HTML title of the PHP page "require.php"

====== [hemmerling] PHP ====== Related pages: *[[uscripting.html|Scripting Programming Languages for Unix / Linux and Windows]]. ===== Conferences and Workshops ===== ==== Community Meetings ==== *[[http://www.meetup.com/PHP-Usergroup-Hannover/|Meetup "PHP Usergroup Hannover"]]. *[[http://www.meetup.com/Hannover-Drupal-Group/|Meetup "Hannover Drupal Group"]]. ==== Conferences ==== *The commercial [[http://www.phpconference.com/en/|International PHP Conference]] in München ( Autumn ) and Berlin ( early Summer ). *[[http://phpconference.com/archive/|International PHP Conference "Archive"]] 2016-2019. *2021. *2021-06-07 - 2021-06-11 - "Remote. International PHP Conference Berlin". *2021-10-25 - 2021-10-29 - "IPC Munich - The Hybrid Conference". * [[http://www.bootev.org/|BOOT - Best of Open Technologies e.V.]]. *[[http://www.github.com/bootev|GitHub "bootev"]]. *[[http://www.phpuceu.org/|PHP Unconference]] ( #PHPucEU ) 2011-2016. *[[http://www.phpuceu.org/archive-1/phpuceu-2013/|PHP Unconference 2013]] in Berlin, 2013-05-04 - 2013-05-05. *[[http://web.archive.org/web/*/http://weuceu.org/|Archive.org "Web Engineering Unconference Europe (former PHP Unconference Europe)"]], 2017-2019. *The affordable unconference [[http://www.php-unconference.de/|PHP Unconference Hamburg]]. *[[http://www.php-unconference.de/|PHP Unconference Hamburg 2016]] in Hamburg, 2016-09-17 - 2015-09-18. *[[http://www.php-unconference.de/archiv/2015/|PHP Unconference Hamburg 2015]] in Hamburg, 2015-09-19 - 2015-09-20. *[[http://www.php-unconference.de/archiv/2014/|PHP Unconference Hamburg 2014]] in Hamburg, 2014-09-20 - 2014-09-21. *[[http://www.php-unconference.de/archiv/2013/|PHP Unconference Hamburg 2013]] in Hamburg, 2013-09-21 - 2013-09-22. I participated :-). *[[http://www.php-unconference.org/voteyourtalk/index.php/default/index/|PHP Unconference Hamburg - Themenliste, Interessen und Vortrags-Angebote (Vorschläge)]]. *[[http://www.php-unconference.de/anfahrt-unterkunft/|PHP Unconference Hamburg - Anfahrt]]. *~~[[http://www.php-unconference.de/2010/09/15/hinweise-f%C3%BCr-teilnehmer/|PHP Unconference Hamburg 2010 "Hinweise für Teilnehmer"]]~~, as of 2010. *Twitter. *[[http://www.twitter.com/phpunconference/|Twitter "OrgaTeam PHP Unconf @phpunconference"]]. *[[http://www.twitter.com/search?q=%23phpunconf|Twitter - Search for messages tagged with "#phpunconf"]]. *Twitter hashtag "#phpunconf". *2013. *bread rolls in the morning, warm lunch, cake in the afternoon. Free soft drinks, coffee & tea. *Saturday, 2013-09-21. *[[http://goo.gl/0W6Mec|PHP Unconference Hamburg "Session Plan Saturday 2013]]. *09:30 Entry open. *10:30 Official opening of the unconference. *12:00 First session starts. *18:30 Last session ends. *19:00 Walk to the evening event "PHProst" *Sunday, 2013-09-22. *[[http://goo.gl/tv2XVt|PHP Unconference Hamburg "Session Plan Sunday 2013]]. *10:00 Opening of the second day of the unconference. *11:00 First session starts. *17:30 Unconference ends. *[[http://www.php.ruhr/|PHP.RUHR]] in Dortmund. *[[http://2021.php.ruhr/|PHP Ruhr. Web Development & Digital Commerce. 2021 Hybrid Edition]]. *2020 :-(. *[[http://2019.php.ruhr/|PHP Ruhr 2019]] in Dortmund. *[[http://2018.php.ruhr/|PHP Ruhr 2018]] in Dortmund. *[[http://2017.php.ruhr/|PHP Ruhr 2017]] in Dortmund. *[[http://2016.php.ruhr/|PHP Ruhr 2016]] in Dortmund. *[[http://2015.php.ruhr/|PHP Ruhr 2015]] in Witten. *[[http://2014.php.ruhr/|PHP Ruhr 2014]] in Witten. *[[http://www.meetup.com/phpruhr/|Meetup "PHP.RUHR Web Development Community"]]. *[[http://www.phpkonf.org/|PHPkonf]], Turkey. *[[http://2020.phpkonf.org/|PHPkonf 2020]] - "Normally, A PHP conference in Istanbul, the city that connects Europe and Asia. But pandemic it's Online". Tickets "Free". *[[http://2021.phpkonf.org/|PHPkonf 2021]] - "Normally, A PHP conference in Istanbul, the city that connects Europe and Asia. But pandemic it's Online". Tickets "Free". *[[http://www.thephp.cc/|thePHP.cc]], Germany - "Deutsch". *[[http://www.thephp.cc/termine|thePHP.cc "Termine"]]. *[[http://www.thephp.cc/dates/2021/01/the-online-php-conference|thePHP.cc "The Online PHP Conference 2021. A conference on professional software development and the PHP technology stack"]], 2021-01-18 - 2021-01-22. *Review: [[http://www.in2it.be/2021/01/the-online-php-conference/|in2it, Michelangelo van Dam "The Online PHP Conference"]]. ==== Workshops ==== *[[http://www.nevercodealone.de/|Roland Golla]] - "Never Code Alone". *[[http://www.youtube.com/c/NeverCodeAlone/|YouTube "Never Code Alone"]]. *Live streaming of events => See "Upcoming live streams" on the channel page, at top. *[[http://www.github.com/nevercodealone|GitHub "Never Code Alone ( nevercodealone )"]]. *[[http://www.xing.com/profile/Roland_Golla/|XING "Roland Golla"]]. *[[http://www.linkedin.com/in/rolandgolla/|LinkedIn "Roland Golla"]]. *[[http://www.facebook.com/nevercodealone/|Facebook "Never Code Alone, @nevercodealone"]]. *[[http://plus.google.com/110472147669354156019|Google+ "Never Code Alone"]]. *[[http://www.twitter.com/nevercodealone|Twitter "Never Code Alone, @nevercodealone"]] - "PHP-Workshops kostenlos in NRW - Initiative für Software-Qualität". *Blog [[http://blog.nevercodealone.de/|Roland Golla, "Never Code Alone" – Blog Für Webdeveloper und Unternehmer]]. *[[http://nevercodealone.slack.com/|Slack "Never Code Alone"]], 2020. *Hand-on coding event 2016-08-20. *[[http://blog.nevercodealone.de/gelungener-start-fuer-duisburger-webdevelopment-projekt/|Never Code Alone – Blog Für Webdeveloper und Unternehmer "Gelungener Start für Duisburger Webdevelopment-Projekt Never Code Alone Event"]], [[http://blog.nevercodealone.de/ablaufplan-kostenlosen-live-coding-workshops-php-webdevelopment/|Never Code Alone – Blog Für Webdeveloper und Unternehmer "Ablaufplan Live Coding Workshop 1. Event in Duisburg mit PHP-Workshop"]], 2016-08-20. *[[http://www.xing.com/events/kostenloser-php-workshop-never-code-alone-catering-1711690|XING "Kostenloser PHP-Workshop Never Code Alone mit Catering"]]. *Suggested software installation: *XAMPP ( for Windows fans :-) ). *"Codeception" framework for browser-based website testing, using "Selenium". *PHPUnit. *PHP Editor, e.g. Sublime2. *Project: [[http://www.github.com/Entwicklungshilfe-NRW/magentoModulRefactoringBox|GitHub "Entwicklungshilfe-NRW/magentoModulRefactoringBox"]] with Magento webshop, PHP Framework "Flow" - the base for the "Neos" -. *Proceedings: *"Teilnahme ist kostenlos und idealerweise verbindlich Planungssicherheit und Fairness sind wichtig – gerade bei einer limitierten Anzahl an Teilnehmern. Daher sollte die Zusage zum Event möglichst verbindlich sein. Sich einfach nur 'blind' einzutragen und dann am Ende nicht kommen zu können, ist also eher suboptimal für alle Beteiligten. Deshalb nutzt Never Code Alone den Dienst Eventbrite. Hier zahlt jeder Teilnehmer den symbolischen Ticketpreis von 10,00 Euro zzgl. 1,40 Euro für den Dienst, bekommt die 10,00 Euro jedoch am Event-Tag selbst gegen Vorlage des ausgedruckten Tickets zurückerstattet". *"Wir werden zusammen coden mit einer Funktastatur und uns viel austauschen. Du kannst dir schon mal [[http://www.github.com/Entwicklungshilfe-NRW/magentoModulRefactoringBox|GitHub "Entwicklungshilfe-NRW/magentoModulRefactoringBox"]] und schauen, ob du auf der Maschine einen Unit-Test ausführen kannst. Ansonsten werden wir an dem Tag ja Live-Coding Sessions haben, wo alle mitmachen und sich einbringen können. Die vierte Session werden wir auch alle coden. Die Tastatur geht rum und da muß jeder mal ran". *[[http://nevercodealone.de/de/fullstack-php-ncaevent|Roland Golla, "Never Code Alone" - "Fullstack PHP #NCAEvent"]] in Düsseldorf, 2021-09-18. *Event: *Live event: *The live event was originally planned to happen at new coworking space ~~"Bauwerk118", Heyestrasse 152, D-40625 Düsseldorf~~. *[[http://www.baumensch.de/projekte/hochbunker-in-duesseldorf-wird-zum-wohnhaus/|Baumensch "Hochbunker in Düsseldorf wird zum Wohnhaus"]]. *Live event now happens at [[http://www.krankikom.de/|Krankikom GmbH]]. *YouTube live streaming :-). *Premium sponsor [[http://www.valantic.com/|valantic GmbH]]. *Speaker introductions: *[[http://www.youtube.com/watch?v=3fjm3FbZz3M|YouTube "Infection Mutation Testing, Kinderbetreuung, Shuttleservice uvm."]]. *[[http://www.youtube.com/watch?v=4he5--1w9m8|YouTube "Rector PHP Live Coding NCAEvent Duisburg Preview mit Sebastian Schreiber"]]. *[[http://www.youtube.com/watch?v=Hur5SzwiLiQ|YouTube "Symfony Forms Deep Dive Alexander M. Turek Dive Preview Video NCAEvent"]]. *[[http://www.youtube.com/watch?v=7VuNE-0jF38|YouTube "Symfony Fullstack CMS Sulu Live Coding NCAEvent mit Roland Golla"]]. *[[http://www.nevercodealone.de/de/nca-events/delos|Roland Golla, "DELOS Never Code Alone Event"]] in Dorsten, 2022-07-09. ===== Runtime ===== *[[http://www.php.net/| The PHP Group "php.net"]]. *"PHP 5.2 Windows Binaries" are the latest version with W2k support, compiled with legacy Visual Studio 6 compiler. *"PHP 5.3 Windows Binaries" run on WinXP, Win2003, Vista, Win2008, Win7..., compiled with Visual Studio 2008 compiler. *[[http://www.php.net/manual/|PHP Manual]]. *[[http://www.php.net/manual/en/class.pdo.php|PHP Manual - The PDO class]] - "Represents a connection between PHP and a database server". *[[http://php.net/manual/en/ref.pdo-dblib.php|PHP Manual - PDO Drivers "Microsoft SQL Server and Sybase Functions (PDO_DBLIB)"]] - "PDO_DBLIB is a driver that implements the PHP Data Objects (PDO) interface to enable