Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Last Month in PHP - September 2016

165 views

Published on

PHP news of September 2016 as well as upcoming conferences and talks.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Last Month in PHP - September 2016

  1. 1. Last Month in PHP September 2016 Kansas City PHP User Group
  2. 2. PHP Patch Releases PHP 7.0.11 - Upgrade! ● Security fixes ● php.net/ChangeLog-7.php#7.0.1 1 PHP 5.6.26 - Upgrade! ● Security fixes ● php.net/ChangeLog-5.php#5.6.2 6
  3. 3. Security Bulletin... ImageMagick ● Remote Code Execution ● Mitigation recommendation: ○ Sandbox ImageMagick ■ If you find a good way to do this, it might make a good KCPUG talk! ○ Update your policy.xml file. ■ imagetragick.com
  4. 4. Upcoming Features via PHP RFC Argon2i Password Hash ● Target: PHP 7.2 ● tl;dr: Introduces Argon2i password hashing algorithm, PASSWORD_ARGON2I , which has 3 cost factors, to password_* functions ● Note: PASSWORD_DEFAULT will still be an alias for PASSWORD_BCRYPT for now. ● See: wiki.php.net/rfc/argon2_password_hash
  5. 5. CMSes: Drupal Drupal 8.1.[9,10] ● Drupal 8: Security & Patch Releases - Upgrade! ○ Users without "Administer comments" can set comment visibility on nodes they can edit: CVE-2016-7570 ○ Cross-site Scripting in http exceptions: CVE-2016-7571 ○ Full config export can be downloaded without administrative permissions: CVE-2016-7572 ○ drupal.org/SA-CORE-2016-004
  6. 6. CMSes: WordPress WordPress 4.6.1 - “Pepper” ● Security Release - Upgrade! ○ XSS via image filename ○ Path traversal vulnerability in image uploader ● wordpress.org/news/2016/09/wordpress-4-6-1-security-and-maintenance-rele ase
  7. 7. Frameworks - CakePHP CakePHP 3.3.[4,5], 2.9.0, & 2.8.[7,9] ● 3.3.x - bugfixes ○ bakery.cakephp.org/2016/09/24/cakephp_334_released.html ○ bakery.cakephp.org/2016/09/29/cakephp_335_released.html ● 2.9.0 - Feature release ○ Backwards-compatible feature release with 2.8.x ○ bakery.cakephp.org/2016/09/18/cakephp_290_289_released.html ● 2.8.x - bugfixes: ○ The last bugfix release of 2.8 ○ bakery.cakephp.org/2016/09/09/cakephp_287_released.html ○ bakery.cakephp.org/2016/09/18/cakephp_290_289_released.html
  8. 8. Frameworks - Laravel Laravel 5.3.[6,7,8,9,10,11,(12,13,14,15)] ● Laravel 5.3 ○ A lot of queue work ○ Final release of the month reverted the prior 3’s DaemonCommand updates ○ github.com/laravel/framework/blob/5.3/CHANGELOG-5.3.md ● Vue 2.0 Released ○ Laravel 5.3 uses Vue on the front-end ○ medium.com/the-vue-point/vue-2-0-is-here-ef1f26acf4b8
  9. 9. Frameworks - Symfony Symfony 3.1.4, 2.8.[10,11], 2.7.[17, 18] ● Maintenance Releases ○ symfony.com/blog/symfony-2-7-17-released ○ symfony.com/blog/symfony-2-7-18-released ○ symfony.com/blog/symfony-2-8-10-released ○ symfony.com/blog/symfony-2-8-11-released ○ symfony.com/blog/symfony-3-1-4-released ● SymfonyLive Chicago - Moved to php[world] :) ○ world.phparch.com/symfonylive-at-phpworld
  10. 10. Frameworks - Zend ZF 1.12.20 ● Security patch - Upgrade! ○ framework.zend.com/blog/2016-09-08-ZF-1.12.20-Released.html ● ZF1 End Of Life was 28 September ○ framework.zend.com/blog/2016-06-28-zf1-eol.html
  11. 11. PHP: The Right Way ● Code Style Guide ○ Under FIG heading, changed wording and added Laravel as a project ● Current Stable Version ○ Added EOL to PHP 5.6 ● Mac Setup ○ Updated currently installed version of PHP with Sierra ● Namespaces ○ Simplified wording ● Date and Time ○ Added info about Carbon ● Note: Every open-source project can use your help with documentation. What are you waiting for?
  12. 12. Hactoberfest 2016 Submit Pull Requests to Open Source Projects this month ● Help out the dev community! ● Submit 4 PRs and earn a t-shirt ● Must sign up first ● Cosponsored by Digital Ocean and Github ● Hacktoberfest.digitalocean.com ○ Check your status via 3rd-party: hacktoberfestchecker.herokuapp.com
  13. 13. PHP Conferences Bulgaria PHP 2016 ● Oct 7-9 - Sofia, Bulgaria ● bgphp.org True North PHP ● Nov 3-5 - Toronto, Canada ● truenorthphp.ca PHP[WORLD] 2016 ● Nov 14-18 - Washington, D.C. ● 10% KCPUG Discount: REDACTED ● world.phparch.com/ ZendCon ● Nov 18-21 - Las Vegas, NV ● zendcon.com
  14. 14. PHP Conferences - Continued SunshinePHP 2017 ● Feb 2-4 - Miami, FL ● 2017.sunshinephp.com PHP UK 2017 ● Feb 16-17 - London, UK ● phpconference.co.uk ● Call For Papers due Oct 17 ○ phpconference.co.uk/speakers Confoo.CA 2017 ● Mar 8-10 - Montreal, CAN ● confoo.ca/en/yul2017 Lonestar PHP 2017 ● Apr 20-22 - Dallas, TX ● lonestarphp.com
  15. 15. Nomad PHP (Online) - October 13 Nomad PHP EU - 01:00 PM CDT “New” is Not Your Enemy! ● Stephan Hochdörfer (@shochdoerfer) ● nomadphp.com/new-not-enemy Nomad PHP US - 08:00 PM CDT How the 3rd Normal Form Destroyed a Family ● Chuck Reeves (@manchuck) ● nomadphp.com/3rd-normal-form-destroye d-family
  16. 16. Next Month in KCPHPUG ● Eric Poe: “Iterating Strings -- Iterating Things”

×