Hey guys,

Thought I'd make a post in this seeing as how it appears to be a dead cow waiting for flies to impale upon the flesh and bones :)

Seriously.. who all is into PHP development?

How much experience do you have?

Do you simply use PHP for its advanced service side programming capabilities or do you incorporate with one of its many support backend DB's?

What kind of development do you do? Applications with PHP, typical website with PHP sparsed throughout or content and website management apps?

My firm is active in the application development theme itself. Building B2B Ecommerce stores with integrated Email Marketing, Account Management, Inventory Management and Order Fulfillement System.

Having found this language 2.5 years ago I have been loving it ever since.

Any other PHP'ers out there lets chat!

Take care.

Aaron

I'm a newbie to PHP. Recently purchased 2 books to start the learning process. I like what I see so far.

Books are:

PHP fast & easy web development by Julie Meloni
PHP and My SQL Web Development by Luke Welling & Laura Thomson

Originally posted by F-S
I'm a newbie to PHP. Recently purchased 2 books to start the learning process. I like what I see so far.

Books are:

PHP fast & easy web development by Julie Meloni
PHP and My SQL Web Development by Luke Welling & Laura Thomson

Books are great.. however, if you really want to dive into PHP.. I suggest downloading some Scripts/Programs and picking apart the code to really learn the innerworkings of PHP-Database Development.

Regards,

Aaron

The programming side of our company is moving to almost rely exclusively on php. I don't understand it, nor do I plan on learning it, but it seems to make my life easier.
From my outsider's view, php is definitely more robust and easier to manage than asp.

Originally posted by SEO Guy
The programming side of our company is moving to almost rely exclusively on php. I don't understand it, nor do I plan on learning it, but it seems to make my life easier.
From my outsider's view, php is definitely more robust and easier to manage than asp.

It sure is! Why? Open Suurce baby! With soo many people conmtributing to the development of the Language as well as software it will surely become the #1 server side programming language, in my opinion.

I find the problem is that if I work with company's the host their own sites, etc then convincing them to provide a gateway for my to develop PHP apps/sites for them is difficult.

Everything is so MS driven they don't beleive that an Open Source offering like that of PHP CAN be better for them - performance and $$$ wise.

Its getting better though :)

Peace.

Aaron

Everything is so MS driven they don't beleive that an Open Source offering like that of PHP CAN be better for them - performance and $$$ wise.We are keeping our SQL server simply to handle old sites and companies that tranfer their hosting to us that need sql support. Everything we develop is going to php. So, when we get the re-design, we just develop on the Linux and the asp goes bye-bye. The Linux maintenance is cheaper, easier and most likely the future of hosting.

Originally posted by SEO Guy
We are keeping our SQL server simply to handle old sites and companies that tranfer their hosting to us that need sql support. Everything we develop is going to php. So, when we get the re-design, we just develop on the Linux and the asp goes bye-bye. The Linux maintenance is cheaper, easier and most likely the future of hosting.

I agree.. Linux IS better...

Howeve,r how are you dealing with client who do their own hosting where you want to implement PHP instead of ASP or ColdFusion?

Aaron

Good question. Typically, our new clients are design and e-commerce clients first, so if we get that part of the business, then we can write in php. We used to host coldfusionj, but dropped the support and changed the server to another linux box because it wasn't feasible economically.

For marketing, I deal with the site as is, unless a code clean-up is in order, so if they host themselves, we just need access and can write in the same code as it was written. However, I am very strong in my stance about the importance of clean code code in a website. I let the client know that we are limited when we work within the contraints of the current programing, especially if the site is in FontPage.

Originally posted by SEO Guy
Good question. Typically, our new clients are design and e-commerce clients first, so if we get that part of the business, then we can write in php. We used to host coldfusionj, but dropped the support and changed the server to another linux box because it wasn't feasible economically.

For marketing, I deal with the site as is, unless a code clean-up is in order, so if they host themselves, we just need access and can write in the same code as it was written. However, I am very strong in my stance about the importance of clean code code in a website. I let the client know that we are limited when we work within the contraints of the current programing, especially if the site is in FontPage.

Ahh very cool.

I'd be interested to hear more about your "client principles" as it sounds like something we could learn from. Often, we do the "song and dance" with our clients which end up costing us more time than the project was initially worth because of them wanting to retain their "current programming techniques" when in reality they are hurting their image instead of helping.

Front page is a big kiss off for us.

Some of the issues we run into as well are works that a company did their site "inhouse" and think it works wellf or them when in reality they are just holding onto their "ego" to save face.

I wish company's would let the pros DO what the pros do. Can't be everything to all people so if you just focused onw hat yuo DO best anf then bring in people for what THEY do best you'd save alot of time and money in the end run which will MAKE you money!

