• PHP 5.2.4 <= dl() open_basedir_bypass&code exec&dos - input for the dl() function is not handled correctly and can lead to arbitrary code being loaded and executed
• PHP <=5.2.4 iconv_substr() denial of service - memory limit issue can be used in a DoS attack
• PHP < 5.2.4 setlocale() denial of service - memory limit issue can be used for a DoS attack

The dl() overflow is marked as a medium threat (largely because it allows for arbitrary code execution) but the other two are shown as low threat. A patch is also given for the dl() issue to help correct the problem.

As our chat application gathers pace we return to the server side of the application. At this point we have setup the Zend Framework with an IndexController class to handle server requests. When we receive a new chat message from the user, we will need to store it. For this tutorial I've selected a file based solution using XML.

They start with a look at the storage method - XML on the backend, pushed into a MySQL database (along with the message format). There's a quick refresher on SimpleXML before they show how to integrate this storage method into the current system.