In a new article today on PHPMaster.com Robert Mariotti takes a look at standards and how important they can be when developing applications (both in following them and defining them correctly). It's not specifically targeted at PHP developers, but it does give some good food for thought.

As a long-time programmer, often with a staff of other programmers to watch over, I learned early in my career how important enforcing programming standards is in contributing to the overall success of a project. Not only do standards affect an individual's production of code, but they ensure that anyone else who may contribute code later can do so with a reasonable expectation of consistency.

He defines the abstract concept of "coding standards" as rules or guidelines that should be followed based on the application. Sure, there's more global standards for things (PSR-0 anyone?) but your needs will always be different and more fine-grained than those can get. He recommends standardizing everything, possibly using one of the standards popular open source projects have already laid out as a base.

In a new post to DZone.com today Giorgio Sironi asks developers what new feature of PHP 5.4 is the most important to you and your application development?

Recently, the voting process for PHP 5.4 open to committers and users have been closed. We now have a clear picture of what will make the release and what will be left out. Some of these features (traits, web server) were already in, while other have been just voted and will be completed before the general availability of the release.

He lists out some of the major changes that'll be coming in the 5.4 release including traits, dereferencing, the built-in HTTP server, closure type hinting and the upload progress feature previously only in an extension. The end of the post includes a poll for you to give your feedback on what you think is the most important. As of the time of this post, the array dereferencing has pulled into the lead with traits coming in second.

Anthony Wlodarski makes an important point about what one of your first steps should be when considering a framework for your application - be sure to read the source first. In his case, it was the Zend Framework.

One thing I learned early on with ZF was that the curators and associates in the ZF ecosystem always fall back to the root of "read the code/api/documentation". With good reason too! It is not the volunteers simply shrugging you off but it is for your own good.

He includes an example of the Zend_Validate_File_ImageSize component. By reading the manual you get an idea of the input and output values, but you don't get as much of a sense of how it works unless you take some time to glance through the code.

If you think the only reason to go to a conference like ZendCon is for the main speaker list, you're missing out on half the fun and content. The Unconference, managed this year by Keith Casey promises to be one of the best ever (here's the list of suggested sessions so far). Matthew Weier O'Phinney agrees and in his latest post he talks about why unconferences are important and why you should attend.

Why should you care? There are great sessions already selected for the conference featuring some well-known speakers from the PHP world; why would you want to either attend or present at the uncon?

He talks about how the unconference atmosphere can help with continuing the conversation from other sessions (like a subversion talk that spawned off a best practices session), how it can be a "springboard" to getting into the speaking world and how it can help to explore new ideas and concepts that the main conference tracks just don't make very easy.

From BuildInternet.com today there's a new article from Jason Gilmore looking at PHP frameworks and why they matter to both the developers and the community at large.

Having been a PHP programmer for more than a decade, I've come to realize that many of my fellow PHP programmers seem to have a misplaced notion of what being "lazy" is really all about. [...] Suddenly the Web developer was facing so much more than validating user input and connecting to a database [and] the need to be a lazy programmer was more important than ever.

He covers a lot of the basics of frameworks with a focus on the Zend Framework (because of familiarity) - configuration, data validation tools, database connections, display helpers and the inclusion of third-party plugins.

The Developer Tutorials blog has posted their "winner" of a list of things to do to keep you and your website secure:

When it comes to PHP security, you often think of input filtering, SQL injection prevention, XSS in user submitted content and so on. Well, forget about that. They're all pretty trivial compared to what I feel is by far the most important security issue of any web application. Read on to find out why.

Their number one thing to do to keep safe and secure? "Keep your systems updated." They point out that security a web site is one thing but securing the system that it runs on/has been developed on is another (and improperly patched, it could cause some huge problems).

Now, the best way to keep on top of potential vulnerabilities in your underlying systems is with updates. Sometimes, however, you need to go a little further. [...] Watching the web is also a good idea; major security vulnerabilities generally make it to the front page of Digg.

The International PHP Magazine is back with the results from this weeks poll - "Poll Question: Which is the Most Important Feature of PHP 5?"

The options to choose from were:

• Better error handling
• Better MySQL performance
• Newer useful functions
• SQLite Database support
• Best OOP support period

With the last of the options coming out on top by a landslide (58.8%) followed far in the distance by "Newer useful functions" (10.3%).

Be sure to cast your vote in this week's poll that asks readers to vote on which method of the choices given is the best way to do testing on your applications.

The International PHP Magazine has posted the results from the latest poll on their site. This time, it asked visitors to vote on which of the five options they thought was the best advantage that the phpbb SEO Master had to offer.

The option, 'All' has won hands-down with a majority of 20.6%. A contradicting result is seen as next to 'All' is the option 'None' with 12.7% votes. The third position goes to 'easy install and works with your existing board' as it has garnered 4.8% votes. The last on the list is 'topic URLS are dynamically converted to SEO friendly addresses' which has got a dismal 0.0%.

Be sure to check out this week's poll too - it asks for votes on which of the options is the most important feature of PHP 5. Options include "Better error handling", "Newer useful functions", and "Best OOP support period".

Greg Beaver has an advisory message posted on his blog today about why it's imporatant to upgrade PEAR from 1.3.x to the latest, 1.4.6.

PEAR 1.4.6 was just released at pear.php.net (http://pear.php.net/PEAR). This is a minor bugfix release and complete details are available at pear.php.net, but I must stress two points with extreme seriousness:

• PEAR 1.4.6 fixes make install-pear INSTALL_ROOT=/rpm/packaging and introduces the --packagingroot option to install, which works like --installroot worked in PEAR 1.3.x
• PEAR 1.3.x has several serious bugs and at least 2 serious security vulnerabilities. Using PEAR 1.3.x on a production machine is EXTREMELY dangerous

He goes on to discuss further why that second point is particularly dangerous, including several unpublished serious bugs. You can download the latest PEAR packages from the main PEAR site...