Table Of ContentThis copy is registered to:
Linn Wilson
NEXCESS.NET Internet Solutions
304 1/2 S. State St.
Ann Arbor, MI 48104-2445
h t t p : / / n e x c e s s . n e t
PHP / MySQL
SPECIALISTS!
Simple, Affordable, Reliable PHP / MySQL Web Hosting Solutions
POPULAR SHARED HOSTING PACKAGES NEW! PHP 5 & MYSQL 4.1.X
MINI-ME $695 /mo SMALL BIZ $2195/mo
5
50 MB Storage 20 MB Storage php
15 GB Transfer 50 GB Transfer
50 E-Mail Accounts 200 E-Mail Accounts 4.1.x
25 Subdomains 75 Subdomains
We'll install any PHP extension you
25 MySQL Databases 75 MySQL Databases
PHP5 / MySQL 4.1.X PHP5 / MySQL 4.1.X need! Just ask :)
SITEWORX control panel SITEWORX control panel
PHP4 & MySQL 3.x/4.0.x options also available
POPULAR RESELLER HOSTING PACKAGES 4
php
NEXRESELL 1 $1695/mo NEXRESELL 2 $5995/mo
3.x/4.0.x
900 MB Storage 7500 MB Storage
30 GB Transfer 100 GB Transfer
Unlimited MySQL Databases Unlimited MySQL Databases 128 BIT SSL CERTIFICATES
Host 30 Domains Host Unlimited Domains
PHP5 / MYSQL 4.1.X PHP5 / MySQL 4.1.X AS LOW AS $39.95 / YEAR
NODEWORX Reseller Access NODEWORX Reseller Access
DOMAIN NAME REGISTRATION
FROM $10.00 / YEAR
: C O N T R O L P A N E L
All of our servers run our in-house developed PHP/MySQL
server control panel: INTERWORX-CP GENEROUS AFFILIATE PROGRAM
UP TO 100% PAYBACK
INTERWORX-CP features include:
- Rigorous spam / virus filtering PER REFERRAL
- Detailed website usage stats (including realtime metrics)
- Superb file management; WYSIWYG HTML editor 30 DAY
INTERWORX-CP is also available for your dedicated server. Just visit MONEY BACK GUARANTEE
http://interworx.info for more information and to place your order.
FREE DOMAIN NAME
WHY NEXCESS.NET? WE ARE PHP/MYSQL DEVELOPERS
WITH ANY ANNUAL SIGNUP
LIKE YOU AND UNDERSTAND YOUR SUPPORT NEEDS!
ORDER TODAY AND GET 10% OFF ANY WEB HOSTING PACKAGE
VISIT HTTP://NEXCESS.NET/PHPARCH FOR DETAILS
Dedicated & Managed Dedicated server so lut ions a lso ava i lab le
Serving the web since Y2K
TABLE OF CONTENTS
TM
php|architect
Departments Features
6 EDITORIAL
You Know Nothing 10 The Anatomy of a Hit:
An Advanced PHP & MySQL Hit Counter
7 What’s New! by John R. Zaleski, Ph.D.
51 Test Pattern
The Never Ending Backlog 22 Solving the Unicode Puzzle
by Marcus Baker by Michael Toppa
55 Product Review
Jaws 0.5: Just When You Thought it 29 XMLPull
was Safe to Go Back in the Water
An Alternative to DOM & SAX
by Peter B. MacIntyre
by Markus Nix
59 Security Corner
Persistent Logins
40 More on Advanced Sessions
62 exit(0); and Authentication in PHP5
Oh No, Not Again!
by Marco Tabini by Ed Lecky-Thompson
http://www.phparch.com
Have you had your PHP today?
NEW COMBO NOW AVAILABLE: PDF + PRINT
The Magazine For PHP Professionals
I N D E X
N
L
LoNE
ow
we EW
er
r W
P
Pr
ri
ic
ce
e!
!
EDITORIAL
TM
you know php|architect
Volume IV - Issue 5
NOTHING May, 2005
oftware development is humbling. Just when you think
you’ve got a solid handle on every last (important) bit of tech-
Snology you need to complete the project at hand, you’re Publisher
often slapped in the face with the news that you’re just plain Marco Tabini
wrong. This news can be both frustrating, and encouraging (at the
same time, believe it or not).
Let me set the scene. Your team has been commissioned with Editor-in-Chief
adding a new section to your corporate intranet. In the course of Sean Coates
the addition, you adopt a new technology of some sort. Perhaps
this is a new database abstraction layer, or a different manner of
handling HTML forms. It could be anything; it doesn’t really mat- Editorial Team
ter. Your team has worked on this new module for two months. Arbi Arzoumani
You’ve put all of your collective knowledge and experience into Peter MacIntyre
the project. The launch date is in a couple days, and you’re actu- Eddie Peloke
ally going to make your deadline.
So, this sounds pretty good so far; what could go wrong?
Perhaps one of the directors is about to walk in with a must-have Graphics & Layout
feature that needs to be in the next release, and will disrupt your Aleksandar Ilievski
schedule? Sure. This happens all the time, but it’s not the scenario
I’m thinking of—that’s just frustrating, and rarely the least bit
encouraging. The bad situation that I’m thinking of is (oddly) free Managing Editor
of managerial influence. Emanuela Corso
This new technology that you’ve adopted is really great. It has a
few problems, but you’ve managed to work around them. All
things considered, it’s saved you many hours in the course of the News Editor
past few weeks, and you’ve been bragging about it to your devel- Leslie Hill
oper-friends who work at different companies.
NEW STUFF
What’s New!
Vogoo PHP API v0.8.2 phpBB 2.0.14
V
AVt
u
VhnoPegdI oerveor0 l -te.PA8haHP.es2IP e.t c eiAsorP fma IV , s foia rysgoeno fohenu o aot Ph cpuPHeapnH PnycGP eAetN soAaP:U sPI a V iIGln yoic0nP gea.oLo8n.uo. sdn2W ePc.diHethP aTtchrdhiedted ir c"ipeatWehsl sedpse BektsBcon us otGorhwimrte yow e ufi oepsbus uaungrnedefnsei x.o(r ,enuA saonl lstca ) ies ufs ssuw uutrehralysel. " "an resod ltef itraxiesoinpengo .o r s"tfe Topdhmh istepo Br meBulis en2 aob.s0ree .fn1oo4ren, -being released are not
freely add professional collaborative
filtering features to your Web Site. "As with all new releases, we urge you to update as soon as possible. You can, of
course, find this download on our downloads page (http://www.phpbb.com/down-
v0.8.2 features loads.php). As usual, three packages are available to simplify your update."
• Handles all member/product
votes (available since v0.8) "The Full Package contains entire phpBB2 source and English language package."
• Fast computation of similarities
between members (available
since v0.8) For more information visit: http://phpbb.com
• One-to-one product recommen-
dations (available since v0.8)
• Ability for members to specify
when they are not interested in
a product recommendation
Planned features for future versions
• New engine based on products Solar 0.2.0
recommendations that gives paul-m-jones.com announces the release of Solar 0.2.0.
better performances when little What is it? According to solarphp.com: "Solar is a simple
information is available on the object library and application repository (that is, a com-
member. bined class library and application component suite) for PHP5."
• Real time targeted ads
• Handles multiple product cate-
gories "Solar provides simple, easy-to-comprehend classes and components for the com-
• Collaborative filtering features mon aspects of web-based rapid application development, all under the LGPL."
available for non-member visi-
• tEAondrgmsininei sftorra t'iroenla toeodl sales'. swuopSGrploedolt.ar tarTe lhilds it s hd meae tselaiagabtnaees dtet .hif neoIft ro d a daflerstoavombe mal osepeoae lndrasrr ivwptheharpo tf .uiclnonotccematnliio.dzna tsto iow dnoi srsktur ipebpxuoatrectt ltiyhs etbhirue ia ltsp apinmli cfera otwimoan yts h foeto rs tethaercth."
Check out Vogoo-API.com for all
the latest info.
The Zend PHP Certification Practice Test Book is now available!
We're happy to announce that, after many months of hard work, the Zend PHP
Certification Practice Test Book, written by John Coggeshall and Marco Tabini, is now
available for sale from our website and most book sellers worldwide!
The book provides 200 questions designed as a learning and practice tool for the
Zend PHP Certification exam. Each question has been written and edited by four
members of the Zend Education Board--the very same group who prepared the
exam. The questions, which cover every topic in the exam, come with a detailed
answer that explains not only the correct choice, but also the question's intention,
pitfalls and the best strategy for tackling similar topics during the exam.
For more information, visit http://www.phparch.com/cert/mock_testing.php
May 2005 ● PHP Architect ● www.phparch.com 7
N E W S T U F F
NEW STUFF
Check out some of the hottest new releases from PEAR.
