NYCPHP Meetup

NYPHP.org

[nycphp-talk] Object-Oriented Evolution of PHP

John Lacey jlacey at att.net
Thu Feb 5 09:16:50 EST 2004 


jon baer wrote:

> anyone ever take a look on eBay for "PHP 5"?
> 
> http://search.ebay.com/search/search.dll?query=php+5
> 
> i actually got the mastering php 5 cd just for the hell of it and it was a
> bit of a con (there was 1 small chapter on php5 coming features) lesson
> learned :-\ ...
> 
> - jon

I found another site advertising php5 learning packages, but at over 
$50, I was a little suspicious because I haven't found much on the 
web, and secondly, I've noticed a coupla posts on here about 
forthcoming php5 books and they're still months off.  I'm looking 
forward to their release.

I've had pretty good luck buying used books on amazon.  A while back 
Dan Convissor was looking at the SQL99 Complete book ($70) and amazon 
had it 'used' for $12 and change -- and it was like new when I bought 
my copy.

John


>From hans not junk at nyphp.com  Thu Feb  5 09:19:07 2004
Return-Path: <hans not junk at nyphp.com>
Received: from ehost011-1.exch011.intermedia.net (unknown [64.78.21.3])
	by virtu.nyphp.org (Postfix) with ESMTP id 6C54BA85F0
	for <talk at lists.nyphp.org>; Thu,  5 Feb 2004 09:19:07 -0500 (EST)
X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [nycphp-talk] QUESTION
Date: Thu, 5 Feb 2004 06:19:06 -0800
Message-ID: <41EE526EC2D3C74286415780D3BA9F87771FD3 at ehost011-1.exch011.intermedia.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [nycphp-talk] QUESTION
Thread-Index: AcPreX0I8xXYiBT6TjCAOkV67xnbyAAeZsXQ
From: "Hans Zaunere" <hans not junk at nyphp.com>
To: "NYPHP Talk" <talk at lists.nyphp.org>
X-BeenThere: talk at lists.nyphp.org
X-Mailman-Version: 2.1.2
Precedence: list
Reply-To: NYPHP Talk <talk at lists.nyphp.org>
List-Id: NYPHP Talk  <talk.lists.nyphp.org>
List-Unsubscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=unsubscribe>
List-Archive: <http://lists.nyphp.org/pipermail/talk>
List-Post: <mailto:talk at lists.nyphp.org>
List-Help: <mailto:talk-request at lists.nyphp.org?subject=help>
List-Subscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Feb 2004 14:19:07 -0000


> If I have to ask any questions about PHP, do I send them to this
address,=20
> that is: talk at lists.nyphp.org or is there any other procedure=20
> to get into this discussion forum.

This is the place to post your questions, using the address you state
above.  There are also online web forums at http://nyphp.org/forums if
you prefer that.

H


>From hans not junk at nyphp.com  Thu Feb  5 09:22:54 2004
Return-Path: <hans not junk at nyphp.com>
Received: from ehost011-1.exch011.intermedia.net (unknown [64.78.21.3])
	by virtu.nyphp.org (Postfix) with ESMTP id 6F165A85F0
	for <talk at lists.nyphp.org>; Thu,  5 Feb 2004 09:22:54 -0500 (EST)
X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [nycphp-talk] Object-Oriented Evolution of PHP
Date: Thu, 5 Feb 2004 06:22:53 -0800
Message-ID: <41EE526EC2D3C74286415780D3BA9F87771FD6 at ehost011-1.exch011.intermedia.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [nycphp-talk] Object-Oriented Evolution of PHP
Thread-Index: AcPrkHUsQM/6dQvxS+GINMi1CQkA4AAYxAIw
From: "Hans Zaunere" <hans not junk at nyphp.com>
To: "NYPHP Talk" <talk at lists.nyphp.org>
X-BeenThere: talk at lists.nyphp.org
X-Mailman-Version: 2.1.2
Precedence: list
Reply-To: NYPHP Talk <talk at lists.nyphp.org>
List-Id: NYPHP Talk  <talk.lists.nyphp.org>
List-Unsubscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=unsubscribe>
List-Archive: <http://lists.nyphp.org/pipermail/talk>
List-Post: <mailto:talk at lists.nyphp.org>
List-Help: <mailto:talk-request at lists.nyphp.org?subject=help>
List-Subscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Feb 2004 14:22:54 -0000


