PhpRiot
News Archive
PhpRiot Newsletter
Your Email Address:

More information
PhpRiot Latest Blog Posts
Displaying blog posts 121 to 140 of 304

Following Up My Beyond Frameworks Talk

Following Up My Beyond Frameworks Talk
Last month, I delivered my Beyond Frameworks talk at PHP UK 2011. The talk is all about the challenges that the framework-using members of the PHP community are going to face as major framework upgrades (such as Zend Framework 2 and Symfony 2) are released, and a clear strategy on what you can do to minimise these challenges in the future: build more components, don't put all your eggs into the frameworks basket. If you didn't make it to my talk at PHP UK 2011, the video of the talk is now available...

Learning from others mistakes - move configs out of your boot loader

Learning from others mistakes - move configs out of your boot loader
I'm a keen believer of learning from other folks mistakes and attempting to not repeat them. Source code disclosure and even worse configuration disclosure which happened with tumblr. One thing to remember, if you keep your configuration for your app...

php.net security notice

php.net security notice
The wiki.php.net box was compromised and the attackers were able to collect wiki account credentials. No other machines in the php.net infrastructure appear to have been affected. Our biggest concern is, of course, the integrity of our source code. We did an extensive code audit and looked at every commit since 5.3.5 to make sure that no stolen accounts were used to inject anything malicious. Nothing was found. The compromised machine has been wiped and we are forcing a password change for all svn...

It's not a conferencea (redux)

It's not a conferencea (redux)
It's interesting - sitting here writing a few emails, sending a few tweets - I was reminded of a me from not so long ago. He was the one that tried to convince you that conferences aren't about the talks. He pointed out that the real key to conferences was the people you met there. I'd sort of forgotten him until just this morning, and I wanted to invite him back to the stage. See, the key to it all is the people. Sure, you can talk about one confernece or another specifically, but then you'd lose sight...

Why Community Mattersa

Why Community Mattersa
It's easy for us to look around at the technology we work with every day and think that we can solve all of the worlds problems with a few lines of elegant code. We think that just because we have a mastery of our language of choice, that we can conquer any challenge we might face. The only problem is that we're forgetting one thing. No matter how much code you write or how much time you spend pouring over that shiny new architecture you've dreamed up, there's one thing that can never be replaced - the...

New release model for Horde 4

New release model for Horde 4
We started development on Horde 4 almost 3 years ago, and we could probably work another 3 years and still would find things to do and to improve. So we decided to make a cut now and get Horde 4 out of the door. The lessons learned during development also lead to a different release model for Horde in the future.

php.net security notice

php.net security notice
The wiki.php.net box was compromised and the attackers were able to collect wiki account credentials. No other machines in the php.net infrastructure appear to have been affected. Our biggest concern is, of course, the integrity of our source code. We did an extensive code audit and looked at every commit since 5.3.5 to make sure that no stolen accounts were used to inject anything malicious. Nothing was found. The compromised machine has been wiped and we are forcing a password change for all svn...


php|architect Blog: php|tek is goin' digital

php|architect Blog: php|tek is goin' digital
In an interesting move to help make things easier (and better for the environment) for the attendees of their tek11 conference, the php|architect group is going with an "all digital" format for their conference materials this year.Conference programs are easily misplaced, pamphlets are often discarded, and so on, and so forth. The end result is an enormous amount of waste - I'm pretty sure that, last year, we probably shipped, handled, and handed out at least 500lbs. of paper - and less value than...

PHP.net: PHP 5.3.6 Released!

PHP.net: PHP 5.3.6 Released!
As posted on PHP.net, the latest version in the PHP 5.3.x series has been released - PHP 5.3.6.The PHP development team would like to announce the immediate availability of PHP 5.3.6. This release focuses on improving the stability of the PHP 5.3.x branch with over 60 bug fixes, some of which are security related.Updates in this new release include: Enforce security in the fastcgi protocol parsing with fpm SAPI. Upgraded bundled Sqlite3 to version 3.7.4. Added options to debug backtrace functions....

Open Letter to Gareth Heyes: Regex html Sanitisation Doesn't Work

Open Letter to Gareth Heyes: Regex html Sanitisation Doesn't Work
Image by bertboerland via Flickr Dear Gareth Heyes, I thank you for your response that claims Regex html Sanitisation can work. However, I should clarify that my article, Regex html Sanitisation: Off With Its Head!, was written in the context of using Perl regular expressions in PHP to both parse and filter html. Your challenge to test htmlReg was unusual since htmlReg is written in Javascript, operates as a client side library, and utilises the browser DOM to bypass html parsing with regular...

Web Builder Zone: Which PHP framework would you use today for a brand new application?

Web Builder Zone: Which PHP framework would you use today for a brand new application?
On the Web Builder Zone today Gorgio Sironi asks you, the larger development population of the web, what framework would you use today to start a new application?One of the difficult parts of framework adoption, especially in the PHP world, is about choosing the right framework. There is a proliferation of open source solutions and a team must analyze the overall picture thoroughly before locking itself into a particular framework. Changing the framework which an application is built with without shaking...

WordPress Simple Graph Plugin

WordPress Simple Graph Plugin
I'm finally getting back to some coding in my spare time (what little of it I have), and I'm starting slowly with some maintenance work on a Wordpress Plugin called Simple Graph.

Jeremy Brown's Blog: 3 Tenets for Implementing a REST API

Jeremy Brown's Blog: 3 Tenets for Implementing a REST API
Jeremy Brown, after working tirelessly on a REST API based around the Zend Framework (and a few other technologies), has come up with his three tenets for implementing a REST API to hopefully help you along the straight and narrow path that he forged himself.In the course of performing my duties at my day job I recently came across the need for our data to be accessible via an API. After researching the various types available, I settled on developing a REST API. The selection process wasn't the...

Fabian Schmengler's Blog: "Mocking" built-in functions like time() in Unit

Fabian Schmengler's Blog: "Mocking" built-in functions like time() in Unit
In a recent post to his blog Fabian Schmengler looks at mocking something in your unit tests that could cause problems in certain situations - needing a specific kind of response from a built-in PHP function. In his case, he shows how to mock time to return the same formatted date.A common problem in Unit Testing in PHP is testing something that depends on the current time. For a determined test it should be possible to set the time in your test script without really changing the system settings. In this...

Site News: Popular Posts for the Week of 03.18.2011

Site News: Popular Posts for the Week of 03.18.2011
Popular posts from PHPDeveloper.org for the past week:Ole Markus' Blog: Catching fatal errors in PHP IBM developerWorks: Create a PHP development environment on the cloud Steve Francia's Blog: Getting Started with Symfony2 PHPBuilder.com: Creating and Manipulating PDFs with PHP and FPDF Query7.com: A Look At PHP 5.3 Frameworks - Symfony2 Zend Developer Zone: DrupalCon '11 Thoughts (Parts 1 & 2) Community News: "Ideas of March" Kicks off a "Blogging Revival" SearchCo.de: List of Most Commonly Used PHP...

Debugging with Git and PHPUnit

Debugging with Git and PHPUnit
git bisect can be used to find the change that introduced a bug. It does so by performing a binary search on the list of commits between a known good and a known bad state of the repository. A tool such as PHPUnit can be invoked at each step of the binary search to check whether or not the current state is broken. Let us assume that the unit tests for our project fail at the current HEAD of the master branch: sb@ubuntu bankaccount % ant Buildfile: /home/sb/bankaccount/build.xml phpunit: [exec] PHPUnit...

Regex html Sanitisation can work

Regex html Sanitisation can work
Dear PAdraic Brady, I have not received any emails with any exploits, I am disappointed I want my html regex sanitiser to be broken please. Apparently you can find 2-5 vulnerabilities per solution so please execute XSS in my regex. Thanks! I'll be very impressed if you do and I will promise to dedicate a blog post to you. html Regex sandbox Please don't stop there though I have a JavaScript sandbox that you can bypass that uses regular expressions. JavaScript Regex sandbox Thanks very much Kind Regards...

Kenny Katzgrau's Blog: Video: How GetSparks.org Uses CodeIgniter Sparks

Kenny Katzgrau's Blog: Video: How GetSparks.org Uses CodeIgniter Sparks
In a new recent to his CodeFury blog Kenny Katzgrau (a member of the GetSparks team) looks at how to use the GetSparks.org service to get "sparks" for your CodeIgniter installation and make working with third-party services and other tools not included with the framework simple.If you aren't already familiar, a package manager and repository for CodeIgniter libraries was released last week at GetSparks.org. In the few days between then and now, some very interesting and useful packages have been...

PHPFog Blog: Scaling PHP Up, Out, and Around

PHPFog Blog: Scaling PHP Up, Out, and Around
On the PHPFog blog there's a recent post explaining their service in a bit more detail and how it provides the PHP applications out there with a huge amount of scalability that a traditional virtual server can't.PHP Fog is a new type of hosting provider for PHP applications developers to build applications the good old-fashioned way but with easy scaling, reliability, speed, and easy deployment/management compared to traditional shared/dedicated hosting.They look at a few situations where scalability can...