The Bakery (a CakePHP site) has announced the release of CakePHP 2.0, a major shift in the framework with some very large changes to bring it up to the level of other full-stack frameworks currently offered for PHP.

The CakePHP core team is very exited to announce a major jump in the version numbering. CakePHP 2.0 stable is out! we have put endless hours into this release and great ideas have made it into the the framework for this version. [...] The overall CakePHP ecosystem has also been improved. [...] A huge thanks to all involved in terms of both contributions through commits, tickets, documentation edits, and otherwise contribute to the framework. Without you there would be no CakePHP.

Some huge changes have happened in this release including:

• Dropping PHP4 support
• Use of more native PHP functions
• PSR-0 compliance
• Object injection for libraries/components/helpers/etc
• Console tools completely rebuilt
• A move to PHPUnit tests (away from SimpleUnit)
• HTML support in form helpers
• Lazy-loading on just about everything making the overall experience faster
• Several new plugins like: DebugKit, Datasources, MongoDb, Migrations and AclExtras

They've created a few resources to help you get started with this new version including a new version of the book, a screencast and a migration guide.

New from the rooJSolutions blog there's a post pointing out an issue that PHP 5.3.7 has broken the is_a functionality in a lot of cases. The post talks some about what's broken and how you can work around it if you're effected.

The key issue was that 5.3.7 accidentally broke is_a() for a reasonably large number of users. Unfortunately the fixup release 5.3.8 did not address this 'mistake', and after a rather fruitless exchange I gave up trying to persuade the group (most people on mailing list), that reverting the change was rather critical (at least pierre supported reverting it in the 5.3.* series).

This new issue was causing some strange errors to pop up in his code because of a parameter type change in the is_a call, updating the first parameter to be an object instead of a class name. The is_a() call sends its requests to __autoload in some cases and the string->object mismatch of those parameters causes errors to be thrown. His workaround is, in your checking, just be sure to call an is_object first before passing things off to be is_a() checked and autoloaded.

Sameer Borate, in the wake of having security issues with his site, has posted a hint you could use to help detect when something has changed in important files in your application by checking their hash.

Today a couple of hours back my site got compromised. Not much changes to the code, but the .htacces was changed and some code [...] was added to the .htaccess file, which redirected the traffic coming from search engines to a malware site. It has now been removed and to prevent any such changes to the .htaccess file in the future, I've written a small php script that compares the hash (SHA1) of the two major files that usually get compromised and compare them to the one originally stored.

It's not a preventative measure by any means, but it can help you keep track of if something's changed. Several issues have popped up in the major blogging engines that allow for changes to be made directly to files. These changes result in the sha hash to be different and can be used to trigger a security alert. His sample code shows a basic call to mail an alert, but it could be as complex as you'd like (possibly even logging to a database or the like).

If you're attending this year's Dutch PHP Conference, they've just posted an important announcement about the conference social:

The conference social will now take place at a venue called ClubNL, which is also in central Amsterdam and within easy walk from the Amsterdam main train station. Please remember to hold on to your conference badge, as you will need it to gain access to the event. For more details check out the updated social page on our website. We are hoping to see you all there!

There's still time for you to get your tickets to this great event happening in a few weeks (May 19th-21st) in Amsterdam - full event tickets run 695 Euro and the single-day tickets (just tutorial or just conference day) are 375 Euro. Get yours today!

Johannes Schluter has a quick new post to his blog today talking about parts of the sqllite extension that will be dropped from the core - the current sqlite_* methods and the pdo_sqlite driver.

The issue there is that this depends on the SQLite 2 library which isn't supported by upstream anymore for a few years. It was a logical step therefore to remove this extension from PHP trunk. The support for the sqlite3 extension and the PDO_sqlite driver (same link as above, read it carefully), which use version 3 of the library, are continued.

The change probably won't be happening in any of the PHP 5.3.x releases but should becoming in PHP 5.4 so, as he advises, you might need to rebuild your database file and change your application to correct things for the changes.

Vid Luther has a new post to his blog showing how to switch the storage engine only one (or any number of individual tables) in your MySQL-backed Propel/Symfony project.

I need one MyISAM table in my schema, I'm using Symfony 1.2 and Propel 1.3. As flexible as Symfony and it's YAML files are, Propel currently doesn't allow you to change the storage engine on the fly. [...] So, the next best thing to do now is to have it so that when Symfony runs propel:insert-sql, I can piggyback my own SQL to it. Luckily, this is possible, and it's explained here.

He gives an example of how he's doing it - making a simple alter table script, putting it into a SQL file and pushing it out into the project's setup via a "propel:insert:sql" command.

Derick Rethans has made a quick post about an update he's made to the XDebug function traces to add in information on variable modifications.

After I had a quick look at the feasibility of this feature I spend some time on implementing it for Xdebug's HEAD branch that is going to become Xdebug 2.1. Variable modification tracing can be enabled by setting the php.ini xdebug.collect_assignments setting to 1. Of course this can also be done in either .htaccess or by using ini_set(). This setting requires general execution tracing to be enabled as well and it's only available for human readable trace files (the default format).

He gives examples of how two example scripts would be logged to the trace file - one inside of a basic function and another showing updates to the properties on a class.

On the IBM developerWorks blog the next article in their "What's new in PHP V5.3" series has been posted. In this fifth part looks at some of the changes and issues you might face when making the upgrade (including slightly modified function behavior and deprecated functions).

In this final part of the series, learn about things to consider when upgrading from PHP V5.2. There are changes that break backward-compatibility and features that are deprecated in PHP V5.3 for removal in future versions. Some enhancements to existing features within PHP are also covered.

Changes included in the list are:

• Syntax changes
• Changes to functions and methods
• Extension changes
• Build changes
• Deprecated items

On the CSS-Tricks.com site today there's a quick tutorial on changing up the look and feel of your site based on an external source. More specifically, they give the example of updating the graphics of your site depending on the weather in your area via PHP and CSS.

Using a little magic and trickery (read: PHP and CSS), we can change the appearance of a website automatically based on the weather outside, in real time! In the example site we have created, the header graphic will change to one of four different styles based on Sunny, Rain, Snow, and Cloudy.

Their example makes a request to the Yahoo! weather data for a location and brings it in to PHP where the XML is parsed (via a regular expression) and the current conditions are parsed out. This condition is then passed out into the page as the class type on the header and, based on the CSS already defined, the correct image is pulled in as the background.

On the O'Reilly ONLamp blog Todd Ogasawara points out a few things that Windows users should watch out for with the upcoming PHP 5.3 release.

PHP 5.3.0 is only in its first alpha release. But, if you run PHP in Microsoft Windows, you should talk a look at the release notes for Windows binaries.

Among the changes are things like the drop of support for Windows versions less than Win2000, the changeover for compiling needs (VC6 versus the newer VC9) and that 64-bit binaries will be provided as well as the normal 32-bit (on a trial basis).