Dealing With Automated Form Spamming
Anybody who develops or maintains blog software is likely to be all too familiar with the problem of comment spamming. I recently became the victim of spamming through a ‘contact’ form. The results of the contact form are emailed privately to a member of the site, and not displayed on the Website. However, this didn’t […]
PHP 4.4 Minor Gotcha
In the days after the release of PHP 4.4, it was interesting to watch the discussions surrounding a possible backwards compatibility issue which had been introduced with the release. Commentors seemed to be divided on whether this did, or did not, actually constitute a break in backwards compatibility. The ‘backwards-compatibility break’ is in fact a […]
Cross Site Scripting Could Make You Lose Your Cookies
Cross Site Scripting (XSS) is a form of security exploit that threatens any web application. Its severity is often underestimated. The problems go far beyond annoyances and practical jokes. By stealing your cookies, Cross Site Scripting attacks can allow attackers to gain administrative access to your CMS. How does it come about? The problem forms […]
What’s new in PHP 5.1?
PHP.net announced over the weekend that the first public beta of PHP 5.1 (5.1.0) is now available for download on PHP.net. So what’s changed? The PCRE library (providing Perl-style regular expression support) has been updated to version 5.0. Several performance improvements, including changes to garbage collection, the switch statement, and several array functions. Several improvements […]
Zend Platform (and a free T-shirt)
Zend is giving away free T-shirts to anyone willing to complete a pre-evalutation survey and commence a free evaluation of Zend Platform. This news comes via PHPDeveloper.org. From the product information: Through a centralized management console that proactively dispatches information to the applicable IT personnel, Zend Platform delivers comprehensive insight, run-time profiling, and performance monitoring, […]
Validate Your Input!
The previous blog post about MySQL and PostgreSQL ignited a discussion about validation of input in a database-driven web application. In this entry, I’ll attempt to explain what validation is and why it is important. I remember being taught the importance of input validation way back in high school, in an IT elective subject. We […]
MySQL compared with PostgreSQL
PSNC have published a comparison of MySQL 4.1 and PostgreSQL 8.0. If you’re interested to know what features you’re missing out on by using MySQL rather than PostgreSQL, the comparison table provides a handy summary. MySQL 5.0 (in development) is getting closer to PostgreSQL’s impressive feature set, with Views and Stored Procedures on the list. […]
Zend Webcast: PHP Rocks!
Today, Zend is hosting a free 45 minute Webcast presented by Django Bayless of the Signatures Network. From the description: Signatures Network is the music industry’s premiere entertainment licensing and merchandising company, holding the merchandising and marketing rights to more than 125 top music artists and entertainment properties including Ozzy Osbourne, Madonna, The Beatles, Britney […]
Character Encodings and Input
Ever run your database-driven PHP site through an HTML validator and encountered an error message such as this? Line 9, column 3: non SGML character number 145 Even worse, have you ever run your XHTML site through an XHTML validator as XHTML and encountered an error message such as this? Sorry, I am unable to […]
Multi-Line Strings and Text Editors
PHP conveniently allows two main methods of using multi-line strings, where a string constant is broken over many lines. However, it can be hard to find a syntax highlighting text editor that will correctly highlight multi-line strings in PHP. When I was switched text editors recently, support for multi-line strings when syntax highlighting was high […]