All news about PHP

As Alexey Zakhlestin points out today, Lukas Smith has made the announcement that the MySQL group is finally recognizing the efforts of the PDO developers and supporting them:

Ok, it seems that MySQL AB is finally committing to fix up PDO_MySQL and
to generally accept the fact that PDO is the future. Of course mysqli
will also be actively maintained. But they will also make mysqlnd play
nicely with PDO etc.

There’s budgets and time lines for the project so things are already moving along and developers to the project will soon be assigned. Lukas also mentions updated on PHP’s side validating that the documentation for the extensions (mysql and mysqli) are up to date and correct.

Greg Beaver talks about a big push that he’s making towards PEAR2 by working hard on an integral piece of the puzzle the Pyrus installer.

I’m churning out code to turn its installer, Pyrus, from vaporware into actual code. Along these lines, there has been significant progress. The code has been developed on PHP 5.2, but will most likely target PHP 5.3 with the introduction of namespaces. Pyrus completely revamps the way things are done.

Greg mentions some of the functionality the installer will use including XMLReader/XMLWriter, namespaces and bits of functionality from the Standard PHP Library (SPL). He’s released what he’s developed so far via a PEAR channel with no other dependencies.

Christopher Jones has posted a review of one of the latest PHPrelated books published by Packt Publishing PHP Oracle Web Development:

Yuli Vasiliev has put a lot of realworld PHP and Oracle experience into his book PHP Oracle Web Development. The book’s reviewer, Arup Nanda, was, amongst other things, Oracle’s DBA of the Year in 2003. The result is an excellent book that joins the PHP and Oracle worlds together.

Christopher talks about some of what the book covers (like installation and code snippets) and the book’s excellent focus on different topics, giving each it’s own full coverage.

Cal Evans, of Zend Developer Zone (and PHP Abstract) fame has launched a new site to help PHPers with keeping all of their PHP podcasts in one place PHPPodcasts.com an archive site to give people searching for PHP podcasts a onestop shop.

phppodcasts.com is not a replacement for any of the existing feeds, it won’t be on iTunes because it’s not in competition with the owners podcasts. It’s an archival site and a place for people to explore the different podcasts available for PHP developers before subscribing to them.

Currently, there’s four podcasts under the PHPPodcast umbrella Zend’s own PHP Abstract, php|architect’s Pro PHP podcast, the phpBB podcast and the CakePHP group’s own podcast, The Show.

Know of a PHPrelated podcast that you think should be added to the site? Let Cal know Cal [at] this domain.

As per this new Secunia advisory, the Mandriva group has officially released updates to their PHP packages:

Mandriva has issued an update for php. This fixes some vulnerabilities, where some have unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions, malicious users to bypass certain security restrictions, gain escalated privileges, disclose potentially sensitive information, or cause a DoS (Denial of Service), and by malicious people to bypass certain security restrictions and cause a DoS.

The original advisory has more detailed information (like what the patch fixes) and the checksums for all of the packages to update. Update your installation quickly and easily with the MandrivaUpdate system.

Giorgio Maone writes “Multiple Google-targeted exploits disclosed in the past 3 days could compromise your GMail account, steal your pictures from Picasa or impersonate you on almost 200,000 big sites which outsourced their search engines (vulnerabilities included in the price). If even Google, a very reactive company when web security matters, does face this kind of problems, how serious is the threat and what can you do, as a “normal” web user, to protect yourself?”

Read more of this story at Slashdot.

OpenAjax Alliance has revealed new initiatives for secure mashups and mobile AJAX, as well as a new white paper on AJAX security. As AJAX and mashups continue to gain widespread acceptance under the Web 2.0 umbrella, it is critical for organizations to understand these threats and to avoid them by adhering to some best practices.

The PHP Community is buzzing about a new article, posted on the O’Reilly Ruby blog, about how the author (Derek Silvers of cdbaby.com) made the decision that Ruby on Rails just wasn’t right for the project he was working on.

Back in January 2005, I announced on the O’Reilly blog that I was going to completely scrap over 100,000 lines of messy PHP code in my existing CD Baby (cdbaby.com) website, and rewrite the entire thing in Rails, from scratch. […] The first few months showed good progress, and Jeremy could not have been more amazing, twisting the deep inner guts of Rails to make it do things it was never intended to do.

But at every step, it seemed our needs clashed with Rails’ preferences. (Like trying to turn a train into a boat. It’s doable with a lot of glue. But it’s damn hard. And certainly makes you ask why you’re really doing this.)

Recounting the rest of the story, Derek mentions the turning point (Is there anything Rails can do that PHP CAN’T do?) and the speed at which they were able to make up for the two years of lost development time. To helps others make a decision for their project, he also includes seven reasons why he made the decision to switch back, including:

Our entire company’s stuff was in php: don’t underestimate integration
Don’t want what i don’t need
I love SQL
Programming languages are like girlfriends: the new one is better because *you* are better

There’s also been several bloggers in the PHP community that have responded to the article:

Elizabeth Naramore Derek Sivers’ Article on RoR vs PHP
Paul Jones Is there anything Rails can do that PHP cannot do? *No.*
Terry Chay Why PHP triumphs over Ruby
Jeff Moore Ruby versus PHP or There and Back Again

Rob Allen quickly points out a tool that Lucene users (Zend Framework and otherwise) can use to check out the contents of their indexing files.

If you want to understand what’s in your Zend_Search_Lucene index files, then download Luke (http://www.getopt.org/luke/) and point it at the directory containing your index files.

He also includes a screenshot to give you an idea of the interface.

Luke bills itself as: a handy development and diagnostic tool, which accesses already existing Lucene indexes and allows you to display and modify their contents in several ways [including] view documents / copy to clipboard, selectively delete documents from the index and optimize indexes.

Latest PEAR Releases:CodeGen_MySQL_Plugin 0.9.1devCodeGen_MySQL 0.9.1devVersionControl_SVN 0.3.1Net_LDAP 1.0.0RC4Testing_FIT 0.2.2Net_UserAgent_Detect 2.4.0Text_Diff 0.3.0DB 1.7.13PHP_CodeSniffer 0.9.0