On his Code Diesel Sameer shares seven essential options you can use to make your command-line PHP experience even better.

Most of us use PHP from a IDE or using a simple text editor with a browser, rarely dropping down to the command-line for running php programs. But php provides some interesting and quick options you can use to perform various common tasks or to debug some nasty installation problems. Below is a list of some useful options you should be familiar with.

Among those on his list, handy options like the ability to define which php.ini file to use (-c), showing what modules are compiled into the current binary (-m) and a syntax highlighted output of the file (-s).

The PHPClasses.org website has a new book review of SitePoint's latest PHP-related release, "The PHP Anthology: 101 Essential Tips":

As PHP developers, we commonly resort to browsing the Web for people with similar programming problems. Now that we have The PHP Anthology, why should we? While the book certainly does not cover everything, there is something for everyone, and even the few sections you find useful make it all worthwhile.

He talks about the book's target audience, the quality of the examples it provides and some of his suggestions on how the book could have been even better.

The Developer Tutorials website has started up a blog and has already posted some great content to it including this new post covering five things that every PHP coder should know about development.

There's always a bridge between textbook knowledge of programming - syntax, procedure etc. - and the real world knowledge that you get from actually developing real applications. Here are five things every PHP developer should be familiar with before they begin developing web applications in PHP

The list is:

• Frameworks
• Templating engines Code availability
• Don't reinvent the wheel
• IRC is a wonderful thing

I'm a particular fan of that last one and regularly hang out in the same ##php channel over on Freenode.

On the Sitening Blog today, there's a list of "essential plugins" for the TextPattern CMS system - an open source CMS that's framework makes it easy for designers/developers to work together and quickly make sites with dynamic content.

Although Textpattern's default installation provides a lot of useful features, it doesn't try to be everything for everybody. Instead, it has an intelligent PHP based plugin system that allows programmers to write their own add-on code to enhance its functionality.

The list consists of:

• zem_contact_reborn
• SimplePie RSS Parser
• hak_tinymce
• md_versions
• asy_sitemap
• stw_category_tree
• etx_crumbs
• sgb_url_handler

Each of the above has a description, the features is has and options it allows the user to customize.

On his blog today, Richard Miller has posted a quick review of Chris Shiflett's book "Essential PHP Security" after reading it.

I recently finished reading Essential PHP Security by Chris Shiflett (O'Reilly). It was a good, quick read, and for me it was mostly a review of principles I had previously read on Chris's blog. The main principles are filter input and escape output. Using separate arrays for each kind of data is a best practice.

Richard also includes a quick code example of this kind of filtering on POST data, HTML information, and MySQL output.

According to this new post on Chris Shiflett's blog today, his book (and its corresponding site) - Essential PHP Security - was Slashdotted yesterday.

Thanks to everyone who wrote to let me know that Essential PHP Security was Slashdotted yesterday. Slashdot still amazes me. I think the book's Amazon.com Sales Rank is a testament to the power of Slashdot.

He notes that the book has been very well recieved (at #354 in the Books section on Amazon) and has garnered some great reviews as well. It's great to see that the community is snatching up this great resource. It can only help to further the cause of enhanced security in PHP applications overall.

Chris Shiflett has a new post on his blog today that points to a sample chapter of his book, "Essential PHP Security", that's been posted over on MySQL's Developer Zone.

The sample chapter of Essential PHP Security for MySQL's Developer Zone is now available: Chapter 2, Forms and URLs.

This chapter discusses form processing and the most common types of attacks that you need to be aware of when dealing with data from forms and URLs. You will learn about attacks such as cross-site scripting (XSS) and cross-site request forgeries (CSRF), as well as how to spoof forms and raw HTTP requests manually. By the end of the chapter, you will not only see examples of these attacks, but also what practices you can employ to help prevent them.

If you haven't gotten a chance to check out the book, you definitely should. It's recieved greate reviews by people all over the community, and thought smaller, contains a lion's share of information about PHP security matters...

In an effort to help increase the security awareness (more than he already has), Chris Shiflett has created a companion site for his O'Reilly book "Essential PHP Security" - PHPSecurity.org.

PHPSecurity.org, the companion web site for my new book, Essential PHP Security, is now online. Many thanks to Amy Hoy for the excellent design!

I've included the table of contents, the (unfortunate) errata, some reviews, and the code repository.

He also notes that, while there are partial examples in the book, there is no complete example that could be used to do anything malicious (the parts are there, obviously, but just not in once place). Overall, though, he says that the book has been doing well, and has gotten a very warm reception from the community - hence the expansion out to the new site...