Just finished my talk on the "Hidden Features of PHP" at the PHP Barcelona conference. First time me giving this particular talk, which I think (hope) went pretty well. Big thanks to all the attendees for being there, especially those to braved the large crowd and asked questions. The slides from the talk are now available online and can be downloaded at: barcelona_2010_hidden_features.pdf

In a few days I will attempt one of my most tricky conference schedules in a long while (perhaps ever), I get the feeling a vacation will be in order after all this. It was a privilege to get my talks accepted accepted at the PHP Barcelona Conference 2010 in Barcelona, Spain where I will be speaking about Hidden Features of PHP as well as APC & Memcached. Then I get to fly home to Toronto for about 24 hours, and from there travel to ZendCon in Santa Clara, California, where I get to speak about the (awesome) Memcached extension and some more Hidden Features of PHP. Then I fly back to Toronto, for roughly 36 hours, after which I depart to Paris, France to speak at the Forum PHP organized by AFUP to talk about APC & Memcached. Should be fun ;-)

About a week ago, I was doing some upgrades on my development machine and came across a rather nasty issue when it comes to how .php(s) files are associated with PHP in Apache. It seems that a number of distros including Gentoo (which is what I was using) are using the following configuration directive to make the PHP module parse PHP files: AddHandler application/x-httpd-php .php AddHandler application/x-httpd-php-source .phps The non-obvious problem with the above is that it will allow not only "file.php" to be treated as PHP scripts, but also "file.php.txt", which means that any file containing ".php" in its name, no matter where in the filename, would be treated as a PHP script. This of course creates a rather nasty security hole, since many upload file validation tools, only check the final extension. Consequently allowing the user to by-pass the validation, by simply prefixing another "harmless" extension like .txt, .pdf, etc... to the filename, but still get...

PHP Excel Extension 0.8.6 The 0.8.6 version of the Excel extension was released and is now available for download. This version was updated to contain LibXL 3.0 support which introduces Excel 2007/2010 read/write support, which means that this extension can now read and generate any Excel file. Support for XSLX (2007/2010) format can be enabled by passing "true" as the 3rd parameter to the ExcelBook() construtor. GitHub: http://github.com/iliaal/php_excel/ Source: http://github.com/downloads/iliaal/php_excel/php-excel-0.8.6.tar.bz2

The 0.8.5 version of the Excel extension was released and is now available for download, it contains a number of small build fixes, which makes it possible to compile it against all versions of PHP (5.2,5.3,trunk). The Win32 compilation was also fixed and thanks to Kalle, PHP 5.3 win32 binaries are now available for download as well. GitHub: http://github.com/iliaal/php_excel/ Source: http://github.com/downloads/iliaal/php_excel/php-excel-0.8.5.tar.bz2 Win32 Binaries: http://github.com/downloads/iliaal/php_excel/php-excel-5.3.zip