> thanks Tim... PHP5 info seems pretty sparse so far.  The two things=20
> I've been using are the php5/ze2 [php.net] official changes page and a

> pdf of a slide presentation that I found by Derrick Rethans from Linux

> Tag 2003.  I'm wanting to include php5 info for my next=20
> series of courses

Yeah, the definitive sources of information I've found are of course:

http://us2.php.net/ChangeLog-5.php
http://us2.php.net/zend-engine-2.php

> btw, after several ppl gave it high marks on here, I bought a copy of=20
> ultraedit... very good stuff so far  -- reminds me a little of 'Brief'

> (by UnderWare believe it or not :) from my software engineering days

Hah!  Brief was awesome, and I find ultraedit to be right inline with
it.

H


>From hans not junk at nyphp.com  Thu Feb  5 09:31:20 2004
Return-Path: <hans not junk at nyphp.com>
Received: from ehost011-1.exch011.intermedia.net (unknown [64.78.21.3])
	by virtu.nyphp.org (Postfix) with ESMTP id 21F1CA85F0
	for <talk at lists.nyphp.org>; Thu,  5 Feb 2004 09:31:20 -0500 (EST)
X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [nycphp-talk] Question about resources for PHP4-based classes
Date: Thu, 5 Feb 2004 06:31:19 -0800
Message-ID: <41EE526EC2D3C74286415780D3BA9F87771FDC at ehost011-1.exch011.intermedia.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [nycphp-talk] Question about resources for PHP4-based classes
Thread-Index: AcPrg9yI776suuGfT0qtw0NHx9mQmAAcDkWQ
From: "Hans Zaunere" <hans not junk at nyphp.com>
To: "NYPHP Talk" <talk at lists.nyphp.org>
X-BeenThere: talk at lists.nyphp.org
X-Mailman-Version: 2.1.2
Precedence: list
Reply-To: NYPHP Talk <talk at lists.nyphp.org>
List-Id: NYPHP Talk  <talk.lists.nyphp.org>
List-Unsubscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=unsubscribe>
List-Archive: <http://lists.nyphp.org/pipermail/talk>
List-Post: <mailto:talk at lists.nyphp.org>
List-Help: <mailto:talk-request at lists.nyphp.org?subject=help>
List-Subscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Feb 2004 14:31:20 -0000


> Forced to be thinking in PHP4-based classes, I'm wondering where
others=20
> on the list have found their most helpful resources on the 'Net.  The=20
> PHP documentation is correct, but I'm looking for something a little=20
> more verbose.

As far as style?  Many basic OO techniques for C++/Java (for example)
can be applied in PHP, even under PHP 4.  Of course, you can't get
overly academic since PHP's OO implementation is sparse - but that's
probably a good thing anyway :)

> For example, it is commonly stated that PHP4 classes are clearly=20
> 'stapled on'. Where is a good resource for insight into how=20
> to overcome these, ah, 'features'?

Develop under PHP 5 :)

> I'm about to jump into a huge project that is totally PHP4-meets-OOP
and=20
> want to know just how unhappy I will become after all these years in c

> and python :^P

It's not that bad.  With PHP 5 on the horizon now, I generaly program
*without* attempting all the little hackish OO techniques that were
common with PHP 4.  Soon enough, my code will run under PHP 5 and to me
it's worth a little performance hit now, vs the porting issues later on.

