www.it-ebooks.info
Table of Contents
Title Page
Copyright
Dedication
Credits
About the Authors
Acknowledgments
Introduction
Who Should Read This Book?
Comparative Approach
Structure of This Book
Source Code
Conventions
Contact Us
Errata
p2p.wrox.com
2
www.it-ebooks.info
Chapter 1: Introducing Symfony, CakePHP, and Zend
Framework
What are Web Application Frameworks and How are They
Used?
Open Source PHP Web Frameworks
Design Patterns in Web Frameworks
Chapter 2: Getting Started
Requirements
Installation
Configuration
Hello World!
Structure

IDE Support
Chapter 3: Working with Databases
Object-Relational Mapping
Database Configuration
Communication with a Database
Chapter 4: Your First Application in the Three
Frameworks
3
www.it-ebooks.info
Design
Symfony
CakePHP
Zend Framework
Chapter 5: Forms
Field Validation
Customizing Forms
Using Captcha as Spam Protection
Chapter 6: Mailing
Creating Mailing Applications
SwiftMailer
CakePHP's Mailing Component
Zend Mailer
PHPMailer
Chapter 7: Searching
Problem
Solutions
4
www.it-ebooks.info
Chapter 8: Security
Setting Secure Connections

Securing a Profile Form Against XSS and Injection
Attacks
CSRF
Chapter 9: Templates
Creating a Simple Image Gallery by Using Helpers and
Lightbox
Using Template Engines within Web Frameworks
Overview of Other Add-on Template Engines
Chapter 10: AJAX
Introducing AJAX
Autocomplete
Dynamic Popup Windows
AJAX User Chat
Chapter 11: Making Plug-ins
Symfony
CakePHP
5
www.it-ebooks.info
Zend Framework
Chapter 12: Web Services
Restful News Reading
Providing Soap Web Services in E-Commerce
Applications
Chapter 13: Back End
Symfony
CakePHP
Zend Framework
Feature Summary
Chapter 14: Internationalization
Internationalization Defined

Symfony
CakePHP
Zend Framework
Chapter 15: Testing
Introducing Testing
6
www.it-ebooks.info
Black-Box Registration Form Testing Using Functional
Tests
CMS Tests Automation Using Selenium
Mailing Unit Testing
Chapter 16: User Management
Basic User Management
Identifying Users Using LDAP Implementation
Chapter 17: Performance
Using JMeter for Stress, Load, and Performance Tests
Benchmarking
Development Speed
Chapter 18: Summary
Features
And the Winner Is…
Appendix A: Web Resources
General
Symfony
CakePHP
7
www.it-ebooks.info
Zend Framework
Design Patterns
ORM

Databases
LDAP
Searching
Testing
Security
PDF
Web Services
Mailing
Templates
IDE
Javascript
AJAX
CMS
CodeIgniter
8
www.it-ebooks.info
Lithium
Agavi
Appendix B: CodeIgniter, Lithium, and Agavi with Code
Examples
CodeIgniter
Lithium
Agavi
Glossary of Acronyms and Technical Terms
Index
9
www.it-ebooks.info
10
www.it-ebooks.info
Building PHP Applications with Symfony™, CakePHP,

and Zend® Framework
Published by
Wiley Publishing, Inc.
10475 Crosspoint Boulevard
Indianapolis, IN 46256
www.wiley.com
Copyright ©2011 by , Karol Przystalski, and
Leszek Nowak
Published by Wiley Publishing, Inc., Indianapolis, Indiana
Published simultaneously in Canada
ISBN: 978-0-470-88734-9
ISBN: 978-1-118-06792-5 (ebk)
ISBN: 978-1-118-06791-8 (ebk)
ISBN: 978-1-118-06790-1 (ebk)
No part of this publication may be reproduced, stored in a
retrieval system or transmitted in any form or by any
means, electronic, mechanical, photocopying, recording,
scanning or otherwise, except as permitted under Sections
107 or 108 of the 1976 United States Copyright Act,
11
www.it-ebooks.info
without either the prior written permission of the
Publisher, or authorization through payment of the
appropriate per-copy fee to the Copyright Clearance
Center, 222 Rosewood Drive, Danvers, MA 01923, (978)
750-8400, fax (978) 646-8600. Requests to the Publisher
for permission should be addressed to the Permissions
Department, John Wiley & Sons, Inc., 111 River Street,
Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008,
or online at />Limit of Liability/Disclaimer of Warranty: The

