Joey Adams Dot Net

Most developers I talk to, including myself, cannot stand form or any user input processing. You have to check, re-check, check again and then check again before sending the data to the model which checks the integrity again, and if something is abnormal the whole process starts over again.

I will say this a lot but I really mean this guys, preparation and planning really helps. Before coding anything, sit down with a pencil and paper or your favorite UML editor .

Continue reading

This is the first tip and a quick one. A big part of application security is knowing your data. You should be able to look at a page of your application and know exactly what is going on behind it.

One very important part of this is ‘variable lifecycle’. You should ask yourselves these questions about all variables in your program.

• Where is the variable initialized?
• What happens, step by step, after initialization?
• What modifications are made to the variable?
• Where is the variable last seen, or where is it output?

Continue reading

Greetings,

It is a new year, and we as  developers have a ton to look forward to. With the advent of Zend Framework 1.9 the coming 1.10, the arrival of PHP 5.3 with namespacing and late static binding with 6.0 on the horizon and last but not least Doctrine2, coming to a framework near you.

It is a serious time for PHP. and its’ developers. Yet I see on a regular basis, design firms that use strictly php4 for its’ production applications.

I am calling you guys out, we are sick of supporting lazy and insecure coding practices. Stop coding and start developing, programming. Become an application architect. The optimization, the speed, maintainability and rich features are the products of intuitive thinking, not pounding on a keyboard like a neanderthal.

These rapid application development frameworks are not for you to zip through speedy cookie cutter websites. They are here to aid you, give you the tools to create anything you can imagine by providing a highly optimized and extensive code library for your utilization.

The elegance in application development is not in text people. Anybody can be taught to program, to follow API’s. No, the real creativity comes from those of us who indulge themselves in the development of the language. Pushing the limits while adhering to strict standards and compliance.

This is why I am giving you a gift, PHP community. I was amidst putting together a book on modern php professionalism, when I realized that it is egocentric for me to put together a list of good practices and topics, then make the community I  desperately support pay for it. That is just too cliche, and who am I to sell that sort of information. This is knowledge everyone should have tucked away.

Periodically in the month of January, 2010, I will be posting a unique tip for perking up the way you program. I will be covering a broad and diverse range of topics, and as a present to subscribers and frequent readers, code examples and other extras will be available throughout the month. After that they will be removed.

Be sure to check in on January 1st, and keep following throughout the month.