Joshua Thjissen has revisited some of his PHP internal function statistics, an update from this previous post with some results showing the most (and least) used internal PHP functions in several large projects from GitHub.

A lot of people are asking about functions like isset, empty, print, echo etc, as they are not present in the current result list. The thing is, is that these are not really functions, but language constructs. This means that PHP treats them a bit different than normal functions, and this results sometimes in seemingly “strange” behaviour when trying to use them like regular functions.

He's updated his results, though, to reflect the usage of these "functions" and shared the numbers. Not surprisingly, these constructs show up pretty highly in the new "top 22" list he's produced. With the inclusion of the constructs, the number one item on the list is now "isset" by a very large margin. The full results can be found in this gist.

Revisiting an earlier post dealing with superglobals and classes, Brandon Savage looks at an example of why its still a bad idea.

I asserted at the time that superglobals inside of a class violated some basic rules on what a class was supposed to do. Today, I am revisiting that discussion. The placement of superglobals inside a class creates an impossible situation for code reuse. [...] Ehat happens when we want to move this [code] to another site? Unless we leave our form fields named [the same] we'll have to modify the original code.

His alternative - a much better refactoring - lets the verifyCredentials method take in the username and password and has the calling script define where those come from, either from a local or global location.

Smashing Magazine has posted a new article from Chris Shiflett and Sean Coates with their rebuttal to the site's previous 10 Advanced Tips article.

In November 2008 we published the article 10 Advanced PHP Tips To Improve Your Programming. Apparently, according to negative comments to the post, it contained some errors and some statements that are just wrong. [...] To solve the problem, we asked Chris Shiflett and Sean Coates, two PHP gurus, to take a closer look at the article, explain its errors and make it perfectly clear what is actually right and wrong in the theory and practice. This article is a professional response to our article published a couple of months ago.

Here's the more accurate descriptions of those tips - what's good and what's bad - as presented by Chris and Sean:

• Use an SQL Injection Cheat Sheet
• Know the Difference Between Comparison Operators
• Shortcut the else
• Drop Those Brackets
• Favor str_replace() Over ereg_replace() and preg_replace()
• Use Ternary Operators
• Memcached
• Use a Framework
• Use the Suppression Operator Correctly
• Use isset() Instead of strlen()

Christopher Kunz has gone back and revisited the PHPShield product that he'd looked at previously with data obscured to make potential customer think that it had nothing to do with either SourceGuardian or Inovica.

Checking up on it again, he was happily surprised with some of the results:

I asked him again today via private mail and his response was swift. The whois entries for phpshield.com now point to his person and we can expect additional information on the web site itself soon. I like it when things can be resolved like that and I actually think this is a chance for his product rather than a possible competition issue.

This helps to more clearly define the difference between the PHPShield and SourceGuarian products. You can find out more information about each product from their sites - PHPShield and SourceGuarian. Both are encoding packages to help protect and distribute your code.