Archive for October 12th, 2006
PHP Developer - October 12th, 2006
As is mentioned here on Ben Ramsey’s blog and here on the Zend Developer Zone - the “official” shirts of the PHP community channel on freenode, #phpc, have been created and can be ordered.
Ben notes that the decision was made to create the shirts because of the good number of #phpc-ers that were attending the Zend/PHP Conference and Expo this year. The design has been created and the order will soon be placed, so if you want to get in on the order, let Ben know (via email - tshirts [at] benramsey.com) and they’ll add another name to the list. The cost on them is about $13 USD.
Continue Reading ·
PHP Freaks Tutorials - October 12th, 2006
In this tutorial you will learn some basics for inserting data into and retrieving data from a database.
Continue Reading ·
PHP Developer - October 12th, 2006
Continuing on with their series pulling from the great book from George Schlossnagle, “Advanced PHP Programming”, DevShed has posted this new tutorial looking at the use of overloading with object oriented programming in your PHP 5 scripting expeditions.
Last week, we discussed design patterns and polymorphism. This week, we examine overloading and more. Let’s bring together some of the techniques developed so far in this chapter and use overloading to provide a more OO-style interface to the result set. Having all the results in a single object may be a familiar paradigm to programmers who are used to using Java’s JDBC database connectivity layer.
The first page shows (mostly in code) how to grab the information from the database and pull it all into the single, tidy result set. They dump this new data packet into the hands of the SPL and iterate through it, pulling out the key/value pairs along the way.
Finally, they look at two of the special functions PHP has to make life a little easier when working with objects - __call and __autoload. Both provide some of that great “automagical” functionality that makes life better.
Continue Reading ·
Dev Shed - October 12th, 2006
Last week we discussed design patterns and polymorphism. This week we examine overloading and more. This article the last of four parts is excerpted from chapter two of the book em Advanced PHP Programming em written by George Schlossnagle Sams ISBN 672325616 ….
Refurbished and Used Networking Equipment Network Liquidators sells refurbished and used networking equipment for up to 95% off list, with a 1 year warranty. We buy and sell top brands like Cisco, Extreme, Foundry, and more. Call us for best pricing.
Continue Reading ·
PHP Developer - October 12th, 2006
According to this article from LWN.net, you might need to be a bit wary of how you use the allow_url_fopen configuration parameter on your server. Apparently there are some remote file inclusion issues that could cause problems for calls to include or require already in your code.
An attacker’s fondest wish is to be able to run their code on the target system; an RFI exploit does just that. By exploiting two very dubious ‘features’ of the PHP language, an attacker can inject their code into a PHP program on the server.
Basically, if the potential hacker can manage to get in on a varaible that’s inside of an include and use it (in)correctly, they can get the script to jump out and run the code from their server instead of the local copy. Turning off regiter_globals will provide some protection, put poor programming and not performing any input validation can poke holes in the script’s security without the need for globals.
Check out the rest of the article for more information on this (potentially) serious issue and check your code/configuration doubly to make sure you’re not at risk.
Continue Reading ·
