Last Month in PHP - May 2016
0 likes474 views
The document summarizes updates from the PHP community in May 2016, including: - Security patches released for PHP versions 7.0.7, 5.6.22, and 5.5.36 that should be upgraded. - An ImageMagick remote code execution vulnerability was announced along with mitigation recommendations. - Upcoming new features for PHP 7.1 like array destructuring assignment syntax and nullable types. - Updates released for various CMS's and frameworks including Drupal 8.1.1, WordPress 4.5.2, Slim 3.4, CakePHP 3.2.9-3.2.10, Laravel 5.2.32-5.
![μFrameworks - Slim 3.4
Slim 3.4.[0,1,2]
● Follows PSR-7
○ HTTP Request/Response middleware
● Routing:
○ Added two new methods:
■ removeNamedRoute() and setPattern()
○ Fast-Route can be cached via routerCacheFile
● Some bug fixes
● See: slimframework.com/2016/05/09/slim-3.4.0.html](https://image.slidesharecdn.com/2016-06lastmonthinphp-160602001804/85/Last-Month-in-PHP-May-2016-9-320.jpg)
![Frameworks - CakePHP
CakePHP 3.2.[9, 10] & 2.8.4
● A bunch of bugfix and maintenance updates
● See:
○ bakery.cakephp.org/2016/05/16/cakephp_329_released.html
○ bakery.cakephp.org/2016/05/26/cakephp_3210_released.html
○ bakery.cakephp.org/2016/05/02/cakephp_284_released.html](https://image.slidesharecdn.com/2016-06lastmonthinphp-160602001804/85/Last-Month-in-PHP-May-2016-10-320.jpg)
![Frameworks - Laravel
Laravel 5.2.[32, 33, 34, 35]
● Bugfix and maintenance updates
● Some additions:
○ Failed login support
○ Support for log levels
● See: github.com/laravel/framework/blob/master/CHANGELOG.md](https://image.slidesharecdn.com/2016-06lastmonthinphp-160602001804/85/Last-Month-in-PHP-May-2016-11-320.jpg)
![Frameworks - Symfony
Symfony [3.0.6, 2.8.6, 2.7.13, 2.3.42] - Update!
● Security Update
○ Fixed issue when authenticating via LDAP
and submitting a blank password
■ Was only a problem in 2.8.x and 3.x
branches
○ Fixed issue when creating a really long
username
■ Limit hard-set to 4096 chars!
● Many bugfixes
● The final update to Symfony 2.3
● See:
○ symfony.com/blog/symfony-3-0-6-released
○ symfony.com/blog/symfony-2-3-42-
released
Symfony 3.1 Released
● PSR-6 Caching interface
● LDAP component available
● See: symfony.com/blog/symfony-3-1-0-
released
Symfony Docs Hack Day
● May 21 - 02:00 CDT - 14:00 CDT
● See: symfony.com/blog/announcing-the-
fourth-symfony-docs-hack-day](https://image.slidesharecdn.com/2016-06lastmonthinphp-160602001804/85/Last-Month-in-PHP-May-2016-12-320.jpg)
![PHP Conferences
200 OK
● June 3 - Tulsa, OK
● See: 200ok.us
WordCamp KC 2016
● June 10-12 - Kansas City, MO
● See: 2016.kansascity.wordcamp.org
Kansas City Developer Conference
● June 22-24 - Kansas City, MO
○ KCPHP speakers!
○ 4 PHP-related sessions!
● See: www.kcdc.info
php[cruise]
● July 17-24 - Bahamas
● 10% Discount Code for our UG:
REDACTED
● See: cruise.phparch.com](https://image.slidesharecdn.com/2016-06lastmonthinphp-160602001804/85/Last-Month-in-PHP-May-2016-15-320.jpg)
Last Month in PHP - May 2016
- 1. Last Month in PHP May 2016 Kansas City PHP User Group
- 2. PHP Patch Releases PHP 7.0.7 - Upgrade! ● Security fixes PHP 5.6.22 - Upgrade! ● Security fixes PHP 5.5.36 - Upgrade! ● Security fixes See: ● http://php.net/ChangeLog-7. php#7.0.7 ● http://php.net/ChangeLog-5. php#5.6.22 ● http://php.net/ChangeLog-5. php#5.5.36
- 3. Security Bulletin... ImageMagick ● Remote Code Execution ● Mitigation recommendation: ○ Sandbox ImageMagick ■ If you find a good way to do this, it might make a good KCPUG talk! ○ Update your policy.xml file. ■ See: imagetragick.com
- 4. Upcoming Features via PHP RFC Square bracket syntax for array destructuring assignment ● Target: PHP 7.1 ● tl;dr: syntactic sugar for list function ● See: wiki.php.net/rfc/short_list_syntax
- 5. Upcoming Features via PHP RFC Nullable Types ● Target: PHP 7.1 ● tl;dr: typehint of “X or null” ● Note: “null” must be explicitly passed in or returned ● Caveat: could be replaced by proposed Union Types RFC ● See: wiki.php.net/rfc/nullable_types Note: Examples stolen directly from the RFC :)