MDB2_Schema 0.2.0
PEAR::MDB2_Schema enables users to maintain RDBMS independent schema files in XML that can be used to create, alter and drop
database entities and insert data into a database. Reverse engineering database schemas from existing databases is also supported.
The format is compatible with both PEAR::MDB and Metabase.
MDB2 2.0.0beta4
PEAR MDB2 is a merge of the PEAR DB and Metabase php database abstraction layers.
Note that the API will be adapted to better fit with the new PHP 5-only PDO before the first stable release.
It provides a common API for all supported RDBMS. The main difference to most other DB abstraction packages is that MDB2 goes
much further to ensure portability. Among other things, MDB2 features:
• An OO-style query API
• A DSN (data source name) or array format for specifying database servers
• Datatype abstraction and on demand datatype conversion
• Portable error codes
• Sequential and non sequential row fetching as well as bulk fetching
• Ability to make buffered and unbuffered queries
• Ordered array and associative array for the fetched rows
• Prepare/execute (bind) emulation
• Sequence emulation
• Replace emulation
• Limited Subselect emulation
• Row limit support
• Transactions support
• Large Object support
• Index/Unique support
• Module Framework to load advanced functionality on demand
• Table information interface
• RDBMS management methods (creating, dropping, altering)
• RDBMS independent xml based schema definition management
• Reverse engineering schemas from an existing DB (currently only MySQL)
• Full integration into the PEAR Framework
• PHPDoc API documentation
Currently supported RDBMS:
• MySQL (mysql and mysqli extension)
• PostGreSQL
• Oracle
• Frontbase
• Querysim
• Interbase/Firebird
• MSSQL
• SQLite
• Others soon to follow.
Cache 1.5.5RC1
With the PEAR Cache, you can cache the result of certain function calls, as well as the output of a whole script run, or share data
between applications.
DB_DataObject_FormBuilder 0.14.0
DB_DataObject_FormBuilder will aid you in rapid application development using the packages DB_DataObject and HTML_QuickForm.
For having a quick but working prototype of your application, simply model the database, run DataObject's createTable script over it
and write a script that passes one of the resulting objects to the FormBuilder class. The FormBuilder will automatically generate a sim-
ple but working HTML_QuickForm object that you can use to test your application. It also provides a processing method that will auto-
matically detect if an insert() or update() command has to be executed after the form has been submitted. If you have set up
DataObject's links.ini file correctly, it will also automatically detect if a table field is a foreign key and will populate a selectbox with the
linked table's entries. There are many optional parameters that you can place in your DataObjects.ini or in the properties of your
derived classes, that you can use to fine-tune the form-generation, gradually turning the prototypes into fully-featured forms, and you
can take control at any stage of the process.
Net_GeoIP 0.9.0alpha1
A library that uses Maxmind's GeoIP databases to accurately determine geographic location of an IP address.
May 2005 ● PHP Architect ● www.phparch.com 8
NEW STUFF
Looking for a new PHP Extension? Check out some of the lastest offerings from PECL.
archive 0.2
The archive extension allows reading and writing tar and cpio archives using libarchive
(http://people.freebsd.org/~kientzle/libarchive/).
xmlReader 1.0.1
This extension wraps the libxml xmlReader API. The reader acts as a cursor going forward on the document stream and stopping at
each node in the way. xmlReader is similar to SAX though uses a much simpler API.
runkit 0.1.0
Replace, rename, and remove user defined functions and classes. Define customized superglobal variables for general purpose use.
Execute code in restricted environment (sandboxing).
mqseries 0.8.0
This package provides support for IBM Websphere MQ (MQSeries).
colorer 0.2
Colorer take5 is a syntax highlighting and text parsing library, that provides services of text parsing in host editor systems in real-time
and transforming results into colored text. For details, see http://colorer.sourceforge.net/
While colorer is primarily designed for use with text editors, it can be also used for non-interactive syntax highlighting, for example,
in web applications. This PHP extension provides basic functions for syntax highlighting.
VS.Php 1.1.1 PHPEdit 1.2
Jcx.Software brings news of the immediate availability of PHPEdit proudly announces the release of the
VS.Php version 1.1.1. This update adds support for PhpDoc latest version, PHPEdit 1.2
commenting, secure ftp deployment capabilities and many Next major version of PHPEdit is finally available for down-
bug fixes load. This version includes lots of changes in its internals, and
PhpDoc is a powerful feature of PHP that allows the devel- adds new, powerful features to the IDE, like complete PHP5
oper to add comments to the source code that can be used support, real-time syntax checking, jump to declaration,
to generate documentation. VS.Php uses this information to SimpleTest integration, new document templates,
provide a better intellisense content. For instance, VS.Php is phpDocumentor Wizard and lots of enhancements in existing
able to parse those comments to determine what type is a tools like CodeHint, CodeInsight and CodeBrowser.
particular variable. Intellisense uses this information to bet- This version is available for free to all our customers. You
ter help the developer. This update also adds support for can download it and test it for 30 days. You can also buy a
secure ftp protocol for deploying applications through a license to avoid the time limit.
secure connection. To grab the latest version, visit
For information or to download VS.Php, visit: http://www.waterproof.fr/products/PHPEdit/
http://www.jcxsoftware.com/
CONFERENCES
ApacheCon Europe 05
ApacheCon.com announces:
"ApacheCon Europe, the official conference of the Apache Software Foundation (ASF) will be held July 18-22 in Stuttgart, Germany.
For the forth consecutive year, half- and full-day pre-conference tutorials offer real world insight, techniques, and methodologies
pivotal to the increasing demand for Open Source software. Topics include Scalable Internet Architectures, Web Services, PHP,
mod_perl, Apache HTTP Server, Java, XML, Subversion, and SpamAssassin.
The three main conference days offer a wide range of beginner, intermediate and advanced sessions. ApacheCon attendees have
more than 70 sessions to choose from, to learn firsthand the latest developments of key Open-Source projects including the Apache
HTTP Server, the world's most popular web server software.
With plenty of room for networking and peer discussions, attendees can meet ASF Members and participants during the ApacheCon
Expo, evening events, Birds Of a Feather sessions and a number of informal social gatherings."
For more information visit: http://www.apachecon.com/
May 2005 ● PHP Architect ● www.phparch.com 9
FEATURE
The Anatomy of a Hit
An Advanced PHP & MySQL Hit Counter
by John R. Zaleski, Ph.D.
The combined approach of capturing web page access,
and charting the results provides a simple standalone
capability for graphically displaying hit counts to a web
site that requires only a basic working knowledge of PHP
and MySQL, yet provides a basic model for expanding and
developing a much more sophisticated counter.
Furthermore, the methodology for charting the hit count
data can be decoupled from basic web page access count-
ing for use in academic, business, or other types of data
mining applications where data charting and mining pro-
vide a unique way of comparing and contrasting data as
they change over time.
he following methodology was motivated by a activity.
request from a client of mine who asked me to What developed was a custom hit counter which
Tprovide a web page access counter for their main continues to evolve over time—an example screenshot
corporate web site. A condition of the deal, though, can be seen in Figure 1. The benefits of this hit count-
was that they did not want to show the actual number er are not so much in its uniqueness as in the possibili-
of accesses, publicly, on the web site, itself. Instead, ties it offers to the average PHP developer who is inter-
they wanted to keep track this data privately. ested in evolving their skills in the domain of PHP,
Their reasons for omitting a public counter were in
keeping with the idea that they did not want to broad-
cast the activity on their site to all visitors, and, in keep- REQUIREMENTS
ing with the tone of their message, did not desire to
5.0 or greater
display a typical web page access counter on their site. PHP (5.0.4 available)
Instead, they wanted an access counter that would
provide them with a means of comparing and contrast- Win2K Prof,
OS Win2K Advanced Server,
ing the number of accesses from day to day so that WinXP SP1/SP2
they could analyze advertising impacts on the number
MySQL version 4.0
of visitors who were hitting their site. Other Software
or greater (4.1 available)
As you may know, numerous types of Web counters
exist that are wide ranging in their capabilities and Code Directory hitcounter
styles. However, I wanted to tailor a solution for my
client that would keep track of the number of accesses
itno tah emira sninte,r wthailet wpraosv imdienagn ain gtofuol, toan vdie wco mthpeasera dtiavtea. RESOURCES i
The output would provide an at-a-glance summary that URL http://www.tizag.com/mysqlTutorial/
would allow my client to assess the effectiveness of http://php.resourceindex.com/Complete_Scri
advertising campaigns with respect to changes in site URL pts/Access_Counters/Text_Based/
May 2005 ● PHP Architect ● www.phparch.com 10
F E A T U R E
