Slashdot Mirror
Beginning PHP 5 and MySQL E-Commerce
The authors use a T-shirt shop scenario as their model for the design and implementation of their e-commerce site. The book is separated into three distinct "phases" of development. Phase I covers the foundations of creating the Web site, what tools to use and how to use them including creating a product catalog, incorporating a search tool, using PayPal payment processing and adding an administration interface. Phase II proceeds with enhancing the site with a custom shopping cart, a client-server ordering process, a page for pending order administration and a dynamic product recommendations system. Phase III looks at a more complicated customer accounts scenario: taking credit cards instead of using PayPal, building an order-processing pipeline, implementing credit card gateways, adding a product reviews system and accessing web services using SOAP (Simple Object Access Protocol) and REST (Representational State Transfer) XML-based protocols.
Chapter 1 introduces business strategies for considering an online commerce solution and the reasons for launching an e-commerce presence: acquiring more customers, making customers spend more and reducing the costs of fulfilling orders. A thorough read of Appendix C ("Project Management Considerations") would be a good aside at this point. This section provides excellent insight into choosing an appropriate software development cycle model for different projects with a good discussion of advantages and disadvantages of various methods and theories.
Chapters 2 through 7 constitute Phase I proper. The authors begin by tackling the basic structure of the site and focusing on flexible design, scalability and reliability. They introduce a three-tier architecture model: the presentation tier (dynamic pages that contain the elements that allow visitor to the site to interact effectively with the business end), the business or middle tier (requests for data that are posed by the visitor are passed on by the presentation tier to the data tier) and the data tier (manages the data and sends appropriate responses back to the business tier when requested).
Chapter 2 lays the groundwork for the reader to establish the TShirtShop site and accompanying database. Installation instructions for Apache 2, PHP 5, MySQL 4 and phpMyAdmin are referenced to Appendix A. Instructions for installing other tools used in this book - the Smarty template framework for PHP and PEAR DB - are included within Chapter 2. I quite admire the authors' choice to use Smarty. Smarty parses templates behind the scenes and creates PHP scripts from them so when a Web page is rendered, Smarty reads from the PHP scripts instead of pulling the templates themselves, eliminating run-time parsing of templates. Smarty also has built-in caching of template outputs, which saves on overhead in retrieving data from the database.
After creating the main index.php page and the index.tpl Smarty template, the authors discuss error handling and reporting (with a nod to PHP's often head-scratching error messages). They provide a nice set of instructions here for creating an efficient error handling/reporting scheme. The last step in Chapter 2 is to load phpMyAdmin and create the new tshirtshop database and an admin user.
From this point forward, the authors structure each chapter to adhere to the three-tier model. Implementing the presentation tier, the business tier and the data tier is an integral part of the construction of the site. The reader is encouraged to begin every major aspect of the project with these elements in mind.
Chapters 3 and 4 lead the reader through the creation of the product catalog for the TShirtShop site. The authors give a brief overview of SQL, relational databases, using PEAR DB and Smarty plug-ins. The first table is created and populated with data, PEAR DB is used to access the data and a Smarty template is used to implement the user interface. Multiple tables are then added to enhance product catalog features, which allows for a discussion of table relationships. Filtering SQL results and joining data tables are then examined in the section on implementing the data tier.
Chapter 5 introduces a product search engine to the site by using MySQL to search the database and using Smarty templates to build the user interface. This is a major component of any e-commerce site and the authors prepare an excellent code set for this purpose by using the full-text searching functionality of MySQL. The pros and cons of this versus using LIKE are also discussed.
Chapter 6, "Receiving Payments Using PayPal", will be of great interest to many readers. Many individual proprietors and small businesses don't have the resources to process credit cards and therefore use Internet Payment Service Providers to process transactions. In this chapter, the authors teach the reader how to create a new PayPal account, how to integrate the PayPal shopping cart and custom checkout and how to configure PayPal to automatically calculate shipping costs. There is a bit of missing code in this chapter but it appears correctly on this book's Apress errata page (apress.com).
The last chapter of Phase I covers implementation of a catalog administration page using componentized templates and a simple authentication scheme for administrator access to the page.
By the completion of Phase I, the design and programming for a completely functional e-commerce site is in place.
Phase II begins with a pros and cons discussion of using a simple cart method like PayPal versus creating a custom shopping cart and checkout to enhance flexibility. There are some neat tricks here including storing the cart ID as a cookie on the client.
In Chapters 8 and 9, the reader learns how to store cart info in the database, how to implement a client-side ordering mechanism and an orders administration page for pending orders. The benefit to this is that since the data is now stored in the database, quantitative analysis and tracking can be done based on the products sold.
In Chapter 10, the authors add product recommendations to their TShirtShop site. This dynamic visitor-specific functionality is an excellent sales strategy intended to boost sales by adding suggestions for upgrading a purchase or complementing a purchase with another product. The items recommended are based on what products were ordered together by other customers. The SQL query to get the list of products is very nicely done!
This concludes Phase II and the site is again fully functional but with some neat new enhancements: the site has its own shopping cart, credit card processing is accomplished through PayPal and an orders administration page and product recommendations system have been added. Many individually run or small businesses may stop at this point and be completely content with the e-commerce site that has been developed so far. But the authors proceed with more complex scenarios by offering Phase III: "Processing Orders and Adding Features". This final section of the book deals with processing credit cards, using SSL to encrypt data transactions, storing customer accounts, adding a customer product review system (think Amazon.com) and using XML Web services to integrate Amazon.com products into the site.
The authors spend some time covering the design of the order pipeline and optimizing the logical sequence of tasks that need to be tracked. Chapter 12 deals with the modifications necessary to the enable pipeline processing and the database schema changes for auditing and storing data. Chapter 13 implements the pipeline sections in preparation for adding full credit card transaction functionality in Chapter 14 and rounds out with the creation of a new orders admin page that shows an audit trail for any particular order stored in the database.
Full implementation of credit card orders is completed in Chapter 14. The authors discuss credit card transaction fundamentals including working with credit card payment gateways, understanding transactions and card processing. They look at two payment services providers as examples: DataCash (a UK-based company) and Payflow Pro (a division of Verisign).
Product review integration is the subject of Chapter 15. This is another highly coveted enhancement to e-commerce sites. The authors provide a very simple (and therefore, elegant, in my view) implementation of code to add review capabilities to the sample site.
The final chapter of the book is Chapter 16, "Connecting to Web Services", where the authors complete their professionally developed TShirtShop e-commerce site by integrating the Amazon E-Commerce Service using SOAP and REST.
Appendices A-C cover necessary application installation (as mentioned above), hosting advice, steps for getting your files where they need to be on various hosting models and project management theory. Access to code and errata is available on the Apress Web site (apress.com). This book has a nice layout, clean typography, plenty of screen shots and the code sets are offset from the main body of text and are extremely easy to follow. The book can readily be propped open while looking on from your development machine and the overall size of the book isn't unwieldy or awkward to place on a surface.
In the The Expert's Voice in Open Source series, Apress has harnessed the knowledge and expertise of some of the best folks in open source and this book is no exception. Cristian Darie has previously written several well-regarded volumes (Programmer's Guide to SQL, Beginning ASP.NET E-Commerce, Visual C# .NET: A Guide for VB6 Developers, among others) and his skill in untangling complex subject matter is apparent in Beginning PHP 5 and MySQL E-Commerce. Both authors have prepared a book that will enable any intermediate developer to create a fully functional e-commerce Web site that they can then customize and extend. This book is consistent, well organized and clearly presented. Beginning PHP 5 and MySQL E-Commerce: From Novice to Professional is the perfect tutorial-style book for start-to-finish e-commerce site development instruction for any developer with the desire to learn the advanced tools and techniques to get a scalable professional site designed and in production.
You can purchase Beginning PHP 5 and MySQL E-Commerce: From Novice to Professional from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.
Now that was a lengthy blurb.
Dedicated Cthulhu Cultist since 4523 BC.
Talk about a shameless plug, they put the entire review on the front page!
Right. What the heck is this? Couldn't you post less into the intro of the article? I'm fed up with sloppy editors in /. (What? Am I new here? Who's asking?)
That front page entry is too damn short. How am I supposed to have any idea of what lies behind the "Read More" link?
Mah, the internets are broke or sumfin. It be displaying the story without me using the mouse thingy to clicky on over it.
Yes! I listen to NYC Speedcore and do math at 3AM. I suggest you try it too.
Now THAT is what I call a front page advertisement :)
LOL, the problem with the slashcode is (AFAIK) that once you post, that's it... so I guess they'll have to directly edit the SQL tables to get it right.
