Last (2) Month(s) in PHP
July & August 2016
Kansas City PHP User Group
Mentor with LaunchCode!
Thursday, September 8
Where: Sprint Accelerator - 6:00 PM - 8:30 PM
What: Give feedback on some be...
PHP Patch Releases
PHP 7.0.10 - Upgrade!
● Security fixes
● See:
php.net/ChangeLog-7.php#7.0.1
0
PHP 5.6.25 - Upgrade!
● S...
Security Bulletin...
ImageMagick
● Remote Code Execution
● Mitigation recommendation:
○ Sandbox ImageMagick
■ If you find ...
Upcoming Features via PHP RFC
Add session_create_id() function
● Target: PHP 7.1
● Tl;dr: session_create_id(optional-prefi...
Upcoming Features via PHP RFC
Session ID without hashing
● Target: PHP 7.1
● tl;dr: Instead of hash and RNG, php_random_by...
Upcoming Features via PHP RFC
Additional Context in pcntl_signal
● Target: PHP 7.1
● tl;dr: Adds a second parameter to
pcn...
Upcoming Features via PHP RFC
Asynchronous Signal Handling (without
TICKs)
● Target: PHP 7.1
● tl;dr: Reduces overhead of ...
Upcoming Features via PHP RFC
Iterable
● Target: PHP 7.1
● tl;dr: Introduces new iterable pseudo-type that can stand in fo...
Upcoming Features via PHP RFC
RNG fixes and changes
● Target: PHP 7.1
● tl;dr: fixes mt_rand(), aliases rand() to mt_rand(...
Upcoming Features via PHP RFC
Throw Error in Extensions
● Target: PHP 7.1
● tl;dr: Changes most conditions raising an E_*E...
Upcoming Features via PHP RFC
More precise float value handling in serialization
● Target: PHP 7.1
● tl;dr: increases seri...
Upcoming Features via PHP RFC
Add session_gc()
● Target: PHP 7.2
● tl;dr: Enable Garbage Collection for
sessions.
● See: w...
Upcoming Features via PHP RFC
Implement C function socket_getaddrinfo()
● Target: PHP 7.2
● tl;dr: complements the existin...
Upcoming Features via PHP RFC
E_WARNING for invalid container read
array-access
● Target: PHP 7.2
● tl;dr: Throw an E_WARN...
CMSes: Drupal
Drupal 8.1.[7,8] & 7.5.0
● Drupal 8: Security & Patch Releases - Upgrade!
○ “httpoxy” injection via Guzzle
○...
CMSes: WordPress
WordPress 4.6 - “Pepper”
● Feature Release
○ Editor improvements:
■ Content recovery: draft is saved to b...
Frameworks - CakePHP
CakePHP 3.3.[0,1,2,3] & 2.8.6
● 3.3.0 - minor release
○ See: bakery.cakephp.org/2016/08/12/cakephp_33...
Frameworks - Laravel
Laravel 5.2.[40,41,42,43,44,45], 5.3.[0,1,2,3,4,6]
● Laravel 5.3
○ Several cool new features and tool...
Frameworks - Symfony
Symfony [3.1.3, 3.0.9, 2.8.9, 2.7.16]
● Maintenance Releases
○ See:
■ symfony.com/blog/symfony-2-7-16...
Frameworks - Zend
ZF 1.12.19
● Security patch - Upgrade!
○ See: framework.zend.com/blog/2016-07-13-ZF-1.12.19-Released.htm...
PHP: The Right Way
● Updated URL for PHP Mentoring
○ Was phpmentoring.org; now
php-mentoring.org
● Deleted dead tools from...
PHP Conferences
Midwest.io
● August 20-23 - Kansas City, MO
● See: midwest.io
Pacific Northwest PHP 2016
● Sept 15-17 - Se...
PHP Conferences - Continued
True North PHP
● Nov 3-5 - Toronto, Canada
● truenorthphp.ca
PHP[WORLD] 2016
● Nov 14-18 - Was...
Nomad PHP (Online) - September 22
Nomad PHP EU - 01:00 PM CDT
A Deepdive Into the .git Directory
● Joshua Thijssen (@jayta...
Next Month in KCPHPUG
● Looking for Speakers!
● Nomad PHP edition?
● Hack Night?
Upcoming SlideShare
Loading in …5
×

Last 2 Months in PHP - July & August 2016

101 views

Published on

PHP news of July and August of 2016 as well as upcoming conferences and talks.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
101
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Last 2 Months in PHP - July & August 2016

