News Archive - 2009

    Here are the most important news items we have published in 2009 on PHP.net.

    PHP 5.2.12 Released!

    [17-Dec-2009]

    The PHP development team would like to announce the immediate availability of PHP 5.2.12. This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, some of which are security related. All users of PHP 5.2 are encouraged to upgrade to this release.

    Security Enhancements and Fixes in PHP 5.2.12:

    • Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus)
    • Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus)
    • Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion, identified by Bogdan Calin. (CVE-2009-4017, Ilia)
    • Added protection for $_SESSION from interrupt corruption and improved "session.save_path" check, identified by Stefan Esser. (CVE-2009-4143, Stas)
    • Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)

    Further details about the PHP 5.2.12 release can be found in the release announcement, and the full list of changes are available in the ChangeLog.

    PHP UK Conference 2010

    PHP UK Conference 2010

    [09-Dec-2009]

    PHP London are pleased to announce the date, venue and registration availability of their 5th annual UK PHP conference, building on the success of previous events and accommodating the continual growth of the PHP community and PHP development industry.

    The event takes place on Friday 26th February 2010 at the Business Design Centre in the Islington area of London. Information on the venue is available on our website.

    Registration is now available, with an early bird discount of £20 putting the price at £100 (ex. UK VAT), available for the rest of December 2009, increasing to £110 during January 2010, whilst the standard £120 price is available now (for those that wish to significantly contribute towards the running of the conference) until either the event takes place or we run out of places - so register as soon as you can to get the best price and secure your place.

    Feel free to create an account on the PHP UK Conference website at and sign-up for notifications of updates to the website.

    Important announcements will also be made to the PHP London announcement mailing list - sign up at http://lists.phplondon.org/cgi-bin/mailman/listinfo/phplondon-announce - via which you may be receiving this message now, and you can also follow the conference on Twitter (@phpukconference - #phpuk2010) and be a fan on Facebook.

    We expect to announce the initial line up of talks and speakers before Christmas, whilst potential sponsors/exhibitors can find information at http://www.phpconference.co.uk/sponsors and contact the conference committee using the form at http://www.phpconference.co.uk/contact.

    We hope to see you at the event in 2010!

    PHP 5.3.1 Released!

    [19-Nov-2009]

    The PHP development team would like to announce the immediate availability of PHP 5.3.1. This release focuses on improving the stability of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. All users of PHP are encouraged to upgrade to this release.

    Security Enhancements and Fixes in PHP 5.3.1:

    • Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.
    • Added missing sanity checks around exif processing.
    • Fixed a safe_mode bypass in tempnam().
    • Fixed a open_basedir bypass in posix_mkfifo().
    • Fixed failing safe_mode_include_dir.

    Further details about the PHP 5.3.1 release can be found in the release announcement, and the full list of changes are available in the ChangeLog.

    International PHP Conference

    International PHP Conference

    [21-Oct-2009]

    With its mixture of topics the International PHP Conference provides an ideal resource for all professionals and their successful daily routine within the whole PHP spectrum. Insights into current Web 2.0 technologies, Security, Best Practices for tools and components, Enterprise know-how, databases, architectures and more are presented at the International PHP Conference 2009.

    More than 30 Experts explain current trends and demonstrate how to make the most of your code and your business. They will answer your questions not only in the 40+ sessions and panel discussions but also during personal meetings.

    And for the very first time ever, on Sunday, 15th November, the PHP community will warm up with our free IPC Unconference. This is the place, where YOU decide about the sessions - just pick your favorite topics and get in touch with some of our speakers and other developers.

    Make use of this opportunity and make yourself a part of the worldwide PHP community – at the International PHP Conference 2009.

    PHP World Kongress

    PHP World Kongress

    [01-Oct-2009]

    On 24th and 25th of November you should not miss the lectures of the top speakers of the PHP Industry on Professional Software Development with PHP at Munich Conference Center.

    10 international speakers offer you more than 20 hours of knowledge transfer in the topics "Development", "Tools & Technologies", "PHP 5 Certification", "TYPO3 Certification", "Search Engine Optimization" and "Design Patterns with PHP" on two days.

    On November 24th, Pierre Joye from the PHP core team under Windows opens the congress with his keynote "PHP 5.3 and PHP 6". Amongst others topics include OOP, Web Application Security 2.0, SOAP in PHP and Zend Framework.