publisher and the author make no representations or
warranties with respect to the accuracy or completeness of
the contents of this work and specifically disclaim all
warranties, including without limitation warranties of
fitness for a particular purpose. No warranty may be
created or extended by sales or promotional materials. The
advice and strategies contained herein may not be suitable
for every situation. This work is sold with the
understanding that the publisher is not engaged in
rendering legal, accounting, or other professional services.
If professional assistance is required, the services of a
competent professional person should be sought. Neither
the publisher nor the author shall be liable for damages
arising herefrom. The fact that an organization or Web site
is referred to in this work as a citation and/or a potential
source of further information does not mean that the author
or the publisher endorses the information the organization
or Web site may provide or recommendations it may
make. Further, readers should be aware that Internet Web
sites listed in this work may have changed or disappeared
between when this work was written and when it is read.
12
www.it-ebooks.info
For general information on our other products and services
please contact our Customer Care Department within the
United States at (877) 762-2974, outside the United States
at (317) 572-3993 or fax (317) 572-4002.
Wiley also publishes its books in a variety of electronic
formats. Some content that appears in print may not be
available in electronic books.

Library of Congress Control Number: 2010942182
Trademarks: Wiley, the Wiley logo, Wrox, the Wrox
logo, Wrox Programmer to Programmer, and related trade
dress are trademarks or registered trademarks of John
Wiley & Sons, Inc. and/or its affiliates, in the United
States and other countries, and may not be used without
written permission. Symfony is a trademark of Fabien
Potencier. Zend is a registered trademark of Zend
Technologies, Ltd. All other trademarks are the property of
their respective owners. Wiley Publishing, Inc., is not
associated with any product or vendor mentioned in this
book.
13
www.it-ebooks.info
For my beloved Olcia, who keeps inspiring me to achieve
goals I could have never dreamed of. The way you are able
to solve with your pure wisdom all the analyti-cally
unsolvable problems, your dedication, and your sense of
humor still amaze me every day. And the sweet cakes (no
PHP added) you baked for me while I was writ-ing this
book were simply delicious. I would also like to thank my
parents for their continuing faith and support.
—
For Agata.
—Karol Przystalski
I dedicate this book to my parents, for their constant love
and support. They made this book possible. I also warn
any readers of this book not to try and run the code
examples backward! It may cause hellspawns to appear out
of thin air.

—Leszek Nowak
14
www.it-ebooks.info
Credits
Executive Editor
Carol Long
Project Editor
Tom Dinse
Technical Editor
Wim Mostrey
Production Editor
Daniel Scribner
Copy Editor
Nancy Sixsmith
Editorial Director
Robyn B. Siesky
Editorial Manager
Mary Beth Wakefield
Freelancer Editorial Manager
Rosemarie Graham
15
www.it-ebooks.info
Associate Director of Marketing
Ashley Zurcher
Production Manager
Tim Tate
Vice President and Executive Group Publisher
Richard Swadley
Vice President and Executive Publisher
Barry Pruett

Associate Publisher
Jim Minatel
Project Coordinator, Cover
Katherine Crocker
Proofreader
Word One
Indexer
Robert Swanson
Cover Designer
16
www.it-ebooks.info
Michael E. Trent
Cover Image
© Xiaoke Ma/istockphoto.com
17
www.it-ebooks.info
About the Authors
is a video games, web applications, and
C++ software developer. He works as Brain-Computer
Interface researcher and lecturer at Jagiellonian University
in Kraków.
KAROL PRZYSTALSKI is a Software Quality Engineer
at Sabre Holdings and a PhD student at Jagiellonian
University in Kraków. He has worked with Symfony since
its earliest versions and wrote a book on the Symfony
framework.
LESZEK NOWAK has years of experience in web
development and graphics design with such frameworks as
Django, CakePHP and CodeIgniter. He also works with
3D modelling, animation, image recognition, and artificial

