News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP.net:
PHP 5.6.8, 5.5.24 & 5.4.40 Released (Security Fixes)
April 17, 2015 @ 09:38:18

The PHP development group has released several different versions of PHP for the 5.5.x, 5.6.x and 5.4.x series with a long list of security issues fixed in each one (fourteen in total):

The PHP development team announces the immediate availability of PHP [5.4.40, 5.6.8, 5.5.24]. 14 security-related bugs were fixed in this release, including CVE-2014-9709, CVE-2015-2301, CVE-2015-2783, CVE-2015-1352. All PHP 5.4 users are encouraged to upgrade to this version.

Other items were fixed besides the security issues, so check out the Changelog to see those few other fixes. It's highly recommended that you update your installations to these latest versions. You can grab the latest either from the downloads page (source) or Windows users can go to winodws.php.net.

0 comments voice your opinion now!
language release multiple security fix changelog upgrade

Link: http://php.net/archive/2015.php#id2015-04-16-3

IBM developerWorks:
PHP renewed Password security in modern PHP
April 17, 2015 @ 08:53:15

The IBM developerWorks site has a new tutorial posted talking about how PHP has been "renewed" in recent versions, more specifically in the password security department.

When PHP was first crafted in the mid-1990s, the term web application didn't even exist yet. Password protection, then, wasn't one of the features that the PHP creators devoted resources to. After all, you didn't need to worry about passwords when you used PHP just to put a site-visit counter or a date-modified stamp on your web page. But 20 years have passed, and now it's almost unthinkable to create a web application that doesn't involve password-protected user accounts. It's of the utmost importance that PHP programmers safeguard account passwords by using the latest and most secure methods.

The article goes on to talk about the importance of using secure hashing methods for password storage, the speed at which "cracking" programs can run and the use of "rainbow tables". It then gets into some of the older methods commonly used for password storage and protection and shows how to refactor them into the new password hashing functionality introduced in PHP 5.5.

0 comments voice your opinion now!
password security hashing renewed modern language release

Link: http://www.ibm.com/developerworks/web/library/wa-php-renewed_2/index.html

Hannes Magnusson:
Next Generation MongoDB Driver for PHP!
April 15, 2015 @ 11:41:50

Hannes Magnusson has a new post to his site talking about the new update to the MongoDB driver for PHP and its focus on simplicity.

For the past few months I've been working on a "next-gen" MongoDB driver for PHP -- codename "phongo". The aim was to build a new PHP extension ontop of the mongoc and libbson libraries to reduce maintenance of the extension itself and focus more on providing the ecosystem with improved support and libraries.

The new driver is available on PECL (called "mongodb", surprisingly enough). It doesn't include any of the bells and whistles found in the previous "mongo" driver. It doesn't include any `group` or `count` command helpers, and you won't find any Collection or Database objects; however, it really doesn't need any of these things.

He talks about the three basic things it can do: execute a command, a write or a query to locate records. He also answers the question many developers have about this shift to simplicity and provides a link to a PHP library to make porting over existing MongoDB handling simpler.

0 comments voice your opinion now!
mongodb driver pecl extension language simplicity version release

Link: http://bjori.blogspot.com/2015/04/next-gen-mongodb-driver.html

php[architect]:
April 2015 Issue Released - Front-End Polish
April 14, 2015 @ 11:05:47

php[architect] magazine has officially released their April 2015 edition - "Front-End Polish".

It's safe to say that a majority of PHP programmers prefer working on "back end" code. Many interesting problems live in that domain. But we can't forget that the front end-usually HTML, CSS, and JavaScript-is where users will interact with our applications. The joy or frustration they experience trying to get a task done affects their perception of how good (or poor) your solution is for a long time. Even if you don't want to be a front end designer or developer, you must be familiar with User Experience and the technologies used in the user interface (UI) to understand how people will use it, to help reduce sources of frustration, and to prevent errors.

Articles in this month's issue include:

  • Object Oriented JavaScript (Part the Second)
  • The Browser Capabilities Project in 2014
  • UX Without the Process
  • PHP Conference Newbies 101

Head over to the php[architect] website to pick up a (print or digital) copy of your own!

0 comments voice your opinion now!
phparchitect magazine april2015 frontend issue release

Link: http://www.phparch.com/magazine/2015-2/april/

Derick Rethans:
Xdebug 2.3 Profiler File Compression
April 14, 2015 @ 09:48:09

Derick Rethans has posted the next part of his series of posts about the latest version of XDebug (v2.3). In this new post he focuses on the profiler and the new ability of it to compress the resulting file.

When making profiling dumps with Xdebug, the file size can not really be ignored. Even with a simple Drupal page a profile file is easily close to 1Mb. For each function call, the file contains the location and name of the calling function, and then a list of functions that have been called.

He gives an example of the uncompressed output from an execution of Drupal, showing the duplicate content when the same method is called more than once. With this new feature, XDebug is smart enough to detect this and make use of name compression to essentially replace duplication with a reference to the previous call to the same bits of code.

0 comments voice your opinion now!
xdebug profiler compression feature release

Link: http://derickrethans.nl/xdebug-2.3-profile-file-compression.html

Derick Rethans:
Xdebug 2.3 Shared Secret to Enable Tracing or Profiling
April 07, 2015 @ 11:19:44

Derick Rethans has posted another in his series covering the latest release of the Xdebug debugging tool for PHP, version 2.3. In this new article Derick introduces the "shared secret" handling, a custom string that for the "XDEBUG_PROFILE" that can trigger the the profiler to start.

Xdebug's profiling and trace file capabilities can both be triggered by a cookie, GET or POST variable, as long as you have enabled xdebug.profiler_enable_trigger and/or xdebug.trace_enable_trigger. With these triggers enabled, basically anybody could initiate a profile run, or trace file, by simply sending the XDEBUG_PROFILE or XDEBUG_TRACE cookies with an HTTP request. Although you should not really run Xdebug in production, you can see that this is not an optimal solution. Xdebug 2.3 adds supports for shared secrets for the trace file and profiler triggers through the xdebug.trace_enable_trigger_value and xdebug.profiler_enable_trigger_value.

He points out a browser extension, The easiest Xdebug, that already has support for this new feature. He also mentions two other tools but they have yet to integrate support for these shared secrets (but will soon hopefully): Xdebug halper and xdebug-helper-for-safari .

0 comments voice your opinion now!
xdebug series release secret string tracking enable production extension

Link: http://derickrethans.nl/xdebug-2.3-tracing-profiling-shared-secret.html

EngineYard Blog:
What to Expect When You're Expecting PHP 7, Part 1
April 03, 2015 @ 08:28:36

Davey Shafik has posted the first part of a new series about PHP 7 on the Engine Yard blog today - What to Expect When You're Expecting: PHP 7.

As many of you are probably aware, the RFC I mentioned in my PHP 5.0.0 timeline passed with PHP 7 being the agreed upon name for the next major version of PHP. Regardless of your feelings on this topic, PHP 7 is a thing, and it's coming this year! With the RFC for the PHP 7.0 Timeline passing almost unanimously (32 to 2), we have now entered into feature freeze, and we'll see the first release candidate (RC) appearing in mid June. But what does this mean for you?

He gets into some of the details of what you can expect to see in this next major release including:

  • Inconsistency Fixes
  • Performance
  • Backwards Incompatible Changes
  • Scalar Type Hints & Return Types
  • Combined Comparison Operator (spaceship)

He ends the post hinting at other things to come in part two of the series including six other big features you need to know about to upgrade to PHP 7.

0 comments voice your opinion now!
php7 series part1 expecting features changes release

Link: https://blog.engineyard.com/2015/what-to-expect-php-7

Derick Rethans:
Xdebug 2.3 Improvements to Tracing
March 31, 2015 @ 11:15:33

Derick Rethans has posted a new article in his series highlighting some of the changes in the latest release of Xdebug (v2.3). In this new post he talks about some of the improvements in the trace file functionality.

Trace files are a way to document every function call, and if you enable it, variable assignment and function's return values - including when these functions were called, and how much memory PHP was using at the moment of function entry (and exit). Xdebug 2.3 adds a new type of parameter rendering for stack traces and function traces through the xdebug.collect_params setting.

This new setting allows much more information to be reported back in the trace results, adding on a serialized version of the value of variables. He also shows the output results (human-readable) that shows the memory usage and time index for the execution. He also shows the new handling to include return values in the trace output using the "xdebug.trace_format" handling.

0 comments voice your opinion now!
tracing improvement xdebug release series part5 output

Link: http://derickrethans.nl/xdebug-2.3-tracing-improvements.html

Zend:
5 Things You Must Know about PHP 7
March 27, 2015 @ 11:07:39

There's been a lot of talk in the community about PHP 7 and what features will be included but there's been a *lot* of it. To help distill it down a bit Zend has posted this infographic of the Top 5 features that will be coming in this next major version.

Their top five list includes both the main points and a quick summary for:

  • When it comes out (hint: this year)
  • The spaceship operator
  • Return type declarations and scalar type hints
  • Performance improvements

...and #5, even more performance improvements. There's also some links to other information about some of the topics to provide even more detail for those wanting to dive in.

0 comments voice your opinion now!
php7 infographic top5 list release spaceship returntype scalartypehint performance

Link: https://pages.zend.com/TY-Infographic.html

Derick Rethans:
Xdebug 2.3 Improvements to Debugging
March 25, 2015 @ 09:13:34

In the latest in his series covering some of the improvements in the latest Xdebug release, Derick Rethans has posted this new article detailing some of the performance enhancements related to remote debugging that come with this new version.

This is the fourth article in a series about new features in Xdebug 2.3, which was first released on February 22nd. In this article we are looking at the improvements towards "remote" debugging.

The updates include showing the values of user-defined constants, being able to set an exception breakpoint on all exceptions and additional features around debugging the exceptions themselves. The output now includes the exception's error code and which exception the flow was broken on (though in his example of PHPStorm, the IDE won't report that information back). The last change he mentions is a change that reverts the output to a log if it can't write to a socket (usually SELinux related).

0 comments voice your opinion now!
xdebug performance improvement remote debugging version release

Link: http://derickrethans.nl/xdebug-2.3-debugging-improvements.html


Community Events

Don't see your event here?
Let us know!


extension framework symfony2 laravel application api opinion conference introduction library podcast php7 community series version interview voicesoftheelephpant performance example release

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework