Simon Willison’s Weblog

Blogmarks tagged php in 2007

Filters: Type: blogmark × Year: 2007 × php ×


Hacky holidays on OS X. Jeremy Keith documents how to get PHP 5 and Apache 2 virtual hosts running on Leopard. # 29th December 2007, 11:49 am

The backdooring of SquirrelMail. A SquirrelMail developer’s account was compromised and used to insert a backdoor: the other developers initially missed the hole because it used $_SERVER[’HTTP_BASE_PATH’], which can be set with a Base-Path: HTTP header. # 28th December 2007, 11:40 pm

Cruciforum (via) Stuart’s new PHP forum—single script, stores threads as static HTML on the filesystem (no database), installation is a one-step process. # 16th October 2007, 9:08 am

Becoming PHP 6 Compatible. According to this article, I’ve been writing PHP 6 compatible code since about 2002. # 24th September 2007, 12:13 pm

7 reasons I switched back to PHP after 2 years on Rails. After two years working on a Rails rewrite of CD Baby, Derek Sivers scrapped it and instead rewrote the PHP version using Rails-inspired design principles. Derek would still use Rails for a greenfield project though. # 23rd September 2007, 8:49 am

J4P5: Javascript For PHP 5 (via) “J4P5 is a JavaScript interpreter written in PHP 5, that allows to run untrusted scripts in a sandbox on your server. It aims to implement most of Ecma-262 3rd edition.” # 12th July 2007, 10:24 pm

GoPHP5.org. A campaign to encourage a mass switchover from PHP 4 to PHP 5 on February 8th 2008, by co-ordinating both hosting companies and PHP projects. # 8th July 2007, 10:08 am

Index of /drupal/modules/openid. Drupal’s OpenID implementation in CVS. # 26th June 2007, 12:26 am

Drupal 6 and OpenID. “The implementation is all Drupal native code—no third party libraries were used.” # 26th June 2007, 12:26 am

Python 3000 Status Update. Doesn’t look like we’ll get multiline lambdas, but the other stuff looks great. I’m not looking forward to years of Python 2 and Python 3 co-existing and splitting the community though (ala PHP 4 and 5). # 19th June 2007, 1:49 pm

Unsettling. Sounds like there might be a massive scripted hack going on against out of date WordPress installs on Dreamhost. Check your site. See also discussion in the comments attached to this post. # 5th June 2007, 9:16 pm

A brief unofficial history about register_globals in PHP. It’s been more than five years since register_globals was disabled by default in PHP 4.2.0. # 30th April 2007, 8:20 am

phpbb-openid first beta. A fully functional OpenID consumer for phpBB 2.0, implemented as a set of patches. # 29th April 2007, 8:27 pm

Quercus: PHP in Java (via) A “fast, open-source, 100% Java implementation of the PHP language”, built to run on top of Resin. Claims to be compatibly with MediaWiki, Drupal, Wordpress, Gallery2 and DocuWiki. # 12th April 2007, 4:25 pm

phpsh. An interactive shell for PHP, developed at Facebook and written mostly in Python. Facebook are really pushing their open-source stuff at the moment. # 3rd April 2007, 9:43 am

ANN: PHP OpenID 1.2.2 released. Includes a fix to a bug that was causing some consumers to be incompatible with the WordPress.com OpenID provider. If you’re using this in a PHP OpenID consumer you should upgrade now. # 23rd March 2007, 8:33 pm

OmniTI_OpenID. OmniTI’s PHP OpenID 1.1 consumer library. Much less full featured than the JanRain library, but it’s good to have more than one. # 18th March 2007, 1:15 am

PHP 4 phpinfo() XSS Vulnerability. Another reason not to run an open phpinfo() page on your server. # 4th March 2007, 9:24 pm

PHP and “OpenID authentication failed: Bad signature”. If you’re seeing a “Bad signature” error in your PHP OpenID application it could be down to a miscompiled GMP library. # 15th February 2007, 10:02 am

OpenID (and TypeKey) using native OpenSSL functions in PHP. Wez Furlong shows how a small patch to PHP’s OpenSSL support makes it a whole lot easier to perform the cryptography behind OpenID (at the moment you need to use the bc or gmp modules). # 10th February 2007, 10:49 pm