php[architect]

by Werner Krauss

Most developers aspire to create sites quickly, by concentrating on application-specific code and leaving the repetitive tasks to a code library or framework. In this piece (the first of a two-part series), authors Werner M. Krauss and William Zeller give an introduction Seagull, with a step-by-step guide for setting up an example website. Two to three years of PHP experience and familiarity with Object Oriented programming is recommended.

by Ruben Avila

Publishing news is a very common feature of most websites, as "News" is a very useful tool for keeping viewers up to date on the content and subject matter of a given site. This article discusses a simple and effective method of publishing news on a website.

by Ilia Alshanetsky

SQL injection is a common vulnerability that is the result of lax input validation. Unlike cross-site scripting vulnerabilities that are ultimately directed at your site’s visitors, SQL in-jection is an attack on the site itself—in particular its database. In this excerpted chapter from php|architect's Guide to PHP Security, you will learn how to thwart this type of attack.

by Rasmus Lerdorf

Adding an opcode cache to your PHP configuration is the easiest way to speed up your PHP applications without changing a single line of your code. We're extremely happy to feature the creator of PHP himself, Rasmus Lerdorf, in a piece on APC, the Alternative PHP Cache.

by Chris Shiflett

In this month's Security Corner, columnist Chris Shiflett discusses HTTP response splitting, a relatively new attack that has been used to subvert PHP applications in a variety of ways. He will introduce you to the topic, demonstrate some of the most common attacks, and show you how to avoid these types of vulnerabilities.

by Marcus Baker

Job interviews are life changers for all concerned. Hopefully, your candidate will have a chance to display a wide variety of hard-earned skills—things such as resurrecting an old suit and tie that haven’t seen daylight for years, for example. Talking continually about industry news for half an hour, with an authoritative tone of voice (I bet that one was up there). And let’s not forget the astounding feat of memorizing the PHP manual for the PHP trivia test. Did they have a strong handshake? They did? Obviously a future star performer...

by Ben Ramsey

Filter Input. Escape Output. You're hearing an awful lot of this from columnist Ben Ramsey, lately. This month’s Tips & Tricks wraps up the recent focus on security with a discussion on escaping output, why it’s important, and how to do it.