Dear PHP-FIG,

Please stop trying to solve generic problems. Solve the 50% problem, not the 99% problem.

Signed,

Anthony

PS:

…

Yes, you read that right. If your project aims to provide backwards compatibility as a primary goal, you’re a sucker. Tons of popular software projects from PHP to Microsoft Windows have stated goals of providing Backwards Compatibility between releases. And yes, I am here to say that they are doing it wrong.

Today, I’m doing a talk at DrupalCon Portland 2013 on Static analysis and code metrics. Here are the slides for that talk. When the videos are posted, I’ll make a followup post that links to it. Click through for the slides!

There’s been a bit of noise in the past week about the proper way to prevent Cross-Site-Request-Forgery (CSRF) attacks. It seemed to have started with this post. There’s been discussion in the comments, and on Twitter about it, and there seems to be several opposing viewpoints on the matter. I want to start off by saying that I agree completely with the post in question. But I figured I’d write a post to explain WHY I agree with it.

This week, we’re going to talk about the topic of Dependency Injection in Object oriented code (specifically PHP). You don’t need a fancy container to do it, it’s actually quite simple to do manually! Check out the video:

When was the last time you were silly? Well, more specifically, when was the last time that you wrote code that was downright silly? I’m not talking about writing code that’s dirty, or hacking something together. I’m talking about writing code that you know before writing won’t work, or is wrong or is just plain silly… I’m talking about the kind of code that you think that if you show other developers, they’ll just sit back and go "Why the #@$% would you do that in the first place?"… Well, I do it quite often, and let me tell you why you should do it more as well!

This week we are joined by Responsive Design thought leader Sam Richard. He introduces us to the concept of responsive web design, tells us a little bit about its history and talks about best-practice and the future of the web! Check out the video:

There are numerous articles on the web about how to properly use bcrypt in PHP. So this time, rather than write yet-another-how-to-use-bcrypt article, I’m going to focus on the mistakes that are commonly made when implementing bcrypt. So, let’s dive right in:

Brandon Savage has recently posted two blog posts portraying his opinion that using private visibility on class methods can be considered harmful in a lot of situations. While I understand the point he is trying to make, I can’t say that I agree with it. I do like private visibility and think that it’s actually under-used in a lot of software. But it’s not because I think Brandon is wrong…

There’s nothing as universally controversial in this world as change. Change can be (in aggregate) for the better or for the worse, yet people will always be split down the middle. Some will believe that the change is a good thing, and others will see it as a bad thing. Often your view points will be dictated by your perspective and how the change will directly effect you. When it comes to software projects and change, what’s the right thing to do?