Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Christop Rumpel:
My top 3 Laravel 5.6 features
Feb 08, 2018 @ 15:46:52

In a new post to his site Christoph Rumpel lists out his top three features of Laravel 5.6 that he enjoys and finds the most useful.

Yesterday Taylor Otwell released Laravel 5.6 right before the Laracon Online conference. We had a little conference party here in Vienna and a great time watching all the talks together. In one of them Taylor walked us through the new Laravel features and I want to point out my top 3 of them.

For each of his top three he provides some code examples and screenshots where appropriate:

  • the addition of the Collision package
  • dynamic rate limiting on route definitions
  • Eloquent date casting (enhancing the "casts" functionality already present from v5.5)

For more information on the other new features that v5.6 include, check out this series of posts from Laravel News.

tagged: top3 list laravel v56 feature collision ratelimit eloquent date

Link: https://christoph-rumpel.com/2018/02/my-top-3-laravel-56-features

PHP.net:
PHP 5.3.10 Released (Security Fix - Recommended Upgrade)
Feb 03, 2012 @ 14:01:29

The PHP development team has officially announced the release of the latest version of PHP in the 5.3.x series - PHP 5.3.10:

The PHP development team would like to announce the immediate availability of PHP 5.3.10. This release delivers a critical security fix. [...] Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830.

It is highly recommended that users upgrade to this latest version to avoid falling victim to this recently introduced bug relating to the new "max_input_vars" setting added to protect from the overflow issue recently brought up in the PHP community.

tagged: release security fix maxinputvars hashtable collision dos vulnerability

Link:

Nikita Popov's Blog:
Supercolliding a PHP array
Dec 29, 2011 @ 18:15:30

In a new post to his blog Nikita Popov talks about a little trick with inserting values into arrays that can make it take a lot longer than it should (because of how PHP stores its array values in hashtables).

PHP internally uses hashtables to store arrays. The above creates a hashtable with 100% collisions (i.e. all keys will have the same hash). [...] Because every hash function has collisions this C array doesn't actually store the value we want, but a linked list of possible values. [...] Normally there will be only a small number of collisions, so in most cases the linked list will only have one value. But the [included script] creates a hash where all elements collide.

He explains why it works, noting that it's relatively simple to do in PHP because of how it applies a table mask. The slowness comes in when PHP is forced to go through the entire list when it tries to insert. Because of this issue, there's the potential for a Denial of Service attack that could potentially take a server down. There's a fix already in place for the problem, though, so keep an eye out for the next release (that will include a max_input_vars setting to prevent it).

tagged: collision array hashtable mask denialofservice overload

Link:

Matthew Weier O'Phinney's Blog:
Migrating OOP Libraries and Frameworks to PHP 5.3
Jul 02, 2008 @ 15:24:02

Matthew Weier O'Phinney recently posted about a method he's come up with for migrating your object-oriented libraries (including frameworks) over to the upcoming PHP 5.3 version of the language.

With PHP 5.3 coming up on the horizon, I'm of course looking forward to using namespaces.

He gives an example of how useful these namespaces can be for you and your code, but points out one failing point - trying to define classes in a namespace that are named the same as a built-in keyword for PHP. There's already been a suggestion to add a captial "I" in front of the class name to prevent this collision.

There's also the problem of throwing custom exceptions - unless you use the namespace properly your script will just throw a default exception.

tagged: php5 namespace migrate library framework collision keyword exception

Link:


Trending Topics: