News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP.net:
Release of PHP 5.4.41 & 5.5.25
May 15, 2015 @ 11:46:34

The latest versions of the PHP language in the 5.4.x and 5.5.x series have been released - PHP 5.4.41 and PHP 5.5.25.

These releases both fix several bugs including seven security related issues around the character in a pathname, a DoS vulnerability in the multi-part form data handling and an integer overflow in ftp_genlist.

As always, upgrading to these latest versions is always recommended (especially when there's security updates involved). You can grab the latest from the downloads page or the windows.php.net site if you're on a Windows platform. For the full list of changes, see the Changelog for the matching version.

0 comments voice your opinion now!
language release security bugfix php54 php55 upgrade

Link: http://php.net/downloads

php[architect]:
May 2015 Issue Released - "Hunting for Clues"
May 04, 2015 @ 12:07:31

The May 2015 edition of php[architect] magazine has officially been released - "Hunting for Clues".

"Hunting for Clues" is the theme title for this month's issue. It focuses on automated testing and how it can help you hunt down bugs as they appear. In Michael Bodnarchuk's Codeception: Testing for Human Beings he talks about integrating automated testing in your workflow. Xander Guzman discusses two testing and mocking libraries for PHP in Integrating Mockery and Hamcrest into a Project, and Brad Bonkoski discusses leveraging Docker for Reusable Containers for Automated Testing.

Other articles include the continuation of the series for creating PHP extensions, manipulating images with Glide, Facebook's accessibility toolkit and Phpspec testing. You can pick up a copy (physical or digital) directly from the php[architect] site. They also provide one article for free if you'd like a sample of the magazine content.

0 comments voice your opinion now!
phparchitect magazine may2015 hunting clues release

Link: http://www.phparch.com/2015/05/may-2015-phparchitect-issue-launched/

Symfony Blog:
New in Symfony 2.7
April 28, 2015 @ 10:13:14

The Symfony blog has been posted spotlights in several of the improvements in the 2.7 release of the framework over on their blog. Each of them describes the changes and includes some sample code showing the new feature in action:

Keep an eye on the Symfony blog for more of these component spotlights and improvements as they're released.

0 comments voice your opinion now!
symfony blog new feature symfony2 version release component

Link: http://symfony.com/blog/

PHP.net:
PHP 5.6.8, 5.5.24 & 5.4.40 Released (Security Fixes)
April 17, 2015 @ 09:38:18

The PHP development group has released several different versions of PHP for the 5.5.x, 5.6.x and 5.4.x series with a long list of security issues fixed in each one (fourteen in total):

The PHP development team announces the immediate availability of PHP [5.4.40, 5.6.8, 5.5.24]. 14 security-related bugs were fixed in this release, including CVE-2014-9709, CVE-2015-2301, CVE-2015-2783, CVE-2015-1352. All PHP 5.4 users are encouraged to upgrade to this version.

Other items were fixed besides the security issues, so check out the Changelog to see those few other fixes. It's highly recommended that you update your installations to these latest versions. You can grab the latest either from the downloads page (source) or Windows users can go to winodws.php.net.

0 comments voice your opinion now!
language release multiple security fix changelog upgrade

Link: http://php.net/archive/2015.php#id2015-04-16-3

IBM developerWorks:
PHP renewed Password security in modern PHP
April 17, 2015 @ 08:53:15

The IBM developerWorks site has a new tutorial posted talking about how PHP has been "renewed" in recent versions, more specifically in the password security department.

When PHP was first crafted in the mid-1990s, the term web application didn't even exist yet. Password protection, then, wasn't one of the features that the PHP creators devoted resources to. After all, you didn't need to worry about passwords when you used PHP just to put a site-visit counter or a date-modified stamp on your web page. But 20 years have passed, and now it's almost unthinkable to create a web application that doesn't involve password-protected user accounts. It's of the utmost importance that PHP programmers safeguard account passwords by using the latest and most secure methods.

The article goes on to talk about the importance of using secure hashing methods for password storage, the speed at which "cracking" programs can run and the use of "rainbow tables". It then gets into some of the older methods commonly used for password storage and protection and shows how to refactor them into the new password hashing functionality introduced in PHP 5.5.

0 comments voice your opinion now!
password security hashing renewed modern language release

Link: http://www.ibm.com/developerworks/web/library/wa-php-renewed_2/index.html

Hannes Magnusson:
Next Generation MongoDB Driver for PHP!
April 15, 2015 @ 11:41:50

Hannes Magnusson has a new post to his site talking about the new update to the MongoDB driver for PHP and its focus on simplicity.

For the past few months I've been working on a "next-gen" MongoDB driver for PHP -- codename "phongo". The aim was to build a new PHP extension ontop of the mongoc and libbson libraries to reduce maintenance of the extension itself and focus more on providing the ecosystem with improved support and libraries.

The new driver is available on PECL (called "mongodb", surprisingly enough). It doesn't include any of the bells and whistles found in the previous "mongo" driver. It doesn't include any `group` or `count` command helpers, and you won't find any Collection or Database objects; however, it really doesn't need any of these things.

