Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

StartTutorial.com:
5 New Features In PHP 7 That You Should Have A Look At
Oct 19, 2016 @ 09:43:05

If you've heard about the release of PHP 7 but aren't quite sure what it has to offer, check out this quick post on the StartTutorial site giving you a "top five" list of things this new version of the language has to offer.

But you must be wondering why PHP named its latest release PHP 7 and not PHP 6. Reason behind it is that, many of the PHP 6 releases were already implemented in PHP 5.3 and later, there was not really a proper reason just to change the name. What I am trying to say here is that we haven’t missed anything. Just to avoid the confusion with a dead project, PHP's latest release was named to PHP 7.

Is This Hype Valid for PHP 7? What It Actually Brings Forth for the Developers? Hop on and let’s take a deeper dive. Let's check out what new features PHP 7 has to offer. And what improvements those features will bring forth.

Their top five list covers some of the major improvements in the language:

  • Speed Improvement
  • Implementation of Type Declarations
  • Implementation of Error Handling
  • New Operators
  • CSPRNG Functions

There's a bit of explanation of each item on the list but you'll definitely want to refer to the PHP manual for more details and specifics on what changed in PHP 7.

tagged: php7 feature top5 list speed typing errors operators csprng

Link: https://www.startutorial.com/articles/view/5-new-features-in-php-7-that-you-should-have-a-look-at

SitePoint PHP Blog:
Randomness in PHP – Do You Feel Lucky?
Oct 29, 2015 @ 13:52:24

The SitePoint PHP blog has a post from author Nicola Pietroluongo talking about randomness in PHP. In the tutorial he talks about randomness, how it relates to cryptography and what's coming in PHP 7 to help.

This article analyzes problems related to random number generation used for cryptography purposes. PHP 5 does not provide an easy mechanism for generating cryptographically strong random numbers, while PHP 7 solves this by introducing a couple of CSPRNG functions.

He starts off by talking about what a CSPRNG (cryptographically secure pseudorandom number generator) is and some of the things it could be used for. He then moves on to the functionality coming in PHP 7 with the addition of the random_* functions for getting random bytes and random integer values. He talks briefly about what's going on "behind the scenes" of the generation and provides a simple code example with a randomized "dice roll" and the resulting numbers. He ends the post mentioning the random_compat library that can be installed for pre-PHP 7 applications that provides the same functionality just without those two functions defined.

tagged: random generation csprng number generator tutorial php7 php5 randomcompat

Link: http://www.sitepoint.com/well-do-ya-punk/

Paragon Initiative:
Coming to WordPress 4.4: CSPRNG
Oct 12, 2015 @ 12:52:42

The Paragon Initiative blog has a post from Scott Arciszewski about a new feature coming to upcoming WordPress versions - the use of a cryptographically security random number generator starting in version 4.4.0.

At Paragon Initiative Enterprises, we believe that security should be the default state of affairs, not something only in the reach of security experts. That is why [...] our team spends a great deal of time working to improve the security of popular free and open source software.

Today, we're pleased to announce an exciting security enhancement coming to WordPress in the next major version. Starting in 4.4.0, wp_rand() is cryptographically secure on all platforms.

He walks the reader through the "road" that's lead to the introduction of this support and the work he did in the past to help push the project (and others) towards it. Given that the WordPress project has a lot of emphasis on backwards compatibility, effort need to be put into a method that would work across new and old PHP versions. The random_compat library was created and was adopted not only by WordPress but also by several other major PHP projects.

Our part in this long and crazy journey has reached its end. In the course of fixing the same flaw in two distinct projects, the PHP community banded together to identify and expunge a bug in the PHP core, create a new feature in PHP 7, and in some small way helped to secure the CMS that powers more than 20% of websites on the Internet.
tagged: wordpress csprng random number generator cryptography security

Link: https://paragonie.com/blog/2015/10/coming-wordpress-4-4-csprng