Jeśli jesteś właścicielem tej strony, możesz wyłączyć reklamę poniżej zmieniając pakiet na PRO lub VIP w panelu naszego hostingu już od 4zł!

Archive for Luty, 2013

Michael Kimsal: Why do no almost no web frameworks come with any authentication/authorization?

Michael Kimsal: Why do no almost no web frameworks come with any authentication/authorization?

In a new post to his site Michael Kimsal poses an interesting question about something he’s noticed in several frameworks – and not just PHP ones: there seems to be a lack of authentication/authorization functionality coming bundled in.

Why do almost no web frameworks provide any default authentication/authorization functionality, with default examples of best practices for common use cases. The standard response I’ve gotten for years was/is “well, everyone’s needs for authentication are different”. No, they are not. A (very?) large majority of web applications (which is what most web frameworks are used to build), require some form of user login and authorization management, and often self-registration, dealing with lost passwords, etc.

He points out that by not having something a user can immediately deploy that’s been well tested and relatively risk-free, it can introduce security holes as a developer is “left to fend for themselves”. He suggests that the “not everyone’s the same” mentality that seems to go with authentication/authorization isn’t as valid as once thought. He does point out that both Symfony2 and Zend Framework 2 come with ACL functionality, but no common user handling. He mentions ones in a few other tools used in other languages too like Devise in Ruby, Spring Security in Grails and a membership system in ASP.NET.

Source: http://www.phpdeveloper.org/news/19221

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Michael Kimsal: Why do no almost no web frameworks come with any authentication/authorization?

Michael Kimsal: Why do no almost no web frameworks come with any authentication/authorization?

In a new post to his site Michael Kimsal poses an interesting question about something he’s noticed in several frameworks – and not just PHP ones: there seems to be a lack of authentication/authorization functionality coming bundled in.

Why do almost no web frameworks provide any default authentication/authorization functionality, with default examples of best practices for common use cases. The standard response I’ve gotten for years was/is “well, everyone’s needs for authentication are different”. No, they are not. A (very?) large majority of web applications (which is what most web frameworks are used to build), require some form of user login and authorization management, and often self-registration, dealing with lost passwords, etc.

He points out that by not having something a user can immediately deploy that’s been well tested and relatively risk-free, it can introduce security holes as a developer is “left to fend for themselves”. He suggests that the “not everyone’s the same” mentality that seems to go with authentication/authorization isn’t as valid as once thought. He does point out that both Symfony2 and Zend Framework 2 come with ACL functionality, but no common user handling. He mentions ones in a few other tools used in other languages too like Devise in Ruby, Spring Security in Grails and a membership system in ASP.NET.

Source: http://www.phpdeveloper.org/news/19221

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

PHP.net: PHP 5.4.12 and PHP 5.3.22 released!

PHP.net: PHP 5.4.12 and PHP 5.3.22 released!

On PHP.net today they’ve announced the release of PHP 5.4.12 and 5.3.22, the latest versions of the two current release branches.

The PHP development team announces the immediate availability of PHP 5.4.12 and PHP 5.3.22. These releases fix about 10 bugs. All users of PHP are encouraged to upgrade to PHP 5.4.12.

It’s a bug fix release, but everyone’s encouraged to update. It corrects things in core, FPM, sqlite, PDO_OCI, the Zend Engine and date functionality (and a bit more). You can get this latest version from the downloads page or windows.php.net for the Windows binaries. If you’d like to see the full list of issues fixed, check out the Changelog.

Source: http://www.phpdeveloper.org/news/19220

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

PHP.net: PHP 5.4.12 and PHP 5.3.22 released!

PHP.net: PHP 5.4.12 and PHP 5.3.22 released!

On PHP.net today they’ve announced the release of PHP 5.4.12 and 5.3.22, the latest versions of the two current release branches.

The PHP development team announces the immediate availability of PHP 5.4.12 and PHP 5.3.22. These releases fix about 10 bugs. All users of PHP are encouraged to upgrade to PHP 5.4.12.

It’s a bug fix release, but everyone’s encouraged to update. It corrects things in core, FPM, sqlite, PDO_OCI, the Zend Engine and date functionality (and a bit more). You can get this latest version from the downloads page or windows.php.net for the Windows binaries. If you’d like to see the full list of issues fixed, check out the Changelog.

Source: http://www.phpdeveloper.org/news/19220

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Community News: Packagist Latest Releases for 02.22.2013

Community News: Packagist Latest Releases for 02.22.2013Recent releases from the Packagist:

Source: http://www.phpdeveloper.org/news/19226

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Community News: Packagist Latest Releases for 02.22.2013

Community News: Packagist Latest Releases for 02.22.2013Recent releases from the Packagist:

Source: http://www.phpdeveloper.org/news/19226

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Site News: Popular Posts for the Week of 02.22.2013

Site News: Popular Posts for the Week of 02.22.2013Popular posts from PHPDeveloper.org for the past week:

Source: http://www.phpdeveloper.org/news/19218

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Site News: Popular Posts for the Week of 02.22.2013

Site News: Popular Posts for the Week of 02.22.2013Popular posts from PHPDeveloper.org for the past week:

Source: http://www.phpdeveloper.org/news/19218

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Andrew Podner: Closures, Lambdas, and Anonymous Functions

Andrew Podner: Closures, Lambdas, and Anonymous Functions

Andrew Podner has posted an introduction to a concept in PHP that may not be easy to immediately grasp for someone relatively new to the language – the idea of lambdas and closures.

Beginning with PHP 5.3, the anonymous function, became available to developers as a means of improving flexibility and increasing the number of tools at our fingertips to build powerful PHP applications. What I have been seeing a lot of as I read through documentation is more frequent use of terms like lambda, closure, or anonymous function, and sometime the terms are often used interchangeably, so let’s take a deeper look into what all of these things are and what differences, if any, there are between them.

The post looks at lambdas first, defining them as “functions without names” that can be assigned to objects or called inline when needed. Next is closures, and it’s noted that, in PHP, there’s really not much difference. They both also allow for use of the “use” statement to import values into the function’s local scope. He mentions the “$this” update that came in PHP 5.4 and includes some arguments against their use too.

Source: http://www.phpdeveloper.org/news/19217

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Andrew Podner: Closures, Lambdas, and Anonymous Functions

Andrew Podner: Closures, Lambdas, and Anonymous Functions

Andrew Podner has posted an introduction to a concept in PHP that may not be easy to immediately grasp for someone relatively new to the language – the idea of lambdas and closures.

Beginning with PHP 5.3, the anonymous function, became available to developers as a means of improving flexibility and increasing the number of tools at our fingertips to build powerful PHP applications. What I have been seeing a lot of as I read through documentation is more frequent use of terms like lambda, closure, or anonymous function, and sometime the terms are often used interchangeably, so let’s take a deeper look into what all of these things are and what differences, if any, there are between them.

The post looks at lambdas first, defining them as “functions without names” that can be assigned to objects or called inline when needed. Next is closures, and it’s noted that, in PHP, there’s really not much difference. They both also allow for use of the “use” statement to import values into the function’s local scope. He mentions the “$this” update that came in PHP 5.4 and includes some arguments against their use too.

Source: http://www.phpdeveloper.org/news/19217

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>