 |
 |
 |
 |
|
|
|
In Case You Missed It... The Week of July 4, 2005
Elizabeth Naramore
This week we saw:
XML-RPC PEAR Package Security Alert
If you're using anything that is remotely related to XML-RPC (PostNuke, Nucleus, phpAdsNew, phpPgAds, phpMyFAQ, Serendipity, Wordpress, Drupal, and Xoops, just to name a few), you need to pay attention. The official word from Secunia is that with this latest exploit "Input passed in an XML document is not properly sanitised before being used in an "eval()" call. This can be exploited to inject arbitrary PHP code via a specially crafted XML document." You should check with your vendors for upgrades (in case they have added anything else with the new package) and/or upgrade your own version of XML-RPC if you have it on your servers. To download this package or read about the changelog, you can go to http://pear.php.net/package/XML_RPC/, or simply use the "PEAR upgrade" command to upgrade an existing installation.
PHP 4.4.0RC2 released
Although the final release is planned for July 11 (according to http://www.php.net) you can download and begin testing the latest release right now. This release also includes the upgraded version of PEAR's XML-RPC. To download the latest, go to http://qa.php.net/~derick/.
Recent PHP Titles Released
There are several PHP books that have recently been released including:
- PHP5 for Dummies, by C. Braun.
- PHP & MySQL Every Day Apps for Dummies, by Janet Valade
- PHP & MySQL for Dynamic Web Sites: Visual Quick Pro Guide (2nd Edition), by Larry Ullman
And soon to be released (so keep your eyes open):
- No Nonsense XML Web Development with PHP, by Thomas Myer
- Extending and Embedding PHP, by George Schlossnagle & Wez Furlong
- PHP-Nuke: Mastering Internet Content Management, by Jens Ferner
- Web Standards Programmer's Reference: HTML, CSS, Javascript, Perl, Python, and PHP, by Steven M. Schaefer
- PHP 5 Recipes: A Problem-Solution Approach, by Jon Stephans, et al
- PHP Application Design Handbook, by Kevin Tatroe , Tobias Ratschiller
phpMyAdmin Version 2.6.3 is Official
The recent release of phpMyAdmin is stable now, so feel free to upgrade to your heart's content. To get the package, go to http://www.phpmyadmin.net/home_page/downloads.php. And for a complete list of all the changes (there are numerous), go to http://www.phpmyadmin.net/home_page/downloads.php?relnotes=0.
Translators Needed at phpMyAdmin
The good folks at the phpMyAdmin project are also seeking translators to assist them in translating phpMyAdmin strings. For full info, see number 7.2 of the FAQ found at http://www.phpmyadmin.net/home_page/docs.php. To see what languages are desperately in demand, go to http://www.cihar.com/phpMyAdmin/stats/translations.php.
PEAR/PECL releases
I would be remiss in my duties if I didn't include what's new at PEAR and
PECL. Recent PEAR releases include:
- Translation2 - Class for multilingual applications management.
- XML_RPC - PHP implementation of the XML-RPC protocol
And for PECL, we had:
- Fileinfo - libmagic bindings
- ibm_db2 - Extension for IBM DB2 Universal Database, IBM Cloudscape, and Apache Derby
PECL was relatively inactive this week as there are no new releases to report.
As always, you can download or learn more about these packages at http://pear.php.net/ and http://pecl.php.net/.
See you next week with more news and tidbits from the PHP world!
| Comments: | ||
No Messages FoundYou can post questions/corrections/feedback here
| ||
|
If you are looking for help, please post on the appropriate forum here. Your questions will be answered much more quickly. | ||
