xylex

date_sunrise() and date_sunset()

What on earth does that mean? There's allot of great software written in Python. Not picking up the sarcasm if it's intended. But for example: http://www.hotscripts.com/ 18,201 PHP scripts vs. 141 Python scripts

isset() is intentionally different than is_array(), is_int(), etc because isset() is a language construct and the rest of them are functions.

This one actually came up when Rasmus Lerdorf was at our meetup. He pointed out that PHP 4 is still being used fairly widespread because of backwards compatibility issues with PHP 5, and the only way there would be a faster conversion to PHP 6 is if there were little to no backwards compatibility issues. And honestly, if you really want to be working with a language that's clean and organized but hardly any existing software/scripts can run on it, why don't you just use Python?

Most people who've been hiring developers for any amount of time know the questions to ask to see through the BS. For example, if you say you've been doing freelance PHP for 4 years now, but can't rattle off a list of differences between PHP 4 and 5, or describe how to setup at least two different types of integrations with Paypal, you're full of it. The ones who don't know to ask these questions are usually also the ones who take e-mails that start "We do good with Internets and can build complete website for $100" seriously. They're going to get burned repeatedly as they start to learn what to look for, and they're not anyone I'd want to work for until they understand what having good talent in a position really means.

It's not that great of an idea to show off to a prospective employer/client that you'll disregard confidentiality agreements if you think you can get away with it.

Here's a typical list http://talks.php.net/show/osb09/29

According to Newsweek, Web 2.5 has been out for 2 years now. Has anyone tried this upgrade? I'm just really surprised that no one in the industry knew about this version and it would take a poorly written popular press article to bring it to light. [/sarcasm]

Not true. SELECT "<?php phpinfo();" INTO OUTFILE hack.php;

The issue probably going to be either your host is vulnerable and someone is able to mess with other user's files on the server, or your script is vulnerable. One possible place for the latter, am I unfiltered in your command line here? http://www.agtronicmotorsport.com/gallery.php?action=view&gallery=18257fb6a5f3e735 http://www.agtronicmotorsport.com/gallery.php?action=view&gallery=./18257fb6a5f3e735%20#comment

It's amusing when conspiracy nuts get all worked up over a new bill that hasn't even gone to committee and will never make it out of committee. And that it's somehow Obama's bill even though he's probably never even looked at it, and a republican is one of the 3 co-sponsors on the bill. It is also amusing when politicians try to interfere with high-tech stuff since it tends to just expose their ignorance. This bill calls for the licensing of "cyber-security professionals," and creates a national competition to compete, as if this designation means that this person can make everything on the internet safe. I don't care what government seal of approval someone has, I'm not going to hire the same guy to secure both my Cisco switch and look for a privilege escalation vulnerability in my PHP code.

Miss South Carolina's answer? http://www.houseofodd.com/2007/08/29/miss-teen-usa-miss-south-carolina-transcript/

$_FILES[$fieldname]['type'] is a client set variable, not a server one. This may have different capitalization or have other slight variations depending on the client computer, which would explain the behavior you're seeing. Why not just filter by extension?

When I was doing the agency stuff, I would always write up my bids padding a little bit and offering a discount for adding my company and link to the bottom of their site. Most clients would be happy to take the discount, though some would be happy to just pay me the extra money, which worked for me. It seemed to work out well for both parties, never ran into any issues either way.

xcoderx- You're describing a "work made for hire" agreement. If you google for that, you may have some better luck.

Hey- I checked it out before, not a big fan of either the codebase or the company. They're based in Portland, Oregon, local to me. A few months after they open sourced the code base, I went through the codebase and found a ton of SQL injection spots and other basic security holes. I e-mailed them about it, and posted the issues on a blog a couple weeks after that. A few weeks later, I got a series of public rants back from the Concrete "CEO" on my blog. I just didn't think it was an appropriate way to respond, so that turned me off to the company quite a bit. As for the codebase, it's another flavor of a heavyweight MVC framework, without a whole lot of structure of files, classes, or where something happens, so it can be confusing to work through at times. Whether or not it's a growing project, the stats at Sourceforge should give you an idea.

Daniel- On the scalability thing, I said a small app, but even if it did grow, going with that oci8 $db connection example, that would scale just fine. You wouldn't be managing connection pools to an Oracle cluster from inside the app. You also can't unit test a function that relies on a database connection without having a connection to the database in general. You do the same thing, you're just initializing differently. That's exactly the point that I'm trying to make, in reverse. Saying that you should never use globals and PHP would be better off without them would be like saying you should never code static html and Apache would be better off not serving up raw html files and always use an interpreter so people won't make static sites anymore.

I certainly agree that globals can be and have historically been misused. The same thing can be said about PHP in general. But the point I'm trying to make is that there is nothing automatically bad about referencing a global variable inside a function. I gave an example where if it were a small app with a small db connection layer, a global would be perfectly fine. Yes, there are other ways that would work in such a situation, but they don't necessarily provide any type of inherent advantage.

This is exactly why PHP 5.3 introduces namespaces, which is a feature other languages have had for years. I'm not trying to say go use globals all you want or anything. But there are times where it makes sense. Take a typical global $db connection object, and wrap it up in a namespace. Say that database connection is an oci8 library using FAN. The object will internally manage connectivity faster and better than any connection library you could create in PHP. Is there any advantage you would get with the bulk and overhead wrapping this inside another object or creating a singleton for this object? It's just code bloat unless you can say otherwise.

I'm not missing any point. What's the difference between making your code break because you misused a class property and making it break because you misused a namespaced global? You can run into the same problems with either method. Saying that one is automatically better than another is just short sighted.

Globals aren't automatically bad. You can write perfectly valid, excellent performance, easily maintainable code with globals. 5.3 introduces also introduces namespaces, so you don't have to worry about global variable name conflicts with other libraries. It's like the addition of goto. You don't have to take something away from a language because the potential of abuse, you just have to have some faith that developers won't be idiots about it.

Make sure to include a transfer of liability clause as well so you don't get dragged back into it if they get sued, especially if it's an established site.

Just because a script does some function you like doesn't mean you should use it. For example, with this one, looking over the code, I have yet to find a single data sanitization function.

I've used ifbyphone before for this type of stuff. Pretty good web API and good experiences talking to their devs.

I'd disagree. Black people seem to always have darker skin than me, a pretty big biological difference.