access from PHP to Microsoft SQL Server and Sybase databases through the FreeTDS libary". *[[http://www.php.net/manual/en/mysqli-result.fetch-array.php|PHP Manual "mysqli_fetch_array"]] - Won't be found by the search engine of the website, just by Google search. *As of 2016-08, there are 2 versions of PHP: -PHP 5.6 stable. -PHP 7 with new features ( similar to JS 4,5,..). ===== PHP IDEs ===== ==== Free PHP IDEs ==== -[[http://www.codelobster.com/|Code Lobster PHP Edition]] - "Free Portable PHP IDE (HTML, PHP, CSS, JavaScript code editor)", "Free portable IDE for PHP/HTML/CSS/JavaScript development", "PHP/HTML/CSS/JavaScript highlighting; advanced PHP/HTML/CSS/JavaScript autocomplete; a powerful PHP debugger; context and dynamic Help; a code validator; a SQL manager". -[[http://www.eclipse.org|Eclipse]] - "Eclipse for PHP Developers". -[[http://www.netbeans.org/features/php/|NetBeans IDE - PHP Development]]. -[[http://www.phpide.com/phpcoder.htm|phpIDE "PHP Coder"]] - "A free IDE developed for PHP programmers. Through tight integration of the PHP interpreter and the PHP documentation, PHP Coder gives you a time-saving Development Interface". *For W2k, you might have to install the DLL "[[http://www.dll-files.com/dllindex/dll-files.shtml?libmysql|libmysql.dll]]" in "C:\winnt\system32". *PHP documentation -> [[http://www.php.net/download-docs.php|php.net "PHP Documentation Download"]]. *MySQL documentation -> [[http://dev.mysql.com/doc/|MySQL Documentation: MySQL Reference Manuals]]. You have to copy the file "index.html" to "manual_toc.html". *HTML documentation -> [[http://www.htmlhelp.com/|Web Design Group's Help file Distribution Page]]. You have to copy the file "index.html" to "manual_toc.html". *PHP runtime -> [[http://windows.php.net/download/|php.net "PHP For Windows: Binaries and sources Releases"]]. -[[http://devphp.sourceforge.net/|Sourceforge "Dev-PHP"]], [[http://www.sourceforge.net/projects/devphp/|Sourceforge "Dev-PHP"]] - "A well-featured integrated development environment (IDE)". -[[http://padre.perlide.org/|Padre]] - the Perl IDE". *[[http://www.phpbar.de/w/Padre_%2B_PHP-Plugin|php::bar "Padre + PHP-Plugin"]]. -[[http://download.kappa.ro/action__file/id__174|PhpEd 2.96.1.2]] - latest freeware edtion of the commercial PHP editor [[http://www.nusphere.com/|NuSphere PhpEd]] for Windows, which was shipped at that time with Apache and MySQL servers. -"Software Studio" - discontinued free IDE for C#, Java, VB.Net, Aspx, C++, Html, Xml, Php, JavaScript, TeX. *[[http://www.shareup.com/Software_Studio-download-19103.html|ShareUp "Software Studio 0.4.BF1"]], 2004-01-22. *[[http://www.topshareware.com/Software-Studio-download-12244.htm|TopShareware "Software Studio"]], 2004-02-20. *latest version 2004-05-28. *The free [[http://www.microsoft.com/web/webmatrix|Microsoft/web "WebMatrix"]] - "A free, lightweight, cloud-connected web development tool" *[[http://en.wikipedia.org/wiki/Microsoft_WebMatrix|EN.Wikipedia "Microsoft WebMatrix"]], [[http://de.wikipedia.org/wiki/Microsoft_WebMatrix|DE.Wikipedia "Microsoft WebMatrix"]] - "with full support for ASP.NET, PHP, Node.js and HTML 5". ==== Just-commercial PHP IDEs ==== *[[http://www.jetbrains.com/phpstorm/|JetBrains "PhpStorm"]]. *[[http://en.wikipedia.org/wiki/IntelliJ_IDEA|EN.Wikipedia "IntelliJ IDEA"]], [[http://de.wikipedia.org/wiki/IntelliJ_IDEA|DE.Wikipedia "IntelliJ IDEA"]]. *[[http://en.wikipedia.org/wiki/PhpStorm|EN.Wikipedia "PhpStorm"]], [[http://de.wikipedia.org/wiki/PhpStorm|DE.Wikipedia "PhpStorm"]]. ==== Local PHP Development Environment Systems ==== *DDEV. *[[http://www.github.com/drud/ddev|GitHub "DDEV-Local: a local PHP development environment system"]]. *[[http://ddev.readthedocs.io/|ReadTheDocs "DDEV-Local Documentation"]]. *[[http://phpconference.com/blog/ddev-local-one-for-all/|International PHP Conference ( IPC ) Blog "DDEV-Local: One for all! A single local development environment for all PHP projects"]], 2020-11. *[[http://docs.neos.io/cms/installation-development-setup/all-platforms-using-ddev-and-docker|NEOS "Docker Setup using DDEV and Docker (all Platforms). For Windows, Mac OS and Linux, using ddev can be a good way to move to a dockerized setup"]]. *[[http://docs.typo3.org/m/typo3/guide-contributionworkflow/master/en-us/Appendix/SettingUpTypo3Ddev.html|Typo3 "Setting up TYPO3 with DDEV"]]. ===== Free PHP Debuggers ===== -[[http://gubed.mccabe.nu/|Gubed PHP Debugger]]. -[[http://www.php-debug.com/|PHP_Debug]], [[http://phpdebug.sourceforge.net/|Sourceforge "PHP_Debug"]], [[http://www.sourceforge.net/projects/phpdebug/|Sourceforge "PHP_Debug"]], [[http://pear.php.net/package/PHP_Debug|PEAR "PHP_Debug"]]. -[[http://www.php-debugger.com/|DBG - PHP Debugger and Profiler]], [[http://dbg2.sourceforge.net/|PHP debugger DBG]], [[http://www.sourceforge.net/projects/dbg2/|PHP debugger DBG]]. -[[http://php-dyn.sourceforge.net/|Sourceforge "PHP_Dyn - PHP Dynamic Script Tracer"]], [[http://www.sourceforge.net/projects/php-dyn/|Sourceforge "PHP_Dyn - PHP Dynamic Script Tracer"]]. -[[http://xdebug.org/|Xdebug - Debugger and Profiler Tool for PHP]]. -[[http://code.google.com/p/webgrind/|Google Code "Webgrind"]] - "An Xdebug profiling web frontend in PHP5". -[[http://pecl.php.net/package/apd|George Schlossnagle "PECL" / "apd"]] - "A full-featured engine-level profiler/debugger". ===== Free PHP Tools ===== *[[http://www.sharewareconnection.com/php-cleaner.htm|PHP Cleaner]] - "This little script removes the PHP line brakes you find in a lot of PHP source codes". ===== Packages ===== ==== Composer - Dependency Manager for PHP ==== *[[http://www.getcomposer.org/|Composer - Dependency Manager for PHP]]. ==== Packagist - The PHP Package Repository ==== *[[http://www.packagist.org/|Packagist - The PHP Package Repository]]. ===== Application Execution in Taint Mode ===== *[[http://pecl.php.net/package/taint|php PECL - Package "taint"]]. *[[http://www.php.net/manual/en/book.taint.php|php Documentation "Taint"]] - "Taint is an extension, which is used for detecting XSS codes(tainted string). And also can be used to spot sql injection vulnerabilities, and shell inject, etc". *[[http://en.wikipedia.org/wiki/Taint_checking|EN.Wikipedia "Taint checking"]]. ===== Testing ===== *See [[testing.html|Testing]]. ===== Free PHP Frameworks / PHP Extensions ===== ==== Neos & Flow ==== === The Frameworks === *The OpenSource [[http://www.neos.io/|Neos]], [[http://www.github.com/neos/|GitHub "neos"]]. *"Content Application Platform based on its own PHP framework Flow. The content management features are resting within a larger context that allows you to build a perfectly customized experience". *"An open source Content Application Platform based on Flow. A set of core Content Management features is resting within a larger context that allows you to build a perfectly customized experience for your users". *[[http://flow.neos.io/|Neos "The Flow framework"]], [[http://www.github.com/neos/flow|GitHub "neos/flow"]]. *[[https://flowframework.readthedocs.io|ReadTheDocs "Flow dev-master Documentation"]] *"A PHP web application framework focussed on Domain-Driven Design and clean code. Based on strong conventions and best practices, it allows you to rapidly create powerful web applications". *"Flow Application Framework, provides MVC, DI, AOP, Security, …". === Resources === *t3n. *[[http://www.t3n.de/magazin/php-framework-typo3-flow-232730/|t3n "Einstieg in TYPO3 Flow: Erste Schritte mit dem PHP-Framework"]], 2015. *[[http://www.t3n.de/news/php-framework-flow-version-30-630430/|t3n "PHP-Framework Flow in Version 3.0 erschienen – Das ist neu"]], 2015. *[[http://en.wikipedia.org/wiki/TYPO3_Flow|EN.Wikipedia "TYPO3 Flow"]], [[http://de.wikipedia.org/wiki/TYPO3_Flow|DE.Wikipedia "TYPO3 Flow"]] ==== Kohana: The Swift PHP Framework ==== *[[http://www.kohanaframework.org/|Kohana: The Swift PHP Framework]] - "An elegant HMVC PHP5 framework that provides a rich set of components for building web applications". ==== LampLighter ==== *[[http://www.lamplighterphp.org/|LampLighter]] - "OpenSource rapid application development framework for PHP based on a Model-View-Controller (MVC) architecture. *The predecessor [[http://www.phpfuse.net/|FUSE]] - "A Model View Controller framework for PHP". ==== PECL ==== *[[http://pecl.php.net/|George Schlossnagle "PECL"]] - "A repository for PHP Extensions, providing a directory of all known extensions and hosting facilities for downloading and development of PHP extensions". ==== PEAR - PHP Extension and Application Repository ==== *[[http://pear.php.net/|PEAR - PHP Extension and Application Repository]] - "A framework and distribution system for reusable PHP components". ==== PHPforFB ==== *The OpenSource PHP Web Framework [[http://www.phpforfb.com/|PHPforFB]] - "welches das Entwickeln und Betreiben von Facebook Anwendungen und Page-Apps vereinfacht". ==== Symfony ==== *The Open-Source PHP Web Framework "Symfony". *The outdated [[http://www.symfony-project.org/|Symfony]]. *The current [[http://symfony.com/|Symfony]] 2. *Wiki [[http://trac.symfony-project.org/wiki/|Symfony Wiki]]. *[[http://en.wikipedia.org/wiki/Symfony|EN.Wikipedia "Symfony"]], [[http://de.wikipedia.org/wiki/Symfony|DE.Wikipedia "Symfony"]]. ==== Yii Framework ==== *[[http://www.yiiframework.com/|Yii Framework]]. *Reference customer are the social communities [[http://www.flirtmoms.com/|Flirtmoms]] & [[http://www.flirtmuttis.com/|FlirtMuttis]]. ==== Zend ==== *[[http://www.zend.com/en/products/server-ce/|Zend Server Community Edition]] - "A fast