It's been a few months since Episode One, but thanks to Marcus, Ask Chris is back on the air. The format is a bit different - instead of doing separate shows, we'll be doing a short segment at the end of each interview.

This interview is with David Sklar of Ning. He and Marcus discuss Ning, of course, but David also provides some good perspective on the state of technology and how the definition of a programmer is becoming more and more inclusive.

This episode of Ask Chris is about email injection, a topic of growing concern for PHP developers.

You can find out more about this addition to the Pro::PHP lineup and how to subscribe to the podcast over on their site.]]> Mon, 27 Feb 2006 08:20:25 -0600 http://www.phpdeveloper.org/news/4786 http://www.phpdeveloper.org/news/4786 his latest entry, Marco Tabini talks about some of the security issues surrounding PHP that have been going around lately, and his take on the situation.

If you happen to keep a tab on the various posts in the community, you have undoubtedly noted a variety of opinions on the subject-I think that security doesn't belong in the language, Chris has made his point clear and Harry sort-of responded to both of us.

As a community, we are all tasked with ensuring that PHP becomes a better product. And by "community" I really mean everyone-individuals, OSS groups and commercial entities. I think that finally, after so many false starts, we are beginning to do a good job of it, too.

The post continues on, talking more about the ever-growing trend towards PHP5 and a push forward towards applications written with it with better security and less issues overall...]]> Fri, 03 Feb 2006 06:36:09 -0600 http://www.phpdeveloper.org/news/4687 http://www.phpdeveloper.org/news/4687 Chris Shiflett has this post today about the partnership between php|architect and the Pro PHP Podcast.

You've probably heard the good news about the Pro PHP Podcast. The guys behind the show (Marcus Whitney and Chris Cornutt) are joining forces with php|architect in what should be a good thing for all of us.

So, I was very happy to hear about the partnership with php|architect, because I know this will let Marcus focus on the show. There are also regular newscasts planned, and Chris is asking, What do you want out of your news?

Always good to see community support behind a project...and remember, the first show of this new partnership is happening January 27th, an interview with Andi Gutmans that will be broadcast live. Click here to sign up...]]> Thu, 19 Jan 2006 06:38:32 -0600 http://www.phpdeveloper.org/news/4654 http://www.phpdeveloper.org/news/4654 Chris Shiflett has posted this new item on his blog today with his look back at his year in 2005 - both personal and community related.

In the tradition of my 2003 and 2004 highlights, I'm posting my personal highlights of 2005. As in years past, this is mainly for my own benefit. I hope everyone has a wonderful 2006.

Some of the more memorable things on his list include:

• the launch of the PHP Security Consortium
• the launch of his consulting company, BrainBulb
• made numerous speeches
• completed his second book, PHPDecurity.org, a companion to it

Overall, a great year...he also includes some of the things that he'd like to do in the next year as well (speak at fewer conferences, contribute more to open source, etc). ]]> Fri, 13 Jan 2006 06:45:52 -0600 http://www.phpdeveloper.org/news/4533 http://www.phpdeveloper.org/news/4533 his latest post today, John Cox takes a look at one of the latest posts from the SitePoint PHP blog - the Top 7 PHP Security Blunders.

This morning I read the Top 7 PHP Security Blunders which contained (at least in my mind) a few questionable comments about PHP security. Luckily for the early readers of the article, there was a very long comment by comments were a very nice critique of the article which also corrects a few obvious mistakes within the article itself.

The comments have now been pushed off the main article to the forum, (which is a shame) but as a developer, you would be doing yourself a disservice by not also taking the time to read the counter-point. They are insightful without being inflammatory.

The comments by Chris that he makes reference to can be found here in the SitePoint forums...]]> Wed, 21 Dec 2005 07:08:07 -0600 http://www.phpdeveloper.org/news/4503 http://www.phpdeveloper.org/news/4503 this new post with an interview with the author of Essential PHP Security, Chris Shiflett.

This is the third in a series of interviews we're making available to the CodeSnipers community. We have been working to track down people who we thought had something valuable to say about the software development community, tools, practices, or direction. Some of the names you will recognize immediately, others you've probably never heard of, but all of them have made an impact in one way or another. Without further delay... we have Chris Shiflett author of Essential PHP Security.

As Chris notes in his blog entry, they talk about everything - from his book to his involvement in the PHP community...]]> Thu, 15 Dec 2005 06:45:45 -0600 http://www.phpdeveloper.org/news/4295 http://www.phpdeveloper.org/news/4295 Davey Shafik has this review of Chris Shiflett's Essential PHP Security guide from O'Reilly.

I was fortunate enough to receive a copy of Chris Shiflett's book, Essential PHP Security published by O'Reilly.

Chris does an excellent job dissecting and explaining each of the 8 major security topics he covers in his book, first outlines what exactly the problem is, how easily it is to fall into the trap of making your code vulnerable to it, and how it is generally exploited. He then goes on to tell you how you can be sure that you are not vulnerable in the future.

He also notes that the "Essential" in the name is quite appropriate, and that if you purchase one PHP security book, make this the one...]]> Mon, 14 Nov 2005 06:11:34 -0600