Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Community News:
Zend Framework Security Upgrade (Zend_XmlRpc XXE Issue)
Jun 26, 2012 @ 02:20:09

Based in some recent issues found with the Zend_XmlRpc component of the Zend Framework, the project has release an update, version 1.11.12 that includes a fix for the component to prevent an XXE injection attack.

Zend_XmlRpc is vulnerable to XML eXternal Entity (XXE) Injection attacks. The SimpleXMLElement class (SimpleXML PHP extension) is used in an insecure way to parse XML data. External entities can be specified by adding a specific DOCTYPE element to XML-RPC requests. By exploiting this vulnerability an application may be coerced to open arbitrary files and/or TCP connections.

This security advisory describes the problem as well as the steps taken to correct it and provide the update. It is recommended that anyone using this component upgrade immediately to prevent issues. You can download the latest issue from the Zend Framework download page.

tagged: zendframework update zenxmlrpc update xee xml attach injection

Link:

PHPMaster.com:
Under the Hood of Yii’s Component Architecture, Part 2
Feb 07, 2012 @ 17:53:57

Following up on their previous look at the component architecture of the Yii framework, PHPMaster has posted this new tutorial showing how the framework allows you to do some event-based programming.

An application event is something that occurs which might be of interest to other bits of code. A standard event in most GUI applications would be a "click" event, but the sky's the limit and what events you define is really up to you. [...] The details can be provided by application-specific modules allowing you to keep individual requirements separate from your reusable code. Events allow you to attach a potentially unlimited amount of functionality without changing your core modules and components.

In his example, he shows how to create an event handler that is triggered when the user registers on the site. This event (CEvent) is then registered with the system and is attached via a call in the controller's "init" method.

tagged: yii component tutorial introduction framework event attach trigger

Link:

Sanisoft.com:
Attach & detach behaviors at run-time in CakePHP Models
Jun 26, 2007 @ 17:38:00

The guys over on Sanisoft.com dropped us a line today to let us know about a new entry on their blog showing how to implement attach and detach behaviors in CakePHP models.

Behaviors are one of the best things that have been added to CakePHP 1.2, they allow you to add functionality to your models in a very elegant and modular fashion. They also promote a lot of code reuse. Perhaps a real life example would illustrate it better.

They show how to create behaviors that can perform a save() call on an image with the backend code doing all the hard work. They create the two methods - dontActAs and nowActsAs - to make attaching and detaching simple.

tagged: cakephp framework attach detach behavior model cakephp framework attach detach behavior model

Link:

Sanisoft.com:
Attach & detach behaviors at run-time in CakePHP Models
Jun 26, 2007 @ 17:38:00

The guys over on Sanisoft.com dropped us a line today to let us know about a new entry on their blog showing how to implement attach and detach behaviors in CakePHP models.

Behaviors are one of the best things that have been added to CakePHP 1.2, they allow you to add functionality to your models in a very elegant and modular fashion. They also promote a lot of code reuse. Perhaps a real life example would illustrate it better.

They show how to create behaviors that can perform a save() call on an image with the backend code doing all the hard work. They create the two methods - dontActAs and nowActsAs - to make attaching and detaching simple.

tagged: cakephp framework attach detach behavior model cakephp framework attach detach behavior model

Link:


Trending Topics: