News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP.net:
PHP 5.6.8, 5.5.24 & 5.4.40 Released (Security Fixes)
April 17, 2015 @ 09:38:18

The PHP development group has released several different versions of PHP for the 5.5.x, 5.6.x and 5.4.x series with a long list of security issues fixed in each one (fourteen in total):

The PHP development team announces the immediate availability of PHP [5.4.40, 5.6.8, 5.5.24]. 14 security-related bugs were fixed in this release, including CVE-2014-9709, CVE-2015-2301, CVE-2015-2783, CVE-2015-1352. All PHP 5.4 users are encouraged to upgrade to this version.

Other items were fixed besides the security issues, so check out the Changelog to see those few other fixes. It's highly recommended that you update your installations to these latest versions. You can grab the latest either from the downloads page (source) or Windows users can go to winodws.php.net.

0 comments voice your opinion now!
language release multiple security fix changelog upgrade

Link: http://php.net/archive/2015.php#id2015-04-16-3

IBM developerWorks:
PHP renewed Password security in modern PHP
April 17, 2015 @ 08:53:15

The IBM developerWorks site has a new tutorial posted talking about how PHP has been "renewed" in recent versions, more specifically in the password security department.

When PHP was first crafted in the mid-1990s, the term web application didn't even exist yet. Password protection, then, wasn't one of the features that the PHP creators devoted resources to. After all, you didn't need to worry about passwords when you used PHP just to put a site-visit counter or a date-modified stamp on your web page. But 20 years have passed, and now it's almost unthinkable to create a web application that doesn't involve password-protected user accounts. It's of the utmost importance that PHP programmers safeguard account passwords by using the latest and most secure methods.

The article goes on to talk about the importance of using secure hashing methods for password storage, the speed at which "cracking" programs can run and the use of "rainbow tables". It then gets into some of the older methods commonly used for password storage and protection and shows how to refactor them into the new password hashing functionality introduced in PHP 5.5.

0 comments voice your opinion now!
password security hashing renewed modern language release

Link: http://www.ibm.com/developerworks/web/library/wa-php-renewed_2/index.html

Hannes Magnusson:
Next Generation MongoDB Driver for PHP!
April 15, 2015 @ 11:41:50

Hannes Magnusson has a new post to his site talking about the new update to the MongoDB driver for PHP and its focus on simplicity.

For the past few months I've been working on a "next-gen" MongoDB driver for PHP -- codename "phongo". The aim was to build a new PHP extension ontop of the mongoc and libbson libraries to reduce maintenance of the extension itself and focus more on providing the ecosystem with improved support and libraries.

The new driver is available on PECL (called "mongodb", surprisingly enough). It doesn't include any of the bells and whistles found in the previous "mongo" driver. It doesn't include any `group` or `count` command helpers, and you won't find any Collection or Database objects; however, it really doesn't need any of these things.

He talks about the three basic things it can do: execute a command, a write or a query to locate records. He also answers the question many developers have about this shift to simplicity and provides a link to a PHP library to make porting over existing MongoDB handling simpler.

0 comments voice your opinion now!
mongodb driver pecl extension language simplicity version release

Link: http://bjori.blogspot.com/2015/04/next-gen-mongodb-driver.html

Jared McFarland:
Creating a PHP extension in Rust
April 06, 2015 @ 09:22:02

Jared McFarland has a recent post to his site showing how to make a PHP extension in Rust, a more recent programming language that seeks to "run fast, prevent almost all crashes and eliminate data races".

Last October I had a discussion with one of my coworkers at Etsy about how writing extensions to interpreted languages like PHP, Ruby or Python should be a lot easier than it is now. We talked a bit about how one of the barriers to successfully writing an extension is they're generally written in C, and it's hard to gain confidence in C code if you're not an expert at the language.

Ever since then I've toyed with the idea of writing one in Rust, and for the past few days have been playing around with it. I finally got it to work this morning.

He starts by static his goal, to make a PHP extension with Rust that was compiled into a library along with some C headers. He talks about his use of the Rust Foreign Function Interface to make a "hello world" script and the code to call it from C, complete with header code examples and the result of it being called. He then gets into the PHP integration, showing you the code you'll need for the extension and compiling it into a module and moving it into the extension directory. He also includes some "useless micro-benchmarks" so you can see how things perform, comparing his function to base PHP when calculating the Fibonacci sequence algorithm.

0 comments voice your opinion now!
extension rust programming language helloworld tutorial

Link: http://jaredonline.svbtle.com/creating-a-php-extension-in-rust

PHP.net:
Release of PHP 5.6.7, 5.5.23 and 5.4.39
March 20, 2015 @ 10:45:27

The PHP development group has announced the release of the latest versions in all three major versions of PHP currently supported: PHP 5.6.7, 5.5.23 and 5.4.39. These releases are bugfix only with several security updates included.

The PHP development team announces the immediate availability of [these new versions]. Several bugs have been fixed as well as CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331. All PHP [5.6, 5.5 and 5.4] users are encouraged to upgrade to this version.

As always, you can get the latest released for each of these versions from the main downloads page (for Windows users on windows.php.net) and if you'd like to see the other changes besides the security-related fixes check out the full Changelog.

0 comments voice your opinion now!
version release language php54 php55 php56 security bugfix

Link: http://php.net/index.php#id2015-03-20-2

NetTuts.com:
Building Your Startup With PHP Localization With I18n
March 09, 2015 @ 10:43:08

In the latest part of their series of "building a startup" application in PHP, NetTuts.com looks at supporting internationalization with the functionality of the Yii framework.

This is part four of the Building Your Startup With PHP series on Tuts+. In this series, I'm guiding you through launching a startup from concept to reality using my Meeting Planner app as a real life example. Every step along the way, we'll release the Meeting Planner code as open source examples you can learn from. We'll also address startup-related business issues as they arise. In this tutorial, I wanted to step back and add I18n internationalization support to our application before we build more and more code.

They start off with a look at some of the overall goals of internationalization (i18n) and about how it works in the Yii system. It uses placeholders with a key/value system to replace the data based on which language is selected. They show you how to configure Yii's support including default language, sorting of the data and files to exclude when looking for i18n configurations. With this configuration in place they show how to use the command line tool to extract these messages out into separate folders for easier management and faster reference. Finally they show how to select a language and use the Yii code generator together with the translations to create models and forms.

0 comments voice your opinion now!
build startup series part4 internationalization i18n localization language yii framework

Link: http://code.tutsplus.com/tutorials/building-your-startup-with-php-localization-with-i18n--cms-23102

Evert Pot:
The problem with password_hash()
February 25, 2015 @ 10:51:04

Evert Pot has shared some of his thoughts about why he has a problem with password_hash (and friends). His thoughts are initially about this particular feature but they're actually wider than that.

The initial introduction and rfc for these functions made me uneasy, and I felt like a lone voice against many in that I thought something bad was happening. I felt that they should not be added to the PHP engine. I think that we should not extend the PHP engine, when it's possible to write the same API in userland, or there are significant benefits to do it in PHP, such as performance. Since the heavy lifting of the password functions is done by underlying libraries that are already exposed to userland-PHP, it didn't make sense to me to expose it as well in the core.

He includes a list of things he sees as drawbacks for new C-based functionality in PHP including the fact that it extends the "PHP specification" and forces other projects to implement it (like HHVM). He does include a few positives, though, such as the increased visibility and legitimacy, but still thinks they don't outweigh the negatives.

0 comments voice your opinion now!
password hash core language c implementation opinion userland

Link: http://evertpot.com/password-hash-ew/

Full Stack Radio:
10 Type Safety Roundtable with Ryan Tablada and Matt Machuga
February 24, 2015 @ 09:15:55

In the latest episode of the Full Stack Radio podcast - episode #10, host Adam Wathan has two guests to talk about programming in a language with dynamic types versus static types.

In this episode, Adam talks with Ryan Tablada and Matt Machuga about the philosophical differences between programming in a statically typed language vs. a dynamically typed language. They talk about things like explicit interfaces vs. duck typing, function calling vs. message passing, and some of the recent RFCs around optional typing in the PHP community.

You can listen to this latest episode either through the in-page audio player or by subscribe to their feed to get the latest episodes as they're released.

0 comments voice your opinion now!
fullstackradio ep10 typesafety strong dynamic language podcast mattmachuga ryantablada

Link: http://fullstackradio.com/episodes/10

HHVM Blog:
Announcing a Specification for Hack
February 20, 2015 @ 13:51:15

Similar to how the language specification was released for PHP a little while back, the HHVM team has announced a new specification for Hack, the language they've created as a part of the HipHop VM project that's similar to PHP.

When we announced Hack, we were very excited for the community to get their hands on a programming language that has helped Facebook engineers become more productive in their day-to-day development and became, alongside PHP, the language used when developing applications running on HHVM. At the time of release, we had documentation geared for the programmer using Hack to develop applications. However, we did not have official documentation for those that might want to create a Hack implementation of their own or something like a Hack conformance test-suite. This specification fills that gap. It is the document for the Hack implementer, and an excellent supplemental document for the Hack user.

The remainder of the post talks about some of the reasoning behind creating the specification, pointing to resources where you can help contribute and a few thanks to some of the people that worked on it.

0 comments voice your opinion now!
specification hack hhvm facebook hiphop language

Link: http://hhvm.com/blog/8537/announcing-a-specification-for-hack

PHP.net:
PHP 5.6.6 is available
February 20, 2015 @ 09:08:51

Following on the heels of the other latest releases of PHP (5.5.22 and 5.4.38), the PHP development group has release the latest in the 5.6.x series - PHP 5.6.6.

The PHP development team announces the immediate availability of PHP 5.6.6. This release fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273. All PHP 5.6 users are encouraged to upgrade to this version.

You can get this latest release either directly from the downloads page (well, from a mirror) or if you're a Windows user you can get the binaries here. Upgrading is definitely recommended and you can find all the details of the release and what what fixed in the Changelog.

0 comments voice your opinion now!
language release cve bugfix security php566

Link: http://php.net/archive/2015.php#id2015-02-19-2


Community Events

Don't see your event here?
Let us know!


example interview extension performance opinion framework release voicesoftheelephpant version symfony2 series application php7 community laravel api podcast library conference introduction

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework