MySQL has been running a contest to flush out bugs in MySQL 5.0-- report a bug and be entered to win an iPod Nano (because "we make MySQL 5.0 Rock," dontcha know). Or better yet, report a bug and blog about your MySQL experience and be entered to win a pass to the MySQL Users Conference and dinner with the Development Team. What could be cooler than that? To read about the details, go to http://dev.mysql.com/mysql_5_contest.html
PHPers have a difficult decision this week, provided they can leave the office for 4-5 days, afford a plane ticket, hotel and conference registration fees. This upcoming week we see the North American Zend Conference (San Francisco, October 18-21)
and the O'Reilly European Open Source Convention (Amsterdam, October 17-20)
. Decisions, decisions!
Chris Shiflett has been kind enough to post some of his previously published articles on his blog:
- Security Corner: File Uploads
- Guru Speak: How to Avoid "Page has Expired" Warnings
- Security Corner: Ideology
- Security Corner: Cross-Site Request Forgeries
On his blog, you can also find a sample chapter of his new book, Essential PHP Security.
which you can see by going to http://shiflett.org
. Thanks Chris!
Ilia Alshanetsky's blog points us to the free chapter on SQL injection from his recently released book. The chapter can be downloaded for free at the MySQL Developer Zone: http://dev.mysql.com/tech-resources/articles/guide-to-php-security.html
Yes, you probably have seen this mentioned numerous times before, but the Zend team has released Zend Core for Oracle, "a certified, easy-to-install PHP environment
pre-integrated with the Oracle Database." You can try it out yourself, if you're curious, or read more about the specifics by going to https://www.zend.com/core/oracle/
phpMyAdmin released a security announcement (PMASA-2005-04
) regarding a file inclusion vulnerability that was discovered, and all users are encouraged to download the patch. Downloads are available by going to http://www.phpmyadmin.net/home_page/downloads.php
I would be remiss in my duties if I didn't include what's new at PEAR and PECL. Recent PEAR releases include:
- HTML_Form 1.3.0 - Simple HTML form package
- XML_RPC 1.4.4 - PHP implementation of the XML-RPC protocol
- XML_Feed_Parser 0.2.5alpha - Providing a somewhat unified API for handling
- XML_Indexing 0.3.6 - XML Indexing support
- Text_Wiki_Cowiki 0.0.1 - Cowiki parser and renderer for Text_Wiki
- Text_Wiki_Doku 0.0.1 - Doku parser and renderer for Text_Wiki
- Text_Wiki_Tiki 0.0.1 - Tiki parser and renderer for Text_Wiki
- Image_Remote 1.0.1 - Retrieve information on remote image files.
- Image_Color2 0.1.3 - Color conversion and mixing for PHP5
- PHPUnit2 2.3.0 - Regression testing framework for unit tests.
- XML_XPath 1.2.2 - The PEAR::XML_XPath class provided an XPath/DOM XML manipulation, maneuvering and query interface.
- XML_CSSML 1.1.1 - The PEAR::XML_CSSML package provides methods for creating cascading style sheets (CSS) from an XML standard called CSSML.
- Date 1.4.5 - Date and Time Zone Classes
- MDB2_Driver_mssql 0.1.2 - mssql MDB2 driver
- Image_MonoBMP 0.1.0 - Manipulate monochrome BMP images
- MDB2_Driver_ibase 0.1.2 - ibase MDB2 driver
- MDB2_Schema 0.3.0 - XML based database schema manager
And for PECL, we had:
- gnupg - wrapper around the gpgme library
- ibm_db2 - Extension for IBM DB2 Universal Database, IBM Cloudscape, and Apache Derby
- pecl_http - Extended HTTP Support
- rpmreader - RPM file meta information reader
- timezonedb - Timezone Database to be used with PHP's date and time functions
As always, you can download or learn more about these packages at http://pear.php.net/ and http://pecl.php.net/.
See you next week with more news and tidbits from the PHP world (and more specifically details on the Zend Conference)!