|
php|architect magazine has introduced php|symphony, an ongoing series of online talks given by some of today's leaders in the PHP world. Each talk in the series features an in-depth discussion on a specific topic, such as security, enterprise development and so on. Talks are delivered entirely online using an interactive system compatible with most OSs and browsers. The series will start on February 23rd with a talk by security expert Chris Shiflett titled "Mastering PHP Security".
|
|
Full View / NID: 5477 / Submitted by: The Spirit of Zuron
|
|
ApacheCon Europe will be held from July 18th to July 22th in Stuttgart, Germany. The conference organizers are looking for speakers willing to have a talk of any of the topics mentioned on the website. If you think that you have material for this conference and want to have a talk there, you can submit a paper here.
|
|
Full View / NID: 5451 / Submitted by: The Spirit of Zuron
|
|
"NSIS tries to be a scriptable win32 installer/uninstaller system that doesn't suck and isn't huge."
|
|
Full View / NID: 5410 / Submitted by: TACKtech Team
|
|
An international group of PHP experts today announced the official launch of the PHP Security Consortium (PHPSC), a group whose mission is to promote secure programming practices within the PHP community through education and exposition while maintaining high ethical standards. Members of the PHPSC seek to educate PHP developers about security through a variety of resources, including documentation, tools, and standards. In addition to their educational efforts, the PHPSC engages in exploratory and experimental research in order to develop and promote standards of best practice for PHP application development.
|
|
Full View / NID: 5344 / Submitted by: The Spirit of Zuron
|
|
Circle August 1-5 on your calendar and join in at the O'Reilly Open Source Convention in beautiful Portland, Oregon. OSCON 2005 will be at the Oregon Convention Center, where there will be tutorials, sessions, parties, BOFs, and a huge exhibit hall. The Call for Proposals is now open, and registration and hotel information will be available soon. Get the details as soon as they're available by signing up for the OSCON newsletter. You're invited to submit a proposal to lead tutorials and sessions. Visit the submissions page for all the details on tracks and proposal guidelines. The committee is particularly interested in talks on PHP 5: migration, new developments, security, case studies, large-scale applications development, and best practices. Proposals are due no later than February 13, 2005.
|
|
Full View / NID: 5312 / Submitted by: The Spirit of Zuron
|
|
The Web Application Development Division of the John von Neumann Computer Society is proud to present the Third Hungarian PHP Conference which will take place in Budapest, on Saturday March 12th, sponsored by several international and local companies. The conference offers an entirely free one day activity with several presentations addressing basic and advanced topics as well, mostly in Hungarian. This year, the organizers are also happy to welcome Derick Rethans and Lukas Smith speaking. Continuing on the success of previous years, a five+five kilobyte-limited PHP 5 contest has been started to discover the most talented PHP programmers in the country.
|
|
Full View / NID: 5223 / Submitted by: The Spirit of Zuron
|
|
Advanced Installer 2.3 was released on January 10th, 2005
|
|
Full View / NID: 36714 / Submitted by: The Zilla of Zuron
|
|
Advanced Installer is a Windows Installer authoring tool which enables developers and system administrators to easily build reliable MSI packages that meet the latest Microsoft Windows logo certification requirements and follow the recommended Windows Installer best practices.
|
|
Full View / NID: 5163 / Submitted by: Monica Rotaru
|
|
"NSIS tries to be a scriptable win32 installer/uninstaller system that doesn't suck and isn't huge."
|
|
Full View / NID: 5129 / Submitted by: TACKtech Team
|
|
On the heels of last year's php|cruise, this year php|architect magazine has announced php|tropics, a 5-day conference event that will take place between May 11 and 15, 2005 at the Moon Palace All-inclusive Resort in wonderful Cancun, Mexico. With sessions and hands-on tutorials held by many leading PHP experts, including Ilia Alshanetsky, Wez Furlong, Derick Rethans, George Schlossnagle and many others, php|tropics is an excellent and inexpensive way to learn lots about PHP in a fun-filled and exciting atmosphere. This year, the conference also sports "bring your own laptop" tutorials, where the audience is encourage to participate in hands-on exercises throughout the event. A special early-bird discount is in effect until February 28, and attendees who sign up before that date receive a $100 discount. In addition, php|architect will sponsor and cover all examination fees for conference attendees interested in trying their hand at the Zend Certification Exam.
|
|
Full View / NID: 5100 / Submitted by: The Spirit of Zuron
|
|
PHP has been awarded the Programming Language of 2004, according to the TIOBE Programming Community Index. This index uses information collected from the popular search engines, and are based on the world-wide availability of skilled engineers, courses and third party vendors. Congratulations to us all!
|
|
Full View / NID: 5099 / Submitted by: The Spirit of Zuron
|
|
PHP is a powerful and flexible tool. This power and flexibility comes from PHP being a very thin framework sitting on top of dozens of distinct 3rd-party libraries. Each of these libraries have their own unique input data characteristics. Data that may be safe to pass to one library may not be safe to pass to another. A recent Web Worm known as NeverEverSanity exposed a mistake in the input validation in the popular phpBB message board application. Their highlighting code didn't account for double-urlencoded input correctly. Without proper input validation of untrusted user data combined with any of the PHP calls that can execute code or write to the filesystem you create a potential security problem. Despite some confusion regarding the timing of some unrelated PHP security fixes and the NeverEverSanity worm, the worm didn't actually have anything to do with a security problem in PHP. When we talk about security in a web application we really have two classes. Remote and Local. Every remote exploit can be avoided with very careful input validation. If you are writing an application that asks for a user's name and age, check and make sure you are only getting characters you would expect. Also make sure you are not getting too much data that might overflow your backend data storage or whatever manipulation functions you may be passing this data to. A variation of the remote exploit is the XSS or cross-site scripting problem where one user enters some javascript that the next user then views. For Local exploits we mostly hear about open_basedir or safemode problems on shared virtual hosts. These two features are there as a convenience to system administrators and should in no way be thought of as a complete security framework. With all the 3rd-party libraries you can hook into PHP and all the creative ways you can trick these libraries into accessing files, it is impossible to guarantee security with these directives. The Oracle and Curl extensions both have ways to go through the library and read a local file, for example. Short of modifying these 3rd-party libraries, which would be difficult for the closed-source Oracle library, there really isn't much PHP can do about this. When you have PHP by itself with only a small set of extensions safemode and open_basedir are generally enough to frustrate the average bad guy, but for critical security situations you should be using OS-level security by running multiple web servers each as their own user id and ideally in separate jailed/chroot'ed filesystems. Better yet, use completely separate physical servers. If you share a server with someone you don't trust you need to realize that you will never achieve airtight security.
|
|
Full View / NID: 5060 / Submitted by: The Spirit of Zuron
|
|
Surely, some of our visitors are back at work for a few days between holidays, and hopefully they will find our post-christmas gift useful. The function list suggestions we started to test a year ago seemed to be working better as some bugs were found and fixed, so it was time to make the result available on all php.net pages. Whenever you type something into the search file, while having the function list search option selected, you will get a list of suggested functions starting with the letters you typed in. You can browse the list with the up/down keys, and you will be able to autocomplete the function name with the spacebar. If you are not interested in this feature, you can turn it off for yourself on the My PHP.net page. More information about is available on the search page.
|
|
Full View / NID: 5028 / Submitted by: The Spirit of Zuron
|
|
PHP West is holding a conference on January 14th, 2005 at the Vancouver Planetarium providing a great environment for the promotion of PHP within the Vancouver area. With the high impact level of speakers scheduled for this event, you can look forward to in depth talks from the likes of Rasmus Lerdorf, Terry Chay, John Coggeshall, Ilia Alshanetsky, and Cal Henderson speaking on a wide array of topics focused on Web Services. Early Bird Specials are in effect right now, tickets are only $40 until December 26th! Due to limited capacity for this event we recommend you register soon to reserve your seat.
|
|
Full View / NID: 5007 / Submitted by: The Spirit of Zuron
|
|
The PHP Center and the Software & Support Verlag are pleased to announce the International PHP Conference 2005 Spring Edition in Amsterdam, Netherlands. The dates for this event will be May 2-4, 2005. The conference venue is the RAI conference center. Like last year the organizers would like to present an interesting and various programme to the international PHP Community, so they are happy to ask you to submit your proposals for the session programme. The topics are General PHP, PHP & Business/Integration, PHP & Databases, PHP Design, PHP Extensions, PHP & XML and PHP-GTK.
|
|
Full View / NID: 4929 / Submitted by: The Spirit of Zuron
|
|
The second Web Technology conference in Bulgaria will be held in March 2005 at the city of Sofia. Within its framework, the Second Bulgarian PHP Conference and first IT Business conference will be held. The purpose of this meeting is to discuss the new tendencies in this direction and to popularize the internet technologies in the spheres of business, education, and services. The range of subjects includes technologies like PHP, Perl, business systems through web, education through the internet, and others. The Call For Papers is open, if you would like to have a speach at this event.
|
|
Full View / NID: 4928 / Submitted by: The Spirit of Zuron
|
|
The PHP Development Team would like to announce the immediate release of PHP 4.3.10 and PHP 5.0.3. These are maintenance releases that in addition to non-critical bug fixes address several very serious security issues. All Users of PHP are strongly encouraged to upgrade to one of these releases as soon as possible. For changes since PHP 4.3.9, please consult the PHP 4 ChangeLog. For changes since PHP 5.0.2, please consult the PHP 5 ChangeLog.
|
|
Full View / NID: 4927 / Submitted by: The Spirit of Zuron
|
|
PHP Development Team would like to announce the immediate release of PHP 4.3.10. This is a maintenance release that in addition to over 30 non-critical bug fixes addresses several very serious security issues. All Users of PHP are strongly encouraged to upgrade to this release as soon as possible. For changes since PHP 4.3.9, please consult the ChangeLog.
|
|
Full View / NID: 4917 / Submitted by: The Spirit of Zuron
|
|
PHP 5.0.3RC2 has been released for testing. This is the second release candidate and should have a very low number of problems and/or bugs. Nevertheless, please download and test it as much as possible on real-life applications to uncover any remaining issues.
|
|
Full View / NID: 4877 / Submitted by: The Spirit of Zuron
|
|
PHP 4.3.10RC2 has been released for testing. This is the second release candidate and should be very near production quality. Nevertheless, please download and test it as much as possible on real-life applications to uncover any remaining issues.
|
|
Full View / NID: 4841 / Submitted by: The Spirit of Zuron
|