In this article we will be exploring the registration script of our site. This script is responsible for registering new users for the website. We will also be looking at database security; since the registration script also uses a database table, we will implement some of the concepts that we will be discussing.

Their example is relatively simple - it checks to ensure that none of the fields are empty, that one password matches the other and that the email address is in a valid format (using a regular expression). If it passes completely, its dropped into a MySQL database table that stores current user information.

Recently there have been many changes to PHP Freaks. A significant change is the total rewrite and redesign of the main site. The old one was taken down after vulnerabilities were found in the source code. For the last couple of months we have been working on making what you are currently looking at now. The release has been postponed a couple of times, but people have been patiently waiting for the site.

They've added a blog to the mix (which this post is a part of) to help keep visitors up to date on the site's happenings and various other news from the admins. If you find a bug, let them know, otherwise - enjoy the new site and check out all of the same great content.

After a bit of discussion on the php.ie mailing list, Kae Verens and David Coallier set up http://planet.php.ie to bundle together blog postings from people within the Irish PHP community - a big thank you is deserved for them.

There's currently five bloggers added to the planet so if you'd like to be added, either contact Ken or Kae.

This article describes software development practices that have been used to prevent problems that can break Web sites.

Included in his list are things like:

• Handle unexpected conditions Test your code
• Monitor your site errors and act upon them
• Do not disclose errors to the users
• Do what you can as you can never get defensive enough

The site features original articles entirely devoted to that extension of PHP, and theses receives new articles on an almost daily basis: tips, code fragments, application examples...

Some of the latest articles posted include:

• Extending GtkDrawingArea to draw animated graphs
• Extending GtkMenu class for Popup menu dialog
• GtkEntryCompletion
• Editable cells within GtkTreeView

It was discovered that phpMyAdmin comes with a script to display error messages that supports displaying the error in a user supplied charset. Unfortunately the encoding of the error message is not taking the charset into account which can result into XSS when UTF-7 is selected. (Other charsets like US-ASCII can also be used to exploit this in some browsers.)

There is no proof of concept posted for this exploit and, since it only effects phpMyAdmin versions 2.9.0.2 and lower, it's suggested that you update to the latest release as soon as possible to correct the issue.

All the code shown in Understanding AJAX is now available from understandingajax.net. You can run the examples on my server or download them and set them up on your own. If you run into any problems leave a comment on this post.

The book's site provdes each chapter (two through twelve) in zip files for easy download as well as a single zip file download if you just want them all at once.

What WP-Notable does is it allows you to include icons and links to where users can submit your site to the different websites, 15 of them to be exact. The 15 are: del.icio.us, digg, spurl, wists, simpy, newsvine, blinklist, furl, reddit, fark, blogmarks, yahoo, smarkling, magnolia, and segnalo.

I'll be honest, most of those I have never heard of, but it can't hurt to have those options to your visitors who have heard of them and are using it. To see an example of WP-Notable in work, just go to any article and underneath it you'll see the 15 icons with shortcuts to submit that article to those services.

The installation of the plugin is as simple as uploading and activiating, and Ryan includes a sample usage to integrate into your page.

Options included:

• Reduce overall latency by reducing HTTP requests
• Save your images properly
• Strip extraneous PHP calls

Be sure to cast your vote in this week's poll asking "What is the Top Criterion for Scaling PHP?"

Been a while since I blogged but here I go, I'm now one of the people that handles the blog accept/reject on Planet-PHP and as is Pierre in addition to Toby and Christian S.

One exciting thing has already happened to Planet-PHP since I joined, Christian Stocker added a new way to submit your blog to Planet-PHP instead of the old and somewhat crude way of sending email.

This simple new method (and one that's easier for them to track) is just this email form asking for your name, email, the blog URL, and the RSS/Atom URL - oh, and, of course, why your blog should be included in the "Planet-PHP Family".