Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Programming Books Media Book Reviews IT Technology

PHP 5 Recipes 121

jsuda writes " With all the books being published recently about PHP a new one will need to find and fill a niche to distinguish itself. PHP 5 Recipes: A Problem-Solution Approach, published by Apress, has done so, in my view. This is an intermediate-level volume exploring PHP 5 using a recipe approach where the basics of PHP 5's functionality are expressed systematically but in a small-topic by small-topic manner. Cook-book style, each topic is relatively autonomous and can be individually selected, as necessary, for information or review, similarly to how many refer to the Joy of Cooking for help on a cooking project. It's a source for instant solutions to common PHP-related problems. There are over 200 such recipes presented." Read the rest of jsuda's review.
Php 5 Recipes: A Problem-Solution Approach
author Lee Babin, Nathan Good, Frank M. Kronman, Jon Stephens
pages 646
publisher Apress
rating 8
reviewer John Suda
ISBN 1-59059-509-2
summary A problem solving approach to Php 5


Each of these recipes refers to a small element or aspect of PHP 5 and the presentations contain a brief overview of the topic, an explanation of how the code elements work, and where the code is applicable in projects. Overall, the book covers the whole range of PHP 5 functionality where each major element of PHP 5 is addressed in a recipe explaining and illuminating relevant code elements. You can easily get information about a specific PHP 5 element by going directly to the section of the book where it appears. Even better, the code snippets are designed to allow one to copy and paste them into your own applications or development easily and then to configure them as necessary. All of the code snippets are freely available for downloading at the publisher's website at www.apress.com.

There are 16 chapters and an index covering a total of 646 pages. The chapters are organized similarly to other PHP primers, covering the basic elements of PHP - data types, operations, arrays, strings, variables, files and directories, dates and times, functions, and regular expressions. The coverage for much of these concepts is relatively mundane and unoriginal. The discussion of dynamic imaging, however, is an exception. The writing throughout, however, is solid and clear. The book emphasizes the most important elements of new PHP 5. The object-oriented programming elements especially are covered - classes, objects, protected class variables, exception handling, interfaces, and the new mysqli database extension. The authors' discussions focus on PHP 5.0.4, MySQL 4.1, and cover Linux and Windows environments.

The book is directed at PHP programmers looking to learn the elements introduced by PHP 5, and for those looking to find fast solutions to coding problems. It assumes a basic knowledge of PHP. Many of the recipes discuss object-oriented programming and these are some of the more advanced sections of the book. I can say that Chapter 2, which introduces the object-oriented concepts is one of the better explanations of the topic that I've read. The chapter covers constructors, destructors, methods and properties, class diagrams and examples of these concepts at work in code snippets. There are a number of interesting segments containing custom coding of classes as reusable templates from which to create objects.

The book is well-designed and written. The discussion is clear and logical. The code snippets are well-explained. The authors are experienced programmers and developers, and Good and Stephens have authored or co-authored a number of technical books.

A large handful of the recipes contain projects, usually appearing at the end of the overview and presentation of code snippets covering the basics of the topics. The projects usually deal with the creation of higher-end classes and objects as solutions to common coding problems. The idea here is to show PHP 5 functionality at work providing useful code sections to be dropped into your custom applications. Chapter Five concludes with a sophisticated class dealing with dates and times issues. Other chapters contain constructions of string, file, graphics, and regular expression classes.

The last five chapters deal with using the PHP code in web applications and services. This material covers cookies (including construction of a cookie class), using HTTP headers, sessions, and using query strings. Much of this material has been covered elsewhere in the many primers on PHP already published. There is a chapter on using forms and an interesting chapter on working with markup. The better chapters are on using DOM to generate markup, parsing XML, using RSS feeds, SOAP, and simple XML. The chapter on mysql is basic, except for the section on creating a wrapper class. The last chapter deals with communicating with Internet services, like POP, iMap, and FTP. Another project presented here is one creating object-oriented code dealing with a mail class.

This is a useful book to have in a programmer's library."


You can purchase Php 5 Recipes: A Problem-Solution Approach from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
This discussion has been archived. No new comments can be posted.

PHP 5 Recipes

Comments Filter:
  • by CyricZ ( 887944 ) on Wednesday December 07, 2005 @01:47PM (#14204069)
    Do the examples show how to write solid, secure code?

    Indeed, inexperienced programmers writing insecure code has plagued PHP for years now. Far too many PHP books that I have flipped through show very poor style. They don't verify the inputted data, for instance, before making a SQL query.

