Professional PHP5 Comment
I just thought I would give my input on something. The 'GenericObject' class that is given in chapter 7 of 'Profesional PHP5' causes quite a bit of vulnerability in some cases. For example, suppose we have a class 'User' that extends GenericObject, which references the 'user' table in an SQL database. In this particular example, assume that the login system is implemented with a 'username' and a 'password', which is md5 encrypted. With GenericObject, there is no 'obvious' way to ensure that some other employees or contractors using the User class will not change the 'password' field to a NON-MD5 value (unless this is automatically done by the database).
The only solution I can think of is to overwrite the 'save' function to automatically MD5 the password field if necessary. Some code has to be rewritten this way, though.
Anyway, I just solved my own problem, but if you ever print any new versions of your book, you might think about giving a warning somewhere.
On another note, your book was extremely helpful & thought-provoking. One of the better ones that I have read. Thank you :)