November 2007
Monthly Archive
Fri 30 Nov 2007
Manuel Lemos has posted an update about the PHP professionals directory hosted on the PHPClasses.org website - there’s not a new widget/gadget for your custom Google homepage that will show all of the professionals from a country in a map.
The PHP professionals directory initiative has been enhanced to make it more efficient in its goal to bring together more PHP professionals and businesses willing to hire them.
Now there is a gadget available to provide more exposure to PHP professionals in iGoogle (Google personalized home page), Google Maps, Google Earth or in any other Web site page.
You can add the gadget to a few different places including:
The professionals directory is located here.
Fri 30 Nov 2007
The Zend Developer Zone has posted about the release of the latest version of the Zend Framework - version 1.0.3.
This mini-release resolves 79 known issues and provides some additions
to functionality. Below are some highlights: Zend_Gdata improvements and support for YouTube, Picasa Web Albums, and Documents List APIs, improved support for localization and translation, date/time and currency values, views, XML-RPC, and configuration, new and updated documentation and translations.
This latest version can be downloaded from the framework’s website and you can check out the complete list of fixes from the previous version via the bug tracker.
Fri 30 Nov 2007
Stefan Esser has posted about the release of the latest version of the Suhosin security patch for PHP - version 0.9.21.
It has been a very long time since the last Suhosin extension has been released, but today this has changed with the release of Suhosin 0.9.21. Among the changes are two new features that will protect applications that put to much trust into the SERVER variables from several XSS (and SQL injection) attacks. These features are suhosin.server.strip and suhosin.server.encode.
He details these two features and gives examples of what they protect from. You can find out more about the Suhosin patch on its website.
Fri 30 Nov 2007
Padraic Brady has made a post about some of the mutation testing thoughts running through his head for the Behaviour-Driven Development framework he’s been working on - PHPSpec.
Mutation Testing is like testing, for tests. The idea is actually quite simple. Mutation testing adds small changes to your source code on the assumption that changing something, will most likely break it, which in turn means at least one test/spec should fail. […] The reason why it’s useful it that it gets around the problem of being over reliant on code coverage - just because some code executes when running tests, doesn’t prove the tests will detect problems with it!
He wants to create a way that doesn’t rely on external dependencies and is looking at working with the tokenizer functions native to PHP. He includes two examples of the way he’s thinking - an example of simple token output and a way to go “backwards” to recreate the original source code.
Fri 30 Nov 2007
On the PHPBuilder.com website today, there’s a new tutorial that walks the reader through the simple process of getting an Apache web server set up with PHP on Windows.
You may have considered setting up PHP on your Microsoft Windows server that’s running Apache, but thought that it would be too tedious or clunky to be worth the effort. Wrong! We’ll get you up and running in no time flat with this speedy little tutorial!
They have it divided up into a two part process - the installation (including download) and the configuration and integration of the applications to get them up and running.
Fri 30 Nov 2007
The Ubuntu linux group has released an update for their PHP packages to help protect their users from issues like security bypass and remote exploits.
This fixes a weakness and some vulnerabilities, where some have unknown impacts and others can be exploited by malicious, local users to bypass certain security restrictions and by malicious users to bypass certain security restrictions.
Packages can either be downloaded manually or via the linux distro’s package manager. This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.
Fri 30 Nov 2007
Gergely Hodicska has posted about some hacking he’s down with the Zend_Acl package in the Zend Framework to make support for custom roles and resources.
I found that the base Zend_Acl package has some limitation/problem if you want to use it in a bigger real life project. Zend_Acl supports only logical roles, resources so I decided to extend it to allow using custom roles and resources which can represent existing entities (for example users/groups and topics in a database)
He talks some about the package and its current functionality, including the limitations he ran up against. He came up with a structure for what he wanted (seen here) and set out to extend the class, making an interface and implementing it with his own loading method.
His source code can be downloaded here.
Fri 30 Nov 2007
Popular posts from PHPDeveloper.org for the past week:
Thu 29 Nov 2007
The Zend Developer Zone is hosting a special event involving the PHP Women’s user group - a live podcast as a part of the PHP Abstract series happening December 4th.
PHPWomen.org recently celebrated it’s first birthday. To honor the occasion, four of it’s prominent members, Ligaya Turmelle, Elizabeth Naramore, Elizabeth Smith and Sara Golemon have agreed to sit down with me on the phone and talk about PHPWomen.org, it’s goals, how well they feel they are achieving them, and why the #phpwomen chat room has nice wallpaper and a couch in it.
Since it is live, listeners are invited to participate too through two methods - via IRC on the Freenode network and on a toll-free number to call in. And, as Cal puts it: “if you ask a good question and they answer it on the podcast, I’ll send you one of the new elePHPants!”
You can get full details on the podcast from this post on the Zend Developer Zone’s site.
Thu 29 Nov 2007
On the Tiger Heron blog today, Tony Freixas has posted a new article talking about the use of two patterns (no, not design patterns) in PHP development - the Bait-and-Switch method and the Shell Game.
Originally, I planned to write about how to configure the Apache server to run both PHP4 and PHP5. With the push toward PHP5 (see Go PHP5), there are now hundreds of articles covering that topic. Instead, I will talk about two IT patterns I use for PHP development on Windows. The patterns are ancient and familiar to most Unix developers, but little used in the Windows world.
He uses something he calls “junction points” to make both of the patterns work and describes a bit about what they are and how to create them. Then, it’s on to the descriptions - he covers what each of the patterns is about and includes a method for implementing it. The Bait-and-Switch is mostly about swapping out multiple software versions transparently and the Shell Game uses a shell script to handle the creation of the environment and the execution instead.
Next Page »
