PHP - Do only what matters

PHP

Active Record:
Propel
Doctrine
Zend_Db
PHP On Pie

Validation:
http://www.benjaminkeen.com/open-source-projects/smaller-projects/php-validation/
http://www.phpjabbers.com/php-validation-and-verification-php27.html
http://www.html-form-guide.com/php-form/php-form-validation.html
http://phpmaster.com/form-validation-with-php/
http://buildinternet.com/2008/12/how-to-validate-a-form-complete-with-error-messages-using-php-part-1/
http://net.tutsplus.com/tutorials/php/create-instagram-filters-with-php/

Phing:
http://phpmaster.com/using-phing/
http://net.tutsplus.com/tutorials/tools-and-tips/how-to-use-the-nettuts-phing-build-script/
http://net.tutsplus.com/tutorials/other/how-to-query-web-services-with-a-build-script/
http://phpmaster.com/deploy-and-release-your-applications-with-phing/

Slim:
http://net.tutsplus.com/tutorials/php/creating-a-flat-file-blog-engine-using-slim/

Laravel:
http://net.tutsplus.com/tutorials/php/how-to-setup-laravel-4/
http://laravel.com/
http://net.tutsplus.com/tutorials/php/build-web-apps-from-scratch-with-laravel-filters-validations-and-files
http://net.tutsplus.com/tutorials/php/build-web-apps-from-scratch-with-laravel-the-eloquent-orm/
http://net.tutsplus.com/tutorials/php/the-essentials-of-creating-laravel-bundles/
http://net.tutsplus.com/tutorials/php/building-web-applications-from-scratch-with-laravel/
http://phpmaster.com/whats-new-in-laravel-4/

Fuel:
http://net.tutsplus.com/tutorials/php/build-an-admin-panel-with-the-fuel-php-framework/
http://net.tutsplus.com/tutorials/php/getting-started-with-the-fuel-php-framework/
http://net.tutsplus.com/tutorials/php/easy-form-generation-using-fuelphp/

CSS Preprocessor:
http://the-echoplex.net/csscrush/
http://turbine.peterkroener.de/index.php
http://retired.haveamint.com/archive/2008/05/30/check_out_css_cacheer
http://pornel.net/css
http://code.google.com/p/dtcss/
http://csspp.org/
http://www.webresourcesdepot.com/php-driven-css-preprocessor-pcss/
http://pcss.wiq.com.br/

Style Guide

Don't Put phpinfo() in your Webroot
Keep function outside of loops
Use a configuration file for storing application configurations. This configuration file is different across different environments (development, testing, production), therefore should not be in the same repository with the code. The operation team, or the release team, may wish to keep configuration file for production environment in a separate repository for history / rolling back the code.
Information for connecting to databases (IP address, username, and password) are configuration settings
Turn off error reporting with error_reporting(0), and then turn it on if the configuration indicate that this is a development environment
Disable register_globals in .htaccess: php_flag register_globals 0
Disable magic quotes in .htaccess: php_flag magic_quotes_gpc 0 php_flag magic_quotes_runtime 0
Validate input (PEAR Validate)
Prevent "SQL injection" attacks, by using mysql_real_escape_string or prepared statements.
Prevent Cross Site Scripting (XSS) attacks (see below)

Code Igniter

Preventing Cross Site Scripting (XSS) Attacks:

If our site has a web-based HTML editor (TinyMCE, FCKeditor, etc), then we are definitely accepting HTML from our users, and user can format the text however they please. These editors may or may not have ability to prevent XSS, however we should not rely on it. Think what happen if user turn off javascript. They get a standard textarea, and they can put in whatever HTML code they want. One way to prevent XSS attacks is to disallow HTML altogether. However, if we do this, then formating is also disabled, which is not always an option for forum and blog software (and the use of rich text / web-based HTML editor).

If we want HTML mostly disabled, but still want to allow simple formatting, we can allow just a few selected HTML tags (without attributes) such as strong or em. Alternatively, we can allow a popular set of tags called "BBCode" or "BB Tags". This can be a perfect way to allow some formatting customization while disallowing anything dangerous. We can implement BBCode using pre-existing packages such as HTML_BBCode or write our own.

5 Helpful tips for creating secure php applications
http://www.sitepoint.com/phpmaster-role-based-access-control-pchart-ci-with-jenkins-and-more/

Understanding the Factory Method Design Pattern
My FAQs
Gotchas
How To Synchronize Your PHP and MySQL Timezones
Design Patterns
OOP
phpunit
try-catch
Socket Programming

Debuggers
phpdoc
Install or Uninstall PECL extensions
Compile PayflowPro
old

http://www.ebrueggeman.com/blog/register_shutdown_function-a-very-useful-php-function/
http://eirikhoem.wordpress.com/2008/03/15/dying-with-grace-phps-register_shutdown_function/
http://php.net/manual/en/function.register-shutdown-function.php

Using PHP from the command line
http://palisade.plynt.com/issues/2009Dec/secure-coding-php/
http://net.tutsplus.com/tutorials/php/5-helpful-tips-for-creating-secure-php-applications/

debug_backtrace
debug_print_backtrace
error_get_last
error_log
error_reporting
restore_error_handler
restore_exception_handler
trigger_error
user_error

error_log(print_r($arr, true), 3, 'debug log');

print_r(), var_dump(), and var_export() will show protected and private properties of objects with PHP5. Static class member will not be shown.

print_r() will move the array pointer to the end. Use reset() to bring it back to the beginning.

print_r($expression, [bool $as_string = false]);

Frameworks: