The results of the latest International PHP Poll are in for the question "Which is the best way to do PHP web testing?" Options included "Use SimpleTest Web tester", "Use element IDs or names to test links, forms and fields", and "Log HTTP requests in the application".

Coming out on top with 22.6 percent of the votes was the first item, though - "Use SimpleTest Web tester". Second was a close race with "All" and "None" only about 1 percent different ("None" being the higher).

Be sure to get your vote in for this week's poll question - "What Is the Top Mistake That PHP Coders Commit?" Options for this poll include "Not escaping entities and SQL input", "Syntax errors", and "Not using a Framework".

New to the A/R/T article repository from php|architect today is this look at the "Top Five PHP Mistakes" from Marco Tabini.

These topics have been beaten to death, and will likely continue to be beaten well after their bones have turned to dust. However, I have never had the opportunity to explore some aspects of PHP that obviously are mistakes-not just to understand their origin, but to analyze their impact on PHP and the way they have been dealt with.

His list of mistakes is:

• Objects in PHP 4
• Function Naming Consistency
• Safe Mode and Magic Quotes
• Register Globals
• Lack of Unicode Support

Under each he explains them, noting why they are important enough to mention is the list. He does, however, end on a bit lighter note - the PHP, for all its problems and woes, is just like any other laugnage out there. It has its problems, but its learned from them and, as Marco puts it "has grown because of them".

The International PHP Magazine has conducted a poll over on their website, asking visitors what their top considerations were for choosing and working with a CMS. They've posted the results of that poll today.

The options provided for the poll were:

• How is it licensed?
• What is the language/environment?
• How long has it been around?
• Is it actively developed?
• Who is using it?
• Is there support?

The results show an overpowering victory for the "actively developed" category, with the licensing and language requirements tying for second place. The option the least number of people cared about? Who was using it...

PEAR, the large repository of useful PHP libraries, is steadily growing even more in popularity. The PEAR server packages introduced have made it even easier for people to share their own libraries with the world. Unfortunately, all of this useful code doesn't come without a few issues, and in this new blog post, Lukas Smith mentions the top five packages with the most number of bug reports.

The 5 packages with the most bug reports are all pretty popular although the quality of the code varies. They are all also fairly complex and/or large. I have gone through the bugs of most of them now and then to see if I spot an obvious bogus report.

As of the time of this post, the top five are:

• Spreadsheet_Excel_Writer
• SOAP
• HTML_QuickForm
• Mail_Mime
• PhpDocumentor

Lukas also puts out a call for help, hoping that there are users out there that would like to help conquer these bugs, to help out with making the packages a cleaner place. All it takes is a little time, some inititave, and a glance at the bug reports for the packages to get started.

Congratulations are in order to Jim Plush for him and his MyBic PHP/Ajax framework. They made it up to the top one percent of SourceForge projects in the span of four days.

I'm happy to say the My-Bic AJAX/PHP framework has been well accepted by the SourceForge community. Of 117,000+ projects on SourceForge MyBic has jumped to #1000 in just 4 days and is climbing each day. The new features of My-Bic have made it a top contender for ajax enabled php applications. Development continues on the project to further support the needs of the casual developer's home page as well as the enterprise needs of a full web-based desktop application.

He follows this with a listing of the latest features of the current version (0.6) of the framework, including an install of only three files, the EasyForms functionality, built-in network issue handling, and a simple two lines of Javascript to use the library.

In a new post on PHPKitchen.com, Demian Turner notes that the framework he's a developer on, Seagull, recieved high marks in a recent comparison of 10 PHP frameworks.

Thanks to Daniel Pallet over at http://www.phpit.net/ for his recent article comparing 10 PHP frameworks. It's a pleasant surprise that based on the checkmarks for features marking scheme, Seagull came out with the top score. A lot of complaints from the other contestants "you didn't give me credit for this" - I guess visibility of features is an important feature in itself.

There's also mention of the renewed effort to bring the documentation and tutorials offered for the framework up to date with the latest stable release - version 0.6.

On his blog, mustapha has posted his Top 10 list for his opinions on PHP frameworks.

Development of PHP scripts without a preconceived plan to manage them is asking for a headache. The goal of a framework is to make the process of writing web-based applications simpler.

An application designed around MVC is easier to manage because it is split into tiers, which allow for independent development. This promotes code reusability by building models, which are reusable throughout the application.

His list includes frameworks like Phrame, Symfony, and CakePHP ranked according to his personal tastes. He does provide some backing behind his top three choices, however - giving his reason(s) for picking them.

In his latest post today, John Cox takes a look at one of the latest posts from the SitePoint PHP blog - the Top 7 PHP Security Blunders.

This morning I read the Top 7 PHP Security Blunders which contained (at least in my mind) a few questionable comments about PHP security. Luckily for the early readers of the article, there was a very long comment by comments were a very nice critique of the article which also corrects a few obvious mistakes within the article itself.

The comments have now been pushed off the main article to the forum, (which is a shame) but as a developer, you would be doing yourself a disservice by not also taking the time to read the counter-point. They are insightful without being inflammatory.

The comments by Chris that he makes reference to can be found here in the SitePoint forums...

On the SitePoint PHP blog today, Pax Dickinson shares with us the "Top 7 PHP Security Blunders" as he sees them.

In this article, I'll detail many of the common PHP programming mistakes that can result in security holes. By showing you what not to do, and how each particular flaw can be exploited, I hope that you'll understand not just how to avoid these particular mistakes, but also why they result in security vulnerabilities. Understanding each possible flaw will help you avoid making the same mistakes in your PHP applications.

His list includes:

• Unvalidated Input Errors
• Access Control Flaws
• Cross Site Scripting (XSS) Flaws
• Data Handling Errors

There's more listed, so be sure to check out the rest of the article - each item is explained and on some, sample code is included where it makes sense...