There is no big news in the PHP Community since long time, a news that make newspapers and magazines talk about PHP, an innovation that will change the world ! Does the scripting language war is over ? Someone could inform us at least who won.
This month will held the Zend/PHP Conference & Expo and next month there is the Forum PHP in Paris. Almost same conferences, same topics, same people talking here and there. Sice last year, nothing new happened ! PHP5 is there with strongest OOP support and lot of new features … and what’s next ? PHP4 is still the most used, and migration have been very very slow !
Continue reading PHP Community down for maintenance
PHP Podcast Episode #6 is already out. In this episode, Chris talks a bit about the European software patents being rejected, the Apache Friends project, Smarty, Not trusting the users, and a bit more security for your scripts.
Just wanted to add something, in PHP security we should never trust anybody, but you know if you’re always doing PHP stuff always secure, you’ll start to never trust anybody in real life. Too Bad yeah ?! No, I always trust my family and a lot of my good friends and keeping my PHP stuff secure. That’s the thought of the day, I just need to copy the podcast on my smartphone, then home sweet home to listen with chawarma and my favorite ananas juice 
PHP Podcast is doing really great job (until now) hope it continue and get real support. This is already the #5 Episode
In today’s episode, Chris talks a bit about PEAR and the XML-RPC bug, the discussion of a String object in PHP, the new SecurityFocus newsletters from the PHP Security Consortium, Wez adding native prepared statement support to PDO, Why PHP doesn’t suck, and a new article from OpenEnterpriseTrends.com that talks about PHP developers looking more at ASP.NET.
Download Episode #5 (14.90 MB)
PEAR XML_RPC 1.3.1 have been just released to fix a security bug.
PEAR XML_RPC is vulnerable to a very high risk php code injection vulnerability
due to unsanatized data being passed into an eval() call. Let us have a look at
the code that allows the vulnerability to present itself.
Continue reading PEAR XML_RPC Remote Code Execution Vulnerability
I worked again on PEAR Manager, and since I
didn’t explain exactly what is this project about I’ll try to explain it in this
post. The idea behind PEAR Manager is to create a web interface where you can
find informations that could help you to upgrade your system to new versions
(stable, alpha or beta),
downgrade easily, possibility to read about new packages and add them to your
system with all their dependence.
Continue reading PEAR Manager (Part 2)
As a continuation of the PEAR Manager Post, I’ve written this small code to retreive version from PEAR Package. I just parsed the header comment, I’ll try to finish an alpha version of the Pear Manager so we could open a discussion about it
/**
* PearVersion : Return version of a PEAR package
*
* @param string $package The package name
* @param string $path Path to pear
* @author Hatem
* @return string $version
*/
function PearVersion($package,$path = “c:/php4/PEAR/”) {
$data = implode(”,@file($pear.$package.”.php”));
preg_match(”|$package(.php)?,v (.*) (.*)n|U”,$data,$matches);
$version = $matches[2];
return $version;
}
echo PearVersion(”PHPUnit”);
Continue reading PEAR Manager : Version of PEAR Package
I was coding some month ago an application that I call it “PEAR Manager”. The idea is to bring a web interface to PEAR that let you easily manage and update all/any PEAR Packages. I’m not sure that PEAR_Frontend_Web is exactly what I was looking for (Just download it for test), but I remember that I stopped because of current version of a package already installed ! An information that exists nowhere, maybe in XML files or cvs $Id. Anyway I remember that I suggested to add a version() function as a standard, wich could help, but hard to manage for authors. Otherwise the solution of cvs $Id looks the best if all code are downloaded from CVS ? PEAR_Frontend_Web is using the class PEAR/Remote.php so I guess it get the update informations from that class.
Anyway I was using Mysql as database backend, the database schema is below :
Continue reading PEAR Manager
