Tag Archives: coding

PHP 5.2.2 and 4.4.7 Released

Posted on by
Reply

“PHP 5.2.2 and 4.4.7 have been released with a plethora of security updates. Many of the security notifications come from the Month of PHP Bugs effort, and range from double freed memory to bugs in functions that allow attackers to enable register_globals, to memory corruption with unserialize(), to input validation flaws that allow e-mail header injections, with an unhealthy sprinkling of other bugs and flaws fixed. All administrators that run any version of PHP are encouraged to update immediately.”

Our sysadmin installed 5.2.2 on our test instances earlier today, and we’ll be testing (and closely watching for external reports) over the next few days before rolling it into production.

Via Slashdot.

The Javascript Programming Language

Posted on by
Reply

Yahoo! JavaScript Architect Douglas Crockford provides a comprehensive introduction to the JavaScript Programming Language in this four-part video. This is the first section of the four-part video. See below the embedded video for more links.

Other programming videos by Douglas Crockford on Yahoo! Video:
The JavaScript Programming Language (4 parts).
Theory of the DOM (3 parts).
Advanced JavaScript (3 parts).

Via Digg.

parseMe 20070429 Update

Posted on by
Reply

Here’s another update to parseMe (back story), my little GPL’ed PHP-based RSS/Atom feed reader for mobile phones and other web-capable devices.

  • Moved to object oriented, pretty much for the “fun” of it.
  • Now passing a custom user-agent in the http query to avoid problems with sources that require it (Digg, among others).

You can find the appropriate links below:

Keeps me from hating my phone until I can afford to get myself a nicer mobile solution.

Google@Mcgill

Posted on by
Reply

Yes! We’ve done it. McGill is now using a Google Search Appliance as its main search engine backend, which is the main reason I have been so busy in the last while.

Despite early hardware issues and a few bugs I faced in the caching engine and XML APIs (most of which have been or are being addressed by the Google Enterprise team), I have to admit that it’s been one of the most motivating and enjoyable projects I have handled at McGill.

You can try it out for yourself on our main search page.

We also enabled other areas, such as our advanced course search, and classified search.

This is of course only the tip of the iceberg, since the architecture is quasi-infinitely extensible through the feeds and OneBox concepts (both of which we already use). And as usual, I already have a head full of ideas on how to further leverage the enormous amount of digital content on campus.

Fun times ahead!

March To Be Month of PHP Bugs

Posted on by
Reply

From the source article, on SecurityFocus (via Slashdot):

Stefan Esser is the founder of both the Hardened-PHP Project and the PHP Security Response Team (which he recently left). Federico Biancuzzi discussed with him how the PHP Security Response Team works, why he resigned from it, what features he plans to add to his own hardening patch, the interaction between Apache and PHP, the upcoming “Month of PHP bugs” initiative, and common mistakes in the design of well-known applications such as WordPress.

Given the success of the Month of Apple Bugs project, I think it’s a fantastic idea. This said, our sys admin at work isn’t too thrilled by the prospect of having to patch our many PHP installs everyday in March… ;)