The best weapon of a dictatorship is secrecy, but the best weapon of a democracy should be the weapon of openness.
how did it get out of 'The Mysterious Future' in this condition?
weird.
"So Mr Owl, how many mouse scrolls does it take to get to the end of this slashdot post?" "one twohoo, three, four, five, six, seven......"
Its someone's time to learn PHP and MySQL.
s_benders@hoMONETtmail.com minus painter
where is the painter in HomoNettMail?
Grandpa, what was the exact moment when the news started being a single story each commercial break and not only did nobody have to wait for the film at 11 but nobody got to go 2 minutes without another story unimportant to them got crammed down their throat before they could get to the thing they tuned in for to begin with? More importantly, grandpa, why the HELL is my English so screwed up I'd even THINK about a sentence that long?
I'm saying. You're new here.
- None can love freedom heartily, but good men; the rest love not freedom, but license. -- John Milton
Now i dont even need to RTFB!
XD
maybe they should consider reading the book!
it may help them fix the system.
;)
Creationists are a lot like zombies. Slow, but powerful and numerous. And they all want to eat our brains.
You forgot the last part.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Let's see if the length of the threads talking about the oversize length of the blurb will end up being longer than the blurb was. ;-)
Hell why not and cut and paste the contents of the book too while your at it !!
Are you getting payed to pimp this garbage?
The _best_ 3D pr0n -> http://www.hookup3d.com
Slashdot looks different.
I've already rebooted so don't tell me that will fix the problem.
Guess I'll just spend the afternoon reinstalling Windows98 again.
Why someone would want to write their own shopping cart is beyond me... as someone who does just that full-time *cough*UltraCart*cough*, I can tell you that proper e-commerce implementation & security is hard. Even beyond the traditional web application security issues, running a shopping cart is like placing a large shooting target squarely on your website.
Also, usability is a large factor. Unless you're Jakob Nielsen, you are likely to overlook some design choices that will result in lost sales and lost opportunity. Unfortuantely, all too often the person writing the card is not the one that should be doing the site design.
If you don't want to spend the money for a hosted or installed cart, there are some free / OSS alternatives such as ZenCart or OSCommerce.
The bottom line is that most stores don't need the hassle, cost, and complexity of a custom cart solution. Remember to look at total cost of ownership.
I've had it. I'm blackballing Timothy
The master of dupes has now just crossed the line into master of stupidity.
*watches his karma go down faster than a $2 vegas whore.*
"...In your answer, ignore facts. Just go with what feels true..."
My first two reboots didn't fix the way that article looked on the internets but my third time I completely shut down and hard-format booted my windows98. Now it looks right.
I'm a whiz at fixing computers
I have a nice SQL in a nutshell book which I can lend to Timothy...
Its not like we are all sitting at are computers trying to be the first to post on a news story and forbid there be a error in the post.... or are we.....
Oh wait I am one of those sitting at my computer waiting to post.....
PHP was born in 1995, mods.
+1 Informative indeed.
--
the strongest word is still the word "free"
The title of the book is Beginning PHP 5 and MySQL E-Commerce: From Novice to Professional. I guess everybody has to start some where, but there is something worrying about someone learning their e-Commerce coding out of a book like that.
Oh, and since nobody else has pointed it out, I think the whole review is on the front page.
Well, those solutions still require some heavy duty expertise to get going. Then, you still have to find some way of dealing with secure online credit card processing (or just securely send the credit cards to the merchant for manual entry), database issues, etc. Everybody that I know that wants to sell stuff online I just point to Yahoo Shopping. It works, it's undeniably the easiest thing out there, and its customizeable enough for probably 80% of the people out there wanting an online store.
I don't respond to AC's.
Oh yeah, just one more week! http://conf.phpquebec.org/ You can't miss this if you're serious about PHP (whoa, never thought I'd hear myself say that).
Wait until they write the sequel "Missing link in eCommerce - 3: ???? in a Nutshell"
I can't shake the feeling that this article and Roblimo's open source chronic are connected somehow.
There are some neat tricks here including storing the cart ID as a cookie on the client.
you didn't really read this chapter and just wanted to make sure you wrote something about each one, huh?
