Monday, August 20, 2012

Announcing the CyclonePHP project

In this blog post I'm announcing the CyclonePHP project for the PHP developer community.

In short, CyclonePHP is (will be) an application development framework for PHP 5.3 consisting of some loosely coupled libraries. The aim of the project is to provide a reliable RAD solution for web developers willing to create medium-sized business applications with fairly long maintenance interval. CyclonePHP is developed with keeping in mind both reliable functionality and small resource cost (performance overhead caused by the framework) in mind. The main goal is to keep the code simple, meaning that simple things should be easy to implement for the framework users, but making it flexible and extensible enough to develop complex functionalities too. The core of the framework consists of a small core library containing a lightweight router and request dispatcher built on the HMVC design pattern in addition to a good set of helper (utility) classes. The core library of the framework is based on Kohana 3.0.7.

Friday, September 2, 2011

strip_tags() is not enough

All web developers know that any kind of text which comes from user input, should be sanitized before rendering. You must remove all dangerous HTML tags to avoid HTML and Javascript injections, XSS attacks - good old well-known issues, I'm not going to bore you with their concept. When you sanitize the input, in most of the cases you don't want to remove all HTML tags, you want to give your user the freedom to use some formatting tags. PHP has a built-in function to do that called strip_tags() and it is used widely by PHP developers. As a quick reminder let's see how to use it:
$secure_text = strip_tags($original_text, '<b><i>'); // we only allow the <b> and <i> tags, everything else will be removed
Do you feel peaceful, calming sense of safety? You shouldn't ;)

Monday, July 11, 2011

Getters, setters, performance

The usage of getter and setter methods instead of public attributes became very popular in the PHP community, and it's going to become the standard coding convention of so many PHP libraries and frameworks. On the other hand many developers - including me too - strongly unrecommend such convention, because of its performance overhead. I wanted to make some performance comparison for years, and today I had time to do that. In this post I would like to show what I found.

Friday, May 27, 2011

Using __invoke() in PHP 5.3

In PHP 5.3 one of the new magic methods was __invoke(). PHP 5.3.0 is not really a new stuff but I have seen nobody using __invoke() yet. In this post I will try to find some use cases when it can be useful.

Tuesday, May 17, 2011

Book review: Dive into HTML5

Inspired by the review published by Gábor Török I bought the book Dive Into HTML5 by Mark Pilgrim. I finished reading it yesterday, and in short I'm a bit disappointed.

First of all I should mention that I'm not the primarily targeted reader of the book since I'm mainly a PHP developer and I'm not really a HTML guy. Since HTML5 is not only HTML but also CSS and JS I was interested in the new features - now it's high time to learn them - but primarily I was interested in the new Javascript API-s. The following review is totally subjective, please read it from the aspect of somebody who sometimes works with the described technologies but definitely not all the time.

Monday, January 24, 2011

Creating an interactive debugger for PHP

Last night I created a prototype for an interactive debugger for PHP without the need of any IDE-plugin. In this post I'm going to show what I found. Unfortunately you will need some time to put the environment together, but I think it's worth doing it.

My target was to create a way how you can view and modify your variables manually at runtime, only by inserting one line code. So let's overview what we are going to do and what we need:

Sunday, January 2, 2011

Request execution in Kohana 3.1

Yesterday Kohana 3.1 RC1 has been announced and tagged. I think now it's time to get familiar it. In this post I'm going to examine the refactored request execution workflow.