  1. 1. Last (2) Month(s) in PHP July & August 2016 Kansas City PHP User Group
  2. 2. Mentor with LaunchCode! Thursday, September 8 Where: Sprint Accelerator - 6:00 PM - 8:30 PM What: Give feedback on some beginner projects from students who just finished CS50X. Think: UX and Features, not Code Review Email kathryn@launchcode.org if interested Sign up as a mentor at: https://www.eventbrite.com/e/launchcode-projec t-review-feedback-tickets-27076050195 Saturday, September 10 Where: Sprint Accelerator - 10:00 AM - 5:00 PM What: Technical mentoring while same students implement final steps to their projects. Email kathryn@launchcode.org if interested Sign up as a mentor at: https://www.eventbrite.com/e/launchcode-projec t-lock-in-tickets-27077080276
  3. 3. PHP Patch Releases PHP 7.0.10 - Upgrade! ● Security fixes ● See: php.net/ChangeLog-7.php#7.0.1 0 PHP 5.6.25 - Upgrade! ● Security fixes ● See: php.net/ChangeLog-5.php#5.6.2 5 PHP 5.5.38 - Upgrade! ● Security fixes ● Last Ever ● See: php.net/ChangeLog-5.php#5.5.3 7
  4. 4. Security Bulletin... ImageMagick ● Remote Code Execution ● Mitigation recommendation: ○ Sandbox ImageMagick ■ If you find a good way to do this, it might make a good KCPUG talk! ○ Update your policy.xml file. ■ See: imagetragick.com
  5. 5. Upcoming Features via PHP RFC Add session_create_id() function ● Target: PHP 7.1 ● Tl;dr: session_create_id(optional-prefix) will create a 128-bit session ID. The optional prefix does not count against the 128-bits in the session ID. ● See: wiki.php.net/rfc/session-create-id
  6. 6. Upcoming Features via PHP RFC Session ID without hashing ● Target: PHP 7.1 ● tl;dr: Instead of hash and RNG, php_random_bytes is used to generate session ID; 2x speed increase. ● What do I change: php.ini ○ Add: session.sid_length=26 ○ Change: session.hash_bits_per_character=5 → session.sid_bits_per_character=5 ● See: wiki.php.net/rfc/session-id-without-hashing
  7. 7. Upcoming Features via PHP RFC Additional Context in pcntl_signal ● Target: PHP 7.1 ● tl;dr: Adds a second parameter to pcntl_signal’s callback that includes $siginfo ● See: wiki.php.net/rfc/additional-context-in-pcntl- signal-handler
  8. 8. Upcoming Features via PHP RFC Asynchronous Signal Handling (without TICKs) ● Target: PHP 7.1 ● tl;dr: Reduces overhead of async signals by giving the option to not use ticks. ● Note: Appears to be default behavior in PHP 7.1 ● See: wiki.php.net/rfc/async_signals Enable tickless via: pctnl_async_signals(bool = true)
  9. 9. Upcoming Features via PHP RFC Iterable ● Target: PHP 7.1 ● tl;dr: Introduces new iterable pseudo-type that can stand in for both arrays and objects implementing Traversable ● New function: is_iterable($thing) : bool ● See: wiki.php.net/rfc/iterable
  10. 10. Upcoming Features via PHP RFC RNG fixes and changes ● Target: PHP 7.1 ● tl;dr: fixes mt_rand(), aliases rand() to mt_rand(), fixes large ranges for rand_range(), replaces insecure uses of php_rand() with php_random_bytes(), improve array_rand() ● Note: bc breaks for srand() and mt_srand() ● See: wiki.php.net/rfc/rng_fixes ● See: 3v4l.org/hGHde
  11. 11. Upcoming Features via PHP RFC Throw Error in Extensions ● Target: PHP 7.1 ● tl;dr: Changes most conditions raising an E_*ERROR in extensions to throw instance of Error instead. ● See: wiki.php.net/rfc/throw_error_in_extensions
  12. 12. Upcoming Features via PHP RFC More precise float value handling in serialization ● Target: PHP 7.1 ● tl;dr: increases serialization float precision from 14 decimal places to the more-standard 17 decimal places ● What do I change: php.ini ○ Change: precision:14 → precision:-1 ○ Change: serialize_precision:14 → serialize_precision:-1 ● See: wiki.php.net/rfc/precise_float_value
  13. 13. Upcoming Features via PHP RFC Add session_gc() ● Target: PHP 7.2 ● tl;dr: Enable Garbage Collection for sessions. ● See: wiki.php.net/rfc/session-gc
  14. 14. Upcoming Features via PHP RFC Implement C function socket_getaddrinfo() ● Target: PHP 7.2 ● tl;dr: complements the existing PHP socket functions with getaddrinfo(). ● See: wiki.php.net/rfc/socket_getaddrinfo ● See: man 3 getaddrinfo Adds methods: ● Socket_addrinfo_lookup ○ returns: [$resource] ● Socket_addrinfo_connect ○ returns: $resource ● Socket_addrinfo_bind ○ returns: $resource ● socket_addrinfo_explain ○ returns: [$resource]
  15. 15. Upcoming Features via PHP RFC E_WARNING for invalid container read array-access ● Target: PHP 7.2 ● tl;dr: Throw an E_WARNING when using short-array syntax to access non-existent locations in containers & non-containers; currently returns a NULL ● See: wiki.php.net/rfc/notice-for-non-valid-array-c ontainer Who knew this was seemingly valid?
  16. 16. CMSes: Drupal Drupal 8.1.[7,8] & 7.5.0 ● Drupal 8: Security & Patch Releases - Upgrade! ○ “httpoxy” injection via Guzzle ○ See: drupal.org/SA-CORE-2016-003 ● Drupal 7: Maintenance Release ○ Adds support for full UTF-8 on MySQL when both site & db are configured to support it ○ Robots.txt now allows search engines access to CSS, JS, & image files
  17. 17. CMSes: WordPress WordPress 4.6 - “Pepper” ● Feature Release ○ Editor improvements: ■ Content recovery: draft is saved to browser ■ Inline link checker (no more 404 when publishing a mal-formed URL ● See: wordpress.org/news/2016/08/pepper
  18. 18. Frameworks - CakePHP CakePHP 3.3.[0,1,2,3] & 2.8.6 ● 3.3.0 - minor release ○ See: bakery.cakephp.org/2016/08/12/cakephp_330_released.html ● Some bugfix and maintenance updates ● See: ○ bakery.cakephp.org/2016/09/02/cakephp_333_released.html ○ bakery.cakephp.org/2016/08/02/cakephp_286_released.html
  19. 19. Frameworks - Laravel Laravel 5.2.[40,41,42,43,44,45], 5.3.[0,1,2,3,4,6] ● Laravel 5.3 ○ Several cool new features and tools ■ See: laravel-news.com/2016/08/laravel-5-3-is-now-released/ ○ See: github.com/laravel/framework/blob/5.3/CHANGELOG-5.3.md ● Laravel 5.2 ○ See: github.com/laravel/framework/blob/5.3/CHANGELOG-5.2.md
  20. 20. Frameworks - Symfony Symfony [3.1.3, 3.0.9, 2.8.9, 2.7.16] ● Maintenance Releases ○ See: ■ symfony.com/blog/symfony-2-7-16-released ■ symfony.com/blog/symfony-2-8-9-released ■ symfony.com/blog/symfony-3-0-9-released ■ symfony.com/blog/symfony-3-1-3-released ● SymfonyLive Chicago - Canceled :( ○ See: symfony.com/blog/we-re-sorry-to-announce-the-cancellation-of-the-symfonylive-chicago-2016
  21. 21. Frameworks - Zend ZF 1.12.19 ● Security patch - Upgrade! ○ See: framework.zend.com/blog/2016-07-13-ZF-1.12.19-Released.html ● Probably the last ZF1 release ○ See: framework.zend.com/blog/2016-06-28-zf1-eol.html
  22. 22. PHP: The Right Way ● Updated URL for PHP Mentoring ○ Was phpmentoring.org; now php-mentoring.org ● Deleted dead tools from Code Style Guide ● Added text and examples for phpcbf and php-cs-fixer ○ phptherightway.com/#code_style_guide ● Corrected and improved wording in The Basics ○ phptherightway.com/pages/The-Basics.ht ml ● Updated ZF2 DB abstraction layer to “Zend-db” ○ phptherightway.com/#databases_abstracti on_layers ● Added two new PaaS Providers ○ phptherightway.com/#php_paas_providers ● Updated “jeckyll serve” command for building PHPtRW locally ○ github.com/codeguy/php-the-right-way/blo b/gh-pages/CONTRIBUTING.md ● Note: Every open-source project can use your help with documentation. What are you waiting for?
  23. 23. PHP Conferences Midwest.io ● August 20-23 - Kansas City, MO ● See: midwest.io Pacific Northwest PHP 2016 ● Sept 15-17 - Seattle, WA ● See: pnwphp2016.dryfta.com StrangeLoop ● Sept 15-17 - St. Louis, MO ● See: thestrangeloop.com Bulgaria PHP 2016 ● Oct 7-9 - Sofia, Bulgaria ● See: bgphp.org
  24. 24. PHP Conferences - Continued True North PHP ● Nov 3-5 - Toronto, Canada ● truenorthphp.ca PHP[WORLD] 2016 ● Nov 14-18 - Washington, D.C. ● 10% KCPUG Discount: REDACTED ● world.phparch.com ZendCon ● Nov 18-21 - Las Vegas, NV ● zendcon.com SunshinePHP 2017 ● Feb 2-4 - Miami, FL ● 2017.sunshinephp.com/ ● Call for Papers due: Sept 30 ○ See: cfp.sunshinephp.com/
  25. 25. Nomad PHP (Online) - September 22 Nomad PHP EU - 01:00 PM CDT A Deepdive Into the .git Directory ● Joshua Thijssen (@jaytaph) ● nomadphp.com/4378-2 Nomad PHP US - 08:00 PM CDT CommonMark: Markdown Done Right ● Colin O’Dell (@colinodell) ● nomadphp.com/commonmark-markdown- done-right
  26. 26. Next Month in KCPHPUG ● Looking for Speakers! ● Nomad PHP edition? ● Hack Night?

×