Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP.net:
PHP 5.6.18 & 5.5.32 Released
Feb 05, 2016 @ 09:49:31

On the main PHP.net site they've officially announced the release of the latest versions in the 5.6.x and 5.5.x series: PHP 5.6.18 and PHP 5.5.32.

The PHP development team announces the immediate availability of PHP [5.5.32 and 5.6.18]. This is a security release. Several security bugs were fixed in this release. All PHP [5.5 and 5.6] users are encouraged to upgrade to this version.

As always you can download this latest release from either the main downloads page or from windows.php.net for the Windows binaries. If you'd like to see exactly what was fixed in these releases, check out the full Changelog.

tagged: language version security bugfix upgrade

Link: http://php.net/archive/2016.php#id2016-02-04-3

Community News:
phpschool.io Announced
Feb 04, 2016 @ 12:45:55

A new service has launched in an effort to help teach PHP to those looking to learn in a different sort of way. The phpschool.io site provides you with a series of exercises that walk you through both the fundamentals of the language and a few more complex topics.

PHP School is a set of ever expanding workshops to teach you basic to advanced concepts in PHP. We launch with one workshop: Learn You PHP. [...] Each exercise increases in difficulty, guiding you through the core concepts of PHP.

Currently the tutorials cover topics like "My First IO", separation of concerns, working with exceptions and handling dependencies. The installation of the lessons is as simple as making a composer require call and installing the packages and dependencies required by the tool. They're also actively looking for community contributions to add more workshops to the based on the Learn You PHP package currently included. The training was inspired by what NodeSchool provides for the Node.js language.

tagged: phpschool learning training beginner language tutorial

Link: http://www.phpschool.io/

Rasmus Lerdorf:
Upgrading PHP on the EdgeRouter Lite
Jan 26, 2016 @ 10:30:33

Rasmus Lerdorf has shared a post to his site detailing how he upgraded his EdgeRouter Lite router (hardware) to use PHP 7 for the uI handling and processing, upgrading it from the PHP 5.4 it came installed with.

After nearly 7 years of service I retired my Asus RT-16 router, which wasn't really a router, but a re-purposed wifi access point running AdvancedTomato. In its place I got a Ubiquiti EdgeRouter Lite. It is Debian-based and has a dual-core 500MHz 64-Bit MIPS CPU (Cavium Octeon+), 512M of ram and a 4G removable onboard USB stick for < $100. The router is completely open and, in fact, any advanced configuration has to be done from the command line. The Web UI has been improving, but there are still many things you can't do in it. In other words, exactly the type of device I prefer.

He made use of the open platform the router has to upgrade both the PHP installation and a bit of the web UI code to make things work happily with PHP 7. There's just three steps in his process:

  • Getting a Big-Endian MIPS64 build of PHP 7
  • Configuration (php.ini)
  • Fixing broken stuff

The "broken stuff" in this last item was only a few small changes that needed to be made to the web UI code for raw POST data fetching and session writes. He ends the post with a little summary of the performance post-changes and some about the opcode handling and memory use per request.

tagged: router edgerouter ui version language install upgrade configuration bigendian mips64 php7

Link: https://toys.lerdorf.com/archives/59-Upgrading-PHP-on-the-EdgeRouter-Lite.html

PHP.net:
PHP 5.6.17 & 5.5.31 Released
Jan 08, 2016 @ 09:41:39

The main PHP.net site has announced the release of the latest versions of the PHP 5.6.x and 5.5.x series: PHP 5.5.31 and PHP 5.6.17.

The PHP development team announces the immediate availability of PHP [5.6.17 and 5.5.31]. This is a security release. Several security bugs were fixed in this release. All PHP [5.6 and 5.5] users are encouraged to upgrade.

As always, you can down load the source of this latest release from the downloads page from the main site (or your mirror of choice) and the Windows binaries from windows.php.net. Full details of the changes in these two releases are included in the Changelog.

tagged: language release bugfix security php55 php56

Link: http://php.net/archive/2016.php#id2016-01-07-3

PHP.net:
PHP 7.0.2 Released
Jan 07, 2016 @ 09:30:21

The PHP project has officially released the latest in the PHP 7.0.x series of releases: PHP 7.0.2:

The PHP development team announces the immediate availability of PHP 7.0.2. 31 reported bugs has been fixed, including 6 security related issues. All PHP 7.0 users are encouraged to upgrade to this version.

There's quite a few bugs fixed in this release including updates in:

  • CURL
  • Filter
  • FTP
  • GD
  • Opcache
  • Session
  • SPL

As always you can download this release from the main download page or the Windows binaries from the windows.php.net site.

tagged: language release php7 minor bugfix download

Link: http://php.net/archive/2015.php#id2016-01-07-1

7PHP.com:
Happy New Year 2016 Message From Phil Sturgeon To The PHP Community
Jan 04, 2016 @ 10:09:33

The 7PHP.com site is back with their first interview with a member of the PHP community in 2016. In this latest article Phil Sturgeon answers some questions from Khayrattee about his background, how is 2015 was and what he sees coming for the PHP community in 2016.

A little more than over 2 years ago (in June 2013), I did my 34th 7PHP interview with a young dynamic (can very much say as explosive as a dynamite as well – explosive in the good sense) named as Phil Sturgeon. I still remember at that time while I hit the “publish” button and tweeted above that interview, I unconsciously wrote Phil Surgeon instead of Sturgeon. We had a good twitter moment. Time flies and in Feb 2015, I was even able to meet Phil in person at SunshinePHP Conference in Miami.

