PhpRiot
News Archive
PhpRiot Newsletter
Your Email Address:

More information
PhpRiot Latest Blog Posts
Displaying blog posts 201 to 220 of 250

An XSS Vulerability In The Making

An XSS Vulerability In The Making
Back in September, Socorro received a security bug relating to the method we were using for processing inputs for the duration of certain reports. The vulnerability included a proof of concept, with an alert box popping up on production when the link was followed. The Vulnerability I was quite surprised at the root cause of [...]

Living in the Prove It Culture

Living in the Prove It Culture
Engineering cultures differ from shop to shop. I have been in the same culture for 13 years so I am not an expert on what all the different types are. Before that I was living in Dilbert world. The culture there was really weird. The ideas were never yours. It was always some need some way off person had. A DBA, a UI "expert" and some product manager would dictate what code you wrote. Creativity was stifled and met with resistance. I then moved to the early (1998) days of the web. It was a start up...


Matthew Weier O'Phinney's Blog: View Layers, Database Abstraction, Configuration, Oh, My!

Matthew Weier O'Phinney's Blog: View Layers, Database Abstraction, Configuration, Oh, My!
Matthew Weier O'Phinney (of the Zend Framework project) has posted an introduction to some new ZF2 features - view layers, abstraction and configuration updates.Late last week, the Zend Framework community 2.0.0beta3, the latest iteration of the v2 framework. What have we been busy doing the last couple months? In a nutshell, getting dirty with view layers, database abstraction, and configuration.He covers each topic well, providing code examples for all three - a simple view layer (more here), database...

Voices of the ElePHPant: Interview with Laura Beth Denker

Voices of the ElePHPant: Interview with Laura Beth Denker
The Voices of the ElePHPant podcast has released their latest episode - an interview with Laura Beth Denker of Etsy.Cal's "three questions" for her were: What's your title, what it means and what do you do? ("Anthropologist of Developer Culture") Can you talk about the toolset Etsy uses for continuous integration? Can you discuss private methods and why you like them? You can listen to this latest episode either via the in-page player, by downloading the mp3 directly or by subscribing to their feed.

Anthony Ferrara's Blog: Parameter Type Casting in PHP

Anthony Ferrara's Blog: Parameter Type Casting in PHP
Anthony Ferrara has a new article posted to his site today about parameter typecasting and the discussions that have been happening about it on the PHP "internals" mailing list.As any of you who follow the PHP internals list know, scalar type hinting has been a hot topic as of late. You'll also know that I've submitted two new RFC (Request For Comment) proposals for inclusion of two new major features in the PHP language. I figured it was worth going into both RFCs and patches a little deeper, explain my...

NetTuts.com: PHP 5.4 is Here! What You Must Know

NetTuts.com: PHP 5.4 is Here! What You Must Know
NetTuts.com has posted their own "what you must know" about the recently released (major) upgrade to the PHP language - PHP 5.4.PHP 5.4 is here; the next major step forward since version 5.3 - keeping PHP 6 (full Unicode support) on hold for now. The latest enhancements significantly improve its elegance, while removing deprecated functionality, resulting in a dramatic optimization of the runtime (up to 20% more speed and memory usage reduction).They hit all of the highlights: Traits Built-in CLI...

Ben Ramsey's Blog: Build PHP 5.4 on CentOS 6.2

Ben Ramsey's Blog: Build PHP 5.4 on CentOS 6.2
In this latest post to his blog Ben Ramsey shows you how to, inside of a virtual machine, set up a server with PHP 5.4 installed (using CentOS 6.2).In case you haven't heard the news, the PHP project released version 5.4.0 last Thursday. Naturally, I decided it was time to install and give it a try. I chose to install to a clean and bare-bones CentOS 6.2 virtual machine using VirtualBox. I did this for two reasons: 1) I wanted a clean environment for the build, and 2) I wanted to play with CentOS. At the...

Ilia Alshanetsky's Blog: Performance Analysis of isset() vs array_key_exists()

Ilia Alshanetsky's Blog: Performance Analysis of isset() vs array_key_exists()
Ilia Alshanetsky has posted about a performance difference he's found between using the isset and array_key_exists functions in PHP to see if a value exists.At Confoo I had an interesting conversation with Guilherme Blanco regarding the fact that in Doctrine 2 they had a performance issue due to usage of array_key_exists() and how it was significantly slower than isset(). His anecdotal example was that doing isset() took 0.5 seconds, while array_key_exists() for the same operation took 5 seconds! That...

PECL/mysqlnd_ms: MySQL 5.6.4-m8+ global transaction identifier feature supported

PECL/mysqlnd_ms: MySQL 5.6.4-m8+ global transaction identifier feature supported
MySQL Replication is sometimes critizied for being asynchronous and having slaves that lag behind. True! However, sometimes slaves can be used safely and reliably for read-your-writes. Its easy for PHP MySQL users. All the magic is in the driver. As of yesterday, the development version of PECL/mysqlnd_ms 1.3.0-alpha supports not only a client-side global transaction ID emulation but also the global transaction identifier feature of MySQL 5.6.4-m8. Read-your-writes (session consistency) with MySQL...

Community News: Latest PECL Releases for 03.06.2012

Community News: Latest PECL Releases for 03.06.2012
Latest PECL Releases: inotify 0.1.5 vld 0.11.0 sundown 0.3.0 memcached 2.0.1 amqp 1.0.1 memcached 2.0.0 timezonedb 2012.2 pecl_http 2.0.0dev6 timezonedb 2012.1 htscanner 1.0.1

Scalar type hinting is harder than you think

Scalar type hinting is harder than you think
One of the features originally planned for PHP 5.4 was scalar type hinting. But as you know, they weren't included in the release. Recently the topic has come up again on the mailing list and there has been a hell lot of discussion about it. Yesterday ircmaxell published a blog post about his particular proposals.The reactions on reddit were mixed. On one hand it is clear that people do really want scalar type hints, on the other hand they didn't seem to like that particular proposal.One comment...

View Layers, Database Abstraction, Configuration, Oh, My!

Late last week, the Zend Framework community 2.0.0beta3, the latest iteration of the v2 framework. What have we been busy doing the last couple months? In a nutshell, getting dirty with view layers, database abstraction, and configuration.

View Layers, Database Abstraction, Configuration, Oh, My!

Late last week, the Zend Framework community 2.0.0beta3, the latest iteration of the v2 framework. What have we been busy doing the last couple months? In a nutshell, getting dirty with view layers, database abstraction, and configuration.

How To Find The Right Job

How To Find The Right Job
In my career as a software developer I've been lucky. I've been lucky that finding work has never been terribly difficult. The longest I've ever been out of work is a month and a half. Six weeks might seem like a long time, especially in software; in my case I was unfortunate enough to experience [...]

Build PHP 5.4 on CentOS 6.2

Build PHP 5.4 on CentOS 6.2
In case you haven't heard the news, the PHP project released version 5.4.0 last Thursday. Naturally, I decided it was time to install and give it a try. I chose to install to a clean and bare-bones CentOS 6.2 virtual machine using VirtualBox. I did this for two reasons: 1) I wanted a clean environment for the build, and 2) I wanted to play with CentOS. At the time of this writing, there are not yet any official CentOS RPMs for PHP 5.4, so I had to build PHP from source. What follows are the notes I took...

PHPMaster.com: Type Hinting in PHP

PHPMaster.com: Type Hinting in PHP
On PHPMaster.com today there's a new tutorial posted about using type hinting in your PHP applications to restrict the values passed into your methods.Since PHP 5 you can use type hinting to specify the expected data type of an argument in a function declaration. When you call the function, PHP will check whether or not the arguments are of the specified type. If not, the run-time will raise an error and execution will be halted.Included in the post are code examples showing how to define custom types in...

Rob Allen's Blog: Modules in ZF2

Rob Allen's Blog: Modules in ZF2
In this new post to his blog Rob Allen introduces one of the key concepts in the upcoming version of the Zend Framework (v2) - modules.A Zend Framework 2 application is made up of a number of modules which each contain the controllers, models, views and other support code required to implement a specific part of the application.He covers a few different topics: where modules can be located the directory organization inside them setting up a module of your own (a "bare bones" example) how to use the...

Michael Nitschinger's Blog: Introducing Relationships in Lithium

Michael Nitschinger's Blog: Introducing Relationships in Lithium
In this new post to his blog Michael Nitschinger introduces relationships in using the Lithium framework - functionality to link your models to each other to create dependencies.The model relationship support in Lithium is one of the hottest topics on IRC lately, so I thought it would be a good idea to blog about it. Currently, Lithium supports 1:1 and 1:n relationships for relational databases. [...] This post gives you a little background on relationship types and their database representations before...

Hacking Rails (and GitHub)

Hacking Rails (and GitHub)
Hacker News exploded yesterday with news of GitHub being hacked. Wanting to know what all the fuss was about, I began with GitHub's side of the story: A GitHub user exploited a security vulnerability in the public key update form in order to add his public key to the rails organization. He was then able to push a new file to the project as a demonstration of this vulnerability. As soon as we detected the attack we expunged the unauthorized key and suspended the user. My confidence in the clarity of...