*shrugs*

Aaron

Came across a program that installs and configures Apache, MySql, PHP and phpMyAdmin on Windows NT, Windows 2000 or Windows XP.

Looks like a quick way to install the programing environment on a pc for testing etc.

e-novative PHP (http://php.e-novative.de/ephp.php)

Originally posted by F-S
Came across a program that installs and configures Apache, MySql, PHP and phpMyAdmin on Windows NT, Windows 2000 or Windows XP.

Looks like a quick way to install the programing environment on a pc for testing etc.

e-novative PHP (http://php.e-novative.de/ephp.php)

Actually... installing each on their own is quite easy regardless of any "program" that does it for you.

I have PHP with Apache and MySQL working on my laptop so I can use it in a presentation environment for the applications we develop.

Makes things ALOT easier when I meet with a potential client as I don't need to bug them for an Internet connection.

Just my thoughts.

Aaron

PHP is fab! I love it :D I use it for practically all of my projects.

The WELLING THOMPSON book is an excellent resource for peeps who know a little and are ready for more.

Beginners might want to checkout Larry Ullman's visual quickstart php for beginners.


here (http://www.google.com/url?sa=U&start=1&q=http://www.amazon.co.uk/exec/obidos/ASIN/0201727870/qid%3D1038931685/sr%3D1-10/ref%3Dsr_1_3_10/&e=42)


It also has a user support forum that the author and other book purchasers respond to.

Hey Craig thanks for the http://php.e-novative.de link. This looks real helpful. I'm just starting with PHP and was not sure how to proceed with a Windows XP box for now.

I use PHP all the time. I've been working with it since PHP/FI came together. Done plenty of successful sites with it. I like being able to work backwards from a prototype of the user interface, and being able to freely mix PHP code with HTML makes that easy.

I've taken groups of HTML developers through PHP coding in a few hours, and had them building new PHP/MySQL apps the same day. Gotta love a learning curve like that.

There a least a couple good "all in one" installers for Windows. While it's not all that hard to do the installs separately, Windows users are not always used to having to go in and tweak everything to work together.

I agree with everybody, PHP is so good. Im developing an booking calendar now. It's a bit tricky and i have run in to some walls and got some major thinking going. But that's how you learn. Some times it's so frustrating when you can't solve a problem and when you make it work it's so simple. The hardest part i find is to make efficient and secure code. And that you don't really know if you can optimize it more.

I also have apache, php and mysql installed on my laptop and it's so convenient. Development where every you go :)

I would like to discuss security and php, specially validating form data and header data. That is (according to my understanding) the biggest security risk.

What do you do to validate important data in the header and from a submitted form?

A couple of thoughts on this

I guess the golden rule is to never trust any data sent by the user, always assume that they are a heinous hacker trying to spoil your party.

Lots of stuff here

http://www.php.net/manual/en/security.php#security.general

validating data

PHP has some excellent built in functions for checking your user submitted data.

A commonly used and most useful one would be strip_tags

$string = strip_tags($string, '<a><b><i><u>');//allowable tags specified

Guest book, messageboard and other data that is likely to be stored in dbs or text files and outputted to the browser can be checked using the strip_tags function.

nothing worse than some smart alec entering a lot of open </table> or </tr> tags or worse still, some malicious javascript or server side code.

stripslashes is also quite useful for escapement issues to do with '


In terms of form data generally, I try to write scripts so that instead of referring to $variable, I use $HTTP_POST_VARS['variable'], $HTTP_GET_VARS['variable'], $_POST['variable'], or $_GET['variable'].

If your form uses the POST method, use $HTTP_POST_VARS['variable']; if your form uses the GET method (or you have the ?variable=value URL), use $HTTP_GET_VARS['variable']. If you have version 4.2 or later of PHP, use $_POST and $_GET accordingly. I think these are especially important.

You can also check stuff using various server side variables before the data is entered or stored in your databases using $_SERVER['HTTP_REFERER'] in combination with parse_url.

http://www.zend.com/manual/function.parse-url.php


$checker = parse_url($_SERVER['HTTP_REFERER']);
$checker= $refer['host'];
if(strstr ($checker, 'yourdomain.com')){
update the data source
}
else{
send them to timbuktoo with a flea in the ear
}

Letting the visitor know that youve logged their IP address can also be a useful psychological deterrent to any shitty behaviours.

$ip= $HTTP_SERVER_VARS['REMOTE_ADDR'];
$ip= gethostbyaddr($ip);

$message = "We welcome visitors connecting with $ip . Please note that visitors who engage in practices that are outside of our terms and conditions will prosecuted with extreme prejudice";

I am sure you are aware that there are bundles of other things to consider too, some of which are related to your server setup, administrators competance, determination of the hacker, operating system, browser type and lots more.

I am pitching a client who has a static index page with php product searches in that index page that take you to php product pages.

