Author: Manuel Lemos
Updated on: 2016-12-23
Posted on: 2016-06-15
Categories: Lately in PHP Podcast, News
There is a new proposal for PHP 7.1 to provide built-in semi-automatic protection against CSRF attacks, so it will be easier for PHP developers to protect the sites they develop against this type of exploit.
That was one of the main topics discussed by Manuel Lemos and Arturs Sosins in the episode 72 of the Lately in PHP podcast hangout.
They also talked about other proposals for PHP 7.1, as well the election of two release managers that will take care of the steps necessary to release PHP 7.1 later this year on the planned schedule.
This article includes a transcript of the podcast summary.
Listen to the podcast, or watch the hangout video, or read the summary transcript to learn more about these interesting PHP topics.
PHP 5.5.36, 5.6.22, 7.0.7 released (5:13)
ImageMagick Vulnerability (11:50)
PHP 7.1 Release Managers Elected (13:44)
RFC: Allow loading extensions by name (15:32)
RFC: Semi-Automatic CSRF Protection (18:13)
RFC: Simple Annotations (21:01)
RFC: Fix inconsistent behavior of $this variable (24:56)
RFC: array_change_keys (28:03)
PHP Innovation Award Winners of February 2016 (38:10)
PHP Innovation Award Rankings of 2016 (48:28)
Download Size: 44MB Listeners: 1035
Introduction music Harbour used with explicit permission from the author Danilo Ercole, from Curitiba, Brazil
In iTunes, use the Subscribe to Podcast... item of the Advanced menu, and then enter the URL above to subscribe to this podcast.
Note that the timestamps below in the transcript may not match the same positions in the video because they were based on the audio timestamps and the audio was compacted to truncate silence periods.
See the Lately in PHP podcast play list on YouTube and Subscribe to this channel there.
- RFC: Simple Annotations
- RFC: array_change_keys()
This month we don't have as many as RFCs as in the past month because the deadlines for steps of launch PHP 7.1, so people are not in a rush for new feature submission of proposal.
So as always we are going to start with the review of the latest PHP versions just, mention anything relevant. For now we will be talking PHP 5.5.35, PHP 5.6.2 and PHP 7.0.7.
Then we move on to talk about an issue of a vulnerability that was announced by the maintainer of ImageMagick, which is a a image processing extension that some people use in their PHP applications.
Then we start already talking about the proposal and the process of releasing PHP 7.1. And there was an election to choose the release managers of PHP 7.1 and we will mention it briefly in the podcast.
Then we start covering several more proposal that have talking about. One about allowing to specify the extension that you need in your PHP configuration just by name, a simple name rather than the file name path. This is to simplify the configuration to make it more portable between different enviroments.
Then we talk about an interesting new feature that aims to make it easier to protect exploits like cross-site request forgery, using special values that are setup in sections.
Then we talk about yet another proposal for annotations in PHP 7.1 . We comment about this in the last episode. So this is a new one.
Then we talk something that is not trivial to understand but is to forbid dynamical to do scope introspection. Basically is to forbid certain functions when you are making any calls to your code, I suppose this is for closures. We still need to debate about it.
Then finally there is a proposal for a new array function. PHP has many array functions, but this one aims to do something that is a little different that was not possible before.
You need to be a registered user or login to post a comment
Login Immediately with your account on:
No comments were submitted yet.