    The 25th November is a workshop day aimed at expanding and deepening your knowledge in PHP 5 Certification, TYPO3 Certification, Search Engine Optimization and Design Patterns with PHP.

    More detailed information is available on our website Twitter or in our group on Facebook.

    PHP Barcelona

    PHP Barcelona Conference 2009

    [28-Sep-2009]

    The PHP Barcelona User Group is proud to announce that the PHP Barcelona Conference 2009 is here, and it is arriving bigger than ever! Two days, three parallel tracks of talks and workshops, and some of the biggest names and companies in the industry covering the hottest subjects to date.

    Come to Barcelona (Citilab) to see Rasmus Lerdorf, Fabien Potencier, Derick Rethans, Sebastian Bergmann and many more open the hood and expose the secrets of PHP and PHP related technologies that make the Internet what it is today, and that power what the Internet will be tomorrow. Discover the newest evolution of the most popular scripting language and its intimate bonding with security, stability and scalability, and how its integration with cutting edge technology make it one of the most powerful and state of the art building blocks for robust applications.

    For more information about PHP Barcelona Conference 2009 and to register, please visit http://phpconference.es

    PHP 5.2.11 Released!

    [17-Sep-2009]

    The PHP development team would like to announce the immediate availability of PHP 5.2.11. This release focuses on improving the stability of the PHP 5.2.x branch with over 75 bug fixes, some of which are security related. All users of PHP 5.2 are encouraged to upgrade to this release.

    Security Enhancements and Fixes in PHP 5.2.11:

    • Fixed certificate validation inside php_openssl_apply_verification_policy. (Ryan Sleevi, Ilia)
    • Fixed sanity check for the color index in imagecolortransparent(). (Pierre)
    • Added missing sanity checks around exif processing. (Ilia)
    • Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre)

    Further details about the PHP 5.2.11 release can be found in the release announcement, and the full list of changes are available in the ChangeLog.

    ZendCon 2009

    ZendCon 2009!

    [26-Aug-2009]

    The Zend PHP Conference 2009 (ZendCon) is the largest event of the PHP community and a unique opportunity to meet with PHP developers, web experts and IT managers. This year's conference will be held October 19- 22, 2009 in San Jose, California. It will bring together developers and business managers from around the world for three days of exceptional presentations and networking events.

    At ZendCon 2009, sessions will focus on creating, deploying and managing applications that take advantage of the speed, scalability and simplicity of PHP. To find out more about ZendCon, see the full session listing, and register, visit http://zendcon.com/.

    PHP TestFest 2009 Winners

    [30-Jul-2009]

    A group of winners of PHP elePHPhants or TestFest mugs have been picked at random from the people that contributed the 887 tests during the 2009 PHP TestFest.

    Winners of elePHPhants

    • Mark Schaschke TestFest London May 2009
    • Patrick Allaert Belgian PHP Testfest 2009
    • Rafael Dohms testfest PHPSP on 2009-06-20
    • Guilherme Blanco testfest PHPSP on 2009-06-20
    • Fabio Fabbrucci Italian PHP TestFest 2009 Cesena 19-20-21 june
    • Rodrigo Moyle testfest PHPSP on 2009-06-20
    • Edgar Ferreira da Silva testfest PHPSP on 2009-06-20
    • Marco Fabbri PHPTestFest Cesena Italia on 2009-06-20
    • Jason Easter Testfest 2009 2009-06-20
    • Simon Westcott PHPNW Testfest 2009

    Winners of mugs

    • Tim Eggert Testfest Berlin 2009-05-09
    • Till Klampaeckel TestFest 2009
    • Havard Eide Norway 2009-06-09 \o/
    • Ŕlex Corretgé - Catalonia
    • Francesco Fullone TestFest Cesena Italia on 2009-06-20
    • Ivan Rosolen testfest PHPSP on 2009-06-20
    • Moritz Neuhaeuser Testfest Berlin 2009-05-10
    • Daniel Convissor TestFest 2009 NYPHP
    • Matt Raines testfest London 2009-05-09

    Winners will be contacted shortly.

    Once again a huge thank you! to everyone who helped to make this year's TestFest such an outstanding success!

    PHP NW 2009

    PHP North West Conference

    [21-Jul-2009]

    The PHP North West Conference has announced its return for a second year, to be held on Saturday 10th October 2009 in Manchester, UK. This is a one-day conference aimed at developers from the local region and further afield, with a deliberately low ticket price to ensure everyone who wants to attend can do so. We combine experienced speakers with some new local talent to bring an event that truly has something for everyone and a great buzz.

    The official conference is on the Saturday but there are social events on Friday and Saturday and an informal schedule on Sunday, so come and make a weekend of it with us in Manchester! All the venues are in central Manchester and walkable from mainline public transport, so do join us.

    There is a call for papers which runs until 16th August 2009 and the early bird ticket prices are fixed until September 10th. For more information, to submit a paper, to buy tickets, or to contact the organisers please visit the conference website.

    Subversion Migration Complete

    [16-Jul-2009]

    The migration from CVS to Subversion is complete. The web interface is at svn.php.net. You can read about it at php.net/svn.php, wiki.php.net/vcs/svnfaq. The URL to feed to your svn client is http://svn.php.net/repository.

    There is also a github mirror. Please use that instead of trying to do a full git clone from the svn repository. See the instructions at wiki.php.net/vcs/svnfaq#git

    Many thanks to Gwynne who did the bulk of the work and also all the other folks who pitched in. It was a major effort to move 14 years of CVS history to another RCS.

    2009 PHP TestFest

    [09-Jul-2009]

    So finally we are at the end of the 2009 PHP TestFest. It has been an outstanding success with the coverage increasing by about 2.5% overall and 887 new tests contributed in the TestFest SVN repository of which 637 have already been added to PHP CVS.

    User groups from all over the world have worked hard to make this happen and we thank each and every one of you for your contribution to PHP! You really made a difference to the PHP5.3 release quality.

    There still are few loose ends to tie up - the TestFest SVN repository will be closed for contributions later this week and the last few tests will be moved into the main PHP repository. Finally, we have 10 elePHPants and 9 TestFest mugs to give out. The winners of mugs and elePHPants will be drawn at random from a list of people who wrote tests; the winner's names will be announced later this month.

    For those that would like to continue to make a difference by writing tests there are two options. You can simply continue by submitting new tests to the QA mailing list, or, if you have written a significant number of tests you might consider applying for your own PHP CVS (or SVN) ID. In your application you should reference the tests that you have written in support of your application.

    Last but not least, we would like to thank all of the companies and institutions that sponsored TestFest. These include Combell, Corretgé, Faculdade Impacta de Tecnologia, IBM, iBuildings, Itera, Mayflower, Microsoft, Nexen (Alter Way Group), php|architect, Redpill-Linpro, Steinigke Showtechnic, Verges Council and Zend.

    PHP 5.3.0 Released!

    [30-Jun-2009]

    The PHP development team is proud to announce the immediate release of PHP 5.3.0. This release is a major improvement in the 5.X series, which includes a large number of new features and bug fixes.

    Some of the key new features include: namespaces, late static binding, closures, optional garbage collection for cyclic references, new extensions (like ext/phar, ext/intl and ext/fileinfo), over 140 bug fixes and much more.

    For users upgrading from PHP 5.2 there is a migration guide available here, detailing the changes between those releases and PHP 5.3.0.

    Further details about the PHP 5.3.0 release can be found in the release announcement, and the full list of changes are available in the ChangeLog.

    PHP Rio

    PHP'n Rio conference

    [21-Jun-2009]

    The Rio de Janeiro PHP user group is pleased to announce their first PHP'n Rio conference. It will be held July 3rd, 2009 at the Infnet Institute, in Rio de Janeiro. It is a one day mini conference aimed on providing experienced developers and beginners a chance to learn more about PHP frameworks, web applications built in PHP, and the art of testing code.

    The keynote speaker is Jan Schneider, who will also talk about the Horde project. In addition, we will have sessions about other frameworks and include a PHP TestFest.

    PHP'n Rio sessions go from 6-9 pm. Then the PHP TestFest follows up until 10 pm. No fees or subscription required. Participation is entirely free!

    Whether you live here or are around just enjoying the marvelous city, come and join us :) For more information, please visit