August 18, 2011 Meeting - Kevin Schroeder from Zend Print
Written by David Stockton
Saturday, August 06 2011 23:31

Hello fellow FRPUGers,

Coming up in less than two weeks, FRPUG will be hosting Kevin Schroeder of Zend Technologies. He'll be speaking on the new Flash Builder 4.5 for PHP. We'll be meeting at the Remy offices at 1660 17th on the 4th floor in Denver, CO. The meeting will start at 6:30. We'll be providing food and drink so please RSVP by This e-mail address is being protected from spambots, you need JavaScript enabled to view it to let me know you'll be attending.

Kevin Schroeder
Review: Pro PHP Security Print
Written by David Stockton
Tuesday, June 14 2011 23:09
Author: Chris Snyder, Michael Southwell
Published: December 2010
Publisher: Apress
Reviewer: Scott Hancock

This was a pretty solid book on PHP web application security, and should be a part of any PHP developer's library. The author gives detailed descriptions of the most common ways in which your application can be attacked, and gives well thought out examples of how to guard against them. Here are some of the topics that you'll learn about in the book:

  • SQL injection: This book gives a great overview of what SQL injection is, how to identify vulnerabilities, how to fix them, and how to test your application
  • Cross-site scripting: This was a good one for me. Much of the documentation on XSS is pretty vague. The authors did a good job of providing several detailed examples of cross-site scripting attacks, and how to defend against them.
  • Validating and Sanitizing input: The authors really stress the importance of validating and sanitizing any input that comes into your application. They give examples of how to create validation libraries. However, one of my main disappointments with the book was that they failed to discuss PHP's filter_var functionality.
  • Captchas: What they are and how to implement them.
  • Securing RESTful services: Restricting access, authenticating and authorizing requests, and enforcing quotas and rate limits.
  • How to secure UNIX
  • How to secure your database
  • Encryption: The authors discuss keeping your passwords safe by hashing, and how to protect other sensitive data by symmetrical or asymmetrical encryption
  • SSL and SSH: Securing network connections via SSL and SSH. How to generate certificates and keys.
  • Securing shared hosting
  • Keeping production and development environments separate
  • Keeping software up to date

These are just some of the focus areas of this book. It provides even more interesting and valuable information. While this book won't make you a security expert, it will put you well on the path of proper security-minded PHP coding.

Taming your build with Hudson, PHPUnit and SSH Print
Written by David Stockton
Thursday, January 27 2011 01:33

At our last meeting on January 20, 2011, Wil Moore III presented on "Tame your build with Hudson, PHPUnit and SSH". The presentation was very informative and we've now got the slides from Wil's presentation.

Thank you for your presentation, Wil!

PHP Objects, Patterns, and Practice Print
Written by Trevor Henke
Thursday, May 12 2011 00:00
Author: Matt Zandstra
Published: June 2010
Publisher: Apress
Reviewer's Rating: 4/5

PHP Objects, Patterns, and Practice is the book I’ve been looking for. As a novice PHP developer it answered a lot of the questions I’ve had about the next steps to becoming an effective developer. Through the PHP object model, design patterns, and then putting it all together this is a must have book for any one wanting to take the next steps in their PHP knowledge.

The PHP object section is worth the cost of admission alone with this title. Not only covering the updates to PHP 5.3 but showing how to use them. From the  coverage of the php “magic functions” to those of you struggling to put together a solid object model this is one of the most clearly written descriptions I’ve read. The examples of how to use abstract classes and inheritance effectively are especially helpful and setup a great transition to working with design patterns.

Design Patterns make up the meat of this book, and rightly so. I finally get the purpose of design patterns and how to use them with my work. Although, I’m by far not an expert on the topic, from a learning perspective, it is a spot on effective at teaching the principles of this sometimes complicated

The Practice portion of this book is the only area I could see some better coverage on.  While the topics and tools are covered expertly, it feels dated. From my experience with the PHP/Open source community, the tools covered are being eclipsed by distributed version control, and tighter IDE support. While I know folks are still using SVN, it would have been nice to see an updated chapter on using git or Mercurial.

PHP Objects, Patterns, and Practice is an excellent book. If you are wanting to learn more about the very important topics covered, then this is probably the best starting point out there.

View more information about PHP Objects, Patterns, and Practice at the publisher's site

Presentation: Neal Gamache - Escape from the Black Box Print
Written by David Stockton
Sunday, November 07 2010 01:06

I've finally gotten around to posting this (sorry), but here it is: Neal Gamache's presentation from our October 13, 2010 - Escape from the Black Box.

In case you weren't there, Neal spoke about his experience in testing games as well as his current experiences with more "enterprise-y" software. He discussed different strategies that companies try in order to increase quality and how they usually turn out. He talks about defects, how they get into software and how it's inevitable that the software you release will have defects.

Please check out his slide deck. It's on Google Docs this time, so if you click the full-screen button, you'll actually get to see some of the progressions and transitions.

David Stockton
President, Front Range PHP User Group

Start Prev 1 2 3 4 5 6 7 Next End

Copyright 2011 Front Range PHP Users Group. All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.