I’ve written about this before, but since the interactive mode of PHP (php -a) seems to be broken on OS X, I think it’s worth singing the praises of Jan Kneschke’s php shell project once again.

It’s a piece of cake to install the tool with the PEAR installer, and since I last used it 2 great new features are on offer:

• tab completion for all (or many) PHP functions and built-in classes and interfaces
• handling of fatal errors

What a relief to have this working again!  I was ssh-ing onto my Fedora servers just to test out code but of course this became impractical pretty quickly.  And did I mention it runs great on PHP 5.3?

And if you’re tempted to use the similarly named phpsh project from the Facebook open src stables, I can confirm this is not an option with the latest version of PHP.

Just thinking of how many package managers, each with a unique syntax, I try to remember how to use:

1. port
2. pear
3. cpan
4. gem
5. yum
6. apt-get
7. ant
8. easy_install
9. emerge
10. rpm (ok that was a while ago ..)

I’m sure I’m forgetting some.  Standardisation?

I can’t believe Zend is publishing articles on OXID eShop, this is definitely some of the worst code I have seen in ages.

As “the PHP company” I think Zend ought to at least select projects that have some merit in terms of software design, as surely beginner PHP devs look to Zend for good examples and copy/emulate whatever they showcase.

PHPterror took a closer look at some of the OXID code, really jaw-dropping stuff.

A new version of the Seagull framework has been released, download it here.

This is mostly a bugfix release but with some important improvements:

• Improved preferences management
• Better handling when DB connection is down
• Updated FCKeditor to 2.6.3
• Added German utf-8 support
• Updated Horde_Routes lib
• Consolidated translation features (SGL_Translation, SGL_Translation2) into new SGL_Translation3 PHP5 only package
• Added media2 module which makes ajax uploads easier and provides media features to the CMS module

The Seagull framework release coincides with a new release of the CMS module, and an announcement of Doris, our new productivity app.  You can read the announcement here if you’re not on the mailing list.

This will be the last release of the CMS module as a mainly developer-focused download.  Version 2.0 of CMS will get its own website, improved developer and enduser documentation, and a Pay as You Go format for those who need the convenience of a hosted service.  Read more about the improvements and try the preview here.

I’m happy to announce 0.6.5 was released last week, the code is available in the usual place:

http://seagullproject.org/download/

According to Trac this release contains 13 enhancements and fixes for  
26 defects, although there was also a lot of internal cleanup and small  
features added.

The wysiwg library has been updated from tinyFCK to FCKeditor  
following the security alert discussed here:

http://groups.google.com/group/seagull_general/browse_thread/thread/534ae6d5ccca995a?hl=en

I’ve had one developer contact me reporting a security compromise to  
one of his servers following the publication of the tinyFCK exploit,  
so please take care and upgrade to 0.6.5 or at least remove tinyfck to  
be on the safe side.  As mentioned before, being vulnerable to the  
exploit depends on a number of conditions existing however you are  
advised to update in all cases.

The main new features and improvements in this release are:

• Added ability to rebuild single modules
• New modules: comment2, emailqueue, simplesite, siteexporter
• New/improved libs: SGL_Emailer2, SGL_AjaxProvider2,
• Added ability to synchonise prefs for all members
• Improved preference handling
• CSS handling more flexible

Or for a detailed list see the changelog:
http://trac.seagullproject.org/browser/tags/0.6.5/CHANGELOG.txt

Work has also started on trunk again which is now 0.9, it will be a  
greatly slimmed down version of 0.6.x with no modules required by  
default, php5 only, and no libs bundled in the distro.

Thanks as always to everyone who sent in comments and helped us fix  
problems with their patches and/or feedback.

Well the title says it all, but I don’t think this is a reason for anyone to have a heart attack, aside from me but I’m recovered now

Please download Seagull 0.6.4 which includes the small fix required to solve the file disclosure problem.  0.6.3 is no longer available.

As the release has only been out <24 hours I doubt there are many production sites running on the vulnerable code, but if you were svn updating a live site, a very bad practice by the way, then svn up again

The problem: very simple, some recent code we introduced to merge, compress and cache CSS and js files was accepting arbitrary paths from GET – ouch.  The checking is now much more stringent.

Thanks to the gentleman over at milw0rm.com who posted the flaw less than 24hrs after the release went out. While he didn’t inform me or anyone I know of, Google alerts notified me of his announcement. In my view this is open source (with a little help from Google) working at its best.

Finally, please note that the title of the exploit article is inaccurate, it claims versions <= 0.6.3 are affected, this is not true, the affected optimizer.php file was only introduced in 0.6.3.

Well it took a bit of time but after quite a few months a new release of Seagull is finally out, 0.6.3. Things have been keeping pretty busy with the startup I’m working on, but it’s been a great opportunity to refine some features of the framework and optimise the performance.

The early indications are good, after less than 10 weeks of going live Kindo users are creating up to 20k profiles/day and the server load is staying comfortably below 0.5.

The latest Seagull release has a long list of improvements and new features, now it’s just a case of bringing the wiki documentation up to date to reflect this Should happen in next few weeks.

Here’s an overview of what’s new:

• CSS and JavaScript reorganization and optimization
• emails can now be stored in a queue managed by the db
• caching support has been extended to include javascript, css, PHP libraries and method calls
• we integrated Horde_Routes, imo one of the better PHP routes libs available
• Zend_Cache, which had clearly overtaken Cache_Lite is now wrapped by SGL_Cache, so devs have easy access to a memcached backend
• Dmitri developed an alternative array-based navigation driver, same flexibility as former driver but lightning fast
• out-of-the-box RTL support thanks to our work on the Arabic translation of http://kindo.com/
• the test suite now runs end-to-end in CLI
• the translation module has been greatly enhanced and was key in allowing us to release 14 languages in 10 weeks, including Arabic, Chinese and Russian
• full support for stored proc multiple resultsets in the SGL MySQL db driver and for storing DDLs for procs, views, functions, triggers and default or test data in your modules
• many performance improvements
• support for multiple attachments in SGL_Emailer

See the CHANGELOG for full details.

Thanks to Fabio Bacigalupo for the following article, part of an upcoming mini-series about successful startups built on the Seagull platform.

Running a successful website is a constant balancing act between achieving good performance and scaling smoothly. Read how we have used the Seagull framework to build our portal podcast.de. As a start-up we provide a web-based service to find, comment, play and recommend audio and video podcasts. At the moment the service is intended for a German speaking audience only but we are prepared for internationalisation thanks to Seagull.

We’re getting overwhelmed by support requests from our latest project and are looking for an open source customer support solution, does anyone have any suggestions?  The main functionality required is to be able to divert emails sent to a support address to a ticketing system.  We also need the following:

• Allow emails from more than one account to be diverted to the system and converted into tickets which can be assigned to team members according to language.
• Have predefined responses stored in a database which can easily be included as a basis for an email
• Allow specific emails from specific accounts to be automatically assigned to individuals
• Have various levels of importance for support requests
• Should allow the creation of different groups with various role capabilities

If you have any suggestions or experience to share please let me know in the comments.

VERDICT: Thanks again for the suggestions guys, we tried pretty much everything suggested and ended up going with Kayako, which is NOT open source, but has great features and solid internationalization support, the rest were quite weak in this area.  We’ve been using the system for several months now and are quite happy with it, it’s been able to handle quite a large volume of tickets being logged in around 10 languages and automatically assigned to the relevant country managers.