PHPDeveloper.org

Sebastian Bergmann's Blog: Global Variables and PHPUnit

Tue, 17 Jun 2008 08:49:19 -0500

Sebastian Bergmann has a new post today about a feature of the PHPUnit unit testing tool that has the possibility of breaking when objects are introduced - backing up the globals.

It is hard to test code that uses singletons. The same is true for code that uses global variables. Typically, the code you want to test is coupled strongly with a global variable and you cannot control its creation. An additional problem is the fact that one test's change to a global variable might break another test.

You can disable the backup option if you'd like by setting the $backupGlobals option in your test to false. This lets PHPUnit know that you want to leave the globals (and superglobals) alone during the run.

DevShed: Building File Uploaders with PHP 5

Thu, 20 Mar 2008 11:18:11 -0500

On DevShed today there's a new tutorial showing how to build file upload functionality into your scripts.

If you're a PHP developer who has built a certain number of web applications, then it's quite probable that you've already worked with HTTP file uploads. [...] First I'm going to teach you how to handle file uploads using a procedural approach, and then, with the topic well underway, by way of the object-oriented paradigm.

The introduce the beginners out there to the $_FILES array (a superglobal) that contains the details about the file(s) that have been submitted. Next comes the construction of a simple form and how to handle the submission on the PHP side.

Stoyan Stefanov's Blog: PHP-style $GLOBALS in Javascript?

Wed, 12 Mar 2008 07:55:07 -0500

In a new post to his blog today, Stoyan Stefanov has a proposal to being something PHP users are very used to - superglobals - over to Javascript.

Javascript has implied globals. When you skip the var in var a = 1; and go a = 1;, then a becomes a global variable. Some consider this an error in the language. [...] In PHP on the other hand, variables are local. [...] So how about this: adopt the $GLOBALS convention in your JavaScripts?

His example proposes the creation of a GLOBALS object you can assign properties to that can be used anywhere. This helps to keep the variables you truely want to be global contained, though it doesn't do much except provide a convention.

Brian Moon's Blog: Responsible use of the $_REQUEST variable

Tue, 22 Jan 2008 09:38:00 -0600

In one of his recent blog entries, Brian Moon takes a look at what he considers the "proper use" of the PHP superglobal $_REQUEST (as brought on by a thread on the PHP internals mailing list.

I have seen more than one person make the following logic mistake: I may get data via GET, I may get data via POST - Ah, I should use $_REQUEST as it will catch both.

Brian points out the error - cookies aren't in $_REQUEST so improper handling of those values could lead to cookie data overwriting GET/POST data from $_REQUEST. Several of the comments on the post also warn against improper handling of the values, noting that doing so could lead to holes open for attacks (like session fixation).