News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Community News:
Zend Framework Security Upgrade (Zend_XmlRpc XXE Issue)
June 25, 2012 @ 21:20:09

Based in some recent issues found with the Zend_XmlRpc component of the Zend Framework, the project has release an update, version 1.11.12 that includes a fix for the component to prevent an XXE injection attack.

Zend_XmlRpc is vulnerable to XML eXternal Entity (XXE) Injection attacks. The SimpleXMLElement class (SimpleXML PHP extension) is used in an insecure way to parse XML data. External entities can be specified by adding a specific DOCTYPE element to XML-RPC requests. By exploiting this vulnerability an application may be coerced to open arbitrary files and/or TCP connections.

This security advisory describes the problem as well as the steps taken to correct it and provide the update. It is recommended that anyone using this component upgrade immediately to prevent issues. You can download the latest issue from the Zend Framework download page.

0 comments voice your opinion now!
zendframework update zenxmlrpc update xee xml attach injection


PHPMaster.com:
Under the Hood of Yii's Component Architecture, Part 2
February 07, 2012 @ 11:53:57

Following up on their previous look at the component architecture of the Yii framework, PHPMaster has posted this new tutorial showing how the framework allows you to do some event-based programming.

An application event is something that occurs which might be of interest to other bits of code. A standard event in most GUI applications would be a "click" event, but the sky's the limit and what events you define is really up to you. [...] The details can be provided by application-specific modules allowing you to keep individual requirements separate from your reusable code. Events allow you to attach a potentially unlimited amount of functionality without changing your core modules and components.

In his example, he shows how to create an event handler that is triggered when the user registers on the site. This event (CEvent) is then registered with the system and is attached via a call in the controller's "init" method.

0 comments voice your opinion now!
yii component tutorial introduction framework event attach trigger


Sanisoft.com:
Attach & detach behaviors at run-time in CakePHP Models
June 26, 2007 @ 12:38:00

The guys over on Sanisoft.com dropped us a line today to let us know about a new entry on their blog showing how to implement attach and detach behaviors in CakePHP models.

Behaviors are one of the best things that have been added to CakePHP 1.2, they allow you to add functionality to your models in a very elegant and modular fashion. They also promote a lot of code reuse. Perhaps a real life example would illustrate it better.

They show how to create behaviors that can perform a save() call on an image with the backend code doing all the hard work. They create the two methods - dontActAs and nowActsAs - to make attaching and detaching simple.

0 comments voice your opinion now!
cakephp framework attach detach behavior model cakephp framework attach detach behavior model



Community Events





Don't see your event here?
Let us know!


release interview wordpress podcast list unittest opinion introduction community install testing api framework threedevsandamaybe laravel language refactor series code developer

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework