PHP news and reviewed development resouces and books
It has been announced that PHP4 support is to cease with only critical support fixes to be made. The details are that new releases on the PHP 4 line will cease at the end of 2007, and security fixes may be made available until August 8, 2008. They encourage all users to upgrade to PHP5.
PHP6 is on the horizon but no definite timeframe is given.
From XSS News comes a link to an application called Pixy. It is a java app that takes PHP code and warns of potential cross site scripting and/or SQL injection vulnerabilities.
There is plenty of documentation, with good explanations of what Pixy can and cannot achieve. For example you cannoy throw it a directory of code, and have it find problems. If your PHP code has multiple entry points, then it needs to be run once for each of these.
A web version is available to do XSS test on single pieces of PHP code. There is a requirement to have Perl installed on your system for the download version.
I have tried a few php frameworks over the years, sometimes with a positive experience, sometimes not. But the sheer number of them still amazes me. I had an original list of 22 for this site, and when we upgraded a few were culled off as they seemed to be dormant. However on a regular basis I am contacted about a framework that I didn’t know existed, or come across it by chance. Also a number seem to have stopped development. I will be updating the master list with the info below. Feel free to comment
Frameworks to add:
Unsure of status:
Removed as dormant:
A new PHP framework is on the scene: Kohana. Kohana is a fork of the CodeIgniter framework. Originally the chosen name was BlueFlame but this had trademark issues. The given reason for the fork is about who controlled where CodeIgniter was heading, and was responsible for new releases. Though CodeIgniter is released under an open source license (which meant the fork could happen), it is controlled by EllisLab, not the user community as wished by the starters of Kohana. EllisLab has ExpressionEngine (a content management system) as a commercial product, and some say this as slowing down new releases of CodeIgniter.
(more…)
PHP GTK 2 has gone beta. Announcement post here. It has been a long time coming with the Alpha release almost a year ago. No date is set for the full production quality release.
So what is PHP-GTK? A PHP extension that combines with GTK+ 2, to give the ability to create rich desktop applications.
PHP-GTK 2 uses PHP5 and this version has improved Objected Orientated capabilities, Unicode support and a Model-View architecture.
With Zend getting close to releasing the 1.0 release of their framework, they have put together a questionnaire on usage of the framework. Seems they are trying to find out how people are using the framework.
So if you are using the framework, or decided not to, you can tell them how and why.
A new PHP version has been released: 5.2.3. The development team states “This release continues to improve the security and the stability of the 5.X branch as well as addressing two regressions introduced by the previous 5.2 releases.” Nothing earth shattering but security updates are always a good thing.
Release notes and change log available.
No upgrade on the 4.4.x line.