intelligence development. He says, “Science is fun, if used
in games.”
18
www.it-ebooks.info
Acknowledgments
NO BOOK IS THE SOLE effort of its authors, especially
such a long book. It took long months and countless cups
of coffee to keep us awake and writing and programming
the code examples. We could not have made it through this
if not for the help and patience of many kind souls.
First of all, we want to say a big THANK YOU! to the
Wiley/Wrox team we had the pleasure of working with.
Carol Long showed great patience and motivated us when
we were down. Tom Dinse and Nancy Sixsmith worked
hard to get our English right. Wim Mostrey made sure that
all technical matters are 100% correct. Ashley Zurcher
helped to successfully deliver the book to the market, and
Helen Russo took care of our legal matters. It was really
fun to work with you folks!
We also want to thank our superiors on the faculty of
Physics, Astronomy, and Applied Computer Science of
Jagiellonian University in Kraków: dr hab. Ewa Grabska,
prof. dr hab. Maciej Ogorzałek, prof. dr hab. Maciej A.
Nowak, and dr hab. Paweł W grzyn, who were really
supportive and did their best not to swamp us with
additional jobs while we were busy writing.
Finally, our thanks go also to all the developers who
dedicated their precious time to write good documentation
and share their knowledge.
19

www.it-ebooks.info
Introduction
Honest differences are often a healthy sign of progress.
—Mahatma Gandhi
For a long time, PHP was disregarded as a language not
serious enough for rich web applications. Everyone knew
it was popular and perhaps good for small one-shot
projects, but all the praise was reserved for the aristocratic
elite of frameworks such as Spring, Ruby on Rails, or
Django. Only recently has the situation changed, and it
changed dramatically. In 2007, it became clear that PHP
has not just one, but three major web application
frameworks extending capabilities of this language:
Symfony, CakePHP, and Zend Framework. The pace of
development was fast and steady. Object-oriented source
code written in PHP5 was elegant and maintainable. More
and more new projects began using them, and their
successful completion made the PHP frameworks even
more popular.
Nowadays, the popularity of PHP web development
frameworks surpasses all others (the evidence is inside this
book), and they have become a leading force in the
industry. The aim of this book is to gather as much
knowledge about this dynamic force as possible and
portray all the features these frameworks provide to our
fellow programmers.
Who Should Read This Book?
20
www.it-ebooks.info
If you are actually looking for a vampire novel, put this

book back on the shelf. Immediately. If you are a
hard-core Assembler programmer who needs no web
interfaces at all, you might not be interested, either.
However, if you are involved in some kind of web
development, you will probably find this book useful. It is
thick and heavy enough to cover a wide range of topics
and provide various perspectives for all kinds of readers:
• Professional PHP web application developers were the
first people we thought of when we started writing this book,
perhaps because we are PHP programmers, too. Frameworks
offer multiple advanced features that can make our lives
easier and more exciting. That's why we wanted to dig
deeper and try out whole potentials of different frameworks
and thoroughly compare them for your pleasure and
convenience.
• Experts in Ruby on Rails, Django, TurboGears, Struts,
ASP.NET, or other non-PHP frameworks who want to
take a closer look at PHP. Instead of buying separate books
for each framework or choosing one more or less at random,
they can benefit from comparing examples hands-on. They
can experience the differences between the frameworks,
which sometimes are really subtle, and perhaps switch to
PHP one day.
• Students and PHP beginners should not be afraid of the
complexity of some more advanced topics. This book is a
tutorial, but it is also much more! We have put a lot of effort
into making it accessible. The first part of this book, “The
Basics,” covers everything to get the whole thing (or even
three things) running. The second part, “Common Tasks,” is
more than adequate to serve the needs of most academic

courses or a plan of individual education. The rest of the
book will be very useful if you decide to continue your
romance with any one of the frameworks.
• Project managers, analysts or system administrators who
often decide on which technology to choose or who need a
21
www.it-ebooks.info
deeper understanding of existing computer systems and
applications. We have prepared a whole part (Part 4,
“Comparison”) that is focused on comparing the three
frameworks and discussing their capabilities.
• Advanced non-web programmers, such as C++ application
engineers or database experts who want to explore the vast
world of web development, will find that this book is also a
good starting point for them. They might be delighted with
the object-oriented approach of PHP5, the rapid building
process made possible with the frameworks, and all the
advanced features provided by them. Meanwhile, the
comparative approach provides a broad view of web-specific
problems, and the tutorial side of the book prevents being
stuck simply with more trivial tasks.
Comparative Approach
There are many great tutorials and books on each of the
frameworks covered in this book. What makes this book
unique is the comparative approach we've adopted. We
wanted to do more than just present three advanced
technologies—we wanted to point out their advantages and
disadvantages by comparing how each solves certain
problems. This gives you a very practical tutorial-like
experience and a solid base for more advanced discussion.

