htscanner is an extension to emulate htaccess with non apache SAPI like FastCGI. It was originally developed by Bart Vanbrabant (Thanks to Runa@lighttpd on freenode for the head up, I did not know this extension until yesterday). It has the same advantages and disadvantages than Apache’s htaccess, use it with cautions

Many lighttpd users asked for such feature for PHP. After a quick test, I find it useful too and good enough to give it some love. As Bart does not maintain it anymore, I’m taking the hand on it and will continue the developments via PECL.

This release (0.5.0) contains a couple of additions and fixes, the most important are:

• safe mode and open_basedir checks
• usage of PHP streams API instead of the std IO
• fix a couple of bugs in threaded environments (like cwd detection)

It is still alpha, I did not run heavy tests now, comments and feedbacks welcome.

• Package Homepage
• Changelog

A new feed made it to my desk, what the duck

Time to check their archives

From Garett LeSage’s blog

During my upgrade to dotclear2, I noticed some notices about ""Indirect modification of overloaded property" and thought they are minor (notices…) and can be somehow ignored, bad idea

It seems that the known issues with setter/getters with array are more serious than I thought, being not really a fan of these magic methods, especially not for arrays or other non scalar data, I did not really "care", selber schuld

In the case of dotclear, the workaround is relatively easy:

<br />
class context<br />
{
  public $stack = array();</p>
 
  public function __set($name,$var)
  {
    $this->stack[$name] = $var;
  }
 
  public function __get($name)
  {
    if (!isset($this->stack[$name])) {
      return null;
    }
    return $this->stack[$name];
  }
}
 
	<p>$ctx = new context;<br />
$ctx->comment_preview = array();<br />
$ctx->comment_preview[&#8216;content&#8217;] = &#8216;&#8217;;<br />
$ctx->comment_preview[&#8216;rawcontent&#8217;] = &#8216;&#8217;;<br />
$ctx->comment_preview[&#8216;name&#8217;] = &#8216;&#8217;;<br />
$ctx->comment_preview[&#8216;mail&#8217;] = &#8216;&#8217;;<br />
$ctx->comment_preview[&#8216;site&#8217;] = &#8216;&#8217;;<br />
$ctx->comment_preview[&#8216;preview&#8217;] = false;<br />
$ctx->comment_preview[&#8216;remember&#8217;] = false;<br />
var_dump($ctx);</p>
 
	<p>$comment_preview = array();<br />
$comment_preview[&#8216;content&#8217;] = &#8216;&#8217;;<br />
$comment_preview[&#8216;rawcontent&#8217;] = &#8216;&#8217;;<br />
$comment_preview[&#8216;name&#8217;] = &#8216;&#8217;;<br />
$comment_preview[&#8216;mail&#8217;] = &#8216;&#8217;;<br />
$comment_preview[&#8216;site&#8217;] = &#8216;&#8217;;<br />
$comment_preview[&#8216;preview&#8217;] = false;<br />
$comment_preview[&#8216;remember&#8217;] = false;<br />
$ctx->comment_preview = $comment_preview;<br />
var_dump($ctx);<br />
 

The first initialiation will raise notices and fails (do not assign anything, as the error message says), the second works like a charm. This bug just confirms what I think about all these magic methods, don’t use them for non scalar unless someone put a gun on you.

The issue is known (thanks tony for the info). It is certainly due to the read/write access required by the array element change, but I do not know exactly how userland getter/setter work. I reopen an old bug (#36214), let see what will come out of it.

This release is mostly for windows users using other SAPI than CLI or (F)CGI. The bug is fixed in CVS already but I was lacking the time to release it. Pecl4win providing snapshots, it is half of a problem

The issue is actually a windows bug. No matter if I give or not the "b" flag to fopen, the write operations are not binary safe. It seems to be a known issue as many projects use the same trick:

 _setmode(_fileno(tfp), _O_BINARY );

PHP is forcing the binary mode in SAPI and CLI, that’s why the problem was not that easy to reproduce (apache or IIS debuggin on windows was not really my cup of tea .

I was trying to find some reference or bug reports about this issue but without much success, so far only people complaining about windows broken fopen. If anyone has detailed informations about this issue, please let me know.

As always you can fetch the DLLs from pecl4win or PECL.

• Full changelog
• Download

Philippe Noiret est mort.

Il fait parti des acteurs qui (m’)ont marqué, que ce soit par ses rôles ou lors de ses apparitions publiques.

Rideau… :’-(

Dotclear 2 (dc2) is still under development but it is now stable enough for my little blog. The development team is doing a real great job. The backend rocks, it is a pleasure to work with the new interface. A lot of new features have been added (finally the tags are here )and the customization is a piece of cake.

The GeShi code highlighter has been ported by l’Alex. You can fetch it from here.

There is a couple of issues on php 5.2.0, most of them are due to the get/set mess with references or arrays. I’m unsure about the reasons, but the error messages are too cryptic for me, I will try to figure it out later:

Indirect modification of overloaded property context::$comment_preview has no effect

As far as I understand, there is issues with get/set and array. But the code in the context class is very closed from what is available in the PHP manual, go figure… but later.

My new theme is based (99.99%) on Kozlika’s Giacomo, thank to him/her Many themes are already available for dc2, check them out here.

For the english speakers, please note that only the website is in french, the application is localized. It also uses mbstring and iconv for a better enconding support.

• dotclear
• dotclear 2 preview
• dotclear 2 themes

"There are a lot of things that go into maintainability, but I suggest that the biggies are object-orientation, MVC architecture, code readability, and code size (less is more, a lot more).

