Christopher Jones has a new blog post today that gives the steps for upgrading your PHP installation on an Oracle Application server running on Linux.
Oracle includes PHP with its mid-tier Application Server 10g Release 3 allowing you to use the same web server for PHP and for J2EE applications.
He starts with where the files are located (configuration and executable) and the steps to follow to get things updated, compiled, and in working order. Their version of choice is PHP 5.2.2 (though PHP 5.2.3 was just released to help correct some other security issues found).
The Pro::PHP Podcast has released their latest episode – a newscast hosts by Sean Coates and >Sara Golemon.
Topics discussed in this new episode include:
You can either grab this latest episode directly or add their feed to your feed reader/podcast client and get the latest episodes as they come out.
Wrapping up a three-part series today, DevShed has posted part three of their look at combining PHP and MySQL with their final excerpt from the O’Reilly book “Learning PHP and MySQL” (Michele Davis and Jon Phillips).
In this conclusion to a three-part series, you will add PEAR into the mix of what you have already learned.
They show the installation of the needed PEAR classes, translating the previous example from the MySQL functions to use the PEAR class – writing, executing, and returning the results from the database.
Secunia has released an advisory for PHP today related to an issue caused by an integer overflow that could allow for bypassing of security of an application.
A weakness and a vulnerability have been reported in PHP 5, where the vulnerability has unknown impact and the weakness can be exploited by malicious, local users to bypass certain security restrictions.
The issue is caused by issues with the chunk_split and realpath functions that can lead to a bypass of the open_basedir restriction on a server.
The issue is marked as “moderately critical” and it is suggested that users update to PHP 5.2.3 to correct the issue.
In a new tutorial on the Developer.com website today, they explore the difference between (and the benefits and disadvantages of) the singleton pattern versus threading in a PHP application.
Although you probably could address some [of these] issues with the judicious use of synchronized blocks, do not overlook the utility of the ThreadLocal class. In this article, I will demonstrate the risk of not accounting for Threads when using a singleton pattern and show how simple it is to address.
They start with the creation of a ThreadLocal class, one that allows the developer to communicate with the threads, and its usage. In contrast, they also create the Singleton class, showing the creation method of multiple objects of the same type.
They do, however, point out an issue that the threaded method has – unreliable results. Help is on the horizon, though, in the form of a HelperFactory class to manage the connections a bit more efficiently.
With the launch of the Google Gears offline storage functionality, lots of developers are working on solutions to put this new functionality into practice. Nick Halstead has created his own handy little script to help with caching WordPress content.
I was instantly fascinated by Google Gears so I had to immediately try out the sample code that you can download. The tutorial on the website gives a simple example of how to cache a few files using the Resource Store. It makes it very easy to setup a JSON manifest file that contains which pages you want to have cached. Here is an example manifest.
In his example creates the manifest and a JSON interface to it to grab the content from the WordPress site.
The latest release of PHP in the PHP 5.2.x series has been posted for download to the main PHP website today – version 5.2.3.
The PHP development team would like to announce the immediate availability of PHP 5.2.3. This release continues to improve the security and the stability of the 5.X branch as well as addressing two regressions introduced by the previous 5.2 releases. These regressions relate to the timeout handling over non-blocking SSL connections and the lack of HTTP_RAW_POST_DATA in certain conditions. All users are encouraged to upgrade to this release.
Updates in this new version include many security fixes and enhancements – check out the Changelog for complete information.
Check out other comments on the release from Ilia Alshanetsky and Stefan Esser.