How can I help him with seo on any other than his static index.htm?

If I can't find a way to index the php pages I will make extra pages and optimize them or try to make product pages first and then links to the php pages.

If you can't tell me for free, what would it cost to get the anwswer? I normally build static pages first, but this guy did the typical dynamic pages first and doesn't want to have to alter the whole php thing.

Any tips, services?

Originally posted by johnm
I am pitching a client who has a static index page with php product searches in that index page that take you to php product pages.

How can I help him with seo on any other than his static index.htm?

If I can't find a way to index the php pages I will make extra pages and optimize them or try to make product pages first and then links to the php pages.

If you can't tell me for free, what would it cost to get the anwswer? I normally build static pages first, but this guy did the typical dynamic pages first and doesn't want to have to alter the whole php thing.

Any tips, services?

Google does index dynamic pages.

We have 3 clients currently that we initially developed dynamic sites for. All 3 are spidered quite deep by google. We are now going back and creating dynamic titles and updating the copy (among other items) to take advantage of the Google spidering.

Have a look at:

Google Indexing Site 1 (http://www.google.com/search?as_q=lgi&num=100&hl=en&ie=UTF-8&oe=UTF-8&btnG=Google+Search&as_epq=&as_oq=&as_eq=&lr=&as_ft=i&as_filetype=&as_qdr=all&as_occt=any&as_dt=i&as_sitesearch=www.lgiengineers.com&safe=images)

Google Indexing Site 2 (http://www.google.com/search?num=100&hl=en&lr=&ie=UTF-8&oe=UTF-8&as_qdr=all&q=Trimark+site%3Awww.etrimark.com)

Lots needs to be done to the site to make it more friendly but this is just an example to show you sites ARE being indexed.

Aaron

Validating data is a multi-part question. You can use Javascript to help with validation, such as checking that an email address is at least in a valid format.

Learning to use regular expressions is a big help. Stripslashes and strip_tags are useful, but sometimes you need to be able to do more to validate the user input.

Rob has pointed out a bunch of useful stuff there, too. Not accepting form submissions via GET, and not accepting them from another IP address or domain, are both good security measures.

Thanks Aaron, I will take a look at the server and see if there are reasons the php pages might be getting blocked. If other sites like your clients are showing up, then I should be able to get those pages in.

John

Thanks for the tip rob! Really great stuff! I'll read how that's done before some where, but i really get it know. Programming is like riding a bike, first it's hard, the you learn to ride, then you learn all the fancy stuff.

Programming is like riding a bike, first it's hard, the you learn to ride, then you learn all the fancy stuff.

Yep, sure is :) I like to think that nothing worth having is ever easy, which gives me a little boost when Im banging my head off of the wall cursing and ranting because I cannot get a script to do what I want it to do.

Rob:

Did you compile PHP with mod_dwim support? Everyone should have mod_dwim installed on their Apache server.

The "dwim" stands for "do what I mean." With mod_dwim, you just put a call to the global dwim() function and your script does exactly what you meant it to do.

You can see the current status of this project at our website, www.mod-dwim.org.

LOL! You are funny guy Dan!

Jees no I did'nt! at least I now know why I keep making bulls ups!

We've got a .NET version of DWIM for Windows 2000 servers, too, but you have to describe the whole of your intent in this life, using a complex XML schema that hasn't been documented yet, and the guy who was working on the editor is in a cell at Guantanamo Bay right now.

Open Source Rules.

Hey you guys, I just finished reading this thread right through
as I have just bought a book by Kevin Yank which takes you through PHP and MySQL. and I want to get a handle on the whole business so that I can run my own affiliate set up.

Also I understand that if you want to be accepted in the Froogle database you neeed to have a handle on this.

As a complete DUM Dum but wanting to learn, could someone please tell me the exact MEANING of the acronym PHP. I know it is is the language used to set up databases - but what does PHP stand for??

PHP stands for "personal home page" and it doesn't have much to do with what PHP has become. PHP was combined with FI (forms interpreter) to make PHP/FI, which then became PHP, which then became one of the largest open source development projects in the known universe, eventually expanding until everything humans do will be done with PHP.

exit();

.... but what does PHP stand for?? Here's (http://php3.info/manual/en/history.php) a brief history, Greg.

<<until everything humans do will be done with PHP

Shucks Danno, but my wife and I really ENJOY our bedroom sports - NOW you're telling us we gotta learn PHP to keep doing it?? :D :confused:

Thanks for that link Blue. Boy this is really cutting edge!!

Lighting a L.A.M.P. in the world [Linux, Apache, MySQL and PHP]
I love it. :D :up:

Now all I've gotta do is LEARN IT.

Don't worry Greg. In the new world order, there will be open-source PHP classes encapsulating all of the important functions. The open source thing is important, in case you need to override any of the default methods.