In a new post to his site Bob Majdak looks at using SQL in PHP and some of the challenges he's come across (some of them with his own tools). He talks about things line inline SQL, loading SQL by unique key or creating a "build object".

There is no right or wrong way, but no matter what there is no *pretty* way to do SQL inside of a PHP application. I have been having a personal debate with myself all week about how to make SQL statements nicer in an application without going to a huge DBAL package like Doctrine.

He looks at each idea and provides some of the pros and cons about each of them, noting that he hasn't quite decided on which is the best method. Some sample code is included to help clarify the points, showing the "find by unique key" version and how a more complex query might be created with the "builder object."

The PHP Podcast (from Zend) has posted its second episode - Episode #2, an interview with Adam Culp who recently joined the team at Zend and is a organizer for the South Florida PHP User Group.

In this episode we talk to Adam Culp on his very first day as a Zend employee. We talk about PHP community and Adam's decision to move from the realm of independent consultant to Zender! Adam is the organizer of SunshinePHP, PHP Guru and joining the Zend Professional Services Team.

You can listen to this latest episode either through the in-page player or by downloading the mp3 directly. You can also subscribe to their feed of you want this and future episodes pulled automatically.

On 7PHP.com there's a new post that interviews a PHP community member, Eric Hogue, about his experience with the Zend Certified Engineer exam.

This is the 3rd set of Zend Certification Tips and Advice to help anyone taking either of the two Zend Exams powered by Zend Technologies: the Zend PHP Certification Exam and/or the Zend Framework Certification Exam. The aim being to help people who want to sit for those exams and inform them what it is all about & what to expect by hearing it from (pro) PHP Guys who have already been through it, that is => Hear It From Zend Certified Engineers!

He starts off with some general questions to Eric about the exam and its structure and how he prepared himself for it. He mentions some of the resources he used to study and what kind of topics to pay attention to. There's also a few quotes included at the end giving another perspective on the exam (specifically, some frustrations).

On Mike Dalisay's site there's a recent post showing how to use the Phpass tool to salt, hash and store passowrd data in your application.

I think the main reason why we have to hash passwords is to prevent passwords from being stolen or compromised. You see, even if someone steal your database, they will never read your actual or cleartext password. I know that some PHP frameworks or CMS already provide this functionality, but I believe that it is important for us to know how its implementation can be made.

His sample application stores the user data in a MySQL database and does the salting+hashing at the time of the request. It uses a hard-coded salt and a value of 8 for the hashing/stretching. Screenshots of each page in the example application are also included.

The first episode of a new PHP-related podcast, the "PHP Podcast" produced by Zend, has been released. This first episode, hosted by Joe Stagner features a well-known PHPer, Cal Evans.

Cal Evans has been referred to as "The Ubiquitous Face of the PHP Community". That's made Cal an obvious choice for the first guest on the PHPPodcast. In this episode we chat about the evolving face of the PHP community.

You can listen to this latest episode either through the in-page player, by downloading the mp3 or by subscribing to their feed.

7PHP.com has posted a new article where they asked Lorna Mitchell for some of her advice for those wanting to take the Zend Certified Engineer exam, including what the test is like and how you can prepare effectively.

This is the 2nd set of Zend Certification Tips and Advice to help anyone taking either of the two Zend Exams powered by Zend Technologies: the Zend PHP Certification Exam and/or the Zend Framework Certification Exam. The aim being to help people who want to sit for those exams and inform them what it is all about & what to expect by hearing it from (pro) PHP Guys who have already been through it, that is => Hear It From Zend Certified Engineers!

They start with a little background on her and her experience with PHP and get quickly into the questions about the exam. Topics include things like:

• What the test is about and hopes to achieve
• Some things you can do to prepare
• A recommendation to make the most of your time exploring topics you might be weak in
• Whether or not the ZCE training classes help in the learning process

You can read the rest of the interview here.

On 7PHP.com today there's a new interview posted, a different kind of one from their usual "community spotlight" series. In this new article they talk with Michelangelo van Dam about the Zend Certified Engineer test and any advice he can offer to those wanting to take it.

This is the 1st set of Zend Certification Tips and Advice to help anyone taking either of the two Zend Exams powered by Zend Technologies: the Zend PHP Certification Exam and/or the Zend Framework Certification Exam. The aim being to help people who want to sit for those exams and inform them what it is all about & what to expect by hearing it from (pro) PHP Guys who have already been through it, that is.

There's a long list of questions in the interview covering a wide range of things about the test everything from what its about out to some of Michelangelo's own opinions about the tests:

• Can you briefly give us an idea of what ZC is about, what it tries to achieve?
• Can you give us an idea of what need to be studied and what kind of stuffs we should expect..etc
• Parts of the modules that you think is more complex and one should pay special attention to?
• What TWO questions can you remember that you can share with us
• Do you recommend PHP guys to get certified?

Check out the answers to these and more questions in the full interview.

On PHPMaster.com today they've posted the second part of their "PHP and the i" series (here's part one). In this new article, he looks a bit closer at what kind of knowledge is needed to develop PHP on the IBM i.

In this somewhat risqué episode, we'll look at just what you need to be able to do development work on the i. Many people in the i world will that PHP is native to the i, but I don't think that's really true. To me, native means that it just runs, no problems or questions asked, nothing special needs to be done, it just sort of happens like when you see someone across a crowded room and know she/he is "the one". That's not the way it works with PHP and the i.

He starts off by talking about Zend and its contribution to the IBM i's abilities to run PHP through RPG thanks to a "bridge" they created. There are other options, but as he points out, they're not as well developed (or supported) as Zend's offering (being Zend Server, Zend Studio and Zend Framework).

He then talks about the details of creating and running scripts - where to put them, what kind of RPG knowledge you'll need to implement them, and which parts of the typical MVC stack work best where.

On PHPMaster.com there's a new tutorial that wants to help you keep your application and users a bit safer - a guide to password hashing for PHP applications.

You must always think about security. If passwords are stored in plain text, what happens if an attacker gains access to your database? He can easily read all of the users' passwords. That's why we use a technique called password hashing to prevent attackers from getting user passwords. In this article you'll learn how to store the passwords securely in the database so that, even if your database falls into wrong hands, no damage will be done.

He starts off describing what password hashing is and why it's important (and better than it's plain-text alternative). He gives some examples of using some of the built-in hashing functions PHP has to offer to generate the hashes. He starts with md5/sha1 (note, these are not recommended) but moves into more effective options like sha256, salted hashing and even bcrypting passwords with crypt.

Be sure to check out the comments for other security concerns and links to suggested tools and resources.

If you've been mystified by regular expressions in the past and want to learn more about their effective use, you should check out these two webcasts from Qafoo - "Black Magic with Regular Expressions" and "Understanding Regular Expressions".

We are happy to announce the availability of my second Regular Expression webinar recording. It was a fun event, which I used to explain all the attendees a little bit more about the PCRE Regular Expression engine available in PHP and some other languages. I am covering some slightly advanced topics, like subpattern options, unicode and backtracking aka. greediness and performance.

You can watch these two recordings over on the Zend.com site:

• Black Magic with Regular Expressions
• Understanding Regular Expressions