In an effort to breathe as much life into an old bit of software he was having to update, Harry Roberts worked up a list of things that he sees can make things a bit more "programmer friendly" when it comes to using classes, methods and interfaces in your code.
His list of four is:
Doc Comments
Flexible Parameters
Use method Entry contracts
Be Stateful and Refactor
The "Doc Comments" is pretty obvious, but some of the others need a bit more explaining. Being flexible with your parameters is more about requiring the least from a developer, "entry contracts" being the restrictions to let the developer know what you're expecting and refactoring commonly used functionality into a easy, single point of contact.
The Nettuts site has posted a detailed guide to the "comments.php" file that comes with every release of WordPress:
WordPress seems to be everywhere these days, and it's no wonder with it's ease of use and ease of customization. In this tutorial, I'll be dissecting the default WordPress theme's comments.php structure and giving you various snippets of code to make your skinning easier.
The guide breaks down the major parts of the file - some of the general code, how it displays comments, the comment submission form and some "little tricks" it does to handle things like comment numbers, links and the alternating colors.
With the recent acquisition Sun has made (you heard about that, right?), there's tons of resources in the open source community that are talking about it, lots of them are more PHP-specific. Cal Evans has put together a list of some of the PHP bloggers/community memembers that have posted some of their thoughts on the purchase.
With all of the buzz floating around yesterday on this topic, I decided to let some of the dust settle before posting. From everything I've seen, the PHP community is largely positive about the news. [...] As I said, the community at large seems to be pleased with this news. Here are the links I've collected so far.
Names in the list include Andi Gutmans, Lukas Smith and Jaremy Zawodny. There's also a list of some comments from the "pundits" as to what this purchase could mean for the web as a whole.
The Builder.au website has a new video posted today concerning the state of the web as related by Rasmus Lerdorf (the "father of PHP").
Rasmus Lerdorf, the father of PHP, says that the Web is inherently broken and needs an overhaul to the entire infrastructure: browsers, servers and scripting languages.
Due to the nature of the Web being created very quickly, the consequences of bad decisions early on are being seen with almost all Web sites vulnerable to cross site-scripting (XSS).
Check out the video for more of his comments (you'll need Flash to view it).
Alex Netkachov has posted some of his own thoughts about Microsoft's recent SQL server 205 driver for PHP:
I can add that a few years ago I had bad experience with MS SQL PHP extension. It was just impossible to use it in production environment. These days MS understand that PHP is a very popular programming language and step forward to the community
He also includes a list of some of the things that the driver includes/makes possible such as the fact that it's not a PDO or OOP driver, that there's no source posted for it and that it does support data streams.
Soenke Ruempler has posted today about something they found a need for in their group and wanted to create something they could share back with the community when it was done - a Message Queue System developed in PHP.
You'll find a Draft for a php-based messaging system below. We'd be glad if we get some comments from the readers. Because we're heavily using open source we want to give something back to the community and make the message queue system open source. And, yes, if someone is planning something like this or already knows a solution, please let us know, too. We don't wanna reinvent the wheel!
He fleshes out the proposal by describing it in three sections - the problem the need came from, some of the existing solutions the web has to offer (including the Java Message Service and IBM's XMS messaging) and the actual draft of the implementation including the architecture, scalability, a name (none yet) and where they're going from here.
On the Venture Skills Blog, there's a new post that looks at one of the more recent advancements in keeping the spammers away from your blogs comments (one among many other uses) - re-captchas.
Commonly CAPTCHA is a visual image where the user is asked to type the word they see (or hear) however some provide a logic puzzle [...] Re-captcha works by asking the user for two words instead of the normal one, one word is known to the system and is the actual CAPTCHA the second is an unknown word, if the user gets the CAPTCHA then the users "guess" for the unknown word is recorded, over time a word is given a probability score and when high enough becomes a known word.
They Also include links to re-captcha modules for two of the popular CMS/blogging tools - WordPress and Drupal - to make integration easy.
Jeremy Privett is back with a few more thoughts on the PHP community, specifically focused on one developer - Stefan Esser.
Just reading the title of the entry through my Live Bookmarks in Firefox, I can't help but think "Thank you, Stefan, for fixing a security vulnerability in PHP and making the language that I love that much more solid and secure." - Okay, maybe that was a bit of an exaggeration, but it needs to be said that Stefan Esser does do PHP a good service through finding and reporting these kinds of vulnerabilities.
He goes on to talk about the other side of the situation, the actions of Esser that could lead to this sort of situation:
I know he's got his reasons for having issues with the developers, and if everything he's constantly ranting and raving about is indeed true, all the more reason to have issues. But do not lower yourself to their level, if that's the case. Constantly and consistently belittling PHP Developers and Zend Employees, whether on your blog or in the PHP Internals list itself, does not make you any better than them.
Jeremysuggests that these sort of actions (and reactions) aren't helping the PHP community step up to become seen as a more "Enterprise quality" language.
So, what happens if you try to contribute back to the community, specifically the PEAR project, and you get shot down for a proposal - even a simple one? Travis Swicegoodfound out:
Yesterday I proposed my first PEAR package. I've helped a few friends with packages of their own, but never got around to getting a developer account and taking the lead on a package. After hearing about the recent changes in store and the umpteenth "you should propose that" from Josh, I decided to propose one of the smaller "packages" I've used in some of my code: PHP_Callback. I say packages with quotation marks because it's really just one, simple file.
The problem wasn't in the proposal, but in the immediate responses he received for it - "it's useless", "this isn't the correct way to do this" and "it's too easy to implement on its own, it doesn't need to be in the library".
One most new-to-PHP programmers could have put together in an afternoon. I can only imagine how quickly a new developer would have unsubscribed from pear-dev and pulled his proposal if his first foray into contributing to the community had been met so quickly with such unconstructive criticism.
Ed Finkler agrees with me. Thanks Ed. :-) Listen to the podcast. It's a realistic assessment of the state of security in PHP.
He also includes a favorite quote from the podcast (as said by Ed):
If web developer doesn't understand common security issues they shouldn't be considered developers...[Web applications] essentially are dealing with data that someone is inputting there. As a developer of web applications, you are essentially stewards of that data.