This is PHP’ Achilles’ heel, of course. Yes, it is possible to write clean, object-oriented, modular, MVC-style PHP applications. But most people don’t; the majority of apps that I’ve seen have spaghetti PHP code wrapped around spaghetti SQL embedded in spaghetti HTML. Also, a lot of the people who really understand O-O and MVC and maintainability would rather work in Java or Rails."

From a person "working at Sun Microsystems", I would not expect a better description of PHP developers but I have to admit that this guy is courageous. Going to the PHP International Conference to tell them that PHP developers (for the waste majority) are incompetent and not able to write clean code is not what I would do :)

By the way Tim, why Sun has suddenly so much interest in PHP? Plans to educate us? ;)

And to conclude:

"Java is a much richer system and assumes you’re smart enough"

If you are a dumb developer and never put your back on a school chair, PHP is for you.

I go back cooking, I like them "al dente".

Tim Bray comparing frameworks (please someone can tell him that PHP and Ruby are not frameworks but languages?)

ps: yes, I am in a rant mood

It becomes more than annoying to read slides or blog posts from some prominent member of the PHP Community about things they do not know. It is for a warning. It is not aimed to be diplomatic or to target any particular person or group of persons (even if some are obvious . But one thing is sure, we have to worry about what we say about other projects or other developers work.

Why do you…

• talk about something but has little/no clue about it?
• make conclusions with using facts or your own opinion?
• wait the day of the release to talk about possible issues?
• not describe how good your ideas/developments/PHP is without saying that Foo On Rail, BarSql suck or that “I” killed Web 0.7?

For all this question I only see one answer, self promotion, aggressive marketing and ego boosters. They are all annoying.

• learn what you are talking about and keep your knowledge up to date (especially for new features, they change a lot during the first year)
• don’t make conclusions if you don’t even try the softwares
• don’t use “suck”, “crap” “eat on its head” or other stupid words to describe concurrent technologies or other people work, it does not help PHP and is everything but constructive
• Your talks or blogs are no bug report, mail php-internal, report a bug or ping the devs on IRC (idle is also not constructive)
• Don’t wait the release day to make your own promotion on our backs. All PHP releases may introduce new issues, that’s why we have RC and that’s why you (esp. if you are a PHP developer) should test them and report issues or fix them yourself (patch or commit)!

Some useful resourses:

• Report a bug
• PHP Mailing lists

As answer to a respectfull but pertinent post from Nuno on internals, I was shocked to read:

“Nuno,

there is a simple answer to your email:

stick your anti Esser propaganda deep into some place noone is interested in.

Before I posted about this, I brought this topic up MONTHS before PHP 5.2 was released. Even before this patch made it into PHP 5.2 from PHP 6 tree.

And now please die or just shut the fuck up. I am sick of morons like you who believe they can attack me without knowing the facts.”

Stefan is often right in his comment and I prefer mad mails describing real problems than nothing (someone said once: “I prefer to be insulted and got a patch than having an insecure server”). But there is a limit to everything. Not only Nuno is one of the nicest guy in PHP but he is also one of the only who will never be rude or take parts of the numerous FUDs and other flames wars. No need to say that Stefan is yet going to far and with the wrong target.

Now talking about the facts, Stefan (sesser) is a PHP developer and his account has full access to the whole PHP projects.

And no trace of any mail from Stefan on internals about this problem. I only found a mail from Wez about this exact issue and yes, it is a real problem that this mail was not followed by a commit instead of getting lost in the internals archive.

Now, ego and jokes apart, is it really impossible to discuss things in a civilized way? If not always, at least on the mailing list?

• Nuno’s post
• Wez’ post
• 18+ post
• sesser’s blog

Zip 1.8.0 has just been released. It is now possible to create empty directory in an archive using the addEmptyDIr method.

A couple of other bugs have been fixed:

• Fixed setComment when used with a freshly added entry
• Fixed a possible leak in statName and statIndex
• setComment now returns the expected value, true on success and false on failure (Thanks Hannes Magnusson)

While checking the unicode stream support in php, I finally commited the initial support unicode for zip in HEAD (PHP6). The zip format works with the codepage 437 (or other cp, some OS may support them), which is basically ASCII with some additions. That’s why I choosed the safest way and convert entry names to ascii/binary.

It is always a pain to work with other charsets in zip archives, no matter which tools or library you use. Winzip or its windows brother may even refuse to read an archive containing unicode filenames. Hopefully adding 7zip support will solve this issue as it supports unicode names.

I’m looking for some Zip archives with non ascii entry names (like cp932, 949, 864, 855 or 950), it will help me to finish the implementation. Ideally the API should return entry names as unicode string to be truly portable. If you have some or you can create one, please put it somewhere online and put the link in a comment, thank you

As always, comments and feedbacks are welcome

• Zip homepage
• PHP Snapshots

It was a long road but we finally freeze the filter API. This release and PHP 5.2.0 have a stable and frozen API. The final version is very closed to what I initially proposed a couple of months ago. Our naming convention is applied and some new constants have been added to make everyone happy.

Two minor fixes made it in as well:

• Fixed possible bug in all filtering functions, input value was modified, making impossible to fetch the same value many times with different filters
• Callback may return corrupt values when the input is kept intact

I already updated the documentation, it should be available in all php.net mirrors.

For the first time users or existing users looking for an introduction to the new API, I wrote a tutorial for Zend’s devzone. Thanks to Cal for his support with Zend’s CMS

I also welcome Ilia in the filter developer team. It is a real pleasure to work him and I feel less alone and heh! I’m having fun again while working on filter!

it is time now to bring it to 1.0.0. I will work on the unicode support and some filters we recently discussed with Ilia and other long awaited like TRIM.

• Filter homepage
• Filter manual
• Devzone’s filter tutorial