Archive | Open Source

Tags: , , ,

Come on Sourceforge

Posted on 29 January 2011 by Demian Turner

Sourceforge  has been crap for years now.  I opened my account in 2000.  Emails like this convince me that it’s a trend set to continue for a while to come.

Screen shot 2011-01-29 at January 29, 15.53.36 .png

Comments (1)

Tags: ,

Random thoughts on scripting languages

Posted on 06 October 2010 by Demian Turner

Interesting presentation [pdf] from Brian Kernighan

scripting languages

Comments (0)

Tags: , ,

PHP shell rocks

Posted on 09 November 2009 by Demian Turner

shellI’ve written about this before, but since the interactive mode of PHP (php -a) seems to be broken on OS X, I think it’s worth singing the praises of Jan Kneschke’s php shell project once again.

It’s a piece of cake to install the tool with the PEAR installer, and since I last used it 2 great new features are on offer:

  • tab completion for all (or many) PHP functions and built-in classes and interfaces
  • handling of fatal errors

What a relief to have this working again!  I was ssh-ing onto my Fedora servers just to test out code but of course this became impractical pretty quickly.  And did I mention it runs great on PHP 5.3?

And if you’re tempted to use the similarly named phpsh project from the Facebook open src stables, I can confirm this is not an option with the latest version of PHP.

Comments (0)

Tags: ,

Package managers

Posted on 22 October 2009 by Demian Turner

Just thinking of how many package managers, each with a unique syntax, I try to remember how to use:

  1. port
  2. pear
  3. cpan
  4. gem
  5. yum
  6. apt-get
  7. ant
  8. easy_install
  9. emerge
  10. rpm (ok that was a while ago ..)

I’m sure I’m forgetting some.  Standardisation?

Comments (0)

Tags: , , , , ,

PHPterror on OXID eShop

Posted on 26 August 2009 by Demian Turner

puremvc-patternsI can’t believe Zend is publishing articles on OXID eShop, this is definitely some of the worst code I have seen in ages.

As “the PHP company” I think Zend ought to at least select projects that have some merit in terms of software design, as surely beginner PHP devs look to Zend for good examples and copy/emulate whatever they showcase.

PHPterror took a closer look at some of the OXID code, really jaw-dropping stuff.

Comments (4)

Tags:

How Open Source Projects Survive Poisonous People

Posted on 20 June 2009 by Demian Turner

Comments (0)

Tags: , , ,

Seagull 0.6.6 Released

Posted on 27 January 2009 by Demian Turner

A new version of the Seagull framework has been released, download it here.

This is mostly a bugfix release but with some important improvements:

  • Improved preferences management
  • Better handling when DB connection is down
  • Updated FCKeditor to 2.6.3
  • Added German utf-8 support
  • Updated Horde_Routes lib
  • Consolidated translation features (SGL_Translation, SGL_Translation2) into new SGL_Translation3 PHP5 only package
  • Added media2 module which makes ajax uploads easier and provides media features to the CMS module

The Seagull framework release coincides with a new release of the CMS module, and an announcement of Doris, our new productivity app.  You can read the announcement here if you’re not on the mailing list.

This will be the last release of the CMS module as a mainly developer-focused download.  Version 2.0 of CMS will get its own website, improved developer and enduser documentation, and a Pay as You Go format for those who need the convenience of a hosted service.  Read more about the improvements and try the preview here.

Comments (4)

Tags: ,

Seagull 0.6.5 Released

Posted on 08 August 2008 by Demian Turner

I’m happy to announce 0.6.5 was released last week, the code is available in the usual place:

http://seagullproject.org/download/

According to Trac this release contains 13 enhancements and fixes for  
26 defects, although there was also a lot of internal cleanup and small  
features added.

The wysiwg library has been updated from tinyFCK to FCKeditor  
following the security alert discussed here:

http://groups.google.com/group/seagull_general/browse_thread/thread/534ae6d5ccca995a?hl=en

I’ve had one developer contact me reporting a security compromise to  
one of his servers following the publication of the tinyFCK exploit,  
so please take care and upgrade to 0.6.5 or at least remove tinyfck to  
be on the safe side.  As mentioned before, being vulnerable to the  
exploit depends on a number of conditions existing however you are  
advised to update in all cases.

The main new features and improvements in this release are:

  • Added ability to rebuild single modules
  • New modules: comment2, emailqueue, simplesite, siteexporter
  • New/improved libs: SGL_Emailer2, SGL_AjaxProvider2,
  • Added ability to synchonise prefs for all members
  • Improved preference handling
  • CSS handling more flexible

Or for a detailed list see the changelog:
http://trac.seagullproject.org/browser/tags/0.6.5/CHANGELOG.txt

Work has also started on trunk again which is now 0.9, it will be a  
greatly slimmed down version of 0.6.x with no modules required by  
default, php5 only, and no libs bundled in the distro.

Thanks as always to everyone who sent in comments and helped us fix  
problems with their patches and/or feedback.

Comments (1)

Tags: , ,

Seagull 0.6.3 Remote File Disclosure Vulnerability – Please Upgrade

Posted on 25 January 2008 by Demian Turner

Well the title says it all, but I don’t think this is a reason for anyone to have a heart attack, aside from me but I’m recovered now 😉

Please download Seagull 0.6.4 which includes the small fix required to solve the file disclosure problem.  0.6.3 is no longer available.

As the release has only been out <24 hours I doubt there are many production sites running on the vulnerable code, but if you were svn updating a live site, a very bad practice by the way, then svn up again 😉

The problem: very simple, some recent code we introduced to merge, compress and cache CSS and js files was accepting arbitrary paths from GET – ouch.  The checking is now much more stringent.

Thanks to the gentleman over at milw0rm.com who posted the flaw less than 24hrs after the release went out. While he didn’t inform me or anyone I know of, Google alerts notified me of his announcement. In my view this is open source (with a little help from Google) working at its best.

Finally, please note that the title of the exploit article is inaccurate, it claims versions <= 0.6.3 are affected, this is not true, the affected optimizer.php file was only introduced in 0.6.3.

Comments (3)

Tags: ,

New Release of the Seagull framework – 0.6.3

Posted on 23 January 2008 by Demian Turner

Well it took a bit of time but after quite a few months a new release of Seagull is finally out, 0.6.3. Things have been keeping pretty busy with the startup I’m working on, but it’s been a great opportunity to refine some features of the framework and optimise the performance.

The early indications are good, after less than 10 weeks of going live Kindo users are creating up to 20k profiles/day and the server load is staying comfortably below 0.5.

The latest Seagull release has a long list of improvements and new features, now it’s just a case of bringing the wiki documentation up to date to reflect this 😉 Should happen in next few weeks.

Here’s an overview of what’s new:

  • CSS and JavaScript reorganization and optimization
  • emails can now be stored in a queue managed by the db
  • caching support has been extended to include javascript, css, PHP libraries and method calls
  • we integrated Horde_Routes, imo one of the better PHP routes libs available
  • Zend_Cache, which had clearly overtaken Cache_Lite is now wrapped by SGL_Cache, so devs have easy access to a memcached backend
  • Dmitri developed an alternative array-based navigation driver, same flexibility as former driver but lightning fast
  • out-of-the-box RTL support thanks to our work on the Arabic translation of http://kindo.com/
  • the test suite now runs end-to-end in CLI
  • the translation module has been greatly enhanced and was key in allowing us to release 14 languages in 10 weeks, including Arabic, Chinese and Russian
  • full support for stored proc multiple resultsets in the SGL MySQL db driver and for storing DDLs for procs, views, functions, triggers and default or test data in your modules
  • many performance improvements
  • support for multiple attachments in SGL_Emailer

See the CHANGELOG for full details.

Comments (0)

Categories

Books

Demian Turner's currently-reading book recommendations, reviews, favorite quotes, book clubs, book trivia, book lists

Facebook