Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Luciano Mammino:
Developing a web application with Lumen and MySql
Apr 27, 2015 @ 08:24:09

Luciano Mammino has a tutorial posted to his site showing you how to create a Lumen application that ties into a MySQL database from start to finish. It's a simple "display a famous quote" application, but it shows the full process you'll need to follow to hook it all together.

Lumen is a new Php micro-framework developed by Taylor Otwell, the same author of the famous Laravel framework. I wanted to give it a try and I am here to share my experimentations. I am not an expert of Lumen (yet), but I think one of the best characteristics of this framework is that it makes really really easy to bootstrap a new project. So to prove this, we will now build a fully functional app backed by a MySql database in less than 30 minutes. Are you ready to start?

His goal is a create a simple application that displays a quote, "randomized" based on the day. He shows you how to set up a new Lumen project, configure the database and create a migration to create the table in MySQL. He also includes the code for the data seeder and the main application routing (just two routes). Finally, he includes the output template and the CSS needed to make the end result look as expected.

tagged: lumen tutorial microframework mysql famous quote application

Link: http://loige.co/developing-a-web-application-with-lumen-and-mysql/

Community News:
PHP Manual Masterpieces (Humor)
Oct 16, 2012 @ 10:10:52

A new blog has started up that mentions some of the "masterpieces" that occur in the PHP manual - phpmanualmasterpieces.tumblr.com:

Sparkling gems found in the official PHP documentation, mostly in the user-submitted comments. Not meant to pick on anyone, just to serve as a source of wonderment.

There's already several posts to the blog including:

You can subscribe to their RSS feed if you'd like to keep up.

tagged: humor manual quote funny blog

Link:

Working Software Blog:
Escaping single and double quotes for use with XPath queries in PHP
Aug 19, 2011 @ 13:50:14

On the Working Software blog there's a new post showing a solution to a issue with escaping quotes in XPath queries that's not just an issue in PHP.

I've been working with the Basecamp API to plugin our IRC bot that we use for time tracking and I'm astounded to learn that escaping single and/or double quotes for XPath queries in PHP does not have a well documented, best practices solution. In fact, it seems as though this is not peculiar to PHP. I took a look around and found this excellent article by "Kushal": http://kushalm.com/the-perils-of-xpath-expressions-specifically-escaping-quotes.

He's put together his own (PHP) solution to the problem - running the entire XPath query through a filtering method that splits it up, replaces the quote characters and combines it back down to a single string.

tagged: escape quote double single xpath query tutorial

Link:

PHPBuilder.com:
Six Cool PHP Tricks You May Not Know
Apr 23, 2010 @ 08:44:24

On PHPBuilder.com there's a new article with a few things - six things, to be exact - that you might not know about the PHP language as written up by Chris Roane.

Over the years I've come across some useful tricks in PHP that are not obvious, but are worth mentioning. This is not meant to be a comprehensive list of all the useful tricks that you can do with PHP.

The list of six includes:

  • Count Characters in a String
  • Use Single Quotes When Possible
  • Use Arrays in Form Fields
  • PHP Output Buffering
tagged: trick quote array output buffering

Link:

PHPBuilder.com:
The ABC's of PHP Part 5 - Strings & Text
Apr 16, 2009 @ 09:31:25

PHPBuilder.com has the latest in their series looking at beginner level PHP and some of the core concepts that go with it ("The ABC's of PHP"). This latest tutorial looks at string and text handling.

In the last part of this series we looked at what a variable was in general. Today we'll be covering strings and text. We'll look at the contents those variables would typically hold.

Topics include the differences between single and double quotes, appending to a string and special characters (like line feeds and tabs). Code snippets are provided for each to help you visualize what they mean.

tagged: beginner introduction string text quote special character tutorial

Link:

Rob Allen's Blog:
Hooks in Action Helpers
Nov 05, 2008 @ 09:34:40

Rob Allen has posted this look at using hooks inside of action helpers (a follow-up from his previous article on action helpers):

Hooks are a feature of action helpers that allow you to automatically run code at certain points in the dispatch cycle. Specially, there are two hook functions available for action helpers: preDispatch and postDispatch. These allow you to ensure that some functionality is always run for each request.

He creates a simple action helper that grabs a random quote from an array and drops it into a property of the helper. By defining a preDispatch method inside of the helper, the HelperBroker knows to pull the method in an execute it immediate before the rest of the actions are executed. A calls to addHelper with the hooks defined is all it takes to glue it together with the execution.

tagged: hook action helper random quote tutorial addhook helperbroker zendframework

Link:

Evan Sims' Blog:
TwitterBash launches
Jun 20, 2008 @ 11:25:24

Evan Sims has posted about the launch of a CodeIgniter-driven application that brings the bash.org quoting abilities to the world of Twitter.

Today marks the launch of TwitterBash, a concept conceived and design by my good friend Judson Collier. [...] TwitterBash takes the concept of the long Internet-famous bash.org, which allows folks to post snippets and quote conversations from IRC, and applies it to Twitter. Just sign up for an account, then head to the submit page. Pop in the permalink for a tweet you want to quote and you’re done.

The site runs on the PHP5 CodeIgniter framework allowing for fast and easy development. There's already a pretty good amount of content, so go over and check it out (and submit some of your own).

tagged: twitterbash php5 codeigniter framework bashorg twitter quote

Link:

Christopher Jones' Blog:
PHP 5.3 "NOWDOCS" make SQL escaping easier
Feb 14, 2008 @ 11:18:00

Christopher Jones has posted about an update to the development for PHP 5.3 that makes escaping SQL even easier in scripts - NOWDOCS.

Escaping quotes or other meta characters in SQL can be painful unless you get lucky with your quoting style. [...] Even with PHP's "Heredoc" syntax something will need escaping, but with PHP 5.3's new "Nowdoc" syntax no escaping is needed.

The only difference between HEREDOC and NOWDOC is that the initial keyword (like the first END in this statement: <<<'END' text here END;) that can make worrying about complex quoting rules a thing of the past.

tagged: nowdocs sql escape nowdoc heredoc php5 quote

Link:

Gareth Heyes' Blog:
htmlentities is badly designed
Nov 26, 2007 @ 10:23:00

Gareth Heyes has a quick new post to his blog today about the use of htmlentities and the false assumptions some developers have about it:

When someone uses htmlentities I've seen it time and time again that they expect that it filters variables from all XSS. This is wrong of course because the function requires a second parameter ENT_QUOTES which correctly replaces quote characters. Some developers aren't even aware that quotes can lead to XSS injection.

He reminds developers of the second parameter - the ENT_QUOTES parameter that correctly replaces quotes. Other people have mentions things in the comments as well like another optional parameter to force an encoding type and opinions about the function's use.

tagged: htmlentities design quote xss injection entquotes encoding htmlentities design quote xss injection entquotes encoding

Link:

Gareth Heyes' Blog:
htmlentities is badly designed
Nov 26, 2007 @ 10:23:00

Gareth Heyes has a quick new post to his blog today about the use of htmlentities and the false assumptions some developers have about it:

When someone uses htmlentities I've seen it time and time again that they expect that it filters variables from all XSS. This is wrong of course because the function requires a second parameter ENT_QUOTES which correctly replaces quote characters. Some developers aren't even aware that quotes can lead to XSS injection.

He reminds developers of the second parameter - the ENT_QUOTES parameter that correctly replaces quotes. Other people have mentions things in the comments as well like another optional parameter to force an encoding type and opinions about the function's use.

tagged: htmlentities design quote xss injection entquotes encoding htmlentities design quote xss injection entquotes encoding

Link: