Posts marked with “ini”
The PHP Podcast: 2025.07.10
This week on the PHP Podcast, Eric and John discuss PHP 8.5’s new INI Diff feature, Exploiting Public APP_KEY Leaks, Does Theo listen to the podcast? Spoiler: NO, and more. Links from the show: https://laravel-news.com/php-85-introduces-an-ini-diff-option Exploiting Public APP_KEY Leaks to Achieve RCE in Hundreds of Laravel Applications PHP TekTV – Secrets Security End-To-End [FrameworkBundle] […]
Possible vulnerabilities found in PHP session IDs
A new advisory warns that a lack of entropy is making session hijacking easier, but only under certain circumstances. Core developer Ilia Alshanetsky gives us the straight dope.