PHP Architect Magazine.pdf

(4935 KB) Pobierz
Cover Page
Unifying Server-Side and
Client-Side Input Validation
Scary SQL
A practical guide to preventing SQL injection attacks
Test Pattern
Model View Controller
This copy is registered to:
mehmet yalcin
mehmet2193@hotmail.com
136717475.026.png 136717475.027.png 136717475.028.png 136717475.029.png 136717475.001.png 136717475.002.png 136717475.003.png 136717475.004.png 136717475.005.png 136717475.006.png 136717475.007.png
136717475.008.png 136717475.009.png 136717475.010.png 136717475.011.png 136717475.012.png 136717475.013.png 136717475.014.png 136717475.015.png 136717475.016.png 136717475.017.png 136717475.018.png 136717475.019.png 136717475.020.png
TM
CONTENTS
FEATURES
8 Unifying Server-Side and Client-Side
Input Validation
by Eric David
22 Scary SQL
A practical guide to preventing SQL injection attacks
by Simon Morris
30
Symfony
All together again
by Dustin Whittle
38 Unicode and PHP
A gentle introduction
by Jim DeLaHunt
COLUMNS
4 EDITORIAL
The Road to PHP 6
by Sean Coates
6 php|news
by Eddie Peloke
& Elizabeth Naramore
46 TEST PATTERN
Model View Controller
by Jeff Moore
50 SECURITY CORNER:
When Dictionaries Attack
by Ilia Alshanetsky
57 exit(0);
Your Neutralness...It’s a Beige Alert!
by Marco Tabini
Download this month’s code at: http://www.phparch.com/code/
WRITE FOR US!
If you want to bring a PHP-related topic to the attention of the professional PHP community,
whether it is personal research, company software, or anything else, why not write an article for
php|architect? If you would like to contribute, contact us and one of our editors will be happy to
help you hone your idea and turn it into a beautiful article for our magazine. Visit www.phparch.
com/writeforus.php or contact our editorial team at write@phparch.com and get started!
136717475.021.png
EDITORIAL
The Road to
PHP 6
Volume 6 - Issue 5
Publisher
Marco Tabini
Editor-in-Chief
Sean Coates
the end of its childhood and its entrance into adolescence. I say this, not
to reduce the perceived value of PHP 3 and earlier versions, but instead to
help my analogy of PHP growing up.
I can think back to times in my career where I thought I was really good at
my job. I felt like I had plateaued. Ironically, one of these times was before
I packed up everything and moved 1000 kilometers west to Montreal, which
helped me grow my career to a point that I didn’t think possible before the
move. Today, I know this feeling of “knowing everything” to be the pinnacle
of nothing but naïveté.
PHP 4, with its hacked-on object model, yielded to another growth spurt,
where it grew all kinds of great features—such as SPL and much better XML
support—and became an adult: PHP 5.
This month (on May 18th, actually), PHP 4 turns seven, and in a few short
months (on July 13th), PHP 5 will be three years old.
In my opinion, PHP 5 really does represent the shedding of teenage awk-
wardness, embracing a more adult mindset. Instead of coping with the toy
problems of the late ’90s and the pre-pubescent Web of yore, PHP 5 addresses
real-world, adult problems. Some suit-wearing types might even call them “En-
terprise” problems.
PHP 6 is on the horizon, and I believe that it will become, not a keg-partying
frat boy, but a level-headed and productive member of Web society.
The sixth major version of PHP brings a lot of adult goodness, shedding old
(bad) habits like magic_quotes in favor of new pursuits, such as the filter
extension. The real appeal of PHP 6, however, lies in its support of non-English
character sets—in Unicode.
Shortly after the release of PHP 5, long-time PHP contributor Andrei Zmievski
spearheaded a movement to unite PHP and Unicode. This is not a small task:
the PHP core source code currently contains 3051 functions, each of which
needs to be reviewed (and likely altered) to ensure that it conforms to the new
methods of handling text. The good news is that, at the time of writing this
Herculean task is almost two thirds complete!
This month’s article about Unicode, by Jim DeLaHunt, is one that I’ve been
trying to get to you (the reader) for quite a while. There’s a lot of what appears
to be magic surrounding multi-byte character sets and, as such, there is much
for the enlightened to share with the rest of us.
As we move into summer and shed our keyboards for beach towels (when-
ever possible), it’s reassuring to see what we can sometimes consider our best
friend, PHP, continuing to mature, with no plateau in sight.
Editorial Team
Arbi Arzoumani
Steph Fox
Graphics & Layout
Arbi Arzoumani
Managing Editor
Emanuela Corso
News Editor
Eddie Peloke
Elizabeth Naramore
news@phparch.com
Authors
Ilia Alshanetsky, Eric David,
Jim DeLaHunt, Jeff Moore,
Simon Morris, Marco Tabini
php|architect (ISSN 1709-7169) is published
twelve times a year by Marco Tabini & Associates,
Inc., 28 Bombay Ave., Toronto, ON M3H1B7,
Canada.
Although all possible care has been placed in
assuring the accuracy of the contents of this
magazine, including all associated source code,
listings and figures, the publisher assumes
no responsibilities with regards of use of the
information contained herein or in all associated
material.
php|architect, php|a, the php|architect logo,
Marco Tabini & Associates, Inc. and the Mta Logo
are trademarks of Marco Tabini & Associates,
Inc.
Contact Information:
General mailbox:
info@phparch.com
Editorial:
editors@phparch.com
Sales & advertising:
sales@phparch.com
4 • php|architect • Volume 6 Issue 5
Printed in Canada
Copyright © 2003-2007
Marco Tabini & Associates, Inc.
All Rights Reserved
I think most PHP developers would agree that the release of PHP 4 marked
136717475.022.png 136717475.023.png 136717475.024.png
136717475.025.png

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin