public marks

PUBLIC MARKS with tags php & bestpractices

2010

2009

2008

<raphael.on.php/>: Sniffing refactoring needs

by mbertier & 2 others
While still messing around with the PHP_CodeSniffer Pear package, I took a somehow jealous 1000 feet look at some prominent code inspection tools of the Java community: PMD and Checkstyle. Browsing their available rule sets/checks I soon recognized that guaranteeing the coding standard adherence is just a partial aspect of these tools. The following post will focus on one of these additional aspects, which is finding problems related to the code size of the inspected code artifacts, by showing how to port two selected rules to sniffs for utilization with the PHP_CodeSniffer tool. These ported sniffs can be used to automatically spot obvious code smells in the code base and to signal the need to apply the appropriate and odour reducing activity known as refactoring. Further more a complete set of code size sniffs, going beyond the trageted realm of the sniffs to come, could be used to speed up the feedback loop and to reduce the effort for manual code reviews.

Greg Sherwood: Using PHP_CodeSniffer in an SVN pre-commit hook

by mbertier (via)
I've just commit a new script to PHP_CodeSniffer called phpcs-svn-pre-commit. It sits in the scripts dir with phpcs and phpcs.bat. This script was contributed by Jake Bates, who has also volunteered to maintain the Debian package, and will be available in the 1.1.0 release.

2007

Mike Naberezny - Better PHPUnit Group Annotations

by mbertier (via)
Running phpunit --group bug42 AllTests.php will run only the tests associated with bug #42, regardless of what files and groups those test methods span.

PHPIDS » Web Application Security 2.0 » Index

by mbertier & 1 other (via)
PHPIDS (PHP-Intrusion Detection System) is a simple to use, well structured, fast and state-of-the-art security layer for your PHP based web application. The IDS neither strips, sanitizes nor filters any malicious input, it simply recognizes when an attacker tries to break your site and reacts in exactly the way you want it to. Based on a set of approved and heavily tested filter rules any attack is given a numerical impact rating which makes it easy to decide what kind of action should follow the hacking attempt. This could range from simple logging to sending out an emergency mail to the development team, displaying a warning message for the attacker or even ending the user’s session.

Projects: Transliteration Extension - Derick Rethans

by mbertier (via)
This extension allows you to transliterate text in non-latin characters (such as Chinese, Cyrillic, Greek etc) to latin characters. Besides the transliteration the extension also contains filters to upper- and lowercase latin, cyrillic and greek, and perform special forms of transliteration such as converting ligatures such as the Norwegian "æ" to "ae" and normalizing punctuation and spacing.

Jimdo and Northclick Dev-Blog » Getting the PHP fatal errors

by mbertier & 1 other (via)
One big issue of the PHP error handling is that there’s no built-in way to catch fatal errors with an user-defined error handler. So I thought a little bit about it and maybe you have better approaches or solutions … The short goal is to send the error via e-mail to the developer(s). As we are security-aware, we’re logging errors and do not display them to the world. (Hint: that should be your default on every production machine!)

Strings in PHP

by piouPiouM
This is a test to show what the difference in overall speed of using single quotes and concatenation vs. using double quotes and interpolation for strings in PHP.

2006

PHP_Beautifier

by clochix
This program reformat and beautify PHP source code files automatically. The program is Open Source and distributed under the terms of PHP Licence. It is written in PHP 5 and has a command line tool. It can convert your documents using different coding standards like PEAR, JAVA or C and has an easy to use web frontend.

PHP_CodeSniffer

by clochix & 1 other
PHP_CodeSniffer is a PHP5 script that tokenises and "sniffs" PHP code to detect violations of a defined set of coding standards. It is an essential development tool that ensures that your code remains clean and consistent. It can even help prevent some common semantic errors made by developers.

PHP Best Practices - phly, boy, phly

by mbertier, 1 comment (via)
# Comparisons of different coding standards. I'd worked up a comparison of eZ Components and Zend Framework standards to contrast against PEAR's. # Functional testing. Mike put a lot of effort into the unit testing section, and I'd done an additional section on functional testing -- testing against fixtures, such as test databases, sandbox services, etc. # Repository layout. Mike actually talked about this briefly, but we'd intended to show some designs for subversion layouts, and how to create and use branches and tags. # Subversion hook scripts. We mentioned their existence, and some uses, but we'd hoped to show how to add these to your repository, and some sample scripts. # Mailman. How to setup archived mailing lists. # Capistrano. Mike mentioned this tool in the talk, but did not have time to go into examples of usage.

PHP Security Consortium: PHPSecInfo

by mbertier & 8 others (via)
The idea behind PHPSecInfo is to provide an equivalent to the phpinfo() function that reports security information about the PHP environment, and offers suggestions for improvement. It is not a replacement for secure development techniques, and does not do any kind of code or app auditing, but can be a useful tool in a multilayered security approach.

Checklist for Securing PHP Configuration | Ayman Hourieh's Blog

by mbertier & 3 others (via)
Inside is a check list of settings that are intended to harden the default PHP installation.

Converting to MySQLi - MySQLForge Wiki

by mbertier (via)
We have good news for those of you who fear the work of converting thousands of lines of source code manually: MySQL has developed a tool which helps you with the conversion of the code.

PHP_CodeSniffer

by mbertier & 1 other (via)
PHP_CodeSniffer is a PHP5 script that tokenises and "sniffs" PHP code to detect violations of a defined set of coding standards. It is an essential development tool that ensures that your code remains clean and consistent. It can even help prevent some common semantic errors made by developers.

Template Engines

by mbertier & 6 others
In short, the point of template engines should be to separate your business logic from your presentation logic, not separate your PHP code from your HTML code.

PHP5 Exception Use Guidelines

by mbertier
This is an informal document to describe usage guidelines for exceptions in PHP5.

Recommended PHP reading list

by mbertier & 12 others (via)
Learn about PHP (Hypertext Preprocessor) with this reading list compiled for programmers and administrators by IBM Web application developers.

Active users

Jeremy B.
last mark : 27/08/2010 13:09

piouPiouM
last mark : 12/03/2010 00:13

mbertier
last mark : 11/03/2008 15:41

Krome
last mark : 23/11/2006 13:27

clochix
last mark : 21/11/2006 16:20