and reliable free PHP application stack". *[[http://www.zend.com/de/community/|Zend Community]]. *[[http://devzone.zend.com/|Zend Developer Zone (DevZone)]]. *Once there was a [[http://web.archive.org/web/*/http://de.zend.com/store/products/zend-studio-personal.php|Archive.Org "Zend Studio Personal Edition, version 3.5"]], free for non-commercial use, in 2005. ===== Embedded Software Projects with PHP ===== *"Building A Sensor Phalanx on Arduino, controlled by PHP on a client host" - See [[fieldbus.html|Fieldbuses and Automation Networks]]. ===== Commercial Development Tools ===== *The commercial IDE [[http://www.jetbrains.com/phpstorm/|JetBrains "PhpStorm"]] for Windows. ===== Cronjob Services ===== ==== Free Cronjob Services ==== *The free Cronjob service [[http://www.cronjob.de/|CRONJOB.DE - Europas führender Cronjob-Service!]]. *The free Cronjob service [[http://www.cronless.com/|Cronless - Online Cron Job Replacement Service]]. *The free Cronjob service [[http://www.easycron.com/|easycron.com]]. *The free Cronjob service [[http://www.free-cronjob24.de/|free-cronjob24.de]]. *The free Cronjob service [[http://www.mywebcron.com/|My Free Web Cron Scheduler Service]]. *The free Cronjob service [[http://www.onlinecronjobs.com/|OnlineCronJobs - Free cronjobs on demand]]. *The free Cronjob service [[http://www.setcronjob.com/|SetCronJob - Reliable Cron Jobs Service with simple WebCron interface]]. ==== Affordable Webspace & Webhosting with Cronjob Services ==== ==== Resources ==== *[[http://en.wikipedia.org/wiki/Cron|EN.Wikipedia "cron"]], [[http://de.wikipedia.org/wiki/Cron|DE.Wikipedia "Cron"]]. *[[http://en.wikipedia.org/wiki/Daemon_%28computing%29|EN.Wikipedia "Daemon (computing)"]], [[http://de.wikipedia.org/wiki/Daemon|DE.Wikipedia "Daemon"]]. ===== Design Tips for Secure Web Applications ===== *[[http://www.owasp.org/|OWASP - The free and open software security community]]. *[[http://www.owasp.org/index.php/Category:OWASP_Top_Ten_2013_Project|Category:OWASP Top Ten 2013 Project]]. *[[http://www.twitter.com/airbone42|Twitter "Tobias Zander, @airbone42"]]. *[[http://www.github.com/airbone42/nsa-anti-patterns|Github " airbone42/nsa-anti-patterns"]] - "Talk about security at PHP Unconference 2013 in Hamburg". -"';" - SQL injection -> "prepare". -Broken authenification and session management -Don‘t expose session IDs. -Reduce session lifetime. -Regenerate session IDs. -"<" - XSS -> "htmlspecialchars". -Validate input. -Escape output. -X-content security policy. -X-frame options. -Template engine. -Insecure direct object reference -> "require". -Validate user input. -Use indirect object references. -Check access permissions. -Security misconfiguration. -Keep your system up-to-date. -Remove setup/deployment routines. -Disable exposure of sensitive data. -Review server settings. -Sensitive data exposure passwords. -Add a salt. -Use different salts. -Use a strong algorithm (NOT md5). -Store data and keys separated. -Sensitive data exposure - PHP -"expose_phpOff". -Remove "phpinfo();". -Sensitive data exposure - Secure URLs. -Use TLS for all pages. -Use secure cookie flag. -Keep sensitive data out of the URL. -Missing function level access control. -Standard should disallow all access. -Use roles to keep ACL simple. -ACL model should be very flexible. -Check privileges on each step. -Cross-site request forgery. -Use one-time-token and secure it. -Authenticate user. -Credentials. -Captcha. -Unvalidated redirects and forwards. -Using components with known vulnerabilities. -Keep libraries up-to-date ( [[http://www.versioneye.com/|versioneye.com]] ). -Review third party libraries. -Check mailing lists, boards, news- and vendor-sites. -Mail header injection. -Security by obscurity "The neighbours have better stuff". ===== Literature ===== ==== Paper Magazines ==== *[[http://www.phpmagazin.de/|PHP Magazin]] - "PHP, JavaScript, Open Web Technologies". *[[http://www.github.com/PHPMagazin|GitHub "PHPMagazin"]]. *[[http://www.facebook.com/pages/PHP-Magazin/239886639433387|Facebook "PHP Magazin"]]. *[[http://www.twitter.com/phpmagazin|Twitter "PHP Magazin, @phpmagazin"]]. ==== Books ==== *Book [[http://www.amazon.de/exec/obidos/ASIN/3898642291/hemmerling-21|Sebastian Bergmann "Professionelle Softwareentwicklung mit PHP 5: Objektorientierung, Entwurfsmuster, Modellierung und fortgeschrittene Datenbankprogrammierung"]]. *The free HTML online book [[http://professionelle-softwareentwicklung-mit-php5.de/|Sebastian Bergmann "Professionelle Softwareentwicklung mit PHP 5: Objektorientierung, Entwurfsmuster, Modellierung und fortgeschrittene Datenbankprogrammierung"]], as of 2013-01-15. *Book [[http://www.amazon.de/exec/obidos/ASIN/3826614828/hemmerling-21|Hannes Gassert, Manfred Gildemeister, Mathias Lehn: "PHP de Luxe"]] - "PHP 5 Edition" #. *buecherbillig.de 100% ( [[http://www.buecherbillig.de/luxe-edition-seiten-p-44299.html|Hannes Gassert, Manfred Gildemeister, Mathias Lehn: "PHP de Luxe"]] ). *Book [[http://www.amazon.de/exec/obidos/ASIN/382661318X/hemmerling-21|Jay Greenspan, Brad Bulger, David Wall: "MySQL/PHP-Datenbankanwendungen"]]. *buecherbillig.de 100% ( [[http://www.buecherbillig.de/mysql-datenbankanwendungen-p-43371.html|Jay Greenspan, Brad Bulger, David Wall: "MySQL/PHP-Datenbankanwendungen"]] ). *Book [[http://www.amazon.de/exec/obidos/ASIN/3827323908/hemmerling-21|Andi Gutmans, Stig S. Bakken, Derick Rethans: "PHP 5 aus erster Hand. Das Entwicklerhandbuch für Profis"]]. *Book [[http://www.amazon.de/exec/obidos/ASIN/3826616804/hemmerling-21|Philipp Rieber: "PHP 5 & MySQL 5 Kochbuch: Rezepte, Lösungen, Best Practices"]]. *Accompanying website [[http://www.php-mysql-kochbuch.de/|PHP 5 und MySQL 5 - Das Kochbuch]]. *The free online HTML book [[http://www.brpreiss.com/books/opus11/|Bruno R. Preiss "Data Structures and Algorithms with Object-Oriented Design Patterns in PHP"]]. ===== Tips&Tricks ===== ==== API ==== *[[http://www.php.net/manual/en/mysqlinfo.api.choosing.php|PHP "Choosing an API"]]. ==== Code Style ==== *[[http://www.stackoverflow.com/questions/10827545/php-or-html-first-or-does-it-matter|StackOverflow "PHP or HTML first or does it matter?"]]. *[[http://www.stackoverflow.com/questions/34549513/keep-php-and-html-separated|StackOverflow "Keep PHP and HTML separated"]] - " Use include_once() instead of include". *[[https://stackoverflow.com/questions/16688398/what-is-the-difference-between-echo-with-braces-and-without-braces-and-why-do-b|StackOverflow "What is the difference between echo with braces and without braces, and why do both methods exist?"]]. ==== Data Structures ==== *[[http://www.php.net/manual/en/language.variables.scope.php|PHP "Variable scope"]] - "global $a, $b". *[[http://www.stackoverflow.com/questions/1811100/how-do-i-declare-a-two-dimensional-array/73199115|StackOverflow "How do I declare a two dimensional array?"]]. ==== Debugging, Errors, Exceptions ==== *[[http://support.hostinger.com/en/articles/1583189-how-to-hide-errors-and-warnings-on-your-website|Hostinger Support "How to Hide Errors and Warnings on Your Website"]]. *[[http://www.php.net/manual/en/function.error-reporting.php|PHP "error_reporting"]]. *[[http://www.php.net/manual/en/function.mysqli-report.php|PHP "mysqli_report"]]. *[[http://www.stackify.com/display-php-errors/|Stackify "Display All PHP Errors: Basic & Advanced Usage"]], 2020. *[[http://www.stackoverflow.com/questions/5580039/fatal-error-uncaught-exception-mysqli-sql-exception-with-message-no-index-us|StackOverflow "Fatal error: Uncaught exception 'mysqli_sql_exception' with message 'No index used in query/prepared statement'"]]. *[[http://stackoverflow.com/questions/1987579/remove-warning-messages-in-php|StackOverflow "Remove warning messages in PHP"]]. *[[http://www.stackoverflow.com/questions/11377026/phpinfo-is-not-working-it-shows-blank-page-but-other-php-working|StackOverflow "phpinfo() is not working it shows blank page but other php working"]] - "Check your php.ini file, for '386:disable_functions = show_source, system, shell_exec, passthru, exec, phpinfo, popen, proc_open'". ==== Dependency Injection ==== *[[http://fabien.potencier.org/what-is-dependency-injection.html|Fabien Potencier "What is Dependency Injection?"]] - "This article is part of a series on Dependency Injection in general and on a lightweight implementation of a Container in PHP in particular". *[[http://www.stackoverflow.com/questions/3193774/php-global-variable-is-undefined-inside-a-function-even-if-global-keyword-is-use|StackOverflow "PHP global variable is undefined inside a function even if global keyword is used"]] - "Do yourself a favor and use Dependency Injection".


function myfunc($from) {
    return "from(myfunc)=$from
";
}
$from = '2010-05-01';
echo myfunc($from);

==== Execute Code in other PHP Files ==== *[[http://www.stackoverflow.com/questions/14330804/executing-another-php-file-and-return-the-output-from-a-method-is-that-possible|StackOverflow "Executing another PHP file and return the output from a method, is that possible?"]].


function execute($filename){
    include_once($filename);
}


function execute($filename){
    ob_start();
    include $filename;
    $output = ob_get_contents();
    ob_end_clean();
    return $output;
}

==== Files ==== *User experience: If a PHP file includes other PHP files by "include" or "require", the HTML global title attribute of the first included PHP file which has HTML code with a HTML global title attribute, is displayed instead of the HTML global title attribute of the original PHP page.