Phil answers questions about his previous year (2015) and how the PHP community helped him through some issues he had between 2014 and early 2015. He also shares his thoughts on the current state of the PHP community and language. He mentions the difficulties happening around the PHP-FIG group and some of his predictions and advice for the PHP community in the coming year.

tagged: philsturgeon 7php community language interview opinion

Link: http://7php.com/newyear2016-philsturgeon/

SitePoint PHP Blog:
Transphporm – a Different Kind of Template Engine
Dec 17, 2015 @ 09:42:54

The SitePoint PHP blog has posted a tutorial on a "different kind of template engine" that makes use of selectors and placeholders to define templates and replace data: Transphporm. In this article they introduce you to the library and give some examples of it in action.

Many PHP template engines (Smarty, Blade, Twig…) are little more than abstracted PHP code, making it easier to write loops, if/then/else blocks, and display variables with less verbosity than vanilla PHP. These traditional template engines require the designer to have an understanding of special syntax. The template engine must also be in place and operational in order to parse data and thus completely render the final design. Nothing wrong with this.

Transphporm follows a different approach that is generally known as “template animation”. What this means is that the web designer creates the entire HTML/CSS/JS page including placeholder content such as “Lorem Ipsum”, then the template engine comes along and replaces parts of the DOM with new data before the final render.

The benefit of this kind of templating is that the designer or one creating the templates doesn't need to know anything about the templating software or a special syntax. Transphporm uses CSS-style selectors to define the replacement location and the data that should fill that spot. They give an example of a simple HTML page with plenty of markup defining the locations of the placeholders. They then show how to define a "tss" configuration, listing out all of the selectors and the content to push in as a replacement. They also talk a bit about DOM concerns, what happens if the template changes and the selector is no longer valid and how to help this with partials. Finally they look at some of the more advanced features like using arrays, working with attributes and conditional changes (among others).

tagged: transphporm template language css selector tutorial

Link: http://www.sitepoint.com/transphporm-a-different-kind-of-template-engine/

PHP.net:
PHP 7.0.1 Released
Dec 17, 2015 @ 09:21:50

The latest release in the PHP 7.0.x series has been released today, the first one following the major milestone of PHP 7: PHP 7.0.1.

The PHP development team announces the immediate availability of PHP 7.0.1. Several bugs have been fixed. All PHP 7.0 users are encouraged to upgrade to this version.

This is just a bugfix release with some smaller changes that were held off until after the main PHP 7.0 release came out. Bugs were fixed in the language core, the CLI server, OCI8 functionality and many others. PHP 7 users are encouraged to upgrade to this new release. You can download it as always from either the main php.net downloads page or windows.php.net for the Windows binaries.

tagged: php7 release language bugfix php701 upgrade download

Link: http://php.net/index.php#id2015-12-17-1

Zend Developer Zone:
On Security and PHP
Dec 14, 2015 @ 10:23:46

On the Zend Developer Zone Cal Evans has posted an article about a topic that's always hot in any development community - security. In his post, "On Security and PHP", he comments on some recent metrics reported by a larger application security company and provides a bit more realistic view into the world of PHP security (and some possible downfalls of their metrics).

Yet another consultant group has decided that their traffic stats are too low so they need to “shake things up a bit”. As usual, they picked PHP as the whipping boy. No, I am not going to link to them; too many people are already doing that unironically. [...] So we have a consulting group that has discovered that compiled languages have fewer security issues than dynamic languages. In other news, water is wet. This insight isn’t a revelation to anyone who has worked with a compiled language.

He also points out the leap they make between the PHP-related results to the two pieces of software that power a large part of the web, WordPress and Drupal. He mentions the recent installation statistics published by Jack Skinner and how, when it boils down to keeping the actual language secure, nothing is better than keeping things patched. Cal summarizes the current state of things (and where we should be heading) well:

We can all agree that PHP code used to be notoriously insecure due in part to it’s low point of entry, but so was the entire Internet. As we learn, we are writing better and more secure code. Sadly reports like the one highlighted here do nothing more than perpetuate old stereotypes. The truth is that yes, PHP code has flaws, much like Python code, node.js code, and Ruby code. We’ve got fewer this year than last, and hopefully, we will have fewer next year. We are getting better. Sadly, not all applications get better at the same rate. Some people just will not bother to patch old code. That is not a language problem, that is a people problem. (It doesn’t lessen the importance of the problem, but let’s at least properly identify it)
tagged: security zenddeveloperzone development language version

Link: http://devzone.zend.com/7052/on-security/

Jack Skinner:
PHP Version Roundup - PHP Install Statistics for 2015
Dec 09, 2015 @ 10:43:49

Jack Skinner has posted his latest "roundup" results of the most popularly installed versions of PHP across the web. In the post he looks through the percentage of installations for each version and how many are "secure" (currently supported and in a popular/stable linux distribution).

Last year, Anthony Ferrara posted an excellent round up of PHP versions in the wild, specifically focusing on the volume of un-patched versions running production websites. Even as an estimate it was an eyeopening moment for many people.

Using data from w3techs and, while the raw data isn't posted, what's there is good enough for an estimation. He talks some about the definition of "secure" in the context of the results and lists the current versions of several popular linux distributions and the versions they support. His results are then grouped by minor release and created some graphs for the results to help with visualization. The remainder of the post shares these results for PHP versions 5.6, 5.5, 5.4, 5.3 and yes even 5.2/5.1. The results end with overall numbers/graphs of the most widely installed versions and what percentage of those are considered "secure". With PHP 7 just released the results are a little discouraging but it is good to see things trending the right way since last year's results.

tagged: version roundup install popular language secure linux supported w3techs

Link: https://developerjack.com/blog/2015/12/09/php-version-roundup/