PHPDeveloper.org

Facebook.com: PHPEmbed

Tue, 23 Oct 2007 10:27:00 -0500

Facebook application developers who already know PHP can be happy about a recent announcement on their blog - the introduction of PHPEmbed library into their setup (as well as a release of it out to the public).

In order to make embedding PHP truly simple for all of our developers we developed the PHPEmbed library which is just a more accessible and simplified API built on top of the PHP SAPI. The library is so useful, we decided to share it with the world. Check it out for yourself at http://developers.facebook.com/phpembed/

The library (currently in release 20070924) can be grabbed either directly from their download link or via the public svn repository they've set up. There's also some documentation and help for it in the form of a developer's group and the manual (PDF/HTML).

Builder.com.au: PHP exploit code plants itself in GIF

Fri, 22 Jun 2007 12:41:00 -0500

Builder.com.au has a new article today about the recent image issue - the PHP code embedded inside the GIF - that's come up on several sites.

The exploit code slipped through the site's defenses with the aid of a legitimate image at the beginning of the file, according to a blog post on the Sans Institutes's Internet Storm Center. [...] Malicious attackers planted PHP coded exploit script within an image file. PHP is often used as a programming language to create dynamic Web sites.

The article reports that, while this exploit hasn't happened much, the occurrences of it's use are growing with victims in a wide range of classifications - from small personal sites out to a certain major image hosting site. This same issue was discussed here on the PHPClasses.org website as well.

PHPBuilder.com: Unstoppable Return Receipt Requested Email with PHP

Fri, 04 May 2007 10:30:00 -0500

PHPBuilder.com has a new article today that shows how to (almost always) know if someone has read an email you've sent or not via a special sort of return receipt request.

The problem is that depending on the email client software that your recipient is using, he or she will most likely be given the option to suppress that return-receipt from being sent back to you. This renders the return-receipt system almost completely unreliable as a means of detecting when someone has read your email. If you have access to a web server that's running PHP, you can make your own return-receipt system that is (almost) guaranteed to work.

Their method is to embed an image into the email's content. This image is actually a linked image generated by PHP making it able to grab information about the view status of the email it's included in.

The Codist Blog: I Will Never Understand the Appeal Of PHP

Tue, 12 Dec 2006 10:04:00 -0600

In an "interesting" post to The Codist blog, there's one developer's look at PHP and his confession that he'll never quite understand the appeal of the language.

How PHP can be so popular is beyond me; the whole sense of encouraging all of your html, code, bindings, javascript, even sql (as in the below example) into a single file is a nightmare.

He Goes on to talk about his experience with JSP versus PHP and some perspectives on how PHP lacks features he's used to or how other developers he's talked to had similar issues.

One thing that concerns me (and apparently several others in the PHP community) is that he keeps talking about procedural PHP code that's an "all in one page" kind of setup. Well, of course this can get messy quickly - that's no way to code anything, much less PHP. Organization means more than just breaking code up into chunks on your page (though it's a very low-level start). Plus, the sample code he provides is a joke - a PHP developer with a few weeks of experience could push out something 10x better.

International PHP Magazine: Poll Question: You Did Not Know That

Mon, 18 Sep 2006 14:16:19 -0500

The International PHP Magazine has conducted a poll on its website over the past week, this time asking "You Did Not Know That...", asking developers which of the true statements about PHP they didn't know about.

The options this time were:

The trailing '?>' in PHP is Optional
You can embed other programming languages in PHP
Objects can be made to look like arrays by using Standard PHP Library
require is faster than require_once
Anything Less than 5.1.0 is Silly
All

There wasn't a whole lot of difference in the results of this poll, but the most all-inclusive of the list was the one selected the most - "All". Following that, was that the trailing closing PHP tag is optional, then a tie for third between the "embed other languages" and "Less than PHP 5.1.0" options.

Be sure to cast your vote in their latest poll that asks readers that they're really looking for in their frameworks.

SitePoint PHP Blog: __halt_compiler() - how nuts?

Sat, 13 May 2006 06:26:55 -0500

On the SitePoint PHP Blog, Harry Fuecks has a look at the "new(ish) __halt_compiler function" in PHP.

Simon blogmarked PHP's new(ish) __halt_compiler function which, according to the packet: "halts the execution of the compiler. This can be useful to embed data in PHP scripts, like the installation files. Byte position of the data start can be determined by the __COMPILER_HALT_OFFSET__ constant which is defined only if there is a __halt_compiler() presented in the file."

It may or may not be an elegant solution (it's certainly relatively simple) but it does have a very valid use case-to allow PHP applications which install themselves from a single script, all related pieces (other PHP scripts, CSS, HTML, images, etc.) being packed at the end of the script in a binary form.

Herry also mentions some specific examples of cases that could use it, including Ilia's fudforum software, which makes use of it to perform its installation.