Archive for November 3rd, 2006
PHP Developer - November 3rd, 2006
In this new post on the PHP Women blog, auroraeosrose talks about one one the newest features in the latest PHP 5 series release - the Filter extension.
In response to a lot of griping from the PHP community about a lack of unified cleaning of user supplied data, 5.2 is introducing a new extension included by default, called filter.
She points to some of the resources associated with it - the manual entry and a short tutorial on the topic to get you started. She also mentions something newbies to the extension might not know - that it does two jobs, sanitizes and validates.
Continue Reading ·
PHP Developer - November 3rd, 2006
The Hardened-PHP Project has put out another advisory for the PHP distribution itself, versions 5.1.6/4.4.4 and below dealing with the HTML entity encoder heap.
While we were searching for a hole in htmlspecialchars() and htmlentities() to bypass the encoding of certain chars to exploit a possible eval() injection hole in another application we discovered that the implementation contains a possible bufferoverflow that can be triggered when the UTF-8 charset is selected.
The issue has been corrected in the latest PHP 5 release - version 5.2 - but is still present in the PHP 4.4 series (they have a recommended patch until the new version is posted). You can get complete information about this issue from the full vulnerability listing.
Continue Reading ·
PHP Developer - November 3rd, 2006
Over on DotVoid.com, just after this year’s Zend/PHP Conference & Expo has come to a close, Danne Lundqvist has posted about his latest creation with the Zend Framework - a help desk application.
I decided that it was time to really make the effort and test a framework in a real project. I had a look around and decided to use the brand new Zend Framework as the base for a hosted help desk solution.
He starts with his reasoning behind the choice of the Zend Framework over other, more mature frameworks (simplicity). He talks briefly about the development work he’s been doing on it and even includes some screenshots of the application as it currently stands. Look for a demo/beta to be coming soon.
Continue Reading ·
PHP Developer - November 3rd, 2006
Rather than posting each of the wrap-ups that everyone is posting about this year’s great Zend Conference in San Jose, here’s the (ever growing) list so far - all in one place:
Keep checking back on this post for more great wrap-ups as they come up!
Continue Reading ·
PHP Developer - November 3rd, 2006
In an effort to try to help others out there with the same issue, Felix Geisendorfer has posted this new entry after solving an issue he was having with Windows XP, Apache, and PHP - specifically an output problem when using the functions like fread/fpassthrough/readfile/etc resulting in incomplete output.
I’m doing this post because I hope that Google will index it, and the next person hitting the issue will find my blog this way, so he doesn’t have to go through the same issues that had to deal with.
He gives some of the “official” symptoms that he saw and the seven step simple process that he followed to correct the situation.
Continue Reading ·