PHP: The Good Parts

Errata for PHP: The Good Parts

Submit your own errata for this product.

The errata list is a list of errors and their corrections that were found after the product was released. If the error was corrected in a later version or reprint the date of the correction will be displayed in the column titled "Date Corrected".

The following errata were submitted by our customers and approved as valid errors by the author or editor.

Color key: Serious technical mistake Minor technical mistake Language or formatting error Typo Question Note Update

Version Location Description Submitted By Date submitted Date corrected
Chapter 9 sections

All instances of the abbreviation for Cross Site Scripting need to be changed from XXS to XSS. This error was submitted via a reader review

There are 6 pages where this problem occurs.

Data Validation Escape Output Cross-Site Scripting (XXS) and

For the sake of simplicity and clarity, we are not concerned here with security of the content coming from the user ($_POST array). Be sure to review Chapter 9 on security, particularly the section titled "Cross-Site Scripting (XXS) and SQL Injection" on

function, 54 counting array elements, 54 cross-site scripting (XXS), 115?116 E echo command

Figure 9-1. Browser showing XXS injection vulnerability The attacker could also attempt to inject additional SQL commands into a form. Entering code like this into a field could expose an SQL injection opportunity: flintstone'; drop table customers; What

Great Escape" on page 34. Cross-Site Scripting (XXS) and SQL Injection Cross-site scripting and ... your underlying code, so try not to be overly obvious in naming your entities. Cross-Site Scripting (XXS

the most basic of levels. The section "Cross-Site Scripting (XXS) and SQL Injection"

Note from the Author or Editor:
correct as reported, these should all be changed to XSS

O'Reilly Media
Jul 27, 2011 
Page 3
Teble 1.1

the URL for Dotproject is listed as "", but it should be ""

Note from the Author or Editor:
You are correct, this will be noted, thanks - P

Scott G Howard  May 26, 2010 
Printed, PDF
Page 49
1st full code section; 2nd full paragraph

Array contains 6 elements of which 'phone' is the sixth, with index position 5.

Therefore code should state:
<blockquote><code>array_splic($myArray, 5);</code></blockquote>
and 2nd and 3rd sentences should state:
<blockquote>In this case, we are telling PHP to remove the <strong>sixth</strong> element from this array. Notice that we are using the index position value here, <strong>5</strong>, and not the key value of 0.</blockquote>

Note from the Author or Editor:
I stand corrected, thanks...


Anonymous  Oct 25, 2010 
Page 50
code section after 2nd paragraph

The code example is missing the closing round bracket. It should read:


Note from the Author or Editor:
Yes that is correct, it is missing the closing bracket - PBM

Bob Monroe  Jan 01, 2011 
Page 65
3rd paragraph (excluding code)

2nd paragraph ends, "...just to get the points of OPP across."

Typo - should be "OOP" :)

Note from the Author or Editor:
Confirmed typo, thanks ...

Anonymous  Oct 26, 2010