    So while a professional, or even somebody with some level of experience, would see such an obvious problem, a beginner may not. And then the result is often a compromised server, a destroyed database, or some other shenanigans. Often times a problem with a user's PHP script ends up making other, completely innocent and unrelated projects (such as Apache or Linux) look to be at fault. That's not good for the image of the community.

    • Many PHP/MySQL texts don't cover the aspect of security, except for maybe a subtle reference to having HTTPS set up on your server. I have referenced many books in backend or database programming and there is very little on the subject. Maybe someone should publish a book regarding security itself. But it would still be true that this book would stand out among the existing ones, as covered by the post and my reasons above.
      • Many PHP/MySQL texts don't cover the aspect of security

        You say this like PHP is the sole exception. But it isn't.

        Most perl, python, ruby, C/C++, ObjC, Haskell, Lisp, Tcl, ML, Lua texts don't cover security either.

        Maybe someone should publish a book regarding security itself.

        You mean like this [linuxcentral.com]?
    • But-but-but...

      Uncyclopedia says that PHP is super-secure! [uncyclopedia.org] I read it online, it must be true!

      * Tongue planted firmly in cheek
    • I'd imagine that most bridges, dams and skyscrapers built by inexperienced or non-formally educated engineers would be pretty lousy.

      The problem is that it's illegal to have a non certified engineer working on a project that can impact others. Those engineers are expensive because you're paying for their recognized skills and the years it took them to obtain them.

      Meanwhile, 15 year olds are bidding on software projects and it's seen as a great opportunity. There are certainly some benefits to the industr

      • Developer's Union? (Score:3, Interesting)

        by mcrbids ( 148650 )
        The term "Engineer" is, in most contexts, a priviledged term. Not just anybody can be labelled an "Engineer" until they've gone through some rigor.

        Why not apply this idea to software? If there was a coalition or Union of workers, with a commonly agreed-upon set of requirements and certifications, with annual fees and a good reason to require a decent demonstration of competence? Something with real teeth, and ongoing certification requirements. Think, the Bar, only for software engineers instead of Attorney
        • by lewp ( 95638 ) *
          Because companies would have to spend a whole lot more money to get those people. They're not going to do that unless the consumer demands it. The consumer isn't going to demand it unless the certification/standard/seal of approval becomes well known. And that isn't going to happen unless someone spends a large amount of money creating and marketing it.

          Basically, the industry would have to foot the bill for something that would end up costing them a lot of money in the long run with nothing to gain except s
          • Because companies would have to spend a whole lot more money to get those people.

            As far as I'm aware, developers are pretty well paid in the overall job market, more than twice as much as teachers in many cases.

            I did spend time getting degrees in CS and CE, and it would be nice to seperate myself from those who simply have MSP on their resume. But wait - that's right - I DO seperate myself, by putting my CS and CE degrees on my resume.

            Rarely is software life threatening (yeah, I know, there are exa

            • I did spend time getting degrees in CS and CE, and it would be nice to seperate myself from those who simply have MSP on their resume. But wait - that's right - I DO seperate myself, by putting my CS and CE degrees on my resume.

              Really? The underlying POINT at this poing in the thread is that there's not enough differentiation. And, truthfully, I've seen an incredible amount of shoddy, negative-worth work done by highly credentialled, CS/CE developers!

              Somebody with a CS/CE degree is going to do better at dev
              • Combine the Better Business Bureau, the Bar, and the Association of Realtors, and you have pretty much captured my idea...

                Unless sarcasm was your goal, barring the BBB, the Bar and the Association of Realtors is hardly a group that guarentees any sort of quality. There are some crappy lawyers out there (Harvey Birdman and Lionel Hutz come to mind, but I digress, because it makes it seem like I'm trying to be funny) and some really crappy/corrupt realtors out there.

                Just because someone passed the bar d

    • I've noticed you post a very similar PHP security troll on every PHP thread.

      I have to ask -- do you also point out C++'s flaws, in the realm of buffer overflows? It is, after all, an inherently insecure language.

      Which languages do you consider secure? Java?
      • You call it a "troll", I call it pointing out weaknesses with PHP's design and implementation. I'd rather those problems be acknowledged, rather than brushed under the carpet. After all, that's what true engineering is all about: knowing how your design is insufficient, and knowing how to properly deal with such issues.

