Security researcher Alexander Klink and Julian Wälde revealed a serious vulnerability that until recently affected the vast majority of web server. The attack only requires a single HTTP request that is specially designed to create hash code collisions in POST form data. When first discovered this attack affected Python, Ruby, PHP, Java, and ASP.NET, but vendors have been working on patches.
Today, Facebook and Heroku announced an integration between the their respective developer platforms that simplifies the development of Facebook Apps. With just a few clicks, you can select your language and configure which type of App you want to develop (Web Site, Canvas or Page Tab).
The Model-View-Controller pattern is pretty much dominating professional, customer facing website design these days. While single-file scripts and form builder technologies still have a place, MVC seems to strike the right balance for many developers. The Fuel framework for PHP intends to capitalize on the work done by earlier MVC frameworks such as Ruby on Rails.
Phalanger is a PHP compiler for the .NET and Mono runtime. It is currently capable of running popular PHP based applications such as WordPress. With the exception of indirect invocation of static methods, Phalanger now offers across the board performance improvements over PHP.
RightScale and Zend have teamed up to offer a PaaS for deploying, managing and running PHP applications in the cloud. Currently available only on Amazon AWS, the PHP Solution Pack will be made available for other cloud providers in the future.
Frank Ableson published an article last week providing a thorough introduction about using jQuery Mobile, JSON, PHP and MySQL to create mobile web applications.
Facebook is probably the hottest company today, driving a very high level of interest and scrutiny. Despite a high level of secrecy, Yee Lee, a product manager at Skype, has assembled a large collection of notes detailing how code ships at Facebook.
Tiobe's award is given to the programming language that gained most market share in 2010. Objective-C was the leader for most of 2010 but got lost ground in the last couple of months. Python grew it's market share by 1.81% since January 2010, which is nearly 4 times the overall marketshare of SAP's programming language ABAP.
The third beta of Microsoft’s WebMatrix IDE was released this month with significantly improved support for PHP. This round brings the option to choose between PHP 5.2 and 5.3 as well as support for PEAR, the PHP Extension and Application Repository.
New Relic has released two new variants of its performance tool: RPM for .NET and RPM for PHP. RPM offers performance monitoring and analysis for web applications running on premises or in the cloud.
Microsoft has announced a new tool, Windows Azure Companion, updates to Windows Azure Tools for Eclipse for PHP and Windows Azure Command-line Tools for PHP, and version 2.0 of Windows Azure SDK for PHP at Open Source India conference which took place during September 19-21, all tools targeted at PHP developers and web administrators interested in deploying applications on Windows Azure.
Zend recently announced an 'unlimited subscription' licensing option for its PHP products, in support of cloud computing. Virtualization and Cloud Computing challenge traditional concepts of software licensing, e.g. one license per user, one license per server, because of the dynamism and variability of running instances inherent in both concepts. Zend offers one way to solve this problem.
Embarcadero has released a video preview of the main features coming in RAD Studio XE: Subversion support, a PHP IDE, new modeling diagrams. Future previews will include optimizations and automation features, and cloud support.
LAMP has been a major platform for the Internet, but current cloud offerings do not seem to include LAMP as PaaS. Is LAMP needed in a cloud computing world?
Caucho has announced that it will support the Java EE6 Web Profile in the next iteration of their lightweight application server, Resin 4.0. The Java EE6 Web Profile specifies a lighter, modern subset of the full Java EE6 specification, which must contend with backwards compatability.