The PHP Development Team has announced the release of PHP 4.4.6, which addresses a segfault that occurs when register globals is enabled. It also fixes a few minor bugs. To see the complete list, you can visit the changelog and to download your updated copy, go to this page.
Pro PHP Podcast is Back
Sean Coates and Paul Reinheimer have revived the popular Pro PHP podcast and are committed to providing a bi-weekly news update for you. You can get caught up with PHP news and their comments by going to http://podcast.phparch.com and downloading the latest show. For future podcasts, Paul and Sean are going to be gathering news stories from del.icio.us, and
have asked for your help. If you see something interesting that you'd like them to include in the podcast, simply tag the article "prophpcast". Paul and Sean will then take a look at our collective pool of stories and include them in the podcast. Not only will they be discussing events in PHP but other related technologies as well.
OmniTI Announces OmniTI Labs
What do you do with all the cool extra things you work on when you have one of the most prominent PHP companies around? Simple. You open them up to the general PHP public. OmniTI Labs is a new addition to the OmniTI site that is, in their words, a "repository for some of the projects we generate while working on stuff for clients, for our products, or just on things that we think are cool. The website is a way for us to give this code back to the community." So far we see things like Portable Umem, a Library of Alexandria, and the ZetaBack Alpha. Curious as to what these are? You can check them out at https://labs.omniti.com/.
OWASP's Spring of Code 2007
The Open Web Application Security Project (OWASP) has announced their Spring of Code for 2007 where they will be giving away $110,000 in grant money for OWASP projects. To quote the site, "The objective of SpoC 007 is to allow contributors to allocate considerable resources on (existent or new) OWASP projects which are relevant and beneficial to the OWASP community." For a list of the project ideas so far, you can go to this page and to apply, you can go to their applications area.
XAMPP Users - Voice Your Opinion Now
The folks at Apache Friends let me know that they are opening a survey for all XAMPP users. As they so eloquently wrote, "In May 2007, XAMPP will be five years old and we think this is a good time to think about changes and improvements to XAMPP. That's what this survey is for:
to find out what your needs are and what we can do to improve XAMPP in the
next major release." The survey will be open until April 22 and you can reach it at this location.
Nexen.net Releases PHP Adoption Stats for March 2007
Although PHP4 is still being used on the majority of servers (at 84%), the use of PHP5 continues to grow. Version 5.2 is taking over 5.1x as its adoption has increased to 5% of all PHP installations. Nexen.net also estimates that PHP is being used on nearly 34% of all websites on the Internet. Not too shabby. For a complete list of PHP and Apache usage statistics (as well as some very cool graphs), you can visit http://www.nexen.net. Thanks to Damien Seguy for continuing to monitor these stats in such great detail for us.
PEAR's New Constitution
You may know that the PEAR group had been holding a vote as to what the future of PEAR might be. The votes are in and it looks like there will be some changes coming down the pike. Specifically, those changes are:
Adding an absolute leader (president) who can expedite important decisions.
The PEAR Group is demoted to a secondary function with open communications and elections.
Collectives are added, and take over some QA group responsibility, and encourage greater community creation within PEAR
PEAR QA group is disbanded, and its responsibilities are given partially to Collectives (enforcing coding standards, taking over abandoned packages) and partially to Website Administrators (pulling bad releases) to reflect the reality of how PEAR is actually working.
Developers are expected to be more open (give up some control) over their source code in exchange for the privilege of hosting the code at php.net
Current PEAR Group will cease to exist at the moment the election concludes and results are tallied for the new president and PEAR Group. Current PEAR Group members are welcome to run for election.
As a developer, you can rest assured that PEAR packages you depend on will continue to work to your benefit and that support for the PEAR project will continue into the future. To read the constitution in its entirety, you can go to http://pear.php.net/~greg/constitution.txt.
NuSphere Releases TechPlatform
The latest release in the NuSphere family is the TechPlatform Version 4.7. From their site, "TechPlatform is an integrated distribution of the most recent versions of Apache web server, PHP, and Perl along with other necessary development and administrating tools. Great news is that TechPlatform Version 4.7 is powered by PhpExpress and runs at least 30% faster! It also features our new dbg-wizard - PHP Debugger helper script, which can get you get up and running with remote php debugging in just 3 minutes." I've not yet checked this out in great detail, but it's on my to-do list definitely, especially since it's free. To download and check it out, go to NuSphere's TechPlat page.
Zend Conference CfP is Open
This year's Zend/PHP Conference and Expo will be held from October 8-11, 2007 at the Hyatt Regency San Francisco Airport, Burlingame, California. They've opened the Call for Papers so if you've got an idea for a talk, check it out. And if you don't have an idea for a talk, they've put together a list of "hot topics" that you can check out too. Maybe you'll find something there that piques your interest. Proposals aren't due until May 31, 2007 so you have a little time to get your thoughts together and think about what you can share with the PHP community. For more info and to submit a proposal, go to http://www.zendcon.com/cfp.php
PHP Security Tidbits You Won't Want to Miss
As security continues to be in the forefront of everyone's minds, here are a few resources you should check out if you have a spare moment or two.
Andrew Van der Stock's Blog Post on CSRF - Not only does Andrew give a graphical representation of what happens during a Cross Site Request Forgery, he also explains why certain preventions aren't foolproof, and what you should do instead.
Chris Shiflett's Saga with Amazon - One would think that given a year, a site as large as Amazon (with seemingly endless resources) would be able to plug a potentially serious CSS bug in their site. Think again, as Chris explains on his blog.
In order to bring together the organizers of the various PHP User Groups around the world, Ben Ramsey has created a collaborative group whereby these organizers can communicate, exchange ideas and work with each other to make all the user groups more effective. So far, Ben has set up a wiki, an irc channel, and a forum/mailing list for participants to communicate with each other. If you are an organizer of a group, or have a great idea for a way to make user groups better and more effective
for the PHP community in general, check out the PHP Groups site at http://www.phpgroups.org/. If you'd like to read Ben's full press release, you can visit his blog post at http://benramsey.com/archives/php-groups-announcement/.
I would be remiss in my duties if I didn't include what's new at PEAR and PECL. Recent PEAR releases include: