News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Evert Pot:
The problem with password_hash()
February 25, 2015 @ 10:51:04

Evert Pot has shared some of his thoughts about why he has a problem with password_hash (and friends). His thoughts are initially about this particular feature but they're actually wider than that.

The initial introduction and rfc for these functions made me uneasy, and I felt like a lone voice against many in that I thought something bad was happening. I felt that they should not be added to the PHP engine. I think that we should not extend the PHP engine, when it's possible to write the same API in userland, or there are significant benefits to do it in PHP, such as performance. Since the heavy lifting of the password functions is done by underlying libraries that are already exposed to userland-PHP, it didn't make sense to me to expose it as well in the core.

He includes a list of things he sees as drawbacks for new C-based functionality in PHP including the fact that it extends the "PHP specification" and forces other projects to implement it (like HHVM). He does include a few positives, though, such as the increased visibility and legitimacy, but still thinks they don't outweigh the negatives.

0 comments voice your opinion now!
password hash core language c implementation opinion userland

Link: http://evertpot.com/password-hash-ew/

Full Stack Radio:
10 Type Safety Roundtable with Ryan Tablada and Matt Machuga
February 24, 2015 @ 09:15:55

In the latest episode of the Full Stack Radio podcast - episode #10, host Adam Wathan has two guests to talk about programming in a language with dynamic types versus static types.

In this episode, Adam talks with Ryan Tablada and Matt Machuga about the philosophical differences between programming in a statically typed language vs. a dynamically typed language. They talk about things like explicit interfaces vs. duck typing, function calling vs. message passing, and some of the recent RFCs around optional typing in the PHP community.

You can listen to this latest episode either through the in-page audio player or by subscribe to their feed to get the latest episodes as they're released.

0 comments voice your opinion now!
fullstackradio ep10 typesafety strong dynamic language podcast mattmachuga ryantablada

Link: http://fullstackradio.com/episodes/10

HHVM Blog:
Announcing a Specification for Hack
February 20, 2015 @ 13:51:15

Similar to how the language specification was released for PHP a little while back, the HHVM team has announced a new specification for Hack, the language they've created as a part of the HipHop VM project that's similar to PHP.

When we announced Hack, we were very excited for the community to get their hands on a programming language that has helped Facebook engineers become more productive in their day-to-day development and became, alongside PHP, the language used when developing applications running on HHVM. At the time of release, we had documentation geared for the programmer using Hack to develop applications. However, we did not have official documentation for those that might want to create a Hack implementation of their own or something like a Hack conformance test-suite. This specification fills that gap. It is the document for the Hack implementer, and an excellent supplemental document for the Hack user.

The remainder of the post talks about some of the reasoning behind creating the specification, pointing to resources where you can help contribute and a few thanks to some of the people that worked on it.

0 comments voice your opinion now!
specification hack hhvm facebook hiphop language

Link: http://hhvm.com/blog/8537/announcing-a-specification-for-hack

PHP.net:
PHP 5.6.6 is available
February 20, 2015 @ 09:08:51

Following on the heels of the other latest releases of PHP (5.5.22 and 5.4.38), the PHP development group has release the latest in the 5.6.x series - PHP 5.6.6.

The PHP development team announces the immediate availability of PHP 5.6.6. This release fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273. All PHP 5.6 users are encouraged to upgrade to this version.

You can get this latest release either directly from the downloads page (well, from a mirror) or if you're a Windows user you can get the binaries here. Upgrading is definitely recommended and you can find all the details of the release and what what fixed in the Changelog.

0 comments voice your opinion now!
language release cve bugfix security php566

Link: http://php.net/archive/2015.php#id2015-02-19-2

PHP.net:
Release of PHP 5.5.22 & 5.4.38
February 19, 2015 @ 11:09:40

The main PHP.net site has an announcement today about the latest released of the language fixing several bugs including a few security-related issues: PHP 5.5.22 and 5.4.38.

The PHP development team announces the immediate availability of PHP 5.5.22 and 5.4.38. This release fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273. All PHP 5.5 and 5.4 users are encouraged to upgrade to this version.

As always, you can get the latest source downloads from the downloads page or Windows users can get the binaries from windows.php.net. Those interested in the complete list of fixes in these releases can check out the latest entries in the Changelog.

0 comments voice your opinion now!
language release cve bugfix security changelog php55 php54

Link: http://php.net/archive/2015.php#id2015-02-19-1

Reddit.com:
So, what is PHP's nature? Anyone actually know exactly what it is?
February 13, 2015 @ 11:58:01

In this recent post to the /r/php subreddit on Reddit.com, the question is asked "what is the nature of PHP?" and how it relates to what features make it into the language and which don't.

I've heard many times that a proposed RFC/new feature got rejected by PHP internals in voting phase, since 'it does not fit the nature of PHP'. But the question is, what is PHP's nature? Does it even have a nature at all? If yes, is there a standard or guideline of what fits in PHP's nature? I think its very confusing, isnt it? Anyone actually have some insights in this?

