There are two goals for the book. The first is to help readers understand why you do things in certain ways. In other words, I want the reader to fully understand what’s going on behind the scenes so that he or she appreciates the context for whatever bit of code. This big picture approach is what I think is missing among the current documentation. The second goal is to demonstrate common tasks using real-world examples.
Continue Reading...Nettuts+ has a good article on 8 regular expressions you should know, useful for every Web developer. The article covers four of the most common matches needed—usernames, passwords, email addresses, and URLs, plus four others. For each, the pattern is presented and described, and examples of what will and won’t match each pattern are included. A quick and worthwhile read!
As you may know, I’ll be writing and self-publishing a book on the Yii framework this fall. I’m working on the table of contents now, and will likely post that in a week. You may also know that Qiang Xue, the creator of Yii, has graciously offered to act as the personal tech editor for the book, as has Alex Makarov, author of the popular Yii 1.1 Application Development Cookbook (Packt Publishing). It’s a great honor that both men have offered their time and assistance, and will clearly make for a better book.
With Yii 2 on the horizon, many readers asked if I planned to write the book for version 2 of the framework. And that answer was “yes”. But with Yii 2 not yet out, other readers are now asking if I’m still planning on writing the book for version 2. Well, in communicating with Qiang, there’s been a bit of a change of plans…
Qiang is working very hard on getting version 2 of his framework right (plus he has a job and family and other things to do). As of now, Qiang expects the alpha of Yii 2 to be out by the end of the year. Once the alpha is available, it would probably only be a couple of months before Yii 2 is production ready. Trying to be flexible, let’s assume that Yii 2 might be out in December and production ready in March 2013. (I know people are eagerly awaiting Yii 2, but the changes in this new version will be in place for years to come, so the new version shouldn’t be rushed. Also, Qiang is one guy, doing all this for free, so let’s cut him some slack, eh?)
Anyway, what does this mean in terms of my Yii book? What I’ve decided to do is write the book now for Yii 1: the version of the framework that you can use today. That way, if you buy the book now, you can use the information now.
If you haven’t caught this part of the plan before, know that I’ll be selling electronic versions of the book to start, and you’ll be able to buy it as I write it, and receive free updates as they are posted.
Next, when Yii 2 is out, I’ll update the book for Yii 2. I’ll probably do this when Yii 2 is in alpha or beta, so as to time the updated book’s completion with the production release of the framework. Those people that bought the Yii 1 version of the book will be able to download the Yii 2 version for free.
This approach means more work for me, but as I’m asking readers to take a bit of a risk in buying the book as I write it, I think it’s the fairest solution. If you buy the book, you’ll get a Yii 1 book and, when the time comes, a Yii 2 book, too.
I expect most people to be pleased with this solution, but let me know if you have any questions or comments. Thanks for the interest in the book!
In this edition…
- What is Larry Thinking? => An Overview of Mobile Web Development
- On the Bookshelf => Head First Mobile Web
- On the Web => Responsive Design with CSS3 Media Queries
- On the Web => Mobile Websites vs. Responsive Design
- On the Web => Bootstrap from Twitter
- On the Web => This is Responsive
- On the Blog => Introduction to Mobile Web Development Slides
- Larry Ullman’s Book News => “PHP and MySQL for Dynamic Web Sites” (4th Edition) and “Modern JavaScript”
There’s a lot of misinformation out and about when it comes to security, which is truly unfortunate. I particularly see misunderstandings when it comes to whether or not the mysqli_real_escape_string() function actually protects you from SQL injection attacks. (Some people erroneously argue that you shouldn’t use mysqli_real_escape_string() and should only use prepared statements.) I recently found a good, in-depth discussion of this specific issue on, not-surprisingly, Stack Overflow.
You can read the whole page, of course (but be careful of the other misinformation demonstrated), but the best, most thorough answer is explained about midway down the page. Spoiler alert: yes, mysqli_real_escape_string() can be circumvented, but only in very obscure situations not likely to apply to you or most everyone else.
