and More" (by Kevin McArthur):

First I think it's important to cover the valuable aspects of the book as that will really drive your decision whether the book is worth a read. If you are new to object oriented programming and basic design patterns you will get a fairly good introduction of how to do both in PHP.

He points out some of his favorite parts of the book - the chapter on exceptions, chapter three covering the Standard PHP library - and some of the things he thought could be improved like the order of the parts of the book (4 should be after 1) and his disappointment in the lack of security/scalability/performance topics.

Jonathan Street has posted a review of APress Publishing's "Pro PHP: Patterns, Frameworks, Testing and More" (by Kevin McArthur):

When the title talks about patterns, frameworks, testing and more it's not kidding. Kevin McArthur has managed to stuff a lot of information into the three hundred and some pages which make up this book. The inevitable trade-off is that no one section is a complete introduction to the subject it's covering. Despite this the book is filled with what I can only describe as, "Ah-hah!" and "Doh!" moments

While he found the book to be overall satisfying, there were a few things he'd like to change - not enough "enterprise-y" discussion for a book with "Pro" in the title, the "jack of all trades, master of none" feeling in the chapters and some issues with the Web 2.0 chapter that he feels only "partially relate to the core subject" of the book.

Amir Saied has posted a book review of a new book from APress publishing "ProPHP: Patterns, Frameworks, Testing and More" (by Kevin McArthur.

As the title suggests this book is about advanced PHP related topics, being divided into 5 parts and 21 chapters. The title enunciates the book will cover many different aspects, but you'll get disappointed as soon as you perceive it's only about 300 pages.

He jumps right in to the contents of the book - chapters on patterns, testing, documentation, the SPL, etc. His overall impression of the book was a good one, though, despite it trying to cover such a wide range of topics in "only about 300 pages".