PHP Coding Ground, Free php scripts, SQL, tutorials, Shared Codes, Ebooks, Webmaster Resources

The PHP Development Team would like to announce the immediate release of PHP 5.1.1.

This is a regression correction release aimed at addressing several issues that may cause issues for some applications. The main fixes found in this release include the following:

* Native date class is withdrawn to prevent namespace conflict with PEAR's date package.
* Fixed fatal parse error when the last line of the script is a PHP comment.
* eval() hangs when the code being evaluated ends with a comment.
* Usage of {$var} in PHP 5.1.0 resulted in the output of {$var} instead of the $var variable's value enclosed in {}.
* Fixed inconsistency in the format of PHP_AUTH_DIGEST between Apache 1 and 2 sapis.
* Improved safe_mode/open_basedir checks inside the cURL extension.

The full details of the changes in PHP 5.1.1 can be found here: http://www.php.net/ChangeLog-5.php#5.1.1

The PHP development team is proud to announce the release of PHP 5.1.
Some of the key features of PHP 5.1 include:

* A complete rewrite of date handling code, with improved timezone support.
* Significant performance improvements compared to PHP 5.0.X.
* PDO extension is now enabled by default.
* Over 30 new functions in various extensions and built-in functionality.
* Bundled libraries, PCRE and SQLite upgraded to latest versions.
* Over 400 various bug fixes.
* PEAR upgraded to version 1.4.5

The full details of the changes in PHP 5.1.0 can be found here:
http://www.php.net/ChangeLog-5.php#5.1.0

In addition to new features, this release includes a number of important
security fixes:

* Fixed a Cross Site Scripting (XSS) vulnerability in phpinfo() that
could lead f.e. to cookie exposure, when a phpinfo() script is
accidentally left on a production server.
* Fixed multiple safe_mode/open_basedir bypass vulnerabilities in
ext/curl and ext/gd that could lead to exposure of files normally not
accessible due to safe_mode or open_basedir restrictions.
* Fixed a possible $GLOBALS overwrite problem in file upload handling,
extract() and import_request_variables() that could lead to unexpected
security holes in scripts assumed secure. (For more information, see here).
* Fixed a problem when a request was terminated due to memory_limit
constraints during certain parse_str() calls. In some cases this can
result in register_globals being turned on.
* Fixed an issue with trailing slashes in allowed basedirs. They were
ignored by open_basedir checks, so that specified basedirs were handled
as prefixes and not as full directory names.
* Fixed an issue with calling virtual() on Apache 2. This allowed
bypassing of certain configuration directives like safe_mode or
open_basedir.
* Updated to the latest pcrelib to fix a possible integer overflow
vulnerability announced in CAN-2005-2491.
* Possible header injection in mb_send_mail() function via the