Some advices about using php.

If you're a newbie and are looking to buy a book remember this:

• Always look for the NEWEST edition! This is a must. When I started reading it was from a PHP 4 book where they used global variables. I mean $bla instead of $_POST['bla']. Since php 4.2(?) register_globals has been turned OFF by default, because it's a major security threat.Some of the guys I work with in the same company use global variables to write their code. I can't tell you what headache it is when I have to edit one's code until I find out where is the definition of each variable.
• Use <?php instead of <?. Use <?php echo $variable; ?> instead of <?=$variable?>. Yes, I know it's shorter, but short_tags has been turned off by default since PHP 5.
• If you are working with a lot of people always write comments here and there. Remember that one day you may edit one's code and it would be much better if he/she wrote a lot of comments.
• The other thing I already mentioned above was about the global variables. Always use $_POST['var'], $_GET['var'], $_COOKIE['var'], etc... instead of $var. Global variables are way unsecure. Check out this example:

<?php
// define $authorized = true only if user is authenticated
if (authenticated_user()) {
$authorized = true;
}

// Because we didn't first initialize $authorized as false, this might be
// defined through register_globals, like from GET auth.php?authorized=1
// So, anyone can be seen as authenticated!
if ($authorized) {
include "/highly/sensitive/data.php";
}
?>

See what I mean?