Not PHP-specific but a great collection of Ajax examples. I’m all about the Ajax these days. Should probably be a future meeting topic.

http://www.fiftyfoureleven.com/resources/programming/xmlhttprequest/examples

I’m sitting around on a Saturday, trying to cram enough about WebServices in PHP into my head to write a descent SoapServer/SoapClient presentation…when it hits me: “What do you mean I have to write the WSDL myself?!”

PHP 5’s new SOAP extension is just as amazing as the rest of the new XML extensions. If you are new to all of this, don’t fret. SOAP is just a defined way of accessing classes on another server. These classes are exposed as Web Services or (more specifically) SOAP Servers.

[size=larger][b]Hey! Where’s the [i]Wiz-dill[/i][/b][/size]
At the heart of a SOAP conversation is WSDL…the Web Services Definition Language. Now, I’m guessing because PHP is a “mostly” typeless language, the SoapServer extension requires you to provide the WSDL yourself. For the curious, yet uninitiated: WSDL is the definition of what your web service can do. Let’s look a little closer shall we?

For example, you might have a WSDL document that describes your new MicrowaveOven web service. This WSDL document contains the method names, arguments, expected types, etc of your MicrowaveOven.

With this WSDL a SoapClient would know exactly how to ask your $microwaveOven->getTimeRemaining() or be able to $microwaveOven->addMaterial($food). Because all of the conversation’s meta-data is contained in the SOAP Request and Response, it can all happen nearly automatically…depending on your library of choice.

[b][size=larger]The Brighter Future[/size][/b]
Now, if you happen to use .NET or ColdFusion MX, I’m sure you are snickering at the fact we don’t have a WSDL generator. Well, I’m not terribly concerned. Not only is the SoapServer class just getting off the ground, other options in the PHP Community are starting to appear.

For example, if this kind of thing interest you: be sure to keep an eye on Cerebral Cortex. This new PHP 5 framework is looking like an amazing offering. But, of note here are some of the SOAP Web Services Integration pieces. For example, take a look at their examples for their [url=http://synapticmedia.net/cerebralcortex/index.php?area=Main&page=CrtxSoapServer]Crtx_SOAP_Server[/url], [url=http://synapticmedia.net/cerebralcortex/index.php?area=Main&page=CrtxSoapAutoDiscover]Crtx_SOAP_AutoDiscover[/url] and [url=http://synapticmedia.net/cerebralcortex/index.php?area=Main&page=CrtxXmlWsdlCreator]Crtx_XML_WSDL[/url] classes.

The Crtx_SOAP_AutoDiscover uses your phpdoc comments to add the type hinting that is needed for your WSDL. Pretty clever really.

[b][size=larger]So, what about the SOAP talk?[/size][/b]
I think I’ll go ahead and hold off on the Web Services talk until there is some way to have something like (the as yet unreleased) crtx objects make the WSDL for me.

For those of you who were [i]really[/i] wanting to see how to write your own service, or query other SOAP services, I don’t want to leave you out in the cold. Zend has written an excellent article (with lots of pretty examples) on [url=http://www.zend.com/php5/articles/php5-SOAP.php]PHP 5’s SOAP extension[/url].

[b][size=larger]Go take a REST[/size][/b]
‘Course, you could always take the pragmatic aproach, and look at getting a little REST. It might not be as “cool” as SOAP, but it sure is fast and easy! Don’t decide on your webservices strategy until you have read Adam Trachtenberg’s [url=http://www.onlamp.com/pub/a/php/2003/10/30/amazon_rest.html]PHP Web Services Without SOAP[/url]

No, go write me some cool webservices to query up against. 🙂

Happy Coding!

Jason Lotito has posted a small (but growing) [url=http://forums.devnetwork.net/viewtopic.php?t=29269]list of resources[/url] related to security and PHP. There are links to the [phpsec] mailing list and plenty of reads that will keep you busy for hours.

Once again, Harry Fuecks says something on [url=http://www.sitepoint.com/blog-view.php?blogid=9]his blog[/url] that makes me think: “Of course! That’s Brilliant!” This time, he tries to debunk the age-old wisdom that an OOP implementation is slower than it’s procedural counterpart.

Of course, this is a correct statement…but, [url=http://www.sitepoint.com/blog-post-view.php?id=223760]as Harry points out[/url]; only if you don’t take advantage of some of the things OOP helps you do. Of course, even your proceduralists out there could read this and think up ways to implement his ideas in functions…so everyone should at least take a peak.

I’m sure that many of you have heard of a little thing called “[url=http://www.devshed.com/c/a/Security/A-Quick-Look-at-Cross-Site-Scripting]cross-site scripting[/url].” If you haven’t, or you have never thought about how it may affect you or your websites; please take the time to read [url=http://www.devshed.com/c/a/Security/A-Quick-Look-at-Cross-Site-Scripting]this article[/url] on DevShed. It does a pretty good job at showing you what XSS is, how to prevent it from happening, and why you should care.

An [url=http://enterprise.linux.com/article.pl?sid=04/12/22/0028257]article on linux.com[/url] shows a couple of examples of using PHP scripting to perform sysadmin tasks on servers.

More info can be found on the [url=http://www.php.net/manual/en/features.commandline.php]Command Line manual[/url] page on PHP.net.

This is definatly one of those things that I’m not sure I would ever use, but it is certainly cool enough to share. Using a little php and javascript, [url=http://axisfive.net/aboutsiir/]this script[/url] seemingly allows you to replace the content of any tags (h1 for example) with a nice graphic of the text in any font/size/color you choose.

No image support? no problem…alt property supplied on replace
No JS support? no problem…css marks up your h1 as normal
No visual support? no problem…screen reader reads your h1 or alt tag

Pretty cool in theory. It has built in, server-side cache support, etc. I’m a little squimish about a DoS vulnerability…someone flooding your site with obscene image generation requests. But, that could be trapped. What do you all think?

From Kansas City’s own Alex Leigh:

“I wanted to let you know that I recently wrote an article that perhaps some of your readers would be interested in, which hopefully draws some concern and will provoke some thought about interface design as it relates to the web. The URL is http://www.ashpool.com/strategy/2003/12/webhid/“

I found this web log entry today that I just had to share with you all. If you have the time, I higly recommend reading it. Sure it uses Python for its examples, but the premice is the same. As a PHP user with strongly typed roots…these words really hit home.

Now, if only I can get “Test Infected.”

Thinking About Computing
Bruce Eckel’s Web Log
5-2-03 Strong Typing vs. Strong Testing

Interesting legal case, as [url=http://www.sbc.com]SBC[/url] (we should DOS them) claims that they have the [url=http://www.theregister.co.uk/content/6/28985.html]patent rights[/url] to any frame or menu based navigational system. Appearantly, they are requesting [url=http://www2.museumtour.com/sbc.html]royalty fees of 2%[/url] of total revenue of any site that uses such navigation methods.

Not happy with the street smarts of their legal counsel. When will they learn?