PHP Master: Write Cutting Edge Code Paperback – Nov 4 2011
|New from||Used from|
Customers Who Bought This Item Also Bought
No Kindle device required. Download one of the Free Kindle apps to start reading Kindle books on your smartphone, tablet, and computer.
To get the free app, enter your mobile phone number.
About the Author
Davey Shafik is a full time PHP Developer with many year of experience in PHP and related technologies. An avid magazine writer and book author, Davey keeps his mind sharp by trying to tackle problems from a unique perspective.
Lorna Mitchell is a freelance web development consultant and developer based in Leeds, UK. Lorna is a lead on the Joind.In open source project, an organizer of the PHPNW conference, and a prolific blogger.
Matthew Turland has been working with PHP since 2002. He has been a technical editor for php|architect Magazine, spoken at multiple conferences, served as an instructor for php|architect training courses, and contributed to Zend Framework. He currently works for Synacor.
Most Helpful Customer Reviews on Amazon.com (beta)
While I have many years of programming experience covering most of the concepts covered by the book, most of that experience is with other languages. My level of PHP experience is probably just about at the level that the book is directed at and I expect to be able to dramatically improve my programming in PHP as a result. The one topic that the book covers where I have perhaps already gone beyond the level covered in the book is "security" as that has been one of the top priorities that I had with the few PHP applications that I have written so far. This allows me a slightly different view of that chapter to what I have with respect to the rest of the book. While applying the information that the chapter provides would make an application far more secure than one that doesn't apply those techniques, not all of what the chapter presents is completely accurate.
One example that is provided in the chapter uses htmlentities to esc ape the action attribute of a form. While this provides the security that is being discussed it is not the most appropriate function to call to provide that security. Since an attribute cannot contain a tag at all and that particular attribute should never contain anything that could be mistaken for a tag, using strip_tags would be a more appropriate solution as then it would be less likely to crash the application if the value was compromised. Later in the chapter it mentions reverse hashing with a rainbow table being prevented if the salt is unknown whereas it is also prevented even when the salt is known (as it would be in the situation being discussed at that point).
Despite these minor flaws (and any similar flaws that the PHP masters may see in the other chapters), the book still fulfils the purpose it sets out to achieve and that is to present those with a limited experience of PHP with the information that they need to take the next step toward becoming a better and more efficient PHP programmer.