Ben Ramsey's Gravatar Ben Ramsey's Profile

About Me: Ben Ramsey is a Software Architect at Schematic, where, with over ten years of Web development experience, he is a leader in the Open Source Platforms Group, designing and developing quality software, setting and enforcing best practices, and training and mentoring software developers. Ben is also a leader in the PHP community. He founded and organizes the Atlanta PHP user group, is the founder of the PHP Groups user group network, is a founding principal of the PHP Security Consortium, and is an original member of the PHPCommunity.org project, which lives on today as the #phpc IRC channel. Ben also speaks at industry conferences around the world. Putting his B.A. in English to good use, Ben has written numerous articles for php|architect, International PHP Magazine, and Zend Developer Zone and has lent his writing talents to several books, including php|architect's Zend PHP 5 Certification Study Guide (php|architect) and PHP 5 Unleashed (Sams).

Last 10 Comments

1

Very nice and much more full-featured that myopenid. I've made the switch. Thanks, Chris!

Posted in /blog/2008/may/openid-with-myvidoop.

Tue, 06 May 2008 at 08:07:50: Link

2

Tim, I did ponder it for a while, but I didn't have a specific resource to which I could point people. I could have pointed people to the PHPGroups.org website, but the project is currently a bit dormant (and I accept most of the fault for that) and doesn't yet provide a directory or map of user groups. While the one place that does provide a directory, PhpUserGroups.org, doesn't attempt to verify any of its listings or purge inactive or non-existent groups. Finally, the one place many people do use to find user groups is Meetup.com, but I've long had a beef with the Meetup model. In my opinion, it doesn't really suit a typical user group model. Plus, they changed their business model mid-swing, requiring all user groups to pay for the service.

So, the PHP user group bullet was to fall in the Connecting with the Community section, but, as far as finding a good, active, and valuable user group to participate in, I can't offer a great resource, but I can say this: if you find a PHP user group in your local area, give back to the community by getting involved and making it better!

Posted in /blog/2007/dec/php-advent-calendar-day-11.

Wed, 12 Dec 2007 at 18:30:56: Link

3

To explicitly set the charset in your Content-Type header for all PHP pages, make sure the following is set in your php.ini file:

default_charset = "UTF-8"

... or whatever character set you wish to use. This will eliminate the need to set a header() from your application, and it will ensure that the Content-Type headers sent look something like this:

Content-Type: text/html; charset=UTF-8

Are there any implications in having the character encoding explicitly set to UTF-8? Also, if the question is elementary, can I cite being a webappsec-impaired designer in mitigation?

Not an elementary question. I think sometimes the use of UTF-8 confuses people into thinking it's being used as a security measure. The use of UTF-8 isn't for security purposes. You could just as well set your charset to ISO-8859-1. The point from a security standpoint is to escape your output in the same encoding in which your pages are being sent to the client. This means that you should explicitly set the charset in the Content-Type header and specify the same charset in htmlentities()/htmlspecialchars().

Using UTF-8 as your charset simply means you can support the display of multibyte characters in the content you send to the browser. If your charset is set to ISO-8859-1, for example, and you try to send a unicode character to the browser, it will render funny.

Posted in /blog/2007/may/character-encoding-and-xss.

Tue, 12 Jun 2007 at 19:10:35: Link

4

Don't forget the International PHP Conference in Stuttgart, Germany. It's the week following php|tek.

Posted in /blog/2007/apr/upcoming-php-and-open-source-conferences.

Tue, 10 Apr 2007 at 08:40:45: Link

5

You should check out http://www.welldesignedurls.org/

The project lead there is a member of Atlanta PHP.

Posted in /blog/2007/jan/url-vanity.

Wed, 17 Jan 2007 at 12:02:55: Link

6

I use the Feedbuner Awareness API on my site to actually create a look-alike feedburner image to fit my template. It's nifty:

http://benramsey.com/archives/creat...-from-xml-data/

Posted in /blog/2006/oct/php-tidbits.

Wed, 25 Oct 2006 at 07:59:02: Link

7

"but it's not like PEAR is suddenly a turd floating in the bowl of PHP development"

What an awesome simile!

Posted in /blog/2006/aug/six-reasons-php-sucks.

Fri, 04 Aug 2006 at 13:44:22: Link

8

I think you mean MLA Handbook.

Posted in /blog/2006/jul/php-security-hoedown-at-oscon.

Mon, 24 Jul 2006 at 13:47:14: Link

9

I'll be there with my flannel shirt, boots, fiddle, and straw hat.

Posted in /blog/2006/jul/php-security-hoedown-at-oscon.

Mon, 10 Jul 2006 at 19:17:27: Link

10

Chris,

Since you have way more than 30 blogs in your del.icio.us blogroll, you should put all those blogs into a feed reader and then generate an OPML file that you upload to your server so that you can generate your blogroll from that. It's what I do. :-)

Posted in /blog/2006/apr/php-blogs-not-on-planet-php.

Thu, 04 May 2006 at 07:59:43: Link

Stats

  • Member Since: 08 Sep 2004
  • Comments: 32

Web Site

benramsey.com

Blog Posts

Coming soon!