Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Community News:
HTTPoxy Vulnerability Announcement
Jul 19, 2016 @ 12:40:10

Recently a major security vulnerability was announced centering around the the HTTP "Proxy" header and how incorrect handling could result in major issues with external requests. In the PHP ecosystem, a major HTTP library - Guzzle - was vulnerable (along with any application using it). However, according to Michael Dowling, a lead developer on the project, a new release has already been made to correct the problem.

httpoxy is a set of vulnerabilities that affect application code running in CGI, or CGI-like environments. It comes down to a simple namespace conflict [between the "Proxy" and "HTTP_Proxy" headers]. This leads to a remotely exploitable vulnerability. If you’re running PHP or CGI, you should block the Proxy header now. Here’s how.

The main HTTPoxy site as more information about how you can test to see if your application is vulnerable and what software/server configurations are typically vulnerable. There's also more language-specific information on the page as well as some immediate mitigations for various web server types.

tagged: httpoxy http proxy header vulnerability announcement guzzle webserver

Link: https://httpoxy.org/

Zend Framework Blog:
Zend Framework 1 End-of-Life Announcement
Jul 01, 2016 @ 10:52:25

On the Zend Framework blog they've posted the announcement about the end of life for Zend Framework v1, the first version of the popular framework.

With the release of Zend Framework 3, it's time to halt development on Zend Framework 1. As such, we hereby announce that Zend Framework 1 reaches its End of Life (EOL) three months from today, on 28 September 2016.

Between now and then, we will only provide security fixes, if any security reports are made in that time frame. Past that point, we will offer custom bug and security fixes for Zend Framework 1 on-demand only to Enterprise users of Zend Server. [...] Additionally, as of today, access to our legacy subversion server is disabled.

You can still get the latest from the package archive, use Composer for updates. There are also services from Zend that can help you update your application as well as two trainings that can help you learn what you need for the upgrade.

tagged: zendframework zendframework1 endoflife announcement project zend

Link: https://framework.zend.com/blog/2016-06-28-zf1-eol.html

Zend Framework Blog:
Zend Framework 3 Released!
Jun 29, 2016 @ 11:19:08

On the Zend Framework blog they've posted an announcement about the release of the latest version of their framework, the Zend Framework v3.

After 17 months of effort, hundreds of releases, tens of thousands of commits by hundreds of contributors, and millions of installs, we're pleased to announce the immediate availability of Zend Framework 3.

[...] For Zend Framework 2 MVC users, the differences are subtle. [...] Migration from version 2 to version 3 was at the top of our minds, and we have provided a number of forwards compatibility features over the course of ZF3 development, and written migration guides to help you navigate the changes.

They also mention updates to the skeleton application for this latest release including the work they've done to make the framework and its components more isolated and have fewer dependencies.

tagged: zendframework3 zendframework release announcement

Link: https://framework.zend.com/blog/2016-06-28-zend-framework-3.html

Laravel News:
Laravel Turns Five
Jun 13, 2016 @ 11:55:54

On the Laravel News site there's a post announcing the official fifth birthday of Laravel, a framework that has definitely made its mark on the community in that short amount of time.

Five years ago today Taylor announced the first release of Laravel to the world. [...] Even though a lot has changed and improved since that first release the code still has that same feel. Like all newborns that first release was very minimal–no controllers, no Eloquent, no templating system. It had enough to get you started but lacked the niceties we now enjoy.

The post also lists some of the things that didn't start out in the framework but have been added since including: Blade, Collections, Eloquent, Queues and Middleware support.

Happy birthday Laravel and a big thank you to Taylor and the entire community.
tagged: laravel framework fifth birthday celebrate features announcement

Link: https://laravel-news.com/2016/06/laravel-turns-five/

Community News:
ConFoo Vancouver Call for Papers Announced
May 18, 2016 @ 11:08:07

As is mentioned in this new post on Anna Filina's site, the Call for Papers for the ConFoo Vancouver event is now open. ConFoo Vancouver is an extension of the already popular ConFoo conference that has been happening in Montreal for several years now.

ConFoo Vancouver 2016 will take place at the Sheraton Wall Centre in Vancouver, Canada on December 5-7, 2016. We are looking for speakers willing to share their experience and their skills with developers and managers.

The Vancouver 2016 conference will [several] the following aspects of web development [including]: accessibility, databases, HTML & CSS, Javascript, mobile, PHP, Ruby, security.

The Call for Papers for the event will only be open until June 6th, so be sure to get those submissions in early (and often!) to be considered as a speaker for this year's event. Final speaker selections will be announced on June 27th.

tagged: confoo16 vancouver cfp callforpapers announcement december

Link: https://confoo.ca/en/yvr2016/call-for-papers

Zend Framework Blog:
Announcement: ZF repository renamed!
May 05, 2016 @ 09:57:16

The Zend Framework blog has a post announcing the name change of the main Zend Framework repository on GitHub:

Per the GitHub documentation on renames, existing links will be automatically redirected, and will persist as long as we do not create a new repository with the name "zf2". Redirects occur for: issues, wikis, stars, followers and git operations.

The post also includes the instructions on how to update your current "remotes" in your git checkout (so you don't have to re-clone). It also mentions the change and how it relates to Composer - hint: nothing at all because of how Composer works.

tagged: zendframework2 repository rename zendframework announcement github

Link: http://framework.zend.com/blog/2016-05-03-zf-repo-rename.html

Community News:
ZendCon 2016 Call for Papers Opens
Apr 21, 2016 @ 13:40:48

The ZendCon conference has just announced the opening of the Call for Papers for their 2016 event. The conference will once again be happening at the Hard Rock Hotel and Casino in Las Vegas, Nevada in October (18th-21st).

We’re pleased to announce the ZendCon 2016 PHP Conference, the most anticipated PHP centric event of the year, where community and enterprise PHP developers from around the world gather to share and learn the latest hot trends and technologies in today's professional PHP development.

We know speakers are key to the success of a conference and hope you will submit a talk. In appreciation for the efforts provided, our speakers package ensures they will not need to worry about anything other than delivering the best talks.

They're not just looking for PHP topics either. They'll consider a wide range of topics including PHP frameworks, devops, source control, continuous delivery and many more. The Call for Papers ends May 31st, 2016 so be sure to get those submissions in early (and often) before time runs out.

tagged: zendcon zendcon16 conference callforpapers cfp open announcement

Link: https://cfp.zendcon.com

Microsoft.com:
Announcing SQL Server on Linux
Mar 08, 2016 @ 10:20:24

It's not specific to the world of PHP but there was a major announcement from Microsoft yesterday about one of their products, SQL Server, and how they're officially brining it to Linux.

Today I’m excited to announce our plans to bring SQL Server to Linux as well. This will enable SQL Server to deliver a consistent data platform across Windows Server and Linux, as well as on-premises and cloud. We are bringing the core relational database capabilities to preview today, and are targeting availability in mid-2017.

[...] Bringing SQL Server to Linux is another way we are making our products and new innovations more accessible to a broader set of users and meeting them where they are.

Currently the release is in a private preview stage but more information on the release and how you can get it to install on your systems will be released in the coming months. You can sign up for updates and get more information about the product on the project website on Microsoft.com.

tagged: sqlserver linux release announcement microsoft

Link: https://blogs.microsoft.com/blog/2016/03/07/announcing-sql-server-on-linux/

Laravel News:
New Speakers Announced for Laracon.us
Feb 04, 2016 @ 10:03:42

The Laravel News site has posted an announcement about some of the latest additions to the Laracon.us schedule for this year's event.

Laracon.us scheduled for July 27-29, in Louisville Kentucky has announced nine speakers for the event.

These speakers include Taylor Otwell (creator of Laravel), Zeev Suraski of Zend, Adam Wathan from Tighten Co. and Amanda Folson, developer evangelist at PagerDuty. If you're interested in joining this group and would like to submit your own ideas for sessions, the call for submissions is still open for now. If you're just interested in the conference and want more information (or to get tickets) you can check out the main conference site.

tagged: laracon15 laraconus speaker announcement louisville kentucky

Link: https://laravel-news.com/2016/02/new-speakers-announced-for-laracon-us/

Community News:
Lone Star PHP 2016 Schedule Announced
Jan 27, 2016 @ 13:40:58

The Lone Star PHP Conference, happening April 7th-9th in Dallas, Texas, has officially announced their schedule for this year's event. This three day event (one training day and two days of regular sessions) will feature talks like:

  • "Is Your API Misbehaving?" (Keith Casey)
  • "TDD with PhpSpec" (Ciaran McNulty)
  • "Stop multiplying by 4: Practical software estimation" (Chuck Reeves)
  • "Writing Workers For Scalable Application" (Gary Hockin)
  • "Demystifying OAuth2: an understandable way to approach connecting to other systems" (Joseph Maxwell)
  • "Building PHP Daemons & Long Running Processes" (Tim Lytle)
  • "The Present and Future of WordPress's REST API" (David Hayes)

...and many more. Be sure to check out the whole schedule for more information and descriptions of these and other sessions happening over the three-day event. Tickets are also already on sale if you'd like to grab them at Early Bird prices while you can!

tagged: lonestarphp conference schedule lsp16 announcement dallas

Link: http://lonestarphp.com/schedule/