Secunia.com: Mandriva update for PHP
Original post provide by PHP FreaksAs per this new Secunia advisory, the Mandriva group has officially released updates to their PHP packages:
Mandriva has issued an update for php. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions, malicious users to bypass certain security restrictions, gain escalated privileges, disclose potentially sensitive information, or cause a DoS (Denial of Service), and by malicious people to bypass certain security restrictions and cause a DoS.
The original advisory has more detailed information (like what the patch fixes) and the checksums for all of the packages to update. Update your installation quickly and easily with the MandrivaUpdate system.
Previous Articles:GoogHOle Exploits GMail, Picasa And 200K Other Sites
Giorgio Maone writes "Multiple Google-targeted exploits disclosed in the past 3 days could compromise your GMail account, steal your pictures from Picasa or impersonate you on almost 200,000 big sites which outsourced their search engines (vulnerabilities included in the price). If even Google, a very reactive company when web security matters, does face this kind of problems, how serious is the threat and what can you do, as a "normal" web user, to protect yourself?"Read more of this story at Slashdot.
OpenAjax Alliance Announces New Initiatives For Secure Mashups And Mobile AJAX
OpenAjax Alliance has revealed new initiatives for secure mashups and mobile AJAX, as well as a new white paper on AJAX security. As AJAX and mashups continue to gain widespread acceptance under the Web 2.0 umbrella, it is critical for organizations to understand these threats and to avoid them by adhering to some best practices.
O'Reilly Ruby Blog: 7 Reasons I Switched Back To PHP After 2 Years On Rails
It's doable with a lot of glue. But it's damn hard. And certainly makes you ask why you're really doing this.) Recounting the rest of the story, Derek mentions the turning point (Is there anything Rails can do that PHP CAN'T do?) and the speed at which they were able to make up for the two years of lost development time.
Rob Allen's Blog: Luke - Lucene Index Toolbox
Luke bills itself as: a handy development and diagnostic tool, which accesses already existing Lucene indexes and allows you to display and modify their contents in several ways [including] view documents / copy to clipboard, selectively delete documents from the index and optimize indexes.
Community News: Latest PEAR Releases For 09.24.2007
Latest PEAR Releases:CodeGen_MySQL_Plugin 0.9.1devCodeGen_MySQL 0.9.1devVersionControl_SVN 0.3.1Net_LDAP 1.0.0RC4Testing_FIT 0.2.2Net_UserAgent_Detect 2.4.0Text_Diff 0.3.0DB 1.7.13PHP_CodeSniffer 0.9.0
More Articles:
Community News: PHPPodcasts.com Launched
Currently, there's four podcasts under the PHPPodcast umbrella Zend's own PHP Abstract, php|architect's Pro PHP podcast, the phpBB podcast and the CakePHP group's own podcast, The Show. Know of a PHPrelated podcast that you think should be added to the site?
Christopher Jones' Blog: Book Review: PHP Oracle Web Development
The result is an excellent book that joins the PHP and Oracle worlds together. Christopher talks about some of what the book covers (like installation and code snippets) and the book's excellent focus on different topics, giving each it's own full coverage.
Greg Beaver's Blog: Working Towards Pyrus And PEAR2, Check It Out Or Miss Out
The code has been developed on PHP 5.2, but will most likely target PHP 5.3 with the introduction of namespaces. Pyrus completely revamps the way things are done. Greg mentions some of the functionality the installer will use including XMLReader/XMLWriter, namespaces and bits of functionality from the Standard PHP Library (SPL).
Community News: MySQL AB Project Officially Supports PDO
There's budgets and time lines for the project so things are already moving along and developers to the project will soon be assigned. Lukas also mentions updated on PHP's side validating that the documentation for the extensions (mysql and mysqli) are up to date and correct.
Felix Geisendorfer's Blog: Migrating From WordPress To CakePHP
Felix Geisendorfer is in the process of moving his blog from Wordpress to a customized lightweight CakePHP replacement he's developing to be extended later on. His post shares some of the tips he found so far. In this post I'm simply going to throw out some snippets to show how I'm currently approaching the whole process in order to give both my insight into what works and what doesn't, while also hoping to get some people to share their insight into migrating legacy apps to CakePHP.