In the comments other users provide a wide range of opinions including:

  • "I would recommend taking those types of comments with a grain of salt. PHP's nature is a very subjective topic, as you can tell by the other comments."
  • "PHP was made to make dynamic web pages at a time when webpages contained minimal dynamic content. It was made at a time when web pages doesn't required a programming language to generate."
  • "Easy to pick up and make a website for weak devs/prototypes (easy to abuse). Much of the hate for PHP is because this abuse is possible and exploited often."
  • "As someone mentioned, nobody who does any sort of web development today can ignore Javascript and they will typically be switching back and forth between Javascript and PHP every couple of minutes. This is our target user these days and as such this syntax is appropriate I think."

Check out the full post for more opinions or to voice your own!

0 comments voice your opinion now!
nature language opinion reddit

Link: http://www.reddit.com/r/PHP/comments/2vmh3o/so_what_is_phps_nature_anyone_actually_know/

Lorna Mitchell:
5 Reasons to Consider Upgrading Your PHP Platform
February 06, 2015 @ 12:04:35

Lorna Mitchell has a new post today with five things that you could gain by upgrading your platform, mostly centered around the changes PHP has made recently.

In recent years, the release cycle of PHP has become much shorter. We now have a much more controlled and well-publicised process of releases, and moving between each version is no longer a leap of faith. The newer versions have HUGE performance improvements, great features, and better security, and the software is free to use. Yet we have a very, very long tail of PHP installations on older versions (around 75% on entirely unsupported versions at this point). Many of the companies I talk to think that upgrading will be pointless and painful, but that's not my experience of migrating PHP projects. Here are a few things you might like to think about or be aware of before you make the decisions that "not broken" is good enough for your applications.

She offers her list of five things, each with a bit of summary and a few links to more information on the topics:

  • Improved Performance
  • Security and Support
  • New Syntax
  • Traits
  • Built In Webserver

She also technically includes another in the list (#6 in the top 5, naturally) talking about the password hashing functionality that's been introduced in recent versions and how much simpler it can make your life.

0 comments voice your opinion now!
upgrade reasons language platform suggestion feature

Link: http://www.lornajane.net/posts/2015/5-reasons-to-consider-upgrading-your-php-platform

SitePoint PHP Blog:
RAML, the RESTful API Modeling Language
February 02, 2015 @ 10:52:58

The SitePoint PHP blog has a new post today introducing RAML, a modeling language made specifically for use in APIs to define services available.

n a recent article I introduced Slate, a static site generator specifically designed for writing API documentation. This time around, I'm going to look at something which in many ways is even better. But first, if you'll indulge me for just a moment, I'd like to begin by quoting myself from that article; "[an] API is only as good as its documentation." I think it's worth repeating, since it's all-too-frequently overlooked, and it's one of the motivations for this short series of articles on some of the tools out there to help you write great documentation.

RAML (RESTful API Modeling Language) provides a structured, unambiguous format for describing a RESTful API. It allows you to describe your API; the endpoints, the HTTP methods to be used for each one, any parameters and their format, what you can expect by way of a response and more.

He starts off with a few things that RAML is particularly good at helping with, including being used to generate other documentation. He then moves into writing up some of the actual RAML documentation, noting that it's a derivative of YAML and is just made from text files. He walks through the creation of a sample RAML document including the overall summary information, describing resources, HTTP methods and response structure. He also includes examples of defining query parameters, request data and any security requirements you might have. Finally, he suggests the raml2html tool if you want to generate some HTML output of your configuration, making it easier for normal humans to read.

0 comments voice your opinion now!
raml api rest modeling language documentation requirements endpoints

Link: http://www.sitepoint.com/raml-restful-api-modeling-language/

PHP.net:
Release of PHP 5.4.37, 5.5.21 & 5.6.5
January 23, 2015 @ 10:03:03

The PHP.net has posted the latest releases of the language for all of the major series - PHP 5.4, 5.5 and 5.6. Each release fixes several bugs including a few security related issues:

It is strongly encouraged that you upgrade to the latest release for the major version you're using to prevent issues around these vulnerabilities. You can find these latest releases on the main downloads page or windows.php.net for the Windows binaries.

0 comments voice your opinion now!
language release cve bugfix security

Link: http://php.net/archive/2015.php#id2015-01-22-3

Reddit.com:
What changes would you like to see in PHP 7?
January 20, 2015 @ 12:51:08

In the /r/php subreddit on Reddit.com a question was posed to the community: What changes would you like to see in PHP 7?. So far there's 80+ answers with a wide variety of responses.

As well as massive performance improvements, PHP 7's change / feature list is already looking great. You can find most of the features that have been accepted or are under discussion on the PHP Dev Wiki: RFCs section. But what changes would make a difference to you? What would you really like to see make it in (already suggested or a new suggestion)?

Here's just a few of the suggestions made by fellow Reddit users:

  • fixing inconsistencies in naming
  • sandboxed eval
  • a complete rework of the standard library
  • the introduction of generics
  • adding enum functionality
  • type aliasing
  • stack traces for fatal errors

Check out the full post for more ideas and feedback from other members of the community too. It's an interesting list of suggestions, some that are even already in the works.

0 comments voice your opinion now!
php7 changes reddit opinion community language feature improvement

Link: http://www.reddit.com/r/PHP/comments/2sx5x3/what_changes_would_you_like_to_see_in_php_7/


Community Events

Don't see your event here?
Let us know!


extension community api release interview series introduction voicesoftheelephpant language conference psr7 laravel podcast unittest library development framework wordpress laravel5 opinion

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework