In a new post, Matthew Turland looks at one thing that he feels is missing from a lot of the PHP functionality currently available in the community today - log analysis features.

Log analysis is a fairly common task in the field of web development, most often analysis of web server traffic logs or what Wikipedia refers to as web analytics. PHP has no officially supported extensions designed specifically for log analysis. There are no related extensions in PECL. The only remotely related extension in PEAR is PEAR_Log, which for generating logs rather than parsing or analyzing them. In short, there is no common solution here.

He looks at the options that developers do have - make their own solution or go with a third party option. He believes, though, that a PECL extension would be more the way to go, integrating with PHP more closely and allow for easier parsing and manipulating of the data in their own log files.

Stefan Esser is trying to clear up some confusion in a new post to the PHP Security Blog today about his stand on enabling open_basedir on your PHP installation.

From time to time I get the question why I recommend enabling open_basedir and on the other hand call it a solution flawed by design. This is actually a good question, because the untrained PHP user might get a little bit confused about this and might believe that I change my opinion on a daily basis.

He talks about his reasoning - how it does it's job protecting PHP developers from being able to get to those file, but how it's also flawed with issues due to some 3rd party libraries that have their own problems.