Secunia is reporting a highly critical advisory exposing PHP vulnerabilities (among others) in RedHat, and users of this system are encouraged to get the patch (if you haven't already). For more information, you can go to http://secunia.com/advisories/15182/ or the Red Hat Network (https://rhn.redhat.com/).
New PHP5 book available
There is a new O'Reilly book available, entitled "Programming PHP" by Kevin Tatroe (okay, it's really the second edition-- an update of the first.). For more information or to purchase this book, check Amazon.
The following PEAR packages were added the past week:
Cache: Framework for caching of arbitrary data.
Crypt_Blowfish: Allows for quick two-way blowfish encryption without requiring the Mcrypt PHP extension.
DB_DataObject_FormBuilder: Class to automatically build HTML_QuickForm objects from a DB_DataObject-derived class
MDB2: database abstraction layer
MDB2_Schema: XML based database schema manager
Net_GeoIP: Library to perform geo-location lookups of IP addresses.
Services_Technorati: A class for interacting with the Technorati API
And check out these recent PECL releases:
archive: archive extension
colorer: Syntax highlighting
mqseries: mqseries client library
runkit: allows you to replace, rename, and remove user defined functions and classes,
define customized superglobal variables for general purpose use, and
execute code in restricted environment (sandboxing).
xmlReader: Provides fast, non-cached, forward-only access to XML data under PHP 5.
A new security magazine made it's debut this week, called (IN)SECURE. It's available only in downloadable PDF format for now, but their kick-off issue has an article related to PHP security flaws. Most of them you probably already know about (such as vulerabilities with register_globals) but you might want to check it out just in case. It's available at http://www.net-security.org/dl/insecuremag/INSECURE-Mag-1.pdf. What the heck, it's free.
IPC2k5 Blog available next week
If you were hoping to go to Amsterdam this week for the International PHP Conference, but couldn't manage to make it, don't fret. There is a community blog site you can visit, making it seem like you were almost there. Keep track of the daily goings-on by visiting http://www.phpconference.com/weblogs/ipc/.
PHP Cheat Sheet - Sweet!
There is a great cheat sheet available for any PHP developer, that includes a function list, date formatting, superglobals, regular expression syntax, PCRE modifiers, function against argument modifiers, and fopen() modes... all this crammed on a regular sheet of paper. It's available at http://www.ilovejackdaniels.com/php/php-cheat-sheet/ (don't ask - just go there).
PHP moves up to #5 in the TIOBE Programming Community Index
See you next week with more news and tidbits from the PHP world!