        It's widely acknowledged that C++ suffers from various security problems. Anyone who has any level of formal training or experience knows that. Not only that, they know how to avoid such prob
      • Just because it's been said a million times before does not make the statement less valid. Nor is a discussion on potential security holes in C++ invalid either.
        • The statement is invalid when nothing is provided to back it up. He runs around screaming that PHP is going to kill your dog, and then doesn't tell you why.
        • There's no such thing as a security hole in a language. If a security hole crops up in a piece of software, the blame falls squarely on the programmer. The only thing a programming language can try to do is include features that will encourage good programming practices.
      • Thanks for calling this troll a troll. You should modded up to 7. He must be another ASP/PERL/JAVA programmer who is upset because of the mass exodus towards PHP. If anything about PHP needs a rant... it's not form security its Magic Quotes. Lose them, I say.
      • I've noticed that too.

        He keeps ranting about PHP like PHP is the sole exception from of the vast ocean of languages out there.

        A more intelligent discussion would point out that security in general does not seem to be a priority, regardless of the language. (Maybe one could count java as the sole exception here, even though its record hasn't been stellar either.)

        But this is way over cyricz's head. Like a freebsd zealot who bashes linux at every chance, he bashes PHP at every chance. In the end he comes off s
    • There have been a couple recent PHP Security books [phparch.com].

      Yes, I am affiliated with the publisher of the book I linked--but it's a good book! (-:

      S

    • The answer is quite simple: let everyone use the docs at php.net and think for themselves. An experienced computer user (all other beings shouldn't program anyway, not even in a scripting language like PHP) will realize the security consequences involved.

      This might sound elite, but this is how I did. I used a book to learn the basics of SQL and I'm now teaching myself to use other ways to get rid of the security and efficiency issues I keep programming in MySQL-routines because of that dreaded book. I learn
  • Really :o (Score:3, Funny)

    by JonN ( 895435 ) on Wednesday December 07, 2005 @01:47PM (#14204073) Homepage
    Am I finally going to learn how to display "Hello World!"?
  • by Anonymous Coward
    Due to the constant vulnerability announcements and lack of RedHat legacy rpm support, we've been removing PHP from all our webservers.
    • I wouldn't think that upgrading PHP (compiled from source, mind you) would be all that difficult.

      As for RPMs....no idea. I don't use them.
    • Download and build apache and php from source. Remove the RPM versions. Install the newly built ones. Now you are no longer tied to the RPM that RedHat provides. I don't even bother installing RPM's for apache, php, perl, sendmail (and other packages) at this point.

      This way, I get to control what version and what patches I run, on my schedule.

      You can get the source for php from php.net and the source for apache from apache.org. It's really that easy. Or you can pay an apache/php geek to do the first

    • That's kind of slack. However you might be interested to know that the PHP source packages contain a makerpm script. They are hells out of date however and needed quite a bit of tweaking to get going.

      I have a set of PHP 4.4.1 RPMs for FC1 available here:

      http://houseofzeus.com/notblog/?postid=322 [houseofzeus.com]

      The SRPM is also there, so if you need another variant of PHP compiled then you can get to the SPEC file I modified and change it appropriately :)

  • by CyricZ ( 887944 ) on Wednesday December 07, 2005 @01:52PM (#14204113)
    Many PHP books I've seen often include an SQL tutorial. Due to space constrains, it is often quite lacking and only focuses on using SQL, rather than designing efficient and well-planned databases. Such half-assed tutorials may often be very misleading to new PHP users.

    I recall working with one web developer who learned PHP from such a book. We told him that we wanted to use PostgreSQL as the backend for our site, but he insisted on using MySQL, since that was the only system mentioned in the book he had bought. We no longer required his services after that show of incompetence.

    Does this book try to cover topics such as SQL and database design, which should be covered in their own, separate book(s)? Does it specifically refer readers interested in such subjects to consult other sources of information?

    • No, it does not take an indepth look at MySQL database design. It only explains how to interact with an existing MySQL instance.

      I have to say, I disagree with the importance you place on this in a PHP book. If a person needs to know more about MySQL then they should get a book on MySQL. This book also has examples of connecting to an FTP server - should it also go into the proper way to setup an FTP server? And creating clean HTML code? Optimizing Apache? Sendmail? If it did that it would no longer

      • You misunderstand my stance. We seem to be in agreement.

        Indeed, I wanted to know if this book covers SQL just because if it were a good book, it would not cover topics such as SQL and databases. Those topics are best covered by experts writing their own books on such subjects. This book should at least recommend that interested readers consult other material to learn more about such subjects.

