Ben Ramsey

The one-time ‘silly little project’ has transformed into a Web powerhouse, thanks to flexibility, pragmatism, and a vibrant community of Web devs

I’m working on an application that’s been around for a while. It uses a lot of static methods, and often, it instantiates objects from inside methods. This makes it a pain to test, and introducing tests is part of my job. Sometimes I’m able to refactor the code so that dependencies may be injected, but many times I can’t confidently refactor the code without breaking something somewhere else—because I don’t have enough tests. It’s a chicken-and-egg problem.

Debugging is perhaps the skill that I find programmers have the hardest time exercising. It is also the most difficult to teach. Debugging, to me, is both a scientific discipline and an art. It often requires you to reach beyond analytical thinking to rely upon your own intuition in order to solve a problem.

Selling has never been easy. There’s too much red tape. The simple act of you giving me currency in exchange for a good or service I provide is not so simple when you factor in sales tax, VAT, inventory, shipping, reporting income, and any number of other factors that require accounting and fulfillment to be a damned nightmare — and that’s just when you give me paper money! When dealing with online transactions and credit cards, it can be downright gruesome.

Six years ago, I became aware of the PHP community. I joined it three years prior to that.

Need to scale your web application but finding the cost of physical services too much for your budget? Cloud services may be just the answer for you.

Ever been asked for your username and password by a website that wants to access your data from another service? By all means, don’t give it to them! This month’s From the Cloud takes a look under the hood of OAuth to show how its request process protects users from ever having to give away their credentials again.

Do you have content that needs to be served fast and cheap, but you’re finding traditional content delivery options are far too expensive? Amazon’s new CloudFront service is a low-cost content delivery network utilizing Amazon S3, and it may be just the answer for you.

Representational State Transfer, or REST, has become the hip, new buzzword of Web 2.0. But what really makes an application RESTful? Is it pretty URLs? The use of XML over HTTP? Is it any web service that doesn’t use SOAP? In all of the hype, the definition of REST has become clouded and diluted.

All web developers should be familiar with the GET and POST methods. These are the primary methods used in everyday development on the Web. Even if you know nothing about HTTP, you’ve at least seen form examples using either get or post as the value of the method attribute. All too often, though, I find that those who build web applications know far too little about the protocol that powers the Web: HTTP. I think all web developers should have at least a rudimentary understanding of the technology that earns their bacon.

I frequently receive email messages, am asked at conferences or Atlanta PHP meetings, or am approached on IRC about how one can get involved in the PHP community. Being involved means different things to different people. Some just want help solving a particular problem. Others want to connect with fellow PHP aficionados and build mutually beneficial friendships, helping each other grow into better programmers. Still, there are those who want to contribute back to the language by devoting their time and skills to the betterment of a relevant project such as a PECL extension, a PEAR package, or PHP itself; writing documentation for the PHP manual; or writing articles and tutorials to help other developers.

As its name implies, the goal of the Standard PHP Library-or SPL, for short-is to provide a standard library of interfaces that allows developers to take full advantage of object-oriented programming in PHP 5. This library of interfaces creates a standard API for certain kinds of built-in functionality, allowing your classes to interact with the PHP engine in a much more seamless manner. The functionality it provides includes, for example, the ability to define how your objects will react when iterated over with foreach, advanced array access, file and directory access, and advanced SimpleXML object handling. The largest chunk of functionality that the SPL provides comes in the form of iterators.

Output is generally sent from calls to echo or print, or from outside PHP code blocks, and once it’s sent, it’s gone. However, using PHP’s output buffering functionality, it is possible to capture this output and further manipulate it before sending to the client. In this month’s Tips & Tricks, I’ll show you why and how to control output with output buffering.

How do you send e-mail on a server in which there is no mail server installed? How do you redirect e-mail messages in a testing environment so they don’t go to your users? This edition of Tips & Tricks addresses these two questions, highlighting some useful tricks to redefine or redirect mail().

Filter Input. Escape Output. You’re hearing an awful lot of this from me lately, and as one person noted, “It’s great that they’re rubbing this topic in.” Indeed. This month’s Tips & Tricks wraps up the recent focus on security with a discussion on escaping output, why it’s important, and how to do it.

This year has seen an increased focus on PHP security, and this is good for the language, developers, and business community. One phrase that comes to mind when discussing secure coding practices is Chris Shiflett’s mantra of “filter input, escape output.” While we know what this means in a general sense, practical examples elude us. This month’s installment of Tips & Tricks concludes the series on filtering input, providing practical examples and helpful tips to filter input using regular expressions, test for the length of data, and ensure acceptable values.

This year has seen an increased focus on PHP security, and this is good for the language, developers, and business community. One phrase that comes to mind when discussing secure coding practices is Chris Shiflett’s mantra of “filter input, escape output.” While we know what this means in a general sense, practical examples elude us. This month’s installment of Tips & Tricks continues the series on filtering input, providing practical examples and helpful tips to filter strings and numbers.

This year has seen an increased focus on PHP security, and this is good for the language, developers, and business community. One phrase that comes to mind when discussing secure coding practices is Chris Shiflett’s mantra of “filter input, escape output.” While we know what this means in a general sense, practical examples elude us, so for the next three months, Tips & Tricks will give practical suggestions for input filtering, chock full of code examples.

Abuzz with discussions, arguments, and numerous opinions on solutions to the problem, the PHP community has been focused, lately, on how to prevent weblog comment spam and how to protect one’s forms in general—be they comment forms, e-mail forms, etc. The topic has graced the pages of blogs, and threads on the subject have adorned more than one mailing list. Some say it’s a PHP security problem; others blame the developers. But one thing is certain: it’s just plain annoying.

Several months ago, I held a conversation with a fellow programmer about the relevance and performance of PHP-­GTK. The fear, said he, is that PHP-­GTK is too slow to run robust desktop applications. “Yet, how can this fear be plausible when so many already use PHP for robust Web­-based applications?” I retorted in my infinite wisdom. I went on to exclaim, “What PHP needs is a Virtual Machine—something like the Java Runtime Environment that all end­-users can easily install to run PHP applications!” “That is why I am placing my bets on Parrot,” was the astute programmer’s reply.

Let me introduce you to PHP-GTK. It’s been around for several years now, and you’ve probably already heard of it or even met it. You may have even heard what it can do—allow developers to create graphical applications using PHP. Egads! It sounds as if it’s the Holy Grail of PHP, something that can take PHP to new heights, breaking it free from the bonds of the Web. In fact, it can do just that, as I will show you with a practical application: a simple text editor.