Articles about php

shutterstock_287971118--snake-hero

Language bugs infest downstream software, fuzzer finds

Developers working in secure development guidelines can still be bitten by upstream bugs in the languages they use. That's the conclusion of research presented last week at Black Hat Europe by IOActive's Fernando Arnaboldi. As Arnaboldi wrote in his Black Hat Europe paper [PDF]: “software developers may unknowingly include …
Bug

Google's PHP API client has XSS vulnerability

Users of Google's PHP API client: watch out for phishing attacks while Google patches a cross-site scripting (XSS) vulnerability in the code. The bug, discovered by DefenseCode's Leon Juranic using the company's ThunderScan source code scanner, has been acknowledged by the Chocolate Factory (as a “nice catch”), and a fix is …
Close up of tangled tape

HPE tape library permits unauthorised remote access

HP Enterprise has warned that its StoreEver MSL6480 Tape Library is at risk of allowing “remote unauthorized disclosure of information.” As the MSL6480 can store up to 8.4 petabytes when all 560 of its slots are filled with LTO-7 tapes, that's rather a lot of data at risk. The problem isn't entirely HPE's fault: it derives …
Simon Sharwood, 18 Nov 2016
PHP, image via Shutterstock

PHP pioneer and Zend co-founder enlists for AWS big-data mission

Andi Gutmans, a pioneer in scripting language PHP and co-founder of Zend Technologies, has joined Amazon’s cloud. Gutmans has become general manager of the NoSQL Group, part of the AWS data services unit. According to his LinkedIn profile, Gutmans is “working on the next generation of NoSQL database”. Gutmans blogged here: “ …
Gavin Clarke, 16 May 2016

Extreme photo-bombing: Bad ImageMagick bug puts countless websites at risk of hijacking

A wildly popular software tool used by websites to process people's photos can be exploited to execute malicious code on servers and leak server-side files. Security bugs in the software are apparently being exploited in the wild right now to compromise at-risk systems. Patches to address the vulnerabilities are available in …
PHP Logo

PHP 7.0 arrives, so go forth and upgrade if you dare

PHP 7.0 was launched today, so we've asked @sydphp organiser and #phunconf convener Jack Skinner to explain its significance. Over to you, Jack ... PHP is the language we love to hate and often hate to love. After celebrating it’s 20th birthday earlier this year, it's clearly here to stay, not least because version 7 arrived …
Jack Skinner, 3 Dec 2015
Wordpress logo

WordPress.com ditches PHP for Calypso's JavaScript admin UI

Blog hosting provider WordPress.com is embracing JavaScript and open-sourcing its code base, in what the platform’s chief reckons is a big, risky and controversial bet. Automattic, the creator of WordPress.com, has revealed the existence of Calypso, a 20-month-old project that rewrites and open sources the code behind the …
Gavin Clarke, 24 Nov 2015
Digger image via Shutterstock

Brace yourselves: Facebook plans MORE PHP jiggery pokery

Facebook isn’t done fiddling with PHP – far from it. Team Zuckerberg are cooking up fresh changes to streamline further this veteran server horse for mobile, set to be released under open source. It’s the latest chapter in a rebooted community source strategy that’s chalked up Hip Hop, which then evolved to became Hip Hop …
Gavin Clarke, 12 Jun 2015
Data breach image

Want to have your server pwned? Easy: Run PHP

More than 78 per cent of all PHP installations are running with at least one known security vulnerability, a researcher has found. Google developer advocate Anthony Ferrara reached this unpleasant conclusion by correlating statistics from web survey site W3Techs with lists of known vulnerabilities in various versions of PHP. …
Neil McAllister, 31 Dec 2014

Quick PHP patch beats slow research reveal

Patches have been flung out to cover vulnerabilities in PHP that led to remote code execution and buffer overflows. The flaws were detailed this week by Swiss researchers High-Tech Bridge in versions 5.4.33, 5.5.17 and 5.6.1 on a machine running Ubuntu 14.04.1 LTS and the Radamsa fuzzer. A patch issued last month for CVE-2014 …
Darren Pauli, 23 Oct 2014
PHP

What's that? A PHP SPECIFICATION? Surely you're joking, Facebook

A group of Facebook developers has decided to break with 20 years of tradition and release a formal specification for the PHP programming language. The initial draft of the spec was released on Wednesday and is available via a Git repository hosted on PHP.net. Language specs, in and of themselves, are nothing new. Many of the …
Facebook Like Stamp

Facebook hacks out PHP alternative

The big “HACK” signs reputed to adorn the walls of Facebook offices aren't just a command from His Royal Zuckness: The Social Network also uses a programming language called “Hack” and has just given it to the world. Facebook describes Hack as “a programming language we developed for HHVM that interoperates seamlessly with PHP …
Simon Sharwood, 21 Mar 2014

Google holds its nose, lets the hoi polloi run PHP on its shiny cloud

Google has loaded PHP onto its platform cloud in a preview form, letting developers around the world try out the technology. The advertising giant made PHP available as a preview service on its App Engine platform cloud on Monday, taking the total language count of supported platform-as-a-service (PaaS) languages to four, …
Jack Clark, 9 Oct 2013

RBS Mainframe Meltdown: A year on, the fallout is still coming

A year ago, RBS experienced its Chernobyl moment – an incident when a case of simple human error by those running critical systems resulted in a crisis. IT staff badly botched routine maintenance of the IBM mainframe handling millions of customers' accounts – a system processing 20 million transactions a day. The mistake was …
Gavin Clarke, 21 Jun 2013
The Register breaking news

Google platform cloud now takes PHP apps

Google I/O Google is adding PHP to Google App Engine as the company tries to appeal to developers of the widely-used language. The addition was announced on Wednesday at Google's developer jamboree Google I/O. It means GAE now supports three widely used web languages – Python, Java, and PHP – and Go, a Google-sponsored language designed …
Jack Clark, 15 May 2013

Rackspace does tech support for popular languages on its cloud

Rackspace Hosting has spent the past six months putting together a set of officially sanctioned software development kits and runtime environments for popular programming languages to run on its eponymous infrastructure cloud, and now it is ready to offer tech support for those SDKs when companies deploy applications on the …

Red Hatters seal chumship with Zend on OpenShift PHP cloud

Red Hat is still only previewing its OpenShift platform cloud, and one of the reasons why is because it had not yet inked a deal with Zend Technologies, the commercial entity that is to the PHP programming language as Linux Torvalds and Red Hat together are to the Linux operating system. But that is all going to be fixed now …
The Register breaking news

PHP devs lob second patch at super-critical CGI bug

The developers of PHP have released updates to thwart fresh attacks against systems that use the scripting language to dynamically generate web pages. All users are encouraged to upgrade to PHP 5.4.3 or PHP 5.3.13, as appropriate, after a serious security bug in PHP-CGI-based setups was disclosed. Developers attempted to fix …
John Leyden, 9 May 2012

Create a news alert about php, or find more stories about php.

Biting the hand that feeds IT © 1998–2018