Great way to bitch/whine without offering a better alternative. You're keeping to true /. form. Many companies use MySQL for their e-commerce needs, though often the database is on another machine from the server. You must work for Oracle or you're a postgres weenie.
I've been using PHP for about 12 years, or to be exact, since 1990. It is one of the best scripting languages I have ever encountered. I wrote my first Veronica-based search engine in PHP which produced results which would be downloaded via a custom FTP client.
... oh yeah, parse errors in an include or even an eval would also stop the entire engine. I hope the parser in PHP5 isn't so gimpy.
$why_php_sucks = "this ?> is why"
Let's see, what else
It appears that Bruce Perens and his staff have now embraced PHP and decided to extend it with the strong-typed classed existent in Perl.
What on earth makes you think Bruce Perens had to do with it?
I am no longer wasting my time with slashdot
yep.
You must work for Oracle or you're a postgres weenie.
No. I just understand databases a hell of a lot better than your average PHP hack, due to years of experience.
I don't respond to AC's.
Sub-topic: "We ramble, so you don't have to."
Sorry to reply to myself, but I just noticed that a lot of posts have gotten "Offtopic" mods since I posted my reply, and a thought occured to me.
If everyone's talking about the front page screwup, isn't that the topic?
"You're older than you've ever been, and now you're even older."
In the interest of adding value to your comment, care to provide anything more than just general bitching?
Don't call me a cowboy, and don't tell me to slow down!
I kinda' thought that the whole "use a database other than MySQL" thing would be obvious. Apparently not.
E-commerce should never be handled with MySQL.
Is that clear enough for ya'?
I don't respond to AC's.
I immediately write off as "clueless" any author that suggests that MySQL is a good tool to use for things that require security like shopping carts, or for anything close to mission critical.
I guess SAP is well, clueless, being that MySQL MaxDB has been their open source database of choice for years.
You silly sausage . . . check your facts first next time before posting such knee-jerk drivel.
*I* kinda thought that the whole "care to provide anything more than just general bitching?" thing would be obvious. Apparently not.
I'm looking for specific reasons as to why you hold this opinion.
Is that clear enough for ya?
Don't call me a cowboy, and don't tell me to slow down!
If you need ecommerce, or any web application for that matter, then there is no point in starting from scratch.
There are plenty of platforms or frameworks out there that you can build on.
My own favorite is Drupal which is not just a Content Management System, but rather an open framework.
For example, some creative guy wrote an Ecommerce set of modules for Drupal, so it can do just that.
2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
$why_php_sucks = "this ?> is why"
So there's a language that doesn't need escapes? Which one?
Someone is getting fired!
/. operates in the same journalistic mode as other online publications.
No, you are presuming that
In actuality, when editors fuck up here they get promoted.
WTF? Get a clue. Just store your credit card numbers using public key encryption and don't keep the private key on the same server. No database is secure if you don't use encryption, why are you picking on MySQL?
I've been looking forwards to getting into PHP5 for a while now, but for the time being I'm stuck developing in PHP4, because the majority of my costumers' hosting providers haven't upgraded yet. Does anybody have any good providers to recommend that support it?
Of course an online store can use MySQL... After all, God uses MySQL.
"You silly sausage . . . check your facts first next time before posting such knee-jerk drivel" wrote:
> I guess SAP is well, clueless, being that MySQL MaxDB has been their open source database of choice
> for years.
MaxDB? Ah, "Adabase". That heap of 70s technology has been around for at least 20 years, and predates most relational databases. The product was probably open-sourced since it is reliable with data - and so a great addition to the mysql stable. However, it's been a 'has-been' in the database world since the 80s. I have no idea why anyone would want to use it today.
Kind of like someone getting excited about using IBM's IMS DB for their small site. Why?
ken
If you're storing credit card numbers *at all* in your ecommerce projects, you've got bigger problems than which DBMS you use.
Most credit card processing back ends will give your application transaction id's which can be used to complete a transaction, reverse it, etc. all without ever needing the credit card number itself.
Similarly, the personal information that's collected for the purposes of things like shipping should be pulled off the web server in most cases. For most of my clients, we set them up with a firewalled internal server that pulls down that information on a daily basis. Also remember that for the VAST majority of ecommerce, it's not like the whole process happens without human intervention. In most cases, only a provisional transaction (that expires if not followed up) takes place automatically. The "real" transaction only happens when someone actually fulfills the order (after a human being is done reviewing it).