- 6. Upcoming Features via PHP RFC Closure from callable function ● Target: PHP 7.1 ● tl;dr: Convert callables into closures without expensive reflection ● Note: Looks like a static userland method, but it’s built in! ○ Closure::fromCallable ● See: wiki.php.net/rfc/closurefromcallable Note: Example ripped directly from the RFC :) Keep methods out of the API
- 7. CMSes: Drupal Drupal 8.1.1 ● Patch Release ○ Two major bug patches ■ “TaxonomyIndexTid Views plugin stores selected terms with the ID instead of UUID” ● Deals with no longer failing when optional dependencies are missing ■ “url.path cache context for breadcrumbs is unnecessarily granular” ● Deals with breadcrumbs getting created for paths without a route ○ Many minor updates ○ See:www.drupal.org/project/drupal/releases/8-1-1
- 8. CMSes: WordPress WordPress 4.5.2 ● Security release - Upgrade! ○ Fixes vulnerabilities from: ■ MediaElement.js ■ Plupload ● See: wordpress.org/news/2016/05/wordpress-4-5-2/
- 9. μFrameworks - Slim 3.4 Slim 3.4.[0,1,2] ● Follows PSR-7 ○ HTTP Request/Response middleware ● Routing: ○ Added two new methods: ■ removeNamedRoute() and setPattern() ○ Fast-Route can be cached via routerCacheFile ● Some bug fixes ● See: slimframework.com/2016/05/09/slim-3.4.0.html
- 10. Frameworks - CakePHP CakePHP 3.2.[9, 10] & 2.8.4 ● A bunch of bugfix and maintenance updates ● See: ○ bakery.cakephp.org/2016/05/16/cakephp_329_released.html ○ bakery.cakephp.org/2016/05/26/cakephp_3210_released.html ○ bakery.cakephp.org/2016/05/02/cakephp_284_released.html
- 11. Frameworks - Laravel Laravel 5.2.[32, 33, 34, 35] ● Bugfix and maintenance updates ● Some additions: ○ Failed login support ○ Support for log levels ● See: github.com/laravel/framework/blob/master/CHANGELOG.md
- 12. Frameworks - Symfony Symfony [3.0.6, 2.8.6, 2.7.13, 2.3.42] - Update! ● Security Update ○ Fixed issue when authenticating via LDAP and submitting a blank password ■ Was only a problem in 2.8.x and 3.x branches ○ Fixed issue when creating a really long username ■ Limit hard-set to 4096 chars! ● Many bugfixes ● The final update to Symfony 2.3 ● See: ○ symfony.com/blog/symfony-3-0-6-released ○ symfony.com/blog/symfony-2-3-42- released Symfony 3.1 Released ● PSR-6 Caching interface ● LDAP component available ● See: symfony.com/blog/symfony-3-1-0- released Symfony Docs Hack Day ● May 21 - 02:00 CDT - 14:00 CDT ● See: symfony.com/blog/announcing-the- fourth-symfony-docs-hack-day
- 13. Frameworks - Zend Zend Framework ● No Updates for 2.5.x ○ Github repo name-change from “zf2” to “zendframework” ○ See: framework.zend.com/blog/2016-05-03-zf-repo-rename.html
- 14. PHP: The Right Way ● Added “Cloudways” to PaaS Providers ○ See: phptherightway.com/#php_paas_providers ● Note: Every open-source project can use your help with documentation. What are you waiting for? ○ See: NomadPHP Lightning Talk: “Your First PR: How to Contribute to Open-Source Projects” ■ youtu.be/a5foPCInZZ0
- 15. PHP Conferences 200 OK ● June 3 - Tulsa, OK ● See: 200ok.us WordCamp KC 2016 ● June 10-12 - Kansas City, MO ● See: 2016.kansascity.wordcamp.org Kansas City Developer Conference ● June 22-24 - Kansas City, MO ○ KCPHP speakers! ○ 4 PHP-related sessions! ● See: www.kcdc.info php[cruise] ● July 17-24 - Bahamas ● 10% Discount Code for our UG: REDACTED ● See: cruise.phparch.com
- 16. PHP Conferences - Continued Laracon US ● July 27-29 - Louisville, KY ● See: laracon.us Midwest.io ● August 20-23 - Kansas City, MO ● See: midwest.io Pacific Northwest PHP 2016 ● Sept 15-17 - Seattle, WA ● CFP due June 5 ● See: pnwphp2016.dryfta.com ZendCon ● Nov 18-21 - Las Vegas, NV ● See: zendcon.com
- 17. Nomad PHP (Online) - June 23 Nomad PHP EU - 01:00 PM CDT Introduction to Event Sourcing and CQRS ● Beau Simensen (@beausimensen) ● See: https://nomadphp.com/introduction- event-sourcing-cqrs/ Nomad PHP US - 08:00 PM CDT Don’t Be The Last To Know! Strategies & Tactics for Monitoring Your System & Services ● Elisa Towbis (@ElisaInFla) ● See: https://nomadphp.com/dont-last- know-strategies-tactics-monitoring- system-services/
- 18. Next Month in KCPHPUG ● Looking for Speakers! ● Nomad PHP edition? ● Hack Night?