He talks about the three basic things it can do: execute a command, a write or a query to locate records. He also answers the question many developers have about this shift to simplicity and provides a link to a PHP library to make porting over existing MongoDB handling simpler.

0 comments voice your opinion now!
mongodb driver pecl extension language simplicity version release

Link: http://bjori.blogspot.com/2015/04/next-gen-mongodb-driver.html

php[architect]:
April 2015 Issue Released - Front-End Polish
April 14, 2015 @ 11:05:47

php[architect] magazine has officially released their April 2015 edition - "Front-End Polish".

It's safe to say that a majority of PHP programmers prefer working on "back end" code. Many interesting problems live in that domain. But we can't forget that the front end-usually HTML, CSS, and JavaScript-is where users will interact with our applications. The joy or frustration they experience trying to get a task done affects their perception of how good (or poor) your solution is for a long time. Even if you don't want to be a front end designer or developer, you must be familiar with User Experience and the technologies used in the user interface (UI) to understand how people will use it, to help reduce sources of frustration, and to prevent errors.

Articles in this month's issue include:

  • Object Oriented JavaScript (Part the Second)
  • The Browser Capabilities Project in 2014
  • UX Without the Process
  • PHP Conference Newbies 101

Head over to the php[architect] website to pick up a (print or digital) copy of your own!

0 comments voice your opinion now!
phparchitect magazine april2015 frontend issue release

Link: http://www.phparch.com/magazine/2015-2/april/

Derick Rethans:
Xdebug 2.3 Profiler File Compression
April 14, 2015 @ 09:48:09

Derick Rethans has posted the next part of his series of posts about the latest version of XDebug (v2.3). In this new post he focuses on the profiler and the new ability of it to compress the resulting file.

When making profiling dumps with Xdebug, the file size can not really be ignored. Even with a simple Drupal page a profile file is easily close to 1Mb. For each function call, the file contains the location and name of the calling function, and then a list of functions that have been called.

He gives an example of the uncompressed output from an execution of Drupal, showing the duplicate content when the same method is called more than once. With this new feature, XDebug is smart enough to detect this and make use of name compression to essentially replace duplication with a reference to the previous call to the same bits of code.

0 comments voice your opinion now!
xdebug profiler compression feature release

Link: http://derickrethans.nl/xdebug-2.3-profile-file-compression.html

Derick Rethans:
Xdebug 2.3 Shared Secret to Enable Tracing or Profiling
April 07, 2015 @ 11:19:44

Derick Rethans has posted another in his series covering the latest release of the Xdebug debugging tool for PHP, version 2.3. In this new article Derick introduces the "shared secret" handling, a custom string that for the "XDEBUG_PROFILE" that can trigger the the profiler to start.

Xdebug's profiling and trace file capabilities can both be triggered by a cookie, GET or POST variable, as long as you have enabled xdebug.profiler_enable_trigger and/or xdebug.trace_enable_trigger. With these triggers enabled, basically anybody could initiate a profile run, or trace file, by simply sending the XDEBUG_PROFILE or XDEBUG_TRACE cookies with an HTTP request. Although you should not really run Xdebug in production, you can see that this is not an optimal solution. Xdebug 2.3 adds supports for shared secrets for the trace file and profiler triggers through the xdebug.trace_enable_trigger_value and xdebug.profiler_enable_trigger_value.

He points out a browser extension, The easiest Xdebug, that already has support for this new feature. He also mentions two other tools but they have yet to integrate support for these shared secrets (but will soon hopefully): Xdebug halper and xdebug-helper-for-safari .

0 comments voice your opinion now!
xdebug series release secret string tracking enable production extension

Link: http://derickrethans.nl/xdebug-2.3-tracing-profiling-shared-secret.html

EngineYard Blog:
What to Expect When You're Expecting PHP 7, Part 1
April 03, 2015 @ 08:28:36

Davey Shafik has posted the first part of a new series about PHP 7 on the Engine Yard blog today - What to Expect When You're Expecting: PHP 7.

As many of you are probably aware, the RFC I mentioned in my PHP 5.0.0 timeline passed with PHP 7 being the agreed upon name for the next major version of PHP. Regardless of your feelings on this topic, PHP 7 is a thing, and it's coming this year! With the RFC for the PHP 7.0 Timeline passing almost unanimously (32 to 2), we have now entered into feature freeze, and we'll see the first release candidate (RC) appearing in mid June. But what does this mean for you?

He gets into some of the details of what you can expect to see in this next major release including:

  • Inconsistency Fixes
  • Performance
  • Backwards Incompatible Changes
  • Scalar Type Hints & Return Types
  • Combined Comparison Operator (spaceship)

He ends the post hinting at other things to come in part two of the series including six other big features you need to know about to upgrade to PHP 7.

0 comments voice your opinion now!
php7 series part1 expecting features changes release

Link: https://blog.engineyard.com/2015/what-to-expect-php-7


Community Events

Don't see your event here?
Let us know!


language example laravel introduction performance podcast voicesoftheelephpant opinion interview series php7 application framework release part2 conference community symfony2 api configure

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework