SecondVersion

The PHP team recently released PHP 5.2.6. There have been a lot of improvements and fixes made to the codebase. Highly suggested you upgrade NOW! (I already did )

The PHP development team would like to announce the immediate availability of PHP 5.2.6. This release focuses on improving the stability of the PHP 5.2.x branch with over 120 bug fixes, several of which are security related.All users of PHP are encouraged to upgrade to this release.

Further details about the PHP 5.2.6 release can be found in the release announcement for 5.2.6, the full list of changes is available in the ChangeLog for PHP 5.

Security Enhancements and Fixes in PHP 5.2.6:

• Fixed possible stack buffer overflow in the FastCGI SAPI identified by Andrei Nigmatulin.
• Fixed integer overflow in printf() identified by Maksymilian Aciemowicz.
• Fixed security issue detailed in CVE-2008-0599 identified by Ryan Permeh.
• Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
• Properly address incomplete multibyte chars inside escapeshellcmd() identified by Stefan Esser.
• Upgraded bundled PCRE to version 7.6

Any of you heard of ExpertRating.com?

I found them earlier today by just browsing around. It appears they do a lot of testing for employers, and they have every test imaginable.

I just had to try it, so I picked out the PHP5 Test. The tests aren’t free, but it appears most of them are around $9.95 (and payable by PayPal).

As for my test, I passed with an 88/100. I could do better if I *tried*, I flew through the thing. I might try it again later, and take my time But for now… I am:

Percentile: 97 GPA: 3.5 Passing Score: 50 Your Score: 88 Result: Pass

The Percentile value denotes the percentage of candidates who have scored less than this particular candidate in this test.

The GPA shows this candidate’s performance relative to the top scorer of this test. It is calculated out of a maximum of 4. A GPA of 4 would mean that this candidate has top scored in this test.

Hey all, been a while since I’ve written a post. I’ve been busy with work and some personal things though.

Today I come to you because… basically, I need development ideas.

What kind of development ideas?

1. Is there some script or program that you just got to have but you can’t find it? Here’s your chance. The script would be coded in PHP/MySQL, and would be relased as a paid script, so keep that in mind when sending your ideas.
2. Website ideas. IE: webmaster, tools, etc - anything you can think of.

If I choose your idea, it’s a script, and I develop it; once released, you will get the first copy absolutely free.

Send your ideas to me by using my contact form.

Update, 12/16/07
Contact link should work now.

PHP 5.2.5 has been released, and I’ve already upgraded my server

[08-Nov-2007]

The PHP development team would like to announce the immediate availability of PHP 5.2.5. This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, several of which are security related. All users of PHP are encouraged to upgrade to this release.

Further details about the PHP 5.2.5 release can be found in the release announcement for 5.2.5, the full list of changes is available in the ChangeLog for PHP 5.

Security Enhancements and Fixes in PHP 5.2.5:

• Fixed dl() to only accept filenames. Reported by Laurent Gaffie.
• Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). Reported by Laurent Gaffie.
• Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences. Reported by Rasmus Lerdorf
• Fixed possible triggering of buffer overflows inside glibc implementations of the fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie.
• Fixed “mail.force_extra_parameters” php.ini directive not to be modifiable in .htaccess due to the security implications. Reported by SecurityReason.
• Fixed bug #42869 (automatic session id insertion adds sessions id to non-local forms).
• Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten with ini_set()).

Installed APC (Advanced PHP Cache) today, and I must say, I love it! Things are much faster. I decided to install it after no luck with eAccelerator or Xcache. Out of the three, APC also is the most actively developed, and has a kick ass control interface (stats and graphs galore).

If you’re looking for a PHP cache solution, I’d highly recommend APC.

PHP 5.2.4 was released a couple days ago, it’s recommended to upgrade. I did a few hours ago.

PHP.net official announcement:

PHP 5.2.4 Released

[30-Aug-2007]

The PHP development team would like to announce the immediate availability of PHP 5.2.4. This release focuses on improving the stability of the PHP 5.2.X branch with over 120 various bug fixes in addition to resolving several low priority security bugs. All users of PHP are encouraged to upgrade to this release.

Further details about the PHP 5.2.4 release can be found in the release announcement for 5.2.4, the full list of changes is available in the ChangeLog for PHP 5.

Security Enhancements and Fixes in PHP 5.2.4:

• Fixed a floating point exception inside wordwrap() (Reported by Mattias Bengtsson)
• Fixed several integer overflows inside the GD extension (Reported by Mattias Bengtsson)
• Fixed size calculation in chunk_split() (Reported by Gerhard Wagner)
• Fixed integer overflow in str[c]spn(). (Reported by Mattias Bengtsson)
• Fixed money_format() not to accept multiple %i or %n tokens. (Reported by Stanislav Malyshev)
• Fixed zend_alter_ini_entry() memory_limit interruption vulnerability. (Reported by Stefan Esser)
• Fixed INFILE LOCAL option handling with MySQL extensions not to be allowed when open_basedir or safe_mode is active. (Reported by Mattias Bengtsson)
• Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378) (Reported by Maksymilian Arciemowicz)
• Fixed a possible invalid read in glob() win32 implementation (CVE-2007-3806) (Reported by shinnai)
• Fixed a possible buffer overflow in php_openssl_make_REQ (Reported by zatanzlatan at hotbrev dot com)
• Fixed an open_basedir bypass inside glob() function (Reported by dr at peytz dot dk)
• Fixed a possible open_basedir bypass inside session extension when the session file is a symlink (Reported by c dot i dot morris at durham dot ac dot uk)
• Improved fix for MOPB-03-2007.
• Corrected fix for CVE-2007-2872.

For users upgrading to PHP 5.2 from PHP 5.0 and PHP 5.1, an upgrade guide is available here, detailing the changes between those releases and PHP 5.2.4.

phpMyAdmin released 2.11.0 today, I’d advise everyone to upgrade. Here is their announcement.

The phpMyAdmin Project is proud to announce the immediate availability
of phpMyAdmin 2.11.0, which will probably be the last series supporting
PHP 4.

This version supports creating VIEWs from query results
and can manage triggers, procedures and functions. It also supports
MySQL 5.0.37 query profiling and has an improved interface for servers
hosting thousands of databases and tables.

phpMyAdmin is a web administration tool for MySQL databases, intended to
handle a whole database server as well as a single database. Over the
years, it has become the most popular Web GUI for MySQL.

Improvements
————

+ [import] support handling of DELIMITER to mimic mysql CLI,
thanks to fb1
+ improved PHP 6 compatibility
+ [core] added PMA_fatalError() and made use of it
+ [doc] changed all documentation in config.inc.php
to phpDocumentor style
+ [data] support for CREATE VIEW from query results
+ [gui] dropped css/ folder and moved into root of PMA
+ [l10n] new: Sinhala, Macedonian
+ [export] YAML export (see yaml.org), thanks to Bryce Thornton
+ [upload] moved file upload functionality into own class
+ [upload] make use of cfg['TempDir'] for file uploads
+ [server] improved display of binary logs
+ [data] better error handling in tbl_create.php
+ [routines] from Patch #1649881, thanks to Mike Beck
+ [querywindow] store sql history in session
+ [querywindow] sql history now without db too
+ [querywindow] tweaks in sql history view
+ [export] Native Excel (Spreadsheet_Excel_Writer) improvements,
thanks to Christian Schmidt
+ [doc] requirement of mcrypt on 64-bit, thanks to Isaac Bennetch
+ RFE #1435922 [gui] navigation frame shows listing of databases
when none selected
+ [data] support BIT datatype (under mysqli),
thanks to Christian Schmidt
+ [display] automatic confirmation for sort by key,
thanks to Juergen Wind
+ [data] can now choose the number of insert rows
+ RFE #1704779 [gui] link documentation from login page
+ RFE #1513345 [setup] check control user connection during setup
+ [structure] TRIGGERS: display/edit/drop/SQL export
+ [browse] store browse state in session per query
+ [gui] Insert/Edit: no longer display the Go button each 15 lines
but just at the end of a row
+ [gui] Query window: use verbose server name if any
+ [auth] patch #1712514 specify host for single signon,
thanks to Thierry
+ [gui] Navigator for the db list in the navigation panel
+ [gui] Navigator for the table list in the content panel
+ [display] Support for MySQL 5.0.37 profiling
+ RFE #1743983 [gui] Replace max_characters by a configurable param:
cfg['MaxCharactersInDisplayedSQL']
+ [display] patch #1749705, Allow multibyte characters in number
formatting, thanks to garas
+ [privileges] Support password hashing on the Edit Privileges
interface
+ [gui] Export: Select All/Unselect All over the choices,
thanks to Florian Schmitz

www.phpmyadmin.net

Finally! PHP has officially announced PHP4’s end of life. Took long enough. Feel sorry for the PHP4 supporters, but hey, once you move to PHP5 - you’ll be Okay, I promise

This is great news for everyone supporting gophp5.

Here’s the official announcement:

PHP 4 end of life announcement

[12-Jul-2007]
Today it is exactly three years ago since PHP 5 has been released. In those three years it has seen many improvements over PHP 4. PHP 5 is fast, stable & production-ready and as PHP 6 is on the way, PHP 4 will be discontinued.

The PHP development team hereby announces that support for PHP 4 will continue until the end of this year only. After 2007-12-31 there will be no more releases of PHP 4.4. We will continue to make critical security fixes available on a case-by-case basis until 2008-08-08. Please use the rest of this year to make your application suitable to run on PHP 5.

For documentation on migration for PHP 4 to PHP 5, we would like to point you to our migration guide. There is additional information available in the PHP 5.0 to PHP 5.1 and PHP 5.1 to PHP 5.2 migration guides as well.

Woohoo! Go PHP 5!

Today I thought I’d discuss one of the best free/paid PHP IDE’s out there; one I’ve been using for nearly 3 years now. That IDE would be, PHP Designer.

I’ve tried many IDE’s in my day, I believe the count stood at 6 before finding PHP Designer; it was like a “godsend”. It had features that blew most paid IDE’s out of the water.

Starting with PHP Designer 2007, Michael (the creator of the software) decided to make it commercial, while also releasing a personal (free) version. Even though the free version lacks some Pro features, it still beats every IDE I’ve come across.

Myself, I bought the Professional version - the $53 USD was well worth it. And I’d encourage ALL of you to give it a try by downloading the personal version, if you like it (I know you will), it’s easy to upgrade to the Professional version.

More about PHP Designer:

phpDesigner 2007 Professional is a powerful PHP Integrated Development Environment (IDE) for both beginners and professional developers that enhances the process of editing, analyzing and publishing applications and websites powered by PHP and other web languages.

Boost your productivity and simplify complex coding projects through an intelligent set of editing tools that includes full support for PHP 5.2, syntax highlighters, intelligent nested code completion, code tips that are displayed as you type, a project manager, code snippets, large built-in code-libraries, bracket/tag highlighting (matched and unmatched), and numerous tools and wizards to speed up your development.

The strength of PHP lies in its ability to embed it into, and together with, other web languages and technologies. Therefore, phpDesigner 2007 Professional not only supports PHP, but also other web languages such as HTML, MySQL, XML, CSS, JavaScript, VBScript, Java, C#, Perl, Python and Ruby!

Support for WAMP/LAMP and AJAX developers is provided through intelligent syntax highlighting that automatically switches between syntax highlighters for PHP, HTML, CSS, and JavaScript depending on your position in the document, and dims the rest of the code!

Getting detailed information about more than 3000 native PHP functions on the fly makes the learning curve for PHP as easy and short as possible.

Jump to any declaration in both source and project files with filtering by class, interface, function, variable or constant.

Easily document your code with phpDocumentor, the standard documentation tool for the PHP language, with the built-in phpDocumentor Wizard.

The philosophy behind phpDesigner 2007 Professional is that it be enjoyable to use for hours and hours for both beginners and professional developers through an easy-to-use, intuitive, customizable and tabbed interface.

The professional edition is for any commercial, business, educational, institutional or governmental purpose!

Top 10 Reasons To Buy PHP Designer
User Testimonials

Go ahead, give it a try!

I, as well as many open source developers, have joined the Go PHP 5 initiative. Starting February 5th, 2008 - we will be dropping support for PHP version 4, and will be using PHP 5 instead. My Domain Name Portfolio project is one of many going in this direction.

GoPHP5’s official Press Release:

PHP projects join forces to Go PHP 5

5 July 2007 — A consortium of PHP developers has announced today that several leading Open Source PHP projects will be dropping support for older versions of PHP in upcoming releases of their software as of February 5, 2008 as part of a joint effort to move the PHP developer community fully onto PHP version 5.

The Symfony, Typo3, phpMyAdmin, Drupal, Propel, and Doctrine projects have all announced that their next release after February 5, 2008 will require PHP version 5.2 as part of a coordinated effort at GoPHP5.org, and have issued an open invitation to any other PHP projects and applications, both open source and proprietary, that want to participate in the effort.

Most PHP-based web applications today run in both PHP version 4 and PHP version 5. PHP 4 was released in 2000, and quickly cemented itself as one of the dominant web development languages. Version 5 was released in 2004 with dramatic improvements in functionality, but adoption has been slow due mostly to the “chicken and egg” problem that accompanies many new platform releases.

“Most of the PHP developers I talk to want to use PHP 5 but can’t because so many web hosts offer PHP 4 by default,” said Larry Garfield, a Drupal developer and one of GoPHP5.org’s founders. “The hosts won’t upgrade until projects do, but projects won’t upgrade until the hosts do. That has made a lot of projects reluctant to be the first to drop support for PHP 4, so we’ve decided that we will all be first.”

By pre-announcing plans to require PHP 5.2 in upcoming software versions in 2008, GoPHP5 hopes to provide web hosts with the incentive to upgrade their servers to newer, more stable, more featurerich versions of PHP as well as sufficient time to do so. Users that are already using current versions of participating projects won’t be left out in the cold, either. All involved projects will continue to support current releases on PHP 4 for their normal life cycle, giving both users and hosts time to plan and implement an upgrade.

“The phpMyAdmin project is very enthusiastic to join the GoPHP5 initiative,” added phpMyAdmin’s project lead, Marc Delisle. “We see GoPHP5 as a way both to improve our product’s new versions — not always having to add workarounds to remain PHP4compatible — and improve the experience of our users — by projecting the correct message about the PHP system itself and its evolution.”

PHP 5 offers developers a wide array of features designed to make developing fast, modern web applications faster and easier. That includes vastly improved XML handling for Web services, an integrated SQL database called SQLite, better handling of time zones, dramatically improved security tools, stronger objectoriented functionality, and more.

Many PHP projects already require PHP 5. Encouraging a larger installedbase of PHP 5 will broaden the market for those projects as well.

PHP is a widely-used general-purpose scripting language that is especially suited for Web development. PHP is one of the leading web development languages in the world, running on a third of the world’s web servers. It is the platform of choice for companies from Yahoo to Facebook as well as the most widely-available development platform on shared hosting, which powers millions of web sites world wide.

For more information:

http://gophp5.org/
http://www.phpmyadmin.net/home_page/gophp5.php
http://drupal.org/gophp5

Press Contact: larry.garfield@gophp5.org