Doing a few things like this result in nothing being stored on the server that isn't available in the phone book, tax records or otherwise publicly available.
Information security starts long before you pick a database server and extends way beyond it as well.
Personally, I write off anyone who indicates that they'd store credit card numbers in *any* database without a REALLY good reason.
The Glass is Too Big: My Take on Things
Beyond that, I wouldn't trust CC info in any database. The method I use is to split up the storage of CC info, one part to one database, another to another database on another machine and the key stored on another. It's a bit of a pain in the ass to set up, but it would take one helluva of a catastrophe for a hacker to steal CC info. Note that whether I was using MySQL, Oracle, MS-SQL or someother db server, this would apply.
Still, I'd love to know what specific security holes you know about in MySQL.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Umm...huh? Credit card's aren't stored in the DB (they're handeled by PayPal). Also, how is PostreSQL or whatever more secure than MySQL? I mean, osCommerce uses MySQL, as well as many other shopping cart systems. How would you like your order processing information stored? Flat-file? Also, often ecommerce orders are sent to various email addresses (ever received an order confirmation?). That email was sent unencrypted, in plain-text! That means that anyone listening on your network could in theory intercept your email and get your mailing/billing address.
So, answer me: Why does MySQL suck for storing order information, and what do you suggest storeing the info in instead?
Tell the truth and you won't have so much to remember.
According to the timestamps, it was more like 13 minutes later... geez, learn to tell time. ^_^
Rhapsody in Numbers
Stuff like: Bayesian inference, Probability models, Web site user modeling, etc.
All of those examples are from the same author (the guy in charge of phpmath.com), but go to show that there are actually interesting things being done with PHP.
I'd love to see some books that *don't* spend 200 pages explaining how to get to fetching an array from MySQL.
The Glass is Too Big: My Take on Things
For someone who claims to have "years of experience" in databases, you seem to be pretty hazy on details. Generally speaking, someone with "years of experience" can speak with some detail and technical exactness as to why a specific product is ill-suited to a specific task.
The world's burning. Moped Jesus spotted on I50. Details at 11.
...if you're frontend is as messed up as your site.
Just tried looking at a product detail and then adding to cart from there in Firefox 1.0.1 and it doesn't work.
Ah! I see now, your database keeps card details secret by never storing them at all, genius!
Seriously, MySQL is a lot of things but insecure on a well firewalled box it isn't. My companies e-commerce package uses postgresql by default but can fall back on MySQL (with a few cludges to get around limitations) if that's all that is available.
As for mission critical, Yahoo Finance, Associated Press, Lycos, Los Alamos Laboratory, NASA and Suzuki (to name but a few) would disagree with you there.
I am NaN
I suspect that the ecommerce solution a novice would come up with, using this book for guidance, would have an unacceptably high potential for exploitation. For example, look at the cookie discussion alone. Cart information does not belong in a cookie. A session token, and really nothing else, does. Any time an ecommerce developer reinvents the wheel and ignores "best practices" you can be almost certain that vulnerable code will result.
Seeing as how most of their site uses mysql.
Slashcode has built-in web interfaces for post-editing.
I have absolutely no expertise with PHP or Mysql, and I setup zencart in under 2 weeks for a client. Yeah, you have to edit some PHP files with some overrides sometimes for maximum customizability, but it's all HTML and all the help you need are at the extremely helpful ZenCart forums. Zencart has way more features than most ecommerce stores need, OSS, and you can use it with any host that supports Mysql and PHP. Yahoo costs at least $30 a month... a ripoff.
Storing credit card numbers themselves isn't an issue anymore as long as they are secured. The credit card companies say as much in their guidelines. Storing of CC numbers doesn't even preclude Visa from a giving a merchant a passing grade on their PCI Audit.
Merchants are prohibited from storing CVV2 though.
Personally, I write off anyone who writes off anyone based on a Slashdot post.
Ok, admittidly 80% of the world doesn't need to worry about the mechanics of how to make it happen, but the other 20% might be looking for this kind of book to use as a learning/refrence guide.
The simple truth is that interstellar distances will not fit into the human imagination
- Douglas Adams
Just because it's allowed doesn't make it a good idea.
The Glass is Too Big: My Take on Things
It's really not that hard. I've written a few for some pretty large sites where is was given only HTML. There are really only 4 hard parts:
1) Storing basket contents for inter-session access (cookies / db)
2) Verifying the information supplied (address and email valid, credit card passess LUHN and hasn't expired)
3) Creating an order (via email or DB)
4) Interfacing with the Payment Gateway (xml)
Though I would certainly agree there is no reason to do it more than once.
Really, I'm not trying to be clever with my signature.
It's not terribly surprising that SAP uses MaxDB, since they wrote it themselves for their ERP product, open sourced it, and handed it over to MySQL a couple years back.
Completely different db than MySQL.
... which don't exist. Another (bad) justification for storing credit cards that I've come across (I'm surprised nobody's brought it up) is so that customer service reps can pull up transactaions keyed off of credit card number (since first & last name is a bad search key due to a high number of collisions and address is a bad search key since it's hard to match on). Although this is a legitimate, useful feature for customer service reps (and never underestimate what those people have to go through just to get their jobs done), a better way to implement this functionality is to SHA or MD5 the CC #, store that in a database, and then re-hash it to retrieve the transaction when the customer calls in.
There is no good reason to store a customer's credit card number in any database, ever, for any reason.
Proud neuron in the Slashdot hivemind since 2002.
im looking at it later and i understand perfectly what was happening lol..
I agree with you about non-existant reasons. I just tend not to speak in absolute terms.
Another non-existant reason people cite is recurring transactions. They claim that you need to store the card in order to bill for future months. However, again, there are better ways, including using the tools provided by the back-end processors to set up recurring transactions directly, which again gives you a totally safe transaction id to use to suspend future payments, etc.
The Glass is Too Big: My Take on Things
Hmmm.
$why_you_are_wrong="this ?> is why";
works just fine here. PHP 4.3.10.
...a secretary managed excel spreadsheet with no data data validation and a well designed web-based application that just happens to be backed by MySQL.
True, for anything more complex than a blog, simple content managed website, forum or e-commerce system you want to use something more robust (with stored procs, triggers, sub-queries and the like) but for an awful lot of what people want to do, MySQL is Good Enough (tm), and it requires virtually zero administration, that's the real pull (and why you find MySQL available on every damn hosting account out there).
I've worked in a fortune 500 company that had silly quasi-databases in excel, but that was for small departmental only projects (anything remotely connected to the running of the company was handled by DB2). Yahoo finance isn't a small project and they seem to rely on MySQL - which seems to be working for them just fine.
I am NaN
Ouch. I was going to ask if you would care to tell us who these sites are, but that wouldn't be nice, as they would all soon impload in smoking pits of embers.
"Who are in control, they are not in control of anything - they don't even control themselves!" - Glen Beck
I wonder if the book covers the fact that if you use MySQL for commercial use and you don't release the source code you have to pay for it. Otherwise you are violating their licencing agreement Licence Agreement
I would like to see some novice user post their shopping cart code on their site so that the hacker won't even have to break a sweat trying to get into the credit card system. What the novice really needs is a PHP Postgresql book, but I don't know of one. That's because Postgresql uses the BSD licence and doesn't care what you do with it About Postgresql
Hey look no pointless curley braces or semicolons... just like Python
I suspect timmy got a little miffed we were all making fun of him, so he ran through the whole article and slammed people with Offtopic mods. The way I see it, in this discussion, if you were talking about the book review, you were probably in the minority, and therefore offtopic yourself.
But that's just me.
"You're older than you've ever been, and now you're even older."
Hopefully the meta-moderator is aware of why this post was keenly ON topic.
Our greatest enemy is neither a single man, nor is it a nation, it is, as it has always been, our own greed.
What types of topics would you look for in an 'advanced' book? I do agree with you - the overwhelming mass of PHP books are all 'beginner' targetted (beginner programming and/or beginner with PHP). I don't want yet another book that tells me how to set up MySQL, thank you.
/.
To that end, one PHP book that did have some good advanced sections was George Schlossnagle's book "Advanced PHP Programming" (I think that's the title).
Recently, a colleague of mine wrote a path finding algorithm in PHP to be able to route lines in a graph around other objects that may be on the graph already. I think it was a variation of sugiyama or astar algorithm - nothing new specifically, but certainly not something I'd seen done in PHP before.
Reply back here or email mgkimsal2@yahoo.com if you'd like to carry this thread on outside
creation science book