News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP.net:
PHP 5.6.8, 5.5.24 & 5.4.40 Released (Security Fixes)
April 17, 2015 @ 09:38:18

The PHP development group has released several different versions of PHP for the 5.5.x, 5.6.x and 5.4.x series with a long list of security issues fixed in each one (fourteen in total):

The PHP development team announces the immediate availability of PHP [5.4.40, 5.6.8, 5.5.24]. 14 security-related bugs were fixed in this release, including CVE-2014-9709, CVE-2015-2301, CVE-2015-2783, CVE-2015-1352. All PHP 5.4 users are encouraged to upgrade to this version.

Other items were fixed besides the security issues, so check out the Changelog to see those few other fixes. It's highly recommended that you update your installations to these latest versions. You can grab the latest either from the downloads page (source) or Windows users can go to winodws.php.net.

0 comments voice your opinion now!
language release multiple security fix changelog upgrade

Link: http://php.net/archive/2015.php#id2015-04-16-3

IBM developerWorks:
PHP renewed Password security in modern PHP
April 17, 2015 @ 08:53:15

The IBM developerWorks site has a new tutorial posted talking about how PHP has been "renewed" in recent versions, more specifically in the password security department.

When PHP was first crafted in the mid-1990s, the term web application didn't even exist yet. Password protection, then, wasn't one of the features that the PHP creators devoted resources to. After all, you didn't need to worry about passwords when you used PHP just to put a site-visit counter or a date-modified stamp on your web page. But 20 years have passed, and now it's almost unthinkable to create a web application that doesn't involve password-protected user accounts. It's of the utmost importance that PHP programmers safeguard account passwords by using the latest and most secure methods.

The article goes on to talk about the importance of using secure hashing methods for password storage, the speed at which "cracking" programs can run and the use of "rainbow tables". It then gets into some of the older methods commonly used for password storage and protection and shows how to refactor them into the new password hashing functionality introduced in PHP 5.5.

0 comments voice your opinion now!
password security hashing renewed modern language release

Link: http://www.ibm.com/developerworks/web/library/wa-php-renewed_2/index.html

Hannes Magnusson:
Next Generation MongoDB Driver for PHP!
April 15, 2015 @ 11:41:50

Hannes Magnusson has a new post to his site talking about the new update to the MongoDB driver for PHP and its focus on simplicity.

For the past few months I've been working on a "next-gen" MongoDB driver for PHP -- codename "phongo". The aim was to build a new PHP extension ontop of the mongoc and libbson libraries to reduce maintenance of the extension itself and focus more on providing the ecosystem with improved support and libraries.

The new driver is available on PECL (called "mongodb", surprisingly enough). It doesn't include any of the bells and whistles found in the previous "mongo" driver. It doesn't include any `group` or `count` command helpers, and you won't find any Collection or Database objects; however, it really doesn't need any of these things.

He talks about the three basic things it can do: execute a command, a write or a query to locate records. He also answers the question many developers have about this shift to simplicity and provides a link to a PHP library to make porting over existing MongoDB handling simpler.

0 comments voice your opinion now!
mongodb driver pecl extension language simplicity version release

Link: http://bjori.blogspot.com/2015/04/next-gen-mongodb-driver.html

Jared McFarland:
Creating a PHP extension in Rust
April 06, 2015 @ 09:22:02

Jared McFarland has a recent post to his site showing how to make a PHP extension in Rust, a more recent programming language that seeks to "run fast, prevent almost all crashes and eliminate data races".

Last October I had a discussion with one of my coworkers at Etsy about how writing extensions to interpreted languages like PHP, Ruby or Python should be a lot easier than it is now. We talked a bit about how one of the barriers to successfully writing an extension is they're generally written in C, and it's hard to gain confidence in C code if you're not an expert at the language.

Ever since then I've toyed with the idea of writing one in Rust, and for the past few days have been playing around with it. I finally got it to work this morning.

He starts by static his goal, to make a PHP extension with Rust that was compiled into a library along with some C headers. He talks about his use of the Rust Foreign Function Interface to make a "hello world" script and the code to call it from C, complete with header code examples and the result of it being called. He then gets into the PHP integration, showing you the code you'll need for the extension and compiling it into a module and moving it into the extension directory. He also includes some "useless micro-benchmarks" so you can see how things perform, comparing his function to base PHP when calculating the Fibonacci sequence algorithm.

0 comments voice your opinion now!
extension rust programming language helloworld tutorial

Link: http://jaredonline.svbtle.com/creating-a-php-extension-in-rust

SitePoint PHP Blog:
Top 10 Z-Ray Features to Check Out
March 26, 2015 @ 09:50:23

The SitePoint PHP blog has a new post today from Daniel Berman (of Zend) with the top 10 features of Z-Ray to be sure to check out. Disclaimer: Z-Ray is a tool provided by Zend, a part of their Zend Server product.

Necessity is the mother of invention goes the famous saying. For PHP developers, there is no greater need than visibility. But developers today have a tough choice to make as they develop and debug their apps. Either use crude methods such as printing, debugging information, or storing it in a log file, or - use multiple debugging/profiling tools that are awkward and require a lot of work from the developer's side. [...] This article introduces the top 10 features of Z-Ray - an innovative new technology from Zend that makes PHP development a whole lot quicker and easier by giving developers unprecedented insight into their code - and the visibility they need to develop top-notch apps.

Among the items on their Top 10 list are things like:

  • Viewing information about page requests
  • Execution time and memory consumption
  • Showing errors and warnings
  • Viewing functions called during execution
  • Debugging features for mobile apps and APIs

Check out the full post for a list of more features and screenshots/detail on each one.

0 comments voice your opinion now!
zend zray zendserver top10 list features screenshot

Link: http://www.sitepoint.com/top-10-z-ray-features-check/

PHP.net:
Release of PHP 5.6.7, 5.5.23 and 5.4.39
March 20, 2015 @ 10:45:27

The PHP development group has announced the release of the latest versions in all three major versions of PHP currently supported: PHP 5.6.7, 5.5.23 and 5.4.39. These releases are bugfix only with several security updates included.

The PHP development team announces the immediate availability of [these new versions]. Several bugs have been fixed as well as CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331. All PHP [5.6, 5.5 and 5.4] users are encouraged to upgrade to this version.

As always, you can get the latest released for each of these versions from the main downloads page (for Windows users on windows.php.net) and if you'd like to see the other changes besides the security-related fixes check out the full Changelog.

0 comments voice your opinion now!
version release language php54 php55 php56 security bugfix

Link: http://php.net/index.php#id2015-03-20-2

NetTuts.com:
Building Your Startup With PHP Localization With I18n
March 09, 2015 @ 10:43:08

In the latest part of their series of "building a startup" application in PHP, NetTuts.com looks at supporting internationalization with the functionality of the Yii framework.

This is part four of the Building Your Startup With PHP series on Tuts+. In this series, I'm guiding you through launching a startup from concept to reality using my Meeting Planner app as a real life example. Every step along the way, we'll release the Meeting Planner code as open source examples you can learn from. We'll also address startup-related business issues as they arise. In this tutorial, I wanted to step back and add I18n internationalization support to our application before we build more and more code.

They start off with a look at some of the overall goals of internationalization (i18n) and about how it works in the Yii system. It uses placeholders with a key/value system to replace the data based on which language is selected. They show you how to configure Yii's support including default language, sorting of the data and files to exclude when looking for i18n configurations. With this configuration in place they show how to use the command line tool to extract these messages out into separate folders for easier management and faster reference. Finally they show how to select a language and use the Yii code generator together with the translations to create models and forms.

0 comments voice your opinion now!
build startup series part4 internationalization i18n localization language yii framework

Link: http://code.tutsplus.com/tutorials/building-your-startup-with-php-localization-with-i18n--cms-23102

Zend Blog:
Developing a Z-Ray Extension
February 25, 2015 @ 11:54:41

Zend recently introduced their Z-Ray inspection tool that allows you to see inside your application and know what's happening in your code, your database and has support for major PHP projects. In this new post to their blog they show you how to develop a custom extension for the Z-Ray system.

One of the coolest features in Z-Ray is the ability to plug in your own extensions. Meaning, you can customize existing Z-Ray panels or add your own personalized Z-Ray panel for displaying information you think is important for developing your specific application. This short tutorial will describe how to write a basic extension for Z-Ray. More specifically, we'll be writing a Z-Ray extension for WordPress that extracts and displays a list of loaded WordPress plugins.

They give you a list of things you'll need to set up before you can get started including a simple WordPress installation on a Zend Server instance. With these in place they help you create the "zray.php" file to define the extension, how to enable it and setting up a "trace" on a function to hook it into the execution. They then dump the WP plugin information and reformat it a bit to show only the list of names and versions in the output panel. As a last touch, they add a logo to the panel to show in the bottom menubar with the WordPress logo.

0 comments voice your opinion now!
zray zend extension custom wordpress tutorial plugin

Link: http://blog.zend.com/2015/02/25/developing-z-ray-extension

Evert Pot:
The problem with password_hash()
February 25, 2015 @ 10:51:04

Evert Pot has shared some of his thoughts about why he has a problem with password_hash (and friends). His thoughts are initially about this particular feature but they're actually wider than that.

The initial introduction and rfc for these functions made me uneasy, and I felt like a lone voice against many in that I thought something bad was happening. I felt that they should not be added to the PHP engine. I think that we should not extend the PHP engine, when it's possible to write the same API in userland, or there are significant benefits to do it in PHP, such as performance. Since the heavy lifting of the password functions is done by underlying libraries that are already exposed to userland-PHP, it didn't make sense to me to expose it as well in the core.

He includes a list of things he sees as drawbacks for new C-based functionality in PHP including the fact that it extends the "PHP specification" and forces other projects to implement it (like HHVM). He does include a few positives, though, such as the increased visibility and legitimacy, but still thinks they don't outweigh the negatives.

0 comments voice your opinion now!
password hash core language c implementation opinion userland

Link: http://evertpot.com/password-hash-ew/

Full Stack Radio:
10 Type Safety Roundtable with Ryan Tablada and Matt Machuga
February 24, 2015 @ 09:15:55

In the latest episode of the Full Stack Radio podcast - episode #10, host Adam Wathan has two guests to talk about programming in a language with dynamic types versus static types.

In this episode, Adam talks with Ryan Tablada and Matt Machuga about the philosophical differences between programming in a statically typed language vs. a dynamically typed language. They talk about things like explicit interfaces vs. duck typing, function calling vs. message passing, and some of the recent RFCs around optional typing in the PHP community.

You can listen to this latest episode either through the in-page audio player or by subscribe to their feed to get the latest episodes as they're released.

0 comments voice your opinion now!
fullstackradio ep10 typesafety strong dynamic language podcast mattmachuga ryantablada

Link: http://fullstackradio.com/episodes/10


Community Events

Don't see your event here?
Let us know!


interview release podcast laravel api version framework performance community extension opinion voicesoftheelephpant symfony2 example series xdebug php7 introduction conference library

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework