XAMPP 1.5.3 Released
A message from the Apache Friends lets us know that there is a new version of XAMPP if you're lazy like me. From their message, "The Apache Friends team is proud to announce XAMPP 1.5.3 for Linux and Windows. The new version of XAMPP includes fresh, green and up-to-date versions of: PHP 5.1.4, MySQL 5.0.21, Apache 2.2.2, phpMyAdmin 2.8.1 and OpenSSL 0.9.8b. In case of Linux we also upgraded ProFTPD to the recent 1.3.0 and in case of
Windows we included the new version of FileZilla FTP Server 0.9.16c. Download XAMPP 1.5.3 here:
" Now, what could be easier?
php|architect Launches ART
There is a new resource in town, available to us absolutely free. It's ART (php|artchitect article repository) and we see that they are actively seeking article submissions. For more details, you can check out Marcus Whitney's blog (http://www.marcuswhitney.com/?p=88)
and to see ART in action, go to http://hades.phparch.com/artemis/main/
Filtering & Escaping Cheat Sheet
Davey Shafik has been kind enough to put together a visual cheat sheet for filtering and escaping input and output. You can get the cheat sheet and read more about it in his blog post, http://www.pixelated-dreams.com/archives/231-Filtering-Escaping-Cheat-Sheet.html
. Thanks, Davey!
How to (Really) Help the PEAR Project
An interesting blog post on Greg Beaver's blog
gives us some practical advice for how to effectively help on a PEAR
) project. He advises not to simply ask "How can I help?" as there are numerous bug lists out there that need fixin' and you don't really need permission to begin working on them. He also gives straightforward email templates that you can use when submitting fixes and such, for those of us that are communicatively-challenged. So if you've considered helping out with project, be sure to read Greg's blog post
OmniTI Acquires BrainBulb
Yes, it's true. Chris Shiflett
has joined the masterminds at OmniTI
. According to the official press release
, "The addition of Brain Bulb's expertise in the area of web application security to OmniTI's full-service Internet technology professional services practice creates a comprehensive PHP-based service portfolio, further extending the company's positioning within the industry as experts in designing and implementing reliable information infrastructures." We all know that really means they're kicking booty. Congrats, Chris and the whole OmniTI team.
Numerous PHP App Vulnerabilities Reported
Secunia is reporting numerous
vulnerabilities in PHP apps this week. While most are dealing with lesser-known apps, a few more widely spread ones were also on the list, such as Wordpress
. For a complete list, check out Secunia's site
or you can read the security summaries compiled by the PHP Security Consortium (http://phpsec.org/projects/vulnerabilities/securityfocus.html
Smarty 2.6.14 is Released
This recent release of the Smarty template system, "addresses a compiler bug that allowed the creation of PHP tags in secure templates. No examples have been made public. If you use the security features of Smarty to keep PHP out of templates, it is highly recommended that you upgrade. This release also addresses updates regarding xml tags and block-methods of registered objects." To download, go to http://smarty.php.net/download.php
SourceForge's Advanced Search
Ok, admittedly this isn't specifically PHP-related, but I was glad to see that SourceForge
recently launched their advanced search feature
, making it so much easier to find what you're looking for. You can now search by specific program language, and in a specific category... or choose only those projects registered or updated in a certain date range. Very helpful, thanks SF!
Summer of Code Students Chosen
Congrats go out to Google's Summer of Code
students chosen to work with some of the PHP internals. Current projects being worked on include a PDF PECL extension (by Lauris Bukis-Haberkorns, mentored by Michael Wallner), phpAspect (by Candillon William, mentored by Marcus Boerger), PHP Macro Preprocessor (by Pavlo Shelyazhenko, mentored by Marcus Boerger), Quality Assurance GCOV website (by Daniel Pronych, mentored by Marcus Boerger), Livedocs - making DocBook less painful, and manuals more useful (by Philip Olson, mentored by Ilia Alshanetsky), new package to read, create or modify OpenDocument files (by Alexander Pak, mentored by Lukas Smith),
DML support: an improvement to PEAR::MDB2_Schema (by Igor Feghali, mentored by Lukas Smith), phpAspect (by Candillon William, mentored by Sebastian Bergmann). You can also check out the ideas and students for Joomla!
, Drupal, Eclipse
, and Moodle
. And to think I spent my summers flipping hamburgers. At any rate, congrats to all the students who were chosen and we all look forward to your progress on these projects!
I would be remiss in my duties if I didn't include what's new at PEAR and PECL. Recent PEAR releases include:
And for PECL, we had:
- pecl_http - Extended HTTP Support
- SPL_Types - Standard PHP Library, Types Addon
- ibm_db2 - Extension for IBM DB2 Universal Database, IBM Cloudscape, and Apache Derby
- gnupg - wrapper around the gpgme library
As always, you can download or learn more about these packages at http://pear.php.net
See you next week with more tidbits from the PHP world!