This is a quick reference for numerous acronyms and technical terms you will come across while reading this book. It is deliberately oversimplified, and if you need fuller explanations, use the index to find the corresponding pages in the book or check the appropriate Wikipedia articles. This glossary is intended to just help refresh your memory or to help you tell one acronym from another. We hope you'll find it useful in case you got a little lost among all these technologies.

access control list (ACL) A security approach that involves creating a list of users allowed to access a resource.

application programming interface (API) An interface offered by a program that allows developers to create other programs that can communicate with it.

Asynchronous JavaScript and XML (AJAX) Enables changing page content without reloading. Chapter 10 is devoted to this technology.

cascading style sheet (CSS) A markup language that defines the look of your web apps. Usually saved as .css files imported into your views or templates.

command-line interface (CLI) The console window used to interact with the operating system or CLI tools.

create, read, update, and delete (CRUD) Four basic database operations.

cross-site request forgery (CSRF) An attack that exploits form vulnerability to hijack a user's session after clicking a prepared link.

cross-site scripting (XSS) A web attack that injects malicious code into a targeted website.

Document Object Model (DOM) Representation of objects in web pages, used to change content dynamically.

Don't Repeat Yourself (DRY) A programming principle that forbids pasting copies of code in favor of elegant generalized solutions. Also known as: Duplication is Evil (DIE). It is related to Keep It Simple, Stupid (KISS).

Extensible HyperText Markup Language (XHTML) HTML presented using XML structure, not a successor to HTML.

Extensible Markup Language (XML) An open standard for structured document representation.

Git Distributed revision control system designed by Linus Torvalds; used by CakePHP and Lithium.

HyperText Markup Language (HTML) The markup language read by browsers to display web page contents.

Hypertext Preprocessor (PHP) Everyone can see what PHP is, but many still don't know the name is a recursive acronym. (It initially stood for Personal Home Page.)

HyperText Transfer Protocol (HTTP) Application layer networking protocol commonly used to exchange web content. It defines nine request methods, including GET and POST. Uses port 80.

HyperText Transfer Protocol Secure (HTTPS) HTTP encrypted by TLS/SSL on the lower transport layer. Uses port 443.

integrated development environment (IDE) The piece of software that makes programmers' lives easier thanks to integration of a code editor with syntax highlighting and autocomplete, a compiler (where applicable), a debugger, or even a source code generator.

internationalization (i18n) Shortened spelling made by counting the letters in this word. Closely related to l10n (localization) and g11n (globalization).

Inversion of Control (IoC) A software design principle that promotes removing dependencies between components for loose coupling.

Lightweight Directory Access Protocol (LDAP) An application layer protocol used to query directory services such as openLDAP, ADAM, or AD LDS.

Model-View-Controller (MVC) The main structural design pattern behind most frameworks.

object-relational mapping (ORM) Making object-oriented software work with relational databases.

OS (Operating System) Windows, Linux, Mac OS, FreeBSD, or any other system you are currently using.

PATH An environment variable, present in every discussed operating system, but accessed in a different manner in each one. It specifies which directories will be searched at startup for executable files. You will be able to run these executables in CLI globally with their names only instead of the full file paths.

PHP Data Object (PDO) A PHP extension that provides a unified interface for accessing databases.

PHP Extension and Application Repository (PEAR) A smart tool for PHP software installation.

relational database management system (RDBMS) There is much theory to it, but basically this is what we developers call "an SQL database."

Representational State Transfer (REST) A stateless web application architecture that is based on HTTP requests. When something implements these specifications, it is called RESTful.

Role-Based Access Control (RBAC) A security approach that defines roles and then assigns users to these roles.

search engine optimization (SEO) A set of techniques for promoting a website by increasing its rank in the search engine's results page.

Simple Mail Transfer Protocol (SMTP) Application layer protocol for sending e'mail.

Simple Object Access Protocol (SOAP) Internet protocol based on XML format; often used for web services development.

Structured Query Language (SQL) The language used for database communication.

Subversion (SVN) A revision control system, used by most community projects.

test-driven development (TDD) A programming technique that requires developers to write tests first and develop functionalities later.

Transport Layer Security/Secure Sockets Layer (TLS/SSL) TLS is the successor of SSL. They are both cryptographic protocols working on the transport layer. This means they can be used to encrypt any application layer protocol (such as HTTP or FTP).

Uniform Resource Locator (URL) An identifier that specifies where a resource can be located and how to retrieve it (for example, a web address with a protocol).

web root The main folder that is translated to http://localhost/ by your web server. You usually develop and deploy your applications there.

What You See Is What You Get (WYSIWYG) A visual in-page editor that allows editing web content without the need to use HTML.

X Apache, MySQL, PHP, and Perl (XAMPP) The bundle of tools commonly used to develop and run web apps on Windows and Mac OS. On Linux it is referred to as LAMP.

YAML Ain't Markup Language (YAML) Data serialization language used by Symfony for configuration and schemas.