OO is a concept and style of application architecture - you can do OO in
C  :)

H


>From hans not junk at nyphp.com  Thu Feb  5 09:39:31 2004
Return-Path: <hans not junk at nyphp.com>
Received: from ehost011-1.exch011.intermedia.net (unknown [64.78.21.3])
	by virtu.nyphp.org (Postfix) with ESMTP id 5FA6CA8627
	for <talk at lists.nyphp.org>; Thu,  5 Feb 2004 09:39:31 -0500 (EST)
X-MimeOLE: Produced By Microsoft Exchange V6.5.6944.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [nycphp-talk] user authentication security structure
Date: Thu, 5 Feb 2004 06:39:29 -0800
Message-ID: <41EE526EC2D3C74286415780D3BA9F87771FDF at ehost011-1.exch011.intermedia.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: [nycphp-talk] user authentication security structure
Thread-Index: AcPrSpi5CcrJb37OTuW34AOt8mEAMAAqpTMw
From: "Hans Zaunere" <hans not junk at nyphp.com>
To: "NYPHP Talk" <talk at lists.nyphp.org>
X-BeenThere: talk at lists.nyphp.org
X-Mailman-Version: 2.1.2
Precedence: list
Reply-To: NYPHP Talk <talk at lists.nyphp.org>
List-Id: NYPHP Talk  <talk.lists.nyphp.org>
List-Unsubscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=unsubscribe>
List-Archive: <http://lists.nyphp.org/pipermail/talk>
List-Post: <mailto:talk at lists.nyphp.org>
List-Help: <mailto:talk-request at lists.nyphp.org?subject=help>
List-Subscribe: <http://lists.nyphp.org/mailman/listinfo/talk>,
	<mailto:talk-request at lists.nyphp.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Feb 2004 14:39:31 -0000



> Thanks for all your suggestions and feedback to date.  The following
is=20
> a description of the login and user-authentication mechanism I'm=20
> planning to implement in our application, based on the discussion here

> and other research I've done.  If you've got ways to improve it,
please=20
> make suggestions.
>=20
> Assumptions:
> * all client browsers will have cookies enabled.  If they don't they
get=20
> redirected to a page that tells them to enable cookies before they
have=20
> the chance to log in.
> * all pages (especially login) will be within SSL
> * will be using custom session handlers (aka Sean's article in
php|arch)
>=20
> Requirements:
> * users can bookmark any page in the application.  When the user tries

> to return to a bookmarked page after the session has expired, then
they=20
> are presented with the login page.  after a successful login they're=20
> redirected to the bookmarked page.
>=20
> Flow:
> * user enters their username and password and submits the form
> * code makes sure the data submitted is "clean"
> * code checks username and password against values in db
> * if they match create a cookie that will expire in 10 (or so) seconds
> * create a session
> * redirect to home page or bookmarked page.
> * at home page read the temp cookie and the session data, if they=20
> correspond create a new cookie that will expire in N minutes.
> * when user clicks "log out" destroy the session and either empty the=20
> cookie or fill it with garbage.

Looks good overall.

> I'm thinking of putting a timestamp into the login cookie, so if it's=20
> presented and it's too old, I can redirect to the login page
> I may add a counter to the login cookie, if you don't get in after 3
or=20
> N attempts you get redirected to some (random) web address.

Cookies can be forged, per two above points.

> I've been thinking about using the cookie ID to sign and encrypt the=20
> session ID and then using the session ID to sign and encrypt=20
> the cookie ID but that might be overkill.

Maybe.. I'd personally sign things with a value that never goes out
across the internet (ie, private).

> I may put the login page into it's own folder ./login/login.php, and=20
> have the login cookie be specific to that folder.

I'm not sure I see the value in this - especially since cookies could be
forged anyway - but I might easily be missing something else.

> Once I get this flat I'll make the pattern publicly available with=20
> diagrams and documentation.  I'm not sure whether it makes sense to=20
> include the code (we use Oracle with some internal classes), so
probably=20
> won't include complete code.

That'd be great.  Patterns/diagrams are 75% of the work :)

H

More information about the talk mailing list