Archive for October, 2006
PHP Developer - October 31st, 2006
The Zend Developer Zone has a new tutorial posted today by Pierre dealing with one of the things becoming (and should have always been) important to PHP developers - filtering input. Specifically, it deals with using the Filter extension built into PHP 5 to take care of anything malicious or incorrect that the user might throw at the application.
Security becomes the top priority (or activity) of many PHP developers. Its place and importance keeps growing in every single project, open source or commercial. Every conference provides a talk about security and you can read PHP security on the magazine cover pages.
The article is broken down into different sections, including:
- Don’t trust external data
- Why Filter?
- How does it work?
- Prerequises/Installation/Considerations
And, of course, what would a tutorial be without some examples. Pierre shows a simple form that filters, a sanitizing form, and some more complex processing using a callback.
Continue Reading ·
PHP Developer - October 31st, 2006
DevShed is wrapping up their series on creating an extensible website engine with PHP 5 in this new tutorial - part two of the series.
Welcome to the final part of the series “Building an extensible website engine with PHP 5.” In two tutorials, this series teaches you how to build a versatile website system which allows you to generate dynamic web documents by using a few simple PHP classes.
They demonstrate how to pull the contents of the page from the database to flesh out the content, push that data out into the page template itself, and, as a final step - they take a look at the entire system in action.
Continue Reading ·
PHP Developer - October 31st, 2006
A cross-site scripting bug has been announced on the Secuobs.com website for the phpFaber content management system.
Vigilon has reported a vulnerability in phpFaber CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
Input passed via the URL in cms_images/js/htmlarea/htmlarea.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site.
For complete information on the issue, check out this report.
Continue Reading ·
PHP Developer - October 31st, 2006
Live from the Zend/PHP Conference & Expo 2006, there have been several announcements about collaborations and new releases that Zend is a part of, including work with Microsoft, MySQL, and IBM.
Today, Zend announced:
- A technical collaboration with Microsoft to enhance the experience of running the PHP scripting language on Windows ServerŪ 2003 and the next version of Windows Server, code-named “Longhorn.” The cooperative effort aims to provide customers with richer functionality and better integration.
- Zend also announced an agreement with MySQL that will enable it to better integrate the open source database with Zend products, including the option of full integration.
- New milestone releases of Zend Framework and the PHP Eclipse project were announced, along with Zend Studio 5.5 and an update to Zend Core for IBM that makes it compatible with the latest version of DB2 and adds support for the Informix Dynamic Server (IDS). A new product called ZendBox[tm], a fully hosted and managed PHP 5 Technology stack was also announced.
Youo can get complete information on all of these new innovations from Zend on their press release page:
Continue Reading ·
PHP Developer - October 31st, 2006
The International PHP Magazine has wrapped up another pool this week - one that asked the question of what (of their choices) was the most common design pattern out there.
Choices for the poll were:
- Factory pattern
- Singleton pattern
- Observer Pattern
- Decorator Pattern
- Others
Top on the list was the Singleton pattern by a wide berth. Below it, coming in nearly twenty percent less was the Factory Pattern.
Be sure to check out and vote on this week’s poll that asks, out of the given list of FAQ management applications, which does it the most effectively.
Continue Reading ·