It seems like in the past year or so, security has come to the forefront of everyone's mind. Prior to this, most developers and organizations seemed to see it as a "nice to have" instead of a "must have". While I think this naivety hurt the community as a whole, we have the opportunity to redeem ourselves. Therefore, I offer an updated .htaccess for all dotProject users:

A new .htaccess file.

Just download this, place it in the root of your dotProject install, and rename to ".htaccess".*

As I've been looking at improvements to dotProject, I looked at the root of our two security problems and there were two common threads: First, they were both dependent on inappropriate access to files outside the normal structure. Second, they were both dependent on register globals. I don't know of any additional dotProject security issues open at the moment, but I wanted to head them off...

After another brief hiatus, there are big things in the works to be announced.  One of the biggest and most exciting is my recent involvement in the DC PHP Group.  While the group itself has been relatively quiet, we're announcing ourselves to the world with a bang...  and here it is:

PHP in the Federal Enterprise and the World:  Secure Solutions for Federal Agencies, IT Companies and Non-Profit Organizations

We are hosting the first DC Metropolitan area PHP Conference this October.  Not only that, but since we're in a unique location with opportunities and potential impact like nowhere else in the world, we're taking a slightly different look at PHP. Our mission is to demonstrate and teach how PHP is a solid, sensible, cost-effective, and low risk development language to use for government and non profits.

Therefore, our Presentation Tracks fall into four areas:

• Integrating PHP with Federal Operations and the Enterprise
• Security & Accountability
• The Art of PHP
• The Business Case for PHP

The Call for Papers ends on July 7th and gives suggested topics in each of these areas.  Your presentation will be up to 400 people including decision makers for some of the largest and most influential organizations in the world.

Additional Information available:

• As of today, the Sponsor/Exhibitor Prospectus is available.  We are already in discussions with a handful of major players in the Open Source/Government areas, so if you're considering, don't wait too long.
• Also as of today, the Call for Papers is open. As noted on the first page "Overall, strong preference will be given to sessions where real projects, actually deployed in business settings, are used to illustrate the topics being discussed".  Translation:  If you are successfully using PHP in a production environment in a government agency, you will be given special attention.
• For those interested, we will have banner available which you are welcome to share, post, etc: 

If you have any questions or comments, don't hesitate to drop me a note (keith at CaseySoftware.com).

Disclaimer:  I'm one of the core participants in organizing the conference, tracking down presenters and sponsors, and CaseySoftware is part of the Washington, DC community that could benefit as a result of this conference successfully happening.

This week I'm attending the Zend/PHP Conference & Expo in San Francisco and I thought I'd share some notes on the initial presentations.

The first day (18 Oct) was made up of 3 hour long tutorials. I went to XML, Web Services and PHP (SOAP & REST) by a smart guy named Christian Wenz. The first half was almost entirely a background on XML and different XML Technologies. There have been some incremental improvements over the past 4 years that I've been doing it, but nothing significant.