PHPDeveloper: PHP News, Views and Community

	News Feed
	Jobs Feed

Sections

Tutorials

Books

Events

Talks

Jobs

Recent Jobs

Job Posting: Vermont Information Processing Seeks Senior/Lead PHP Developer (Burlington, VT)

Job Posting: Mediware Blood Center Technologies Seeks PHP Software Developer (Jacksonville, FL)

PHP Zone: Can Learning Drupal Get You a Job?

Job Posting: Tilllate Media Seeks Senior PHP Developer (Glasgow, UK)

Job Posting: Agency Matrix Seeks Senior Application Developer (Addison, TX)

Job Posting: HUGE Seeks Freelance Zend/WordPress Developer (Brooklyn, NY)

Job Posting: Abbott Laboratories Seeks PHP Developer (Irving, TX)

Job Posting: BetFair Seeks Lead Software Engineer (Web)

Job Posting: Uplifting Innovations Seeks Lead PHP Developer (Portland, OR)

Job Posting: Ganz Seeks PHP Developer (Toronto, Ontario)

News Archive

Community News: Symfony-Check.org (A Symfony Deployment Checklist)

Matt Williams' Blog: High level search with PHP and Apache Solr

Brian Swan's Blog: Retrieving Data with the OData SDK for PHP

Brandon Savage's Blog: The 15 Minute Rule Of Software Development

PHPBuilder.com: Create Custom Google Analytics Interfaces Using PHP

NETTUTS.com: Image Resizing Made Easy with PHP

Symfony Blog: Running a TV station with symfony

Eli White's Blog: Conferences, Speakers & Presentations

Ibuildings techPortal: Zend Studio formatted for Zend Framework and ATK

feed this:

SellMix Blog:
PHP mistakes, misconceptions, bad practices and blatant no nos.

by Chris Cornutt January 25, 2010 @ 11:05:34

From the SellMix blog today there's a new post with a few "no-nos" and misconceptions when it comes to working with PHP in your applications.

We have all had that moment where we looked back on a script that we wrote years ago and thought "what the hell was I thinking?'". But it is a process. You make mistakes, you learn from those mistakes and then you move on. From my experiences of modifying other people's code, helping people on PHP help forums and making my own (many) mistakes, I hereby present this list.

There's eleven points included in the list, touching on things like:

Superglobals being referred to inside class functions
MySQL queries inside loops
Brackets '" use them.
Indent, indent, indent!
Why are you using mysql_fetch_array?

Check out the rest of the post for more tips.

0 comments voice your opinion now!
mistake misconception badpractice opinion

Jani Hartikainen's Blog:
Three PHP mistakes that will cause you debugging nightmares

by Chris Cornutt January 22, 2009 @ 12:51:50

Jani Hartikainen has posted about three simple, but hard to find, mistakes that can cause you endless frustration if you're not looking in the right places.

Here's his list:

Semicolon after a while - a small problem with big (infinitely looping) consequences)
empty() and magic __get method - __get will hit first, then empty
Missing semicolon after break or continue - a classic that can make switches and evaluations difficult to debug

Comments on the post include a few others: working with variables by reference, comparisons with == versus === and strpos finding the first character in a string.

0 comments voice your opinion now!
mistake semicolon empty magic break continue debug nightmare

International PHP Magazine:
Poll Question What is the Top Mistake That PHP Coders Commit?

by Chris Cornutt February 07, 2007 @ 10:43:00

The International PHP Magazine has posted results from their latest PHP community poll as voted on by visitors to their site. The question for this poll asked developers what they thought, of the choices on the list, was the most common mistake that PHP developers make.

Coming in at number one by an overwhelming lead was "Not escaping entities and SQL input" (a definite problem indeed) with the next highest option, "Not using a Framework" a full twenty percent lower. The next two options were closer (descending) - "Using old PHP versions" and "No or little use of Object Orientation".

There's a new poll this week for your consideration - this time asking which stage, of the five options, should come first in the development cycle of a typical content management system. Head on over and cast your vote today!

0 comments voice your opinion now!
mistake coder escape entity sql framework version oop cms mistake coder escape entity sql framework version oop cms

International PHP Magazine:
IPM Poll Question Which Is the Best Way to Do PHP Web Testing?

by Chris Cornutt January 30, 2007 @ 10:50:00

The results of the latest International PHP Poll are in for the question "Which is the best way to do PHP web testing?" Options included "Use SimpleTest Web tester", "Use element IDs or names to test links, forms and fields", and "Log HTTP requests in the application".

Coming out on top with 22.6 percent of the votes was the first item, though - "Use SimpleTest Web tester". Second was a close race with "All" and "None" only about 1 percent different ("None" being the higher).

Be sure to get your vote in for this week's poll question - "What Is the Top Mistake That PHP Coders Commit?" Options for this poll include "Not escaping entities and SQL input", "Syntax errors", and "Not using a Framework".

0 comments voice your opinion now!
poll question web testing simpletest log request top mistake poll question web testing simpletest log request top mistake

The Register:
PHP apps security's low-hanging fruit

by Chris Cornutt January 12, 2007 @ 08:37:00

There's a new article on The Register about a topic that's constantly argued in any language, much less PHP - application security.

PHP has become the most popular application language on the web, but common security mistakes by developers are giving PHP a bad name. Here's how PHP coding errors have become the new low-hanging fruit for attackers, contributing to the phishing problems on the web.

They talk first about the "great rise of PHP" on the web and how this surge of popularity also helped to show the great number of PHP security issues - both in applications written in it and in the language itself.

There's a mention of some of the upheaval that the PHP security community has had this year as well. They talk about the security of a LAMP installation versus a Windows machine, and their suggestions on helping to make the PHP world a better place.

1 comment voice your opinion now!
application security popularity issues windows lamp mistake application security popularity issues windows lamp mistake

Reign's SourceRally Blog:
The PHP coder's top 10 mistakes and problems

by Chris Cornutt January 10, 2007 @ 11:36:00

On his SourceRally blog, reign as a new post listing out the "Top 10 Mistakes & Problems" that PHP developers make.

Seeing the number of problems and mistakes PHP coders encounter repeatedly I set out to make this list of the 10 most common problems and mistakes done by PHP coders.

Included on the list are some of the usual suspects:

Not escaping entities
Not Escaping SQL input
Requiring and including files using untrusted data
Syntax errors

But there's also a few that are just good recommendations and aren't really problems (like using a framework or OOP in an application). Check out the full list here.

0 comments voice your opinion now!
common mistake problem escape untrusted eror framework oop common mistake problem escape untrusted eror framework oop

International PHP Magazine:
IPM Poll Question The Most Common PHP Security Mistake Is?

by Chris Cornutt August 09, 2006 @ 09:37:49

The results of the latest International PHP Magazine poll are in. The question they askes visitors this time was what they thought the most common security mistake is.

The options for this poll were:

Unvalidated Input Errors
Access Control Flaws
Session ID Protection
SQL Insertion Vulnerabilities
Error Reporting
Others

Not surprisingly, input validation errors ranked top of the list, with SQL insertion issues coming in second. The rest were closer with error reporting barely besting session ID protection.

This week's poll question asks readers, out of a few choices, which is the most dangerout kind of PHP attack. Cast your vote now!