Simon Willison’s Weblog

Items tagged php in 2007

Filters: Year: 2007 × php ×


Hacky holidays on OS X. Jeremy Keith documents how to get PHP 5 and Apache 2 virtual hosts running on Leopard. # 29th December 2007, 11:49 am

The backdooring of SquirrelMail. A SquirrelMail developer’s account was compromised and used to insert a backdoor: the other developers initially missed the hole because it used $_SERVER[’HTTP_BASE_PATH’], which can be set with a Base-Path: HTTP header. # 28th December 2007, 11:40 pm

The Web Application Scale of Stupidity goes from OGF (One Giant Function) to OOP (Object Oriented Programming), like this: OGF ——– sanity ——— OOP

Cal Henderson (paraphrased) # 2nd November 2007, 6:23 am

Cruciforum (via) Stuart’s new PHP forum—single script, stores threads as static HTML on the filesystem (no database), installation is a one-step process. # 16th October 2007, 9:08 am

Getting from point A to B (the right way)

If your laptop is relatively recent it might have hardware support for virtualization (Intel Core Duo chips do, for example). If so, it’s worth looking in to using VMWare or Parallels to run a virtual linux server locally on your machine. You’ll need a fair amount of RAM for this as well—2 GB minimum probably.

[... 194 words]

Becoming PHP 6 Compatible. According to this article, I’ve been writing PHP 6 compatible code since about 2002. # 24th September 2007, 12:13 pm

7 reasons I switched back to PHP after 2 years on Rails. After two years working on a Rails rewrite of CD Baby, Derek Sivers scrapped it and instead rewrote the PHP version using Rails-inspired design principles. Derek would still use Rails for a greenfield project though. # 23rd September 2007, 8:49 am

J4P5: Javascript For PHP 5 (via) “J4P5 is a JavaScript interpreter written in PHP 5, that allows to run untrusted scripts in a sandbox on your server. It aims to implement most of Ecma-262 3rd edition.” # 12th July 2007, 10:24 pm

GoPHP5.org. A campaign to encourage a mass switchover from PHP 4 to PHP 5 on February 8th 2008, by co-ordinating both hosting companies and PHP projects. # 8th July 2007, 10:08 am

Index of /drupal/modules/openid. Drupal’s OpenID implementation in CVS. # 26th June 2007, 12:26 am

Drupal 6 and OpenID. “The implementation is all Drupal native code—no third party libraries were used.” # 26th June 2007, 12:26 am

Python 3000 Status Update. Doesn’t look like we’ll get multiline lambdas, but the other stuff looks great. I’m not looking forward to years of Python 2 and Python 3 co-existing and splitting the community though (ala PHP 4 and 5). # 19th June 2007, 1:49 pm

Unsettling. Sounds like there might be a massive scripted hack going on against out of date WordPress installs on Dreamhost. Check your site. See also discussion in the comments attached to this post. # 5th June 2007, 9:16 pm

A brief unofficial history about register_globals in PHP. It’s been more than five years since register_globals was disabled by default in PHP 4.2.0. # 30th April 2007, 8:20 am

phpbb-openid first beta. A fully functional OpenID consumer for phpBB 2.0, implemented as a set of patches. # 29th April 2007, 8:27 pm

Quercus: PHP in Java (via) A “fast, open-source, 100% Java implementation of the PHP language”, built to run on top of Resin. Claims to be compatibly with MediaWiki, Drupal, Wordpress, Gallery2 and DocuWiki. # 12th April 2007, 4:25 pm

phpsh. An interactive shell for PHP, developed at Facebook and written mostly in Python. Facebook are really pushing their open-source stuff at the moment. # 3rd April 2007, 9:43 am

ANN: PHP OpenID 1.2.2 released. Includes a fix to a bug that was causing some consumers to be incompatible with the WordPress.com OpenID provider. If you’re using this in a PHP OpenID consumer you should upgrade now. # 23rd March 2007, 8:33 pm

OmniTI_OpenID. OmniTI’s PHP OpenID 1.1 consumer library. Much less full featured than the JanRain library, but it’s good to have more than one. # 18th March 2007, 1:15 am

PHP 4 phpinfo() XSS Vulnerability. Another reason not to run an open phpinfo() page on your server. # 4th March 2007, 9:24 pm

PHP and “OpenID authentication failed: Bad signature”. If you’re seeing a “Bad signature” error in your PHP OpenID application it could be down to a miscompiled GMP library. # 15th February 2007, 10:02 am

OpenID (and TypeKey) using native OpenSSL functions in PHP. Wez Furlong shows how a small patch to PHP’s OpenSSL support makes it a whole lot easier to perform the cryptography behind OpenID (at the moment you need to use the bc or gmp modules). # 10th February 2007, 10:49 pm