On the left hand side, we have multiple vulnerabilities with PHP release 5.2.1 or less. Remote attackers might be able to exploit these issues in PHP applications making use of the affected functions, potentially resulting in the execution of arbitrary code, Denial of Service, execution of scripted contents in the context of the affected site, security [...]
Did I just say all my WordPress plugins seem to work fine with WordPress 2.1? It turns out one of the new features in WP2.1, where you can set any static page as the front page, will send your browser into a busy redirection loop, when you turn on Permalink Redirect plugin. Well. The bug has [...]
Alrond’s technoblog: The performance test of 6 leading frameworks. Very interesting read, as Alrond tested Django (Python), TurbGears (Python), Ruby on Rails 1.1.6/1.2.1 (Ruby), Catalyst (Perl), Code Igniter (PHP) and Symfony (PHP), using various load and memory testing utilities. His conclusion? Django is fast, and can be very light on memory as well. RoR 1.1.6 is significantly [...]
Ohloh: PHP Eats Rails for Breakfast. A clearly link bait title, as it is in fact analysing by the “language”, i.e. PHP vs. Ruby, instead of frameworks. However, the analysis is interesting. As well as Brad Feld’s feedback on this article. Some of my thoughts: I won’t say it represents the “big picture”. Ohloh is only indexing [...]
Last couple of nights I have hacked a generic URL-based cache for Gravatar, the globally recognized avatar. If you have been blogging or reading other people’s blog, “gravatar” would not be foreign to you, as it has been implemented on many blog sites of various platforms. Gravatar Cache is an implementation to cache both positive [...]
It all starts with Tim Bray’s little rant on PHP a few days ago. Tim can’t stand PHP, because …all the PHP code I’ve seen in that experience has been messy, unmaintainable crap. Spaghetti SQL wrapped in spaghetti PHP wrapped in spaghetti HTML, replicated in slightly-varying form in dozens of places. I have seen some [...]
Peter Hunt took a look on “How Python wins on the Web”. He argued that framework does not really matter — not all those efforts mimicking Ruby on Rails anyway, as RoR and .NET has already won the hearts of developers. Instead, Pythonists should focus on killer re-usable applications. Here’s what I propose: screw Web frameworks [...]
The Server Side reports Caucho adds PHP support to Resin to allow it to run up to 6 times faster. It is done by compiling PHP into Java bytecode so that it can be executed in highly optimised Java virtual machines. From this comment, Quercus (the PHP module for Resin application server) actually implemented most of [...]
Via ZDNet News, Marc Andreessen of former Netscape endorse PHP over Java for website development, because it is open source, having easier environment, widely used and have big companies behind it. Interesting description about Java: Java is much more programmer-friendly than C or C++, or was for a few years there until they made just as complicated. [...]
As discussed on Slashdot, is another PHP library vulnerability that affects PEAR’s XML-RPC module. James at GulfTech has demonstrated this vulnerability with an exploit. It turns out the PHP XML-RPC library uses eval() without checking, which allows arbitary PHP code to be executed if the XML-RPC message is cleverly crafted.
Playground is the personal weblog of Scott Yang, a Chinese-Australian Christian who works as a software developer in Sydney Australia.