This past week saw the official release of PHP 5.1.3 and 5.1.4 (to fix a few critical bugs). Changes include:
- Disallow certain characters in session names.
- Fixed a buffer overflow inside the wordwrap() function.
- Prevent jumps to parent directory via the 2nd parameter of the tempnam() function.
- Enforce safe_mode for the source parameter of the copy() function.
- Fixed cross-site scripting inside the phpinfo() function.
- Fixed offset/length parameter validation inside the substr_compare() function.
- Fixed a heap corruption inside the session extension.
- Fixed a bug that would allow variable to survive unset().
- Fixed a number of crashes in the DOM, SOAP and PDO extensions.
- Upgraded bundled PCRE library to version 6.6.
- The use of the var keyword to declare properties no longer raises a deprecation E_STRICT.
- FastCGI interface was completely reimplemented.
- Multitude of improvements to the SPL, SimpleXML, GD, CURL and Reflection extensions.
- Over 120 various bug fixes.
As well, 5.1.4 saw the fix of 2 critical bugs with $_POST array handling as well as the FastCGI sapi, that were discovered in 5.1.3. For the complete changelog, visit http://www.php.net/ChangeLog-5.php#5.1.4
and to download, go to http://www.php.net/downloads.php
Webdevity.de announced their 2006 Code Challenge for open source programmers. The challenge goes from May 4-August 15, 2006. They will be accepting entries in 3 categories (all open source solutions) - web based calendar, wikipodcast and a captcha class. Prizes include Zend Studio Enterprise, Zend Guard 4, tickets to Euroscon, and many more. All participants receive an O' Reilly book of their choice and a free yearly membership for webdevity.de. For more information, go to http://www.webdevity.de/codechallenge.html
There will be another opportunity for all of us PHP coders in the world to go to a conference and learn a thing or two. Washington DC's PHP User Group, PHP DC, has announced the DCPHP Conference, to be held at the L'Enfant Plaza Hotel in Washington, on October 18-20, 2006. They are currently entertaining talk/tutorial proposals, and you can read more about that at http://www.dcphpconference.com/
This year's combo conference, php|works-db|works will take place September 13-15 in Toronto, with September 12 being set aside for tutorial sessions. For more information about the conference, visit http://hades.phparch.com/ceres/public/page/index.php/works
, and for specific information regarding the Call for Papers (which ends June 5, 2006) visit http://hades.phparch.com/ceres/public/page/index.php/works::cfp
A quick note on the NYPHP Conference Website
tells us they've made their final decisions on speakers and tutorials. We see some familiar names (Andrei Zmievski, Derick Rethans, Rasmus Lerdorf, Ilia Alshanetsky, John Coggeshall, David Sklar, Laura Thomson, Joe Stagner, Rod Smith) and some not-so-familiar names (Marc Isikoff, Adjunct Professor, Columbia University; Eero Teerikorpi, CEO, Continuent; Guillaume Jarysta-Dautel, CTO, Devolia; Kitman Cheung, IBM; Richard Rosa, SVP/CTO, Debt Resolve; Gregory Stoltz, CTO, Direct Response Technologies among others). Just a reminder, the conference itself will be held June 14-16, 2006, with June 12-13 set aside for pre-conference tutorials. For a look at the complete schedule with topics, go to http://www.nyphpcon.com/conference_glance.php.
Wez Furlong has posted a copy of slides (in PDF) from a talk he gave in October 2003 on extending PHP. The 24 slides are very comprehensive and he says "the content is based on PHP 4, but should still be applicable to PHP 5." To get your hands on a copy, visit Wez's blog at http://netevil.org/node.php?nid=824
I would be remiss in my duties if I didn't include what's new at PEAR and PECL. Recent PEAR releases include:
- DB_QueryTool - An OO-interface for easily retrieving and modifying data in a DB.
- MDB_QueryTool - An OO-interface for easily retrieving and modifying data in a DB.
- Validate_Finance - Validation class for Finance
- PhpDocumentor - The phpDocumentor package provides automatic documenting of php api directly from the source.
- PEAR_PackageFileManager - PEAR_PackageFileManager takes an existing package.xml file and updates it with a new filelist and changelog
- CodeGen_MySQL_UDF - Tool to generate MySQL UDF extensions from an XML description
- Pager - Data paging class
And for PECL, we had:
As always, you can download or learn more about these packages at http://pear.php.net and http://pecl.php.net.
See you next week with more tidbits from the PHP world!