Server-Side Magazine

Simple tutorial to add watermarks dinamically to our images with PHP and the GD library.

Monte Carlo simulations are a handy tool for looking at situations that have some aspect of uncertainty, by modelling them with a pseudo-random element and conducting a large number of trials. [...]

Second part of my personal template engine comparison. Now we are going to compare our template engine performance with plain PHP files.

My personal templating engines comparison in PHP. A simple performance benchmark between Smarty, Twig and Haanga.

One of the reasons why people gravitate toward WordPress is the seemingly unlimited numbers of open source plugins available. Today, I’d like to go over a few plugins that I think absolutely warrant your attention. I’m sure I’ve missed some, though, so make sure to chime in within the comments! Hopefully, this article will morph into an absolute monster of a list that can act as a reference for fellow WordPress developers. [...]

Anonymous function calls are a well-known pattern in JavaScript but there are also use cases in PHP where they make sense. Of course PHP 5.3 with its Lambda Functions is required! [...]

Most programmers are familiar with Eclipse, and PHP programmers are familiar with Zend Studio. But, like two great tastes that taste good together, the two have now been combined into a single tool. Learn how you can use Zend Studio to make your PHP programming more productive. [...]

Version control for source code is used by most development teams today. It gives you a history of all the changes you made, you can use it to share your code with others and you can work on an experimental feature without polluting the stable product. These are just some of the reasons why version [...]

Following our earlier entry about installing Magento Enterprise, we thought it would be appropriate to follow up with some tips for getting more from your Magento installation. One of the major criticisms leveled at Magento is its speed; many complain that it is far too slow. In this article we’ll go through some steps you [...]

If you are a web developer, many a times while developing websites you must have wanted to schedule an email to a future date. There are two ways of doing this, one is by using cron jobs on linux or by using a third party service. In this article I will tell you how you [...]

I often get asked by potential employees and clients, why we do PHP and mostly PHP only. A valid question, of course and my first answer usually is (besides the “historical reasons” one), that nowadays all those server side (scripting) languages are mainly the glue layer between the front-end (the browser part) and the back-end (your storage and “database” solution) and not the one and only defining factor if your project will be a success. Or not.

You can talk about Web 2.0 all you want, but at the end of the day, a lot of the web still runs on simple form-based user interfaces. So anything that makes forms easier is a Good Thing. Adam Smith likes the HTML_QuickForm library for doing forms in PHP, and tells us why. [...]

As Software as a Service becomes more of a trend in the industry, Web Services are gaining in importance. When most people think of Web Services, they think of Java or .NET, but as Deepak Vohra shows in this article, it’s simple enough to implement them in PHP. [...]

At the end of the day, all code gets turned into data before it is executed. Sometimes, you can use that fact to help ease some of your programming chores. Zachary Kessin examines the PHP reflection capabilities and shows how you can use them to automate the creation of unit tests. [...]

So do you want to convert an array to an object for no particular reason?

I worked on a project where I wrote this code. The class below eats up to 2536 bytes of memory, but make sure to read this whole post for the surprise!

Since the official release of PHP 5.3 many developers want to test the new features out, but still don’t want to mess with the old PHP installation. Same thing goes for me, I don’t want to mess up my existing PHP installation yet, but eager to test namespaces, late static binding and closures.

Continue Reading →

As you may know, inheriting from multiple objects in PHP 5 is impossible, because of the language restrictions. You can’t write code such as this:

1
2
3

class Child extends Mother, Father {
	//class code here
}

Continue Reading →

The usage of sessions is the php developer’s most common use since we constantly need to transact data from step to step. An average programmer would say that using sessions is far more secure than letís say cookies since the session data is server side data, thing that is partially correct.

The fact that the attacker can’t have a clear look at what and where you store comes to your advantage but a more dedicated attacker can go a bit further than this presumption.

A must have for the attacker in a session hijack is the Session Identifier so he can impersonate the attack. Let’s presume for example that you have your website hosted on a shared hosting on which PHP is installed as an Apache module, thing that makes session files belong to the web user, in other words: accessible.

Continue Reading →

CSRF stand for Cross Site Request Forgeries, it’s a method that allows an outside attacker to send malformed HTTP requests to a website, but from a victim’s computer. In this case the actual victim is the accomplice to this attack.

Stronger security measures must be implemented in order to avoid CSRF attacks, and to make sure the website and it’s users are not vulnerable.

To better understand CSRF attacks let’s look at an example. Let’s say you’re signed in to Facebook, you browse around and in the mean time you open a new window or a new tab and visit another site. It’s a typical scenario. Now, your still signed in at Facebook on the other tab and you visit a site where there’s a CSRF attack implemented. Now the CSRF site actually could send out spam to your Facebook friends or even delete your account, all this using your credentials, because a session is saved when you logged into Facebook (remember, on the other tab).

Continue Reading →

This tutorial will cover the basic syntax and common features of PHP. It assumes that you already know what is a server-side scripting language and you have already installed and set up PHP on your development machine.

If you want to learn PHP, you should start by reading this article, which covers the absolute basics of PHP programming language.

Continue Reading →

Bootstrapping means that every server request are funneled through a single (or a few) PHP file. This file will be the “bootstrapper” of our application. It will help instantiate objects that are needed by every page in general such as starting a session, connecting to a database, defining constants and default variables, etc.

Continue Reading →

We can say that PHP is a mature language with lot’s of useful, but potentially dangerous features. The rapid growth of the language and the dynamic nature of the Web let people easily create dynamic web pages without any prior knowledge in computer science or the architecture of the Internet.

In this tutorial we’ll have a look at 4 important PHP security measures that you should implement in order to develop a safer website.

Continue Reading →

The process of backing up sensitive information became more and more important as software and hardware failures tend to happen more often with complex web applications.

If you’re never had any information loss, subversion repository corruption, etc. then consider yourself lucky. You don’t want to be in the shoes of a web developer that just lost a year of work, source code snippets, mockups, designs, proprietary code, etc.

If you don’t put your work in subversion repositories then it’s time to do it and let’s see how to write a PHP shell script to make the backup almost a transparent task.