Last Month in PHP - June 2012

Transcript

1. Last Month in PHP June 16, 2012 Kansas City PHP

   User Group John Kary @johnkary

2. New PHP versions released • PHP 5.4.4 • PHP 5.3.14

   • Security: Heap overflow in phar lib • Security: crypt() fail when encoding key as Unicode string with Standard or Extended DES https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2143 • Fix bug where redefining a private static method with a different method signature in an ancestor class caused crash when E_STRICT error reporting on

3. New PHP versions released class A { private static function

   test($a) { } } class B extends A { private static function test($a, $b) { } }

4. MySQL login vulnerability • MySQL <= 5.1.61 • MySQL <=

   5.2.11 • MySQL <= 5.3.5 • MySQL <= 5.5.22 • Ubuntu Linux 64-bit 10.04, 10.10, 11.04, 11.10, 12.04 • OpenSuSE 12.1 64-bit MySQL 5.5.23-log • Debian Unstable 64-bit 5.5.23-2 • Fedora • Arch Linux (unspecified version)

5. MySQL login vulnerability • 1/256 chance login is successful with

   know username • http://seclists.org/oss-sec/2012/q2/493 • https://community.rapid7.com/community/metasploit/blog/2012/06/11/ cve-2012-2122-a-tragically-comedic-security-flaw-in-mysql for i in `seq 1 1000`; do mysql -u root >> --password=bad -h 127.0.0.1 2>/dev/null; done

6. Conferences

7. php|tek 2012 May 22-25, 2012 Chicagoooo http://tek12.phparch.com/

8. php|tek 2012 The MicroPHP Manifesto (Ed Finkler) Solving the N+1

   Problem (Paul M. Jones) Javascript Best Practices & BackboneJS for the PHP Developer (Ryan Weaver) All Talks & Some Slides: https://joind.in/event/view/958

9. Symfony Live 2012 - Paris June 7-8, 2012 Paris http://paris2012.live.symfony.com/

   Schedule: http://paris2012.live.symfony.com/speakers Slides: https://gist.github.com/2890651 Symfony Certification via Sensio

10. Virtual REST Summit by php|architect Live! July 30th, 2012, 12:00

    PM – 4:30 PM EDT Online! $20 tickets - Ends today! http://www.phparch.com/phparchitect-live-presents-virtual-rest-summit/

11. Virtual REST Summit by php|architect Live! http://www.phparch.com/phparchitect-live-presents-virtual-rest-summit/ • What is

    REST? • HTTP fundamentals, beyond GET and POST • Hypermedia and HATEOAS • REST examples and use cases

12. New Developments

13. Zend Framework 1 + Composer http://twitter.com/weierophinney/status/212937337431261186

14. Zend Framework 1 + Composer http://packagist.org/packages/zendframework/zendframework1

15. Zend Framework 1 + Composer http://getcomposer.org/

16. Zend Framework 2 - Beta4 Released Official Announcement Rob Allen’s

    ZF2 Tutorial • Adds support for Composer • Rewritten Form component • Model and Validation are separate

17. Drupal 8 merges Symfony2 Components http://www.garfieldtech.com/blog/wscci-kernel-merge • HttpKernel • HttpFoundation

    • EventDispatcher

18. PSR-1 and PSR-2 Ratified Coding standards from the PHP Framework

    Interoperability Group (php-fig) PSR-1 coding standard PSR-2 coding standard PHP Framework Interoperability Group

19. PSR-1 and PSR-2 Ratified http://xkcd.com/927/

20. PSR-1 and PSR-2 Ratified • Another standard? Whyyyyy? • It’s

    not necessarily for YOUR codebase • Framework / Library interoperability Auto-fix your code to PSR-1/PSR-2 https://github.com/fabpot/PHP-CS-Fixer Docs: http://cs.sensiolabs.org/

21. mojoLive Online resume and career management platform

22. mojoLive Online resume and career management platform

23. mojoLive Dan Holmes - http://mojolive.com/profile/dan John Kary - http://mojolive.com/profile/johnkary Invite

    Code KANSASCITYPHP http://mojolive.com/signup

24. fin