HTML title of the PHP page "require.php"

*[[http://www.geeksforgeeks.org/difference-between-include-and-include_once-in-php/|GeeksForGeeks "Difference between include() and include_once() in PHP"]]. *[[http://www.geeksforgeeks.org/difference-between-require-and-include-in-php/|GeeksForGeeks "Difference between require() and include() in PHP"]]. *[[http://gist.github.com/DaveRandom/6830e379578a66e2c82593137e79d099|GitHub Gist, Dave Random "Why you should not use relative paths when working with files in PHP"]]. *[[http://webmasters.stackexchange.com/questions/102523/is-it-bad-practice-to-put-php-directives-in-html-files-and-have-the-server-inte|StackExchange "Is it bad practice to put PHP directives in .html files and have the server interpret them as PHP?"]]. *[[http://www.php.net/manual/en/function.include-once.php|PHP "include_once"]]. *[[http://www.stackoverflow.com/questions/2418473/difference-between-require-include-require-once-and-include-once|StackOverflow "Difference between require, include, require_once and include_once?"]]. *[[http://www.stackoverflow.com/questions/17407664/php-include-relative-path|StackOverflow "PHP include relative path"]]


include(dirname(__DIR__).'/config.php');

*[[http://www.stackoverflow.com/questions/12954578/how-to-require-php-files-relatively-at-different-directory-levels|StackOverflow "How to require PHP files relatively (at different directory levels)?"]] - "For relative paths you can use __DIR__ directly rather than dirname(__FILE__) (as long as you are using PHP 5.3.0 and above)". *[[http://www.stackoverflow.com/questions/32537477/how-to-use-dir|StackOverflow "How to use __dir__?"]]. *[[http://www.tutorialspoint.com/how-to-use-dir-in-php|Tutorialspoint "How to use __dir__ in PHP?"]]. *[[http://www.w3schools.com/php/php_includes.asp|W3Schools "PHP include and require Statements"]]. ==== HTML & Web Server Interface ==== *[[http://www.geeksforgeeks.org/how-to-call-php-function-on-the-click-of-a-button/|GeeksForGeeks "How to call PHP function on the click of a Button ?"]]. *[[http://www.stackoverflow.com/questions/18913523/how-can-i-produce-meta-tag-strings-in-php|StackOverflow "How Can I produce meta tag strings in PHP"]]. *[[http://www.stackoverflow.com/questions/17550223/set-an-environment-variable-in-htaccess-and-retrieve-it-in-php|StackOverflow "Set an environment variable in .htaccess and retrieve it in PHP"]]. ==== Migration PHP4/PHP5 ( MySQL ) to PHP 7 ( MySQLi ) ==== *[[http://www.google.com/search?q=migration+mysql+to+mysqli|Google - Search for "migration mysql to mysqli"]]. *[[http://www.php.net/manual/en/migration70.php|PHP "Migrating from PHP 5.6.x to PHP 7.0.x"]]. *[[http://www.php.net/manual/en/migration70.incompatible.php|PHP "Backward incompatible changes"]]. *[[https://www.php.net/manual/en/function.version-compare.php|PHP "version_compare"]] - "if (version_compare(PHP_VERSION, '5.0.0', '>='))". ==== PHP & SQL ==== === Tables === *[[http://www.ostechnix.com/php-mysql-delete-truncate-drop-table/|OSTechNix - Open Source ! Technology ! Linux And Unix "PHP MySQL DELETE, TRUNCATE, DROP Table"]]. *[[http://www.w3schools.com/php/php_mysql_create_table.asp|W3Schools "PHP MySQL Create Table"]].


$sql = "CREATE TABLE MyGuests (
id INT(6) UNSIGNED AUTO_INCREMENT PRIMARY KEY,
firstname VARCHAR(30) NOT NULL,
lastname VARCHAR(30) NOT NULL,
email VARCHAR(50),
reg_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP
)";

=== Insert Data === *[[http://www.geeksforgeeks.org/how-to-insert-form-data-into-database-using-php/|GeeksForGeeks "How to Insert Form Data into Database using PHP ?"]]. *[[http://www.hostinger.com/tutorials/how-to-use-php-to-insert-data-into-mysql-database|Hostinger Tutorials "How to Use PHP to Insert Data Into MySQL Database"]]. *[[http://www.stackoverflow.com/questions/8753371/how-to-insert-data-to-mysql-with-auto-incremented-columnfield|StackOverflow "How to insert data to MySQL with auto-incremented column(field)?"]]. *[[http://www.studentstutorial.com/php/php-mysql-data-insert.php|StudentTutorial "Insert Data Into MySQL Using PHP"]]. *[[http://www.tutorialrepublic.com/php-tutorial/php-mysql-insert-query.php|TutorialRepublic "How to Insert Data Into MySQL Database Table Using PHP"]]. === Retrieve Data === *[[http://www.formget.com/read-mysql-data-using-php/|FormGet "Retrieve or Fetch Data From Database in PHP"]]. *Warning "No index used in query/prepared". *[[http://www.stackoverflow.com/questions/5580039/fatal-error-uncaught-exception-mysqli-sql-exception-with-message-no-index-us|StackOverflow "Fatal error: Uncaught exception 'mysqli_sql_exception' with message 'No index used in query/prepared statement'"]]. *[[http://forums.devnetwork.net/viewtopic.php?t=49893|PHP Developer Network "mysqli_sql_exception - 'No index used in query/prepared"]]. *[[http://www.stackoverflow.com/questions/6593765/how-to-use-index-in-select-statement|StackOverflow "How to use index in select statement?"]]. === Resources === *[[http://www.google.com/search?q=php+write+data++to+sql|Google - Search for "php write data to sql"]]. *PHP Administration: *[[http://localhost/dashboard/|Localhost "Dashboard"]]. *[[http://localhost/phpmyadmin/|Localhost "phpMyAdmin"]]. ==== VS.Code on my Development System ==== *"Settings / Extensions/ PHP / Validate: Executable Path". "php.validate.executablePath": "C:\\int\\w64\\net\\xampp\\php\\php.exe" ===== Resources ===== *Experts told me, that ( large ) legacy PHP software is hard to convert to make it PHP7 compatible... *[[http://code.activestate.com/recipes/|ActiveState Recipes]]. *[[http://code.activestate.com/recipes/langs/|ActiveState Code / Recipes "Recipe languages"]]. *[[http://code.activestate.com/recipes/langs/php/|ActiveState Code / Recipes "Popular PHP recipes"]]. *[[http://www.artmedic.de/|artmedic webdesign]] - free PHP scripts which do not need a MySQL database. *[[http://www.dynamic-webpages.de/|Dynamic Web Pages]] - "Deutscher Knotenpunkt für PHP seit 1999 - PHP Scripts, PHP Tutorials, PHP News und PHP-Training / Zertifizierung". *[[http://www.devshed.com/c/b/PHP/|Dev Shed "PHP Tutorials"]]. *[[http://www.heise.de/newsticker/meldung/PHP-5-6-wird-zum-Sicherheitsrisiko-4191009.html|heise "PHP 5.6 wird zum Sicherheitsrisiko"]], 2018-10 - "Am 31. Dezember endet der Support für PHP 5.6 – doch viele Websites nutzen noch immer die alte PHP-Version. Experten warnen vor ernsthaften Sicherheitsrisiken". *[[http://www.overapi.com/php/|OverAPI.com "PHP Cheat Sheet"]] #. *[[http://www.php-archiv.de/|PHP Archiv Blog]]. *[[http://www.phpbar.de/|php::bar]] - "Wissen für Einsteiger & Profis". *[[http://www.phpbar.de/w/PHP_IDE_Software%C3%BCbersicht|php::bar "PHP IDE Softwareübersicht"]]. *[[http://www.phpide.com/|phpIDE]] - "PHP News and Tutorials". *[[http://www.phpframeworks.com/|PHP Frameworks]] - Directory and comparison of PHP frameworks #. *[[http://pelfusion.com/tools/how-to-debug-php-code-and-useful-php-debugging-tools/|Pelfusion - pixels that make your life easy "How To Debug PHP Code And Useful PHP Debugging Tools"]] #. *[[http://it-republik.de/php/|it republik "PHPmagazin"]]. *[[http://www.php-resource.de/|php RESOURCE]] - "PHP Forum, PHP-Scripte, PHP-Tutorials Jobs und vieles mehr zu PHP". *[[http://www.selfphp.info/|SELFPHP - Befehlsreferenz, Tutorial, Kochbuch, Forum zum Thema PHP]]. *[[http://www.sitepoint.com/|SitePoint - Web Design, Web Development, Freelancing, Tech News and more]]. *[[http://blogs.sitepoint.com/2010/11/19/mysql-mistakes-php-developers/|SitePoint "Top 10 MySQL Mistakes Made By PHP Developers"]]. *[[http://www.w3schools.com/php/|w3schools - the world's largest web development site. educate yourself! beginners and experts "PHP Tutorial"]]. *[[http://en.wikipedia.org/wiki/PHP|EN.Wikipedia "PHP"]], [[http://de.wikipedia.org/wiki/PHP|DE.Wikipedia "PHP"]]. ===== Forums, Newsgroups ===== *[[http://www.bytes.com/topic/php/|Bytes IT Community "PHP Forum"]]. *Facebook. *[[http://www.facebook.com/groups/pietchepi/|Facebook "PHP"]] - many fresh PHP newbies from India are flooding this group, frequently. *[[http://www.facebook.com/groups/5267995887/|Facebook "PHP"]]. *[[https://www.facebook.com/groups/133593673518416/|Facebook "PHP.de Community"]]. *[[http://www.facebook.com/group.php?gid=255189559000&ref=ts|Facebook "PHP_Debug"]]. *[[http://www.facebook.com/group.php?gid=133593673518416|Facebook "PHP.de Community"]] #. *[[http://groups.google.com/group/symfony-users|Google Groups "Symfony users"]], [[http://groups.google.com/group/symfony2/|Google Groups "Symfony2"]], [[http://groups.google.com/group/symfony-devs|Google Groups "Symfony developers"]]. *Meetup. *[[http://www.meetup.com/phpughh/|PHP-Usergroup Hamburg (PHPUGHH)]] / [[http://www.phpug-hamburg.de/|PHP-Usergroup Hamburg (PHPUGHH)]]. *[[http://www.meetup.com/PHP-Usergroup-Duesseldorf/|Meetup "PHP Usergroup Duesseldorf"]]. *[[http://www.meetup.com/sfughh/|Symfony User Group Hamburg]]. *[[http://forum.nusphere.com/|NuSphere Forums]]. *[[http://www.php.de/|PHP.DE - das Deutsche PHP-Forum]]. *[[http://www.phpedit.net/|PHPEdit.net Community]] - community for the commercial PHP editor [[http://www.phpedit.com/|PHPEdit]]. *[[http://www.phpforum.de/forum/|PHP Forum - phpforum.de]]. *[[http://www.php-resource.de/forum/|php RESOURCE "PHP Forum"]]. *[[http://www.phptest.club/|PHP test club]] - "PHPTestClub is a discussion board where developers and test engineers share their experience on automated testing PHP projects. Here we talk about various approaches, frameworks, and best practices in testing. We use PHPUnit, Behat, Codeception, PhpSpec, atoum, and other frameworks, as well as Selenium, PhantomJS, Continuous Integration and delivery systems". *[[http://www.php-gtk.eu/|PHP-GTK Community : a community site for PHP-GTK]]. *[[http://www.selfphp.info/forum/index.php?styleid=7|SELFPHP Forum]]. *[[http://forum.symfony-project.org/|Symfony Framework Forum]]. *[[http://www.xing.com/net/phpgroupd/|XING "PHP Usergroup D/DU/KR"]]. ===== Appropriate OpenDirectory Directory Pages ===== *[[http://www.dmoz.org/Computers/Programming/Languages/PHP/|OpenDirectory "Top: Computers: Programming: Languages: PHP]]. *[[http://www.dmoz.org/World/Deutsch/Computer/Programmieren/Sprachen/PHP/|OpenDirectory "Top: World: Deutsch: Computer: Programmieren: Sprachen: PHP"]]. {{tag>"Unix script language" "script language" Python"}}