It allows you to formulate your own views on PHP web
frameworks and their suitability for your needs.
Flame wars are a hallmark of all discussions about web
frameworks. Everyone has a favorite and tries to promote
it against all others. The problem is that all web
frameworks are used for the same purpose, but have
different internal structures. Knowing one of them is
generally enough to produce web applications, so there are
few people interested in mastering multiple tools of this
22
www.it-ebooks.info
kind. This makes comparisons difficult. No wonder many
discussions are based on stereotypes, personal opinions,
and unverified data.
In this situation, many unanswered questions arise: Which
framework is best suited for my particular purpose? Which
one is the quickest to learn? Which one produces
applications the fastest? Which one has the richest
features? Which one will I like best? Is there one that
surpasses all the others? We have asked these questions
ourselves and found no reliable answers. However,
because these questions are often asked by other
developers, we decided to do our best to find the solution
and then share it in this book. The results were often really
surprising.
Structure of This Book
The main principle of this book is to show how to do some
tasks in each framework (in parallel wherever possible).
To accomplish this, each example is repeated for each
framework. Sometimes the solutions are really similar in

order to make all subtle differences easily visible, but
sometimes one framework provides a unique solution, in
which case we are not afraid to use it. The book is divided
into four parts that will gradually introduce you to the
complexities of PHP frameworks. More experienced
developers can freely skip the first part or read only the
chapters they need.
Basics
23
www.it-ebooks.info
Chapter 1: Introducing Symfony, CakePHP, and
Zend Framework—One of the biggest hardships with
most frameworks is how to get started. This chapter
addresses that problem with a comprehensive tutorial
starting with a general discussion of web application
frameworks, their structure, and the underlying
Model-View-Controller (MVC) pattern. We also briefly
present all available frameworks and explain why we
chose Symfony, CakePHP, and Zend Framework for
detailed comparison.
Chapter 2: Getting Started—Next we move to
installation and configuration. We provide instructions
for Windows, Linux, and MacOS operating systems for
every framework as well as the chosen database and
web server. This is a stage in which many things can go
wrong and discourage an inexperienced developer, so
we are extra meticulous.
Chapter 3: Working with Databases—All frameworks
are installed over a database engine, so Chapter 3 is
dedicated to mitigating differences between relational

databases and the world of object-oriented
programming. Then you learn how to communicate with
a database from the level of the frameworks, which
encompasses constructing an object model with schema
files and direct communication with databases through a
command-line interface.
Chapter 4: My First Application in the Three
Frameworks—Finally some programming. With all
frameworks properly configured and running in your
favorite environment, it is time you wrote your first
24
www.it-ebooks.info
application. The address book example presented in this
chapter explains how to use tools to develop web
applications quickly and efficiently.
Common Tasks
Chapter 5: Forms—This part of the book focuses on
the standard elements used by every web developer in
his everyday work. The first of these elements are user
input forms. You'll start with a simple problem of
validating fields and then move on to customizing forms
for various application needs. Finally, we'll discuss
protection against automated forms submission, namely
Captcha.
Chapter 6: Mailing—Mailing is another common task
required in nearly all web applications. We need it for
user registration, sending announcements, and
commercial advertising. In this chapter, several mailing
engines will be presented and implemented:
SwiftMailer, CakeMailer, ZendMailer, and PHPMailer.

Chapter 7: Searching—This chapter starts with
in-depth theoretical descriptions of full-text searching,
commonly used algorithms, and approaches. Then we
move to practical solutions using the popular search
engines Sphinx, Lucene, and Google Custom Search.
Chapter 8: Security—Security issues are always
important for a professional web developer. After
reading this chapter, you will know how to provide
secure connections and defend against the two most
dangerous kinds of attacks: server-side XSS injections
25
www.it-ebooks.info