PHP releases 5.2.5 to fix multiple vulnerabilities
For the ones of you who have not opted to receive the PHP announcements from the php.net site, here’s an important one you shouldn’t miss if you are using the 5.2.x branch.
From the PHP team:
over 60 bug fixes, several of which are security related
Some of the vulnerabilities are:
- Various errors exist in the “htmlentities” and “htmlspecialchars” functions where partial multibyte sequences are not accepted.
- Various boundary errors exist in the “fnmatch()”, “setlocale()”, and “glob()” functions and can be exploited to cause buffer overflows.
- An error in the processing of “.htaccess” files can be exploited to bypass the “disable_functions” directive by modifying the “mail.force_extra_parameters” php.ini directive via an “.htaccess” file.
- An error in the handling of variables can be exploited to overwrite values set in httpd.conf via the “ini_set()” function.
More details can be found in the official announcement here.
GridHelper - for easy grids in CakePHP
Been busy as hell and I’m afraid it will be like this for another month or so, but here is a quick one I felt like sharing because I hope it will be helpful to some.
Haven’t you ever wished to only have to write something like this in your views:
e($grid->create($results));