        It would be a major blemish on this book if it did cover such topics.

  • I learned PHP using Kevin Yanks tutorials and articles 4 years ago. His books and tutorials are very easy to understand and use. His tutorials and articles can be read on http://sitepoint.com/ [sitepoint.com]
    • How recently have his articles been updated? Indeed, there have been some preliminary security developments within the past four years.

      Nothing could be worse than a new PHP user learning PHP from outdated tutorials which fail to show the proper techniques necessary for building solid, secure and trusted web applications.

  • by MBraynard ( 653724 ) on Wednesday December 07, 2005 @02:13PM (#14204258) Journal
    Maybe /. can do a review of 'CLOSED TAGS FOR DUMMIES' next.
  • Someone has an unclosed italics tag somewhere...

    Look, I fixed it!
  • I'd like to see more distributions include Catalyst [perl.org]. I think Mandrake is the only one that does, now. If MVC frameworks like Catalyst were more universally available (as PHP is now) they'd get a lot more use.
    • Writing an article may help with that.

      If you can present a good case why people should move away from PHP towards alternative systems, then it might lead to some other distributions including far superior systems. Indeed, the best way to get this sort of a change is to raise awareness, and a well-publicized article may just do the trick.

      I would imagine that there is a big enough community of serious web developers who are fed up with the insecurity and lack of quality that PHP poses. They might be able to o
  • Now I'm hungry again!
  • Does B&N have an affiliate program? Looking at the purchase link, I see it passing an encoded userid.

    I'm just wondering if someone is trying to make a buck off of this.

  • This title is available as an ebook [apress.com].

    There is allegedly at least a 50% discount for the ebook as against the printed version, although the price of $22.50 means there is a nad less than a 50% discount from the full $44.99.

    I guess publishers don't have to know maths, or they are just tight. That whole half cent makes their statement a lie..

    Maybe they meant up to 50% discount.

  • I've never seen so many people bag on a web scripting language. Perhaps there should be a whole discussion board dedicated to your web language of choice whether is Pearl, JSP/JAVA, PHP. ASP, .NET or ColdFusion.

    I've heard great things and bad things about all of them. Pearl is hard to learn, but is super fast and secure. Java is super slow and hard to learn, but very secure. PHP is easy to learn moderately fast, but insecure. ASP is fast, but is being replaced by .NET. .Net is fast and easy, but you're stuc
    • .Net is fast and easy, but you're stuck with Microsoft and it can be very browser specfic.

      That last bit maybe true in ASP.NET 1.1 but Microsoft have made a big, and I think quite successful, effort to make ASP.NET 2 standards compliant.
      • Possibly, but I'm so tired of going to sites that can only use IE or MS platform.. I don't run windows, so I'm left in the cold all too often.
        • No, it is not "possibly". ASP.NET 2.0 is much better at cross-browser compatibility than 1.1. I have yet to encounter an ASP.NET 2.0 control that does not have equivalent functionality in Firefox and Internet Explorer. ASP.NET 2.0 also outputs valid XHTML.
          (Most of the issues in ASP.NET 1.1 were due to JavaScript code for validation and such that worked only in Internet Explorer. Even then, ASP.NET controls in other browsers would still work -- but without the added JavaScript functionality, basically meani
  • So what language would you PHP~Flamers suggest? RoR? Perl? JSP? .NET? As many others have stated, blame the newbie coders not the environment. Every year people die trying to blow-dry their hair in the shower, it's not the water company, electric company or hair dryer company's fault. Sure it lets you get into a mess rather quickly, but so does Linux in general. So does almost every other web language. Don't tell me you can't shoot yourself in the foot with Perl or ASP, if you think that you're a fool.
    • While bad code is not exclusive to any environment, it is more prevalent on some compared to others.
      From what I've seen of writings about ASP.NET, they tend to:
      • encourage the use of parameterized queries, which eliminate the need for the escaping of strings for SQL input. ADO.NET makes this pretty easy to do.
      • encourage the use of validators, which are, once again, easy to use in ASP.NET

      So, in this case, good practices are widely promoted, where in other cases, they aren't. Measures like magic_quotes_gp

  • Apress in general (Score:2, Informative)

    by misfit815 ( 875442 )
    At the risk of getting off-topic, I've found Apress to be a reliable publisher, in terms of the quality of books they put out. The topics have been interesting, the knowledge useful, and the text easy to read. It's the only publisher whose books I'd buy just on name recognition.

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (10) Sorry, but that's too useful.

Working...