After 8 months of development we are ready to release Drupal 5.0 to the world. Today is also Drupal’s 6th birthday, so the timing could not be more perfect. Drupal 4.0 was released in 2002 and finally we feel confident to increase the major version number from 4 to 5.
Download
http://ftp.osuosl.org/pub/drupal/files/projects/drupal-5.0.tar.gz
During the last weeks several researchers have spent their time hunting and warning people that have not read the Flash documentation carefully and therefore exposed their domains to cross domain Flash access. You will even find statistics about the number of Fortune 500 sites affected by this.
Well, I did not participate in such witchhunts, mainly because I do not consider it security research to use google to find crossdomain.xml files or to draw sweet looking statistics. On the other hand these Flash policies were interesting enough for me to test and exploit.
Therefore I researched a bit and have released a mini article about a new class of holes this obscure Flash feature pokes into web applications.
You are invited to read it here.
Original post by blog-admin@nopiracy.de (Stefan Esser)
Here you can find a list of the most important Web Development Resources, ordered by use, that can be filtered by programming language.
For the past couple of days I’ve been in (rainy|sunny) Seattle attending a web development summit hosted on the Microsoft campus in Redmond. Microsoft invited a number of “influentials” from web development communities outside of the usual MS camps; the folks attending were mostly of a PHP background, but there was one Rails guy and a couple of others with more of a .Net background.
At first you’d think that MS had set out to brainwash us all into talking about how great their new bits are. While that was true to a certain extent, they were very keen to find out what we all thought about those bits–did they suck? how could they be improved? and so on.
For me, the more interesting parts included:
Feature focus on IIS7
The IIS7 that will ship with Vista is designed to make things easier for a web developer. There are some innovations like per-directory configuration files called web.config files. These are effectively an XML equivalent to Apache .htaccess files and will make things much easier for transporting configuration from a local dev box up to a staging or even production server. The IIS guys re-engineered the core of IIS to run in a modular fashion, making it much easier to build in custom authentication or URL rewriting facilities, for example.
This may not sound like a big deal to apache users, but it’s a significant stride in the right direction as far as feature parity between apache and IIS is concerned–it makes it easier to create an app that will run “the same” on IIS as it does on Apache.
Original post by wez+via_rss@netevil.org (Wez Furlong)
Another php|works is done. As always, Marco puts together a good conference. An interesting mix of speakers and attendees, a good selection of talks and some fun activities–the PHP trivia quiz was fun to watch (speakers were not allowed to compete) with some tough questions and a great prize (a brand new macbook!).
The extending PHP session I was covering for Sara seemed to go ok; in my experience there’s typically only 1 or 2 people that are seriously following the content in these sessions, with the rest either snoozing or feeling overwhelmed. It is a tough topic to cover, even in 3 hours. I used Sara’s slides, but the pacing was a bit aggressive, so we wound up spending a bit more time doing some real time extension hacking instead of following the slides too closely.
The PDO talk was the same as usual, and my new talk, on best mailing practices (affectionately known as “not PDO” by the rest of the speakers) had a decent turn-out with people actually scribbling down notes.
I think I only managed to attend two other talks; Sebastians AOP talk (although I had to cut out pretty early to make a phone call) and Zak’s talk on licensing, which very clearly explained things like copyright and licensing that every developer should know.
On my return journey, I had the pleasure of meeting Eli White (PHP Hacker @ Digg, author of “PHP 5 in Practice”) at the gate for the flight back home. By a strange quirk of fate I hadn’t seen Eli at all at the conference, but with ample time at the gate, and on the plane (another quirk of fate had us sitting next to each other), we made up for that.
You can find my PDO and Mail talks up at the OmniTI talks page: http://omniti.com/resources/talks and you can find the extending PHP slides up at http://netevil.org/talks/furlong-golemon-extending-php.pdf.
Original post by wez+via_rss@netevil.org (Wez Furlong)
The benefits of online learning are open to every one. There are hundreds of sites offering online training as well as study guides regarding latest courses like 640-863 as well as 350-018. The helping materials about Microsoft exams such as 70-554 are also accessible online. These online courses and exams not only benefit students from all over the world but also help the working people. As employees of any web hosting firms providing reliable services of domain hosting and domain parking can improve their services through passing these exams and can offer more steadfast backup along advanced hosting plans.