On the Websanova.com site there's a recent post about doing timezones the right way when working with them in PHP and storing them in your (MySQL) database.

Timezones are actually a very trivial concept but they seem to be overlooked and over complicated. [...] Rather than storing a timezone with each date it's better to just accept a standard time to store all your dates with, thus doing the conversion to that standard time before storing the value in the database. It doesn't really matter what time we store it as, but it's generally a good idea to just use UTC+00:00.

They talk a little about what the UTC timezone is for those that may not know and show how to set it as the default timezone for your PHP application (with date_default_timezone_set or updating your php.ini). They also include the MySQL configuration option to set its default timezone and and example SELECT statement for extracting the data back out.

Engine Yard/Orchestra, a PHP platform-as-a-service (PaaS) provider has announced the release of PHP 5.4 as a part of their cloud offerings:

We're pleased to announce the general availability of PHP 5.4 for Orchestra PHP Cloud. We are committed to keeping your apps running on the latest and greatest version of PHP. After careful lab testing, we'll upgrade your apps as newer versions of PHP become available. What if you're still using PHP 5.3? Don't worry, Orchestra PHP Cloud will continue to maintain its PHP 5.3 stack. You will be able to choose which version of PHP you would like to use when you launch a new app.

The default when you set up a new application will now be PHP 5.4, so be sure you're paying attention on setup if you need something else. You can find out more about the Orchestra PaaS on the Engine Yard site and try it out for free to see how your app performs.

In this new post (and this related article) Pádraic Brady shares some of his opinions about default security languages should provide and the Secure by Design principles.

Odd though it may seem, this principle explains some of PHP's greatest security weaknesses. PHP does not explicitly use Secure By Design as a guiding principle when executing features. I'm sure its in the back of developers' minds just as I'm sure it has influenced many if their design decisions, however there are issues when you consider how PHP has influenced the security practices of PHP programmers. The result of not following Secure By Design is that all applications and libraries written in PHP can inherit a number of security vulnerabilities, hereafter referred to as "By-Default Vulnerabilities".

He focuses on what he sees as a responsibility of those creating the language to either default to a more secure architecture or provide information as to why their choices could cause problems. In the extended version of the post, he talks about some specific issues that the language has including SSL/TLS misconfiguration, openings for XML entity injection attacks and limited native filtering for cross-site scripting.

On PHPMaster.com today there's a new tutorial posted about using type hinting in your PHP applications to restrict the values passed into your methods.

Since PHP 5 you can use type hinting to specify the expected data type of an argument in a function declaration. When you call the function, PHP will check whether or not the arguments are of the specified type. If not, the run-time will raise an error and execution will be halted.

Included in the post are code examples showing how to define custom types in a function definition and what happens if you pass the wrong type in. Also mentioned is one of the main limitations to hinting - the fact that it can't be used on default PHP variable types.

Derek Allard has a quick post for the CodeIgniter users out there with some styling you can use on the default CI calendar.

A project I'm working on needs a monthly calendar. Naturally, I'm using CodeIgniter as the base of it. [...] My needs were something more akin to the interface iCal provides; broad, spacious, subtle. Obviously, the default is just an unstyled base that CI provides as a starting grounds. The Calendar library documentation provides some insight into how we can start changing this up.

He talks about the settings he needed to change including the "day_type" setting and template that specifies the CSS classes to use. Add in the CSS and you'll end up with something like this. You can download the example files too.

On the Zend Developer Zone there's a new post talking about including language information in your Zend Framework application's default route in a cleaner manner.

There are several ways how to include language id in default route of Zend Framework. However, generally you end up with the solution not quite elegant and likely not totally trouble-free. I have seen people overwriting the default route by new one which mimics module route with additional language id. There is no need to throw the default module route away to do this. To get it right chain the plain language route with default route.

He gives code examples of the routing code to put in your bootstrap that uses the Zend_Controller_Router_Route_Chain and a plugin to handle the language checking and routing handling.

Emran Hasan has a quick new post to his blog today looking at how you can change the default controller naming scheme that the CodeIgniter framework uses (to prevent things like naming conflicts and the like).

CodeIgniter is one of my favorite framework and I often use it for developing application quickly. Although it is very flexible in most cases, I find its naming convention to be strict. Many times I have faced this problem when my controller's class name and a model/library's class names are the same '" a Fatal error is inevitable.

His method involves extending the core CI_Router class to change the _validate_request method to change the location and the naming convention (from Users to UsersController) for the default controller settings. Code for the update is included.

In a new post to his blog Terry Chay looks at the real cost of a (call to) date() - the PHP function that can parse either the current or an inputted timestamp out into the date format you specify.

One of the fringe benefits of open sources an existing code base is that you have an opportunity to setting error_reporting on E_ALL | E_STRICT or perhaps rather just to 2147483647. When you do that you find small problems with your code base you missed the first time you sloppily wrote it. In my case, I noticed that date() was throwing strict errors.

Due to his resulting request to test the error (after submitting a ticket to fix the server's php.ini settings), he went about trying to test and see what the real impact of working with the date function was by developing his own simple benchmarking script. It runs through five different tests some with a default timezone set and some not. His results found that doing it in the script versus on the server's config didn't make much of a difference so he corrected the issue with a quick ini_set (or a date_default_timezone_set).

New from the Make Me Pulse blog is this quick tutorial about bending the URL rewriting that the Zend Framework does to match whatever your needs might be.

Today for a good website's referencement in Google, it's necessary to have an URL rewriting. [...] If your application is based on ZF, we have a htaccess base file which will redirect all php files to the boostrap (what is the bootstrap ?), and ZF classes will manage all redirection rules. How to implement the URL rewriting with ZF classes ?

He sets up a config file (an ini file) with the routing instructions the framework will need to adhere to and shows how to get the application to include it and match against it for routing rules. His example sets a default route and several regular expression-based routes to remap requests right where they need to go.

In a recent post to his blog Mike Bernat gives a quick tip on how to change the default value of a data-time input field in a CakePHP application.

Automagically generated date/time input fields normally default to the current date and time. For a couple of reasons, I had to change this to another default value.

His included code shows how to modify the default behavior of the form input field for the date with an array of parameters including the hour, minute and meridian (am/pm) values for the element.