All news about PHP

According to the latest post on the main PHP site, the latest release of the PHP 5 series PHP 5.2.4 has been posted for public consumption.

The PHP development team would like to announce the immediate availability of PHP 5.2.4. This release focuses on improving the stability of the PHP 5.2.X branch with over 120 various bug fixes in addition to a resolving several low priority security bugs. All users of PHP are encouraged to upgrade to this release.

Check out the release announcement for complete details on what’s been updated or just head straight to the downloads page to grab this latest release.

My schedule for the remainder of 2007 is mostly solidified, and I wanted to take a moment to mention the conferences I’ll be attending. (I have been cutting back on conferences this year, but there are always a few that I don’t want to miss.)

php|works is being held at the Sheraton Gateway in Atlanta, and I’ll be giving two talks, one of which is a keynote entitled PHP 4 Is Dead:

They say PHP 4 is dead. (Who’s they?) It must be true, because the funeral date has been set. 08/08/08. How clever.

This keynote isn’t PHP 4’s eulogy. Instead, it’s a humorous look at the trials and tribulations you may or may not encounter as you migrate your steam-powered web infrastructure to something a little less noisy. As an added bonus, you’ll learn how to impress a database, speak a foreign language, and manipulate people’s minds. One of these is a lie, else this sentence is true.

I hope to make it entertaining. This is my first keynote, so I’m pretty excited.

The Future of Web Apps is a conference being held at ExCel in London. I’ll be giving a workshop entitled Essential Web App Security, and it’s going to focus heavily on emerging trends, because that best fits in with the conference’s theme. I’m looking forward to seeing Matt and Simon again, and I’m also looking forward to meeting Jon (Happy Birthday!) and Jon in person.

ZendCon is being held at the Hyatt Regency San Francisco Airport in San Francisco. I’ll be speaking about Security 2.0, which is a chance for me to talk about the latest and greatest in web application security. The title is really just a silly play on Web 2.0, but there is some evidence to support the notion that emerging trends in web application development are changing web application security as well. For those of you attending ZendCon, you should also check out the unconference that Patrick is putting together.

ApacheCon is being held at the Westin Peachtree Plaza in Atlanta. There are a lot of good speakers on the schedule, and I’m also hoping for a surprise visit by Geoff, since he missed OSCON. (ApacheCon is another multi-disciplinary conference, which is a big part of its appeal.)

I’ve got all of my trips entered into Dopplr, for those of you who use it. (More on that later.)

I hope to see you soon.

Posted Fri, 31 Aug 2007 16:09:40 GMT in Chris Shiflett’s Blog

The Bakery has posted five new articles/tutorials for topics like customizing the view and sending emails a little differently:

$anything_for_layout: Making HTML from the View available to the layout Did you ever have a side navigation that you wanted to change based upon changes in the view? Using this helper, you can write HTML and other output for display in the layout
css listmenu helper A helper (method) to create a css formatable listmenu.
ViewInFile component Sometimes in needed to output a view in a file. Most of the time for debugging, but also for some web service (xml) where you might need to send (by mail as a copy) an xml file reflecting the answer of the webservice.
ActAs Image column behavior This behavior add new column to your model and allow to store images in file system. It can resize images, create several versions, and thubnails. After find model you got link to file for each record in model.
Email Validation email validation replacement for /cake/libs/validation.php

Check out The Bakery for even more great CakePHPrelated content.

Elizabeth Naramore writes: A post to the internals mailing list (and a note on php.net) announces the latest stable release - PHP 5.2.4. The announcement states that:

This release focuses on improving the stability of the PHP 5.2.X branch with over 120 various bug fixes in addition to resolving several low priority security bugs. All users of PHP are encouraged to upgrade to this release.You can download your copy at the php.net site, view full details of the release, and check the changelog for specific changes.

L’équipe de développement de PHP a publié une nouvelle version : la 5.2.4.

Cette nouvelle version corrige près de 120 bogues présent dans la branche 5.2 de PHP. Les corrections apportées concernent l’utilisation de wordwrap, GD, chunk_split, php_openssl_make_REQ, glob, open_basedir… Pour consulter la liste complète des améliorations apportées consultez le changelog.

A noter également, la disponibilité d’un guide de mise à jour de la version 5.5 à partir des versions 5.1 et 5.0.

Télécharger PHP 5.2.4
Changelog 5.2.4
Guide d’installation de PHP 5.2

SQLite est un petit SGBD (environ 250 Ko) implémentant en grande partie le standard SQL92 et compatible PHP 5.

Contraitement à de nombreux SGBD, SQLite ne reproduit pas le schéma habituel client/serveur mais est directement intégré aux programmes en utilisant des fichiers pour stocker les bases de données.

Jason Gilmore propose sur developer.com un tutoriel expliquant, entre autre, comment utiliser SQLite dans une application PHP 5.

Lire le tutoriel
Site officiel de SQLite

The access and manipulation of data is core to most Web applications. JSON has proven to be a very easy to use, yet an immensely powerful data interchange protocol. However, by itself JSON is lacking a number of important capabilities, and efficient client/server data interaction must usually be customized, making development and interoperability difficult.

With so many Web 2.0 applications being written in AJAX, it was only a matter of time before the vulnerabilities began to crop up, but no one expected the unusual form they would take. This session by the man who discovered the first cross-vendor AJAX vulnerability - JavaScript Hijacking - will detail it and other security concerns while also discussing ways that AJAX could be implemented to make it less risky. Finally, we will take a look at AJAX security incidents to-date, and identify the ways that increased adoption of AJAX is likely to change the way hackers behave.