Trace: » php.html

[hemmerling] PHP

Conferences and Workshops

Community Meetings






  1. Code Lobster PHP Edition - “Free Portable PHP IDE (HTML, PHP, CSS, JavaScript code editor)”, “Free portable IDE for PHP/HTML/CSS/JavaScript development”, “PHP/HTML/CSS/JavaScript highlighting; advanced PHP/HTML/CSS/JavaScript autocomplete; a powerful PHP debugger; context and dynamic Help; a code validator; a SQL manager”.
  2. Eclipse - “Eclipse for PHP Developers”.
  3. phpIDE "PHP Coder" - “A free IDE developed for PHP programmers. Through tight integration of the PHP interpreter and the PHP documentation, PHP Coder gives you a time-saving Development Interface”.
  4. Sourceforge "Dev-PHP", Sourceforge "Dev-PHP" - “A well-featured integrated development environment (IDE)”.
  5. Padre - the Perl IDE”.
  6. PhpEd - latest freeware edtion of the commercial PHP editor NuSphere PhpEd for Windows, which was shipped at that time with Apache and MySQL servers.
  7. “Software Studio” - discontinued free IDE for C#, Java, VB.Net, Aspx, C++, Html, Xml, Php, JavaScript, TeX.

Just-commercial PHP IDEs

Local PHP Development Environment Systems

Free PHP Debuggers

Free PHP Tools

  • PHP Cleaner - “This little script removes the PHP line brakes you find in a lot of PHP source codes”.


Composer - Dependency Manager for PHP

Packagist - The PHP Package Repository

Application Execution in Taint Mode


Free PHP Frameworks / PHP Extensions

Neos & Flow

The Frameworks

  • The OpenSource Neos, GitHub "neos".
    • “Content Application Platform based on its own PHP framework Flow. The content management features are resting within a larger context that allows you to build a perfectly customized experience”.
    • “An open source Content Application Platform based on Flow. A set of core Content Management features is resting within a larger context that allows you to build a perfectly customized experience for your users”.
    • “A PHP web application framework focussed on Domain-Driven Design and clean code. Based on strong conventions and best practices, it allows you to rapidly create powerful web applications”.
    • “Flow Application Framework, provides MVC, DI, AOP, Security, …”.


Kohana: The Swift PHP Framework


  • LampLighter - “OpenSource rapid application development framework for PHP based on a Model-View-Controller (MVC) architecture.
    • The predecessor FUSE - “A Model View Controller framework for PHP”.


  • George Schlossnagle "PECL" - “A repository for PHP Extensions, providing a directory of all known extensions and hosting facilities for downloading and development of PHP extensions”.

PEAR - PHP Extension and Application Repository


  • The OpenSource PHP Web Framework PHPforFB - “welches das Entwickeln und Betreiben von Facebook Anwendungen und Page-Apps vereinfacht”.


Yii Framework


Embedded Software Projects with PHP

Commercial Development Tools

Cronjob Services

Free Cronjob Services

Affordable Webspace & Webhosting with Cronjob Services


Design Tips for Secure Web Applications

    • Github " airbone42/nsa-anti-patterns" - “Talk about security at PHP Unconference 2013 in Hamburg”.
      1. ”';” - SQL injection → “prepare”.
      2. Broken authenification and session management
        1. Don‘t expose session IDs.
        2. Reduce session lifetime.
        3. Regenerate session IDs.
      3. ”<” - XSS → “htmlspecialchars”.
        1. Validate input.
        2. Escape output.
        3. X-content security policy.
        4. X-frame options.
        5. Template engine.
      4. Insecure direct object reference → “require”.
        1. Validate user input.
        2. Use indirect object references.
        3. Check access permissions.
      5. Security misconfiguration.
        1. Keep your system up-to-date.
        2. Remove setup/deployment routines.
        3. Disable exposure of sensitive data.
        4. Review server settings.
      6. Sensitive data exposure passwords.
        1. Add a salt.
        2. Use different salts.
        3. Use a strong algorithm (NOT md5).
        4. Store data and keys separated.
      7. Sensitive data exposure - PHP
        1. “expose_phpOff”.
        2. Remove “phpinfo();”.
      8. Sensitive data exposure - Secure URLs.
        1. Use TLS for all pages.
        2. Use secure cookie flag.
        3. Keep sensitive data out of the URL.
      9. Missing function level access control.
        1. Standard should disallow all access.
        2. Use roles to keep ACL simple.
        3. ACL model should be very flexible.
        4. Check privileges on each step.
      10. Cross-site request forgery.
        1. Use one-time-token and secure it.
        2. Authenticate user.
          1. Credentials.
          2. Captcha.
      11. Unvalidated redirects and forwards.
      12. Using components with known vulnerabilities.
        1. Keep libraries up-to-date ( ).
        2. Review third party libraries.
        3. Check mailing lists, boards, news- and vendor-sites.
      13. Mail header injection.
      14. Security by obscurity “The neighbours have better stuff”.


Paper Magazines




Code Style

Data Structures

Debugging, Errors, Exceptions

Dependency Injection

Execute Code in other PHP Files


HTML & Web Server Interface

Migration PHP4/PHP5 ( MySQL ) to PHP 7 ( MySQLi )



Insert Data

Retrieve Data


VS.Code on my Development System

  • “Settings / Extensions/ PHP / Validate: Executable Path”.
"php.validate.executablePath": "C:\\int\\w64\\net\\xampp\\php\\php.exe"


Forums, Newsgroups

Appropriate OpenDirectory Directory Pages

en/php.html.txt · Last modified: 2023/11/30 21:56 (external edit) · []
Recent changes RSS feed Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki