The book covers a lot of ground, even though it looks rather thin. Derick does a wonderful job of introducing date/time matter in the opening chapter, covering all the calendar switches (Julian to Gregorian) and its complexities (did you know Feb 30th has already happened once?) as well as timezones, solar times and details of daylight-saving time. This is all invaluable information for anyone working with dates.

The remaining chapters delve into the various operations we use with and around date and time, like parsing, representing and manipulating date and time values. It directs attention to various features of the PHP functions that handles timezones and daylight savings. Its also very interesting that the book fully covers and makes crystal clear the new features in PHP 5.3 that pertains to this topic.

The book explores PHP internals and describes how to use timezones and to update the internal timezone database, as well as how to deal with database engines and still get back correctly timezoned dates.

Guide to Date and Time Programming is a really pleasant read. In a very orderly fashion Derick covers all the steps before introducing new issues, instead of just raising issues without fully explaining what they are about. The book functions very well as reference book, since documentation on this topic is not all it should be in the PHP Manual. This is a must-read book for anyone that has ever had to deal with handling date or time in a PHP system, or anyone who plans on launching systems that are aware of timezone differences.

php/architect’s Guide to Date and Time Programming

by Derick Rethans

Paperback: 152 pages

Publisher: Marco Tabini & Associates, Inc. (April 20, 2009)

Language: English

ISBN-10: 0981034500

ISBN-13: 978-0981034508

Available from Amazon

Even though it was published in 2005, the issues that “Essential PHP Security” addresses is still very relevant today. Written by Chris Shiflett, the book goes through various security aspects associated with a PHP application, and for that reason its content can be considered up to date and applicable to various day-to- day situations faced by developers.

The book has a very easy going approach to exposing the various aspects of security it addresses. These aspects are very clearly exposed and separated into differenct chapters, covering everything from forms to includes and security in shared hosting environments. Each topic is analyzed in detail and internally divided into exploits and attack strategies for that security flaw. In this way the book becomes an easy to access reference book where its possible to go directly to the chapter that addresses the specific aspect you are coding for right now and allowing you to know which flaws to look out for. The introductory chapter presents Principles and Practice of Security which can be applied in any application and any language, for example “Defense in Depth”, which demonstrates the fact that security is much bigger than merely analyzing specific points of you application.

Even thought is has been published a few years ago, the book addresses topics like XSS that play a important role in the AJAX driven web we observe nowadays. Old friends like Session Hijacking and SQL Injection are analyzed from various points of view, aligned to the various segments of an application. This structure makes for a very light and enjoyable reading experience which can easily be fit into a few spare moments, or even in the waiting room of the occasional visit to the doctor’s office (it worked for me anyway).

This book deserves to be part of any developer’s bookshelf, at least to serve as a reminder and inspiration for reflection, even in a world where more and more Frameworks internalize all aspects of security – but as I always say, we developers should always know what is going on behind the curtains.

Essential PHP Security A Guide to Building Secure Web Applications

By Chris Shiflett
October 2005
Pages: 124
ISBN 10: 0-596-00656-X | ISBN 13: 9780596006563

You can buy the book from Amazon