PHP Now Supports Argon2 Next-Generation Password Hashing Algorithm

An anonymous reader quotes Bleeping Computer: PHP got a whole lot more secure this week with the release of the 7.2 branch, a version that improves and modernizes the language's support for cryptography and password hashing algorithms.

Of all changes, the most significant is, by far, the support for Argon2, a password hashing algorithm developed in the early 2010s. Back in 2015, Argon2 beat 23 other algorithms to win the Password Hashing Competition, and is now in the midst of becoming a universally recognized Internet standard at the Internet Engineering Task Force (IETF), the reward for winning the contest. The algorithm is currently considered to be superior to Bcrypt, today's most widely used password hashing function, in terms of both security and cost-effectiveness, and is also slated to become a favorite among cryptocurrencies, as it can also handle proof-of-work operations.

The other major change in PHP 7.2 was the removal of the old Mcrypt cryptographic library from the PHP core and the addition of Libsodium, a more modern alternative.

Jeez

I just got done converting everything to bcrypt!

Re: Jeez

If you're using the password_hash and password_verify functions, then migration is very simple and straightforward.

Re: Jeez

Make sure you still have a read of the docs though.
PHP uses the Argon2i 1.3 (Argon2i-B) implementation but the default paramaters may not be strong enough. There was some research done not that long ago which suggested that a minimum of 10 passes should be used for hashing passwords.

e.g.: Towards Practical Attacks on Argon2i and Balloon Hashing
https://eprint.iacr.org/2016/759.pdf

Re: Jeez

PHP uses the Argon2i

Argon sqrt (-4)? That's vaporware on steroids!

I think it's a

gas gas gas

Oh, wow!

[Anonymous+Cashews]

Who knew that PHP was still around?

Re:Oh, wow!

[guruevi]

Facebook, Laravel, Own/Nextcloud, Wikipedia, Wordpress, ... more than 80% of the web runs on PHP.

Re:Oh, wow!

[Anonymous+Cashews]

There haven't been a PHP story on the front page of Slashdot for ages.

Re:Oh, wow!

[wimg]

Uh... https://developers.slashdot.org/story/17/02/21/2039256/php-becomes-first-programming-language-to-add-modern-cryptography-library-in-its-core

Re:Oh, wow!

[DontBeAMoran]

And don't forget https://developers.slashdot.or...

Re:Oh, wow!

[OrangeTide]

Facebook, Laravel, Own/Nextcloud, Wikipedia, Wordpress, ... more than 80% of the web runs on PHP.

I've heard of maybe half of those, I didn't realize all of them were still around.

I remember letting people run php on my shell/web server some 15 years ago. And how quickly the default installation was hacked and webpages were defaced. For me it wasn't worth the effort necessary to set it up properly.

Re:Oh, wow!

[Anonymous+Cashews]

Ten months ago... is a long time between stories on Slashdot.

Re:Oh, wow!

Oh wow, look! It's Poison Ivan and his cashews community of creimer deniers!

We know that "Christopher Dale Reimer" is a cover name for "Poison" Ivan Keshyu. His mission to infiltrate Slashdot to get precious high-tech info back to Putin has failed miserably!

He was unable to grasp English grammar so it was easy to spot him, like a terminator with rubber skin!

Re:Oh, wow!

"There haven't been a PHP story"

There HASN'T , Poison Ivan! If you had just learned your English grammar in secret agent school, we would have never detected you, Poison Ivan!

"Leave me the fuck alone."

Huh??? Leave US the fuck alone, Poison Ivan! You don't get to dictate the conditions of your surrender.

Re:Oh, wow!

Fuck off, asshole. It's not our fault that your favorite fuck toy took off for the weekend.

Re:Oh, wow!

creimer confuses his Slashdot signature with an animated gif.

--
Balena!

Re:Oh, wow!

CREIMER' SUBMISSIONS UPDATE:
Note also that creimer is trying to regain karma by getting his submissions published as articles on /. so make sure to go to:
https://slashdot.org/~cdreimer
and mod down his submissions as well. The great thing is that you don't even need mod points to mod down a submission, just click on the "minus" icon!

creimer wrote:

I don't bother with mod points. I'm doing something much more sinister. It took ten story submissions ? I'll have to double check the number ? to move cdreimer's karma from neutral to excellent without ever being exposed to the capricious mods. Mmmmmwwwwahahahahahahaha!

https://slashdot.org/comments....

Danger, Will Robinson, Danger! Creimy is posting more than 2 posts a day. Hurry! mod down otherwise /. will go to hell again!

Note: you can mod down even if already at -1 to lower karma and to prevent lost /. users to accidentally mod up.

creimer wrote:

All you need to do is find a website with a permissive TOS, say, Slashdot, create a Python script to scrape your own comments, sprinkle Amazon affiliate links in various posts, and then re-post past links whenever possible. Won't be long before you start making "coffee money" each month.

https://slashdot.org/comments....

C.D. Reimer is a renowned Slashdot collaborator, as he puts it himself; "Because of the quality of my posts and my article submissions, I'm a highly rated commentator and moderator."

But does anybody ever wondered what "C.D." stands for? Well, it stands for Creimy Dumpty of course!

Creimy Dumpty sat on the wall,
Creimy Dumpty had a great fall.
All the king's horses
And all the king's men
Couldn't put Creimy Dumpty
Together again.

Creimy's siblings video and theme song, very realistic, especially the pants, just like Creimy's:
https://www.youtube.com/watch?...

With "Vice President Pence Vowing US Astronauts Will Return To the Moon", we are sure they will need miracle workers up there, here is what it would look like. Note that Creimy takes care of bringing a lot of food to the moon as depicted below:
https://www.youtube.com/watch?...

Creimy's real pictures:
Before the sex change:
https://ibb.co/cc7Ddw
After the sex change:
https://ibb.co/gVad65

Creimy's "enterprise-level" chair, he talks about it all the time on slashdot:
http://www.keynamics.com/image...

Creimy's head, while his supervisor was talking to him, not with him, since it is impossible to do with Creimy:
http://ibb.co/mRVSaG

Creimy acting in educational resource document, he actually confirmed himself on Slashdot that he was handled by Special Education for the Santa Clara County Office of Education! He is really a king Dumpty!:
http://www.sccoe.org/depts/stu...

Re:Oh, wow!

There you are spamming amazon affiliate links with yet another fake account, you revenue stream hogging disgusting fat sexist tube of lard, Christopher Dale Reimer!

You can be sure I will be watching this fake account too. I know this is you because you told me you were working on your freepass 11 file server and you are so dumb that you can't even masquerade yourself properly.

Now, I told you I was out of meds last week and you didn't even care to contact me you lazy fucker.

How many times do I have to express the emergency of the situation??????

The python click script you wrote for my pheromone revenue stream web site suddenly stopped to work!!!!!!

You fucking incompetent python script writer!!!

When it works, I get 4000+ clicks a day on my pheromone revenue stream web site but only 5 or 6 without it!!!!

Now, it seems like you dont care and that you have abandoned me you heartless fucking pig!

Bonus:
Here is a story that creimer told me when convincing me what a hard life he had:

The tree was him and the tree knot was his butt hole!

So, his uncle packed his fat ass with lard and with his cock! Not that it makes much of a difference but anyway, there it is!

Signed:
The girl that used to love you and now hates you, burn in hell where you belong you sexist pig!

Re:Oh, wow!

Chris' case is getting worse, he spends all day replying to himself as AC on /.

The tests we ran on Chris have shown that Chris has the intelligence of an ameba:
https://en.wikipedia.org/wiki/...

So, technically, he is able to conceive some kind of agenda but it will be silly or impossible to follow on a human scale.

For example, Chris had an agenda to post anything he felt like on Slashdot which did not work well because it was based on his false beliefs that he had an infinite number of karma points as he wrote here several times.

Several people here explained to Chris that karma maxed out at some level like 50 or so but Chris kept on insisting that his python script had confirmed that he had millions of karma points!

Oh well, as I wrote before: "It isn't Chris' fault if he is the way he is. We do the best we can do with him and he is partially integrated into society. We try to cure his abnormal need for attention but he is kind of stubborn and won't listen to anybody."

For the valuable /. users that might already have read the following, please note that there is an important update.

IMPORTANT UPDATE:
Special Education for the Santa Clara County Office of Education has invested money to buy Chris a new chair:
http://www.keynamics.com/image...

Information about Christopher Dale Reimer and autistic people:

Autistic people have obsessions about things normal people don't care. For example, one of our autistic patient went haywire when he realized that there was a penny missing in his pocket change.

To calm him down, one of our educator pretended to have found it on the floor and gave a penny to him.

The autistic patient condition went even worse because he realized it wasn't the same penny!

Chris has an obsession with budgeting every penny. He doesn't understand that most people do not budget to the penny and have a flexible amount they allow for miscellaneous items.

I am Nancy Guerrero and I am Director of Special Education for the Santa Clara County Office of Education. We use Chris' (a.k.a. creimer,cdreimer) picture in our document because he is the hardest case we have ever had to handle:
http://www.sccoe.org/depts/stu...

Our artists were inspired by the low carb diet that Christopher follows scrupulously for the small lunch box and by the picture linked below for the rest. I am sure that you will notice the similarities such as the bump on the side of his chest and more:
https://ibb.co/gVad65

Please be easy on Christopher although, I am aware that some of our staff handling Chris post joke comments here and obvoiusly, the Santa Clara County Office of Education disapprove that behavior vehemently:
http://ibb.co/mRVSaG

But it isn't Chris' fault if he is the way he is. We do the best we can do with him and he is partially integrated into society. We try to cure his abnormal need for attention but he is kind of stubborn and won't listen to anybody.

Thank You dear users,
---
Nancy Guerrero
Director
Special Education
Santa Clara County Office of Education

Re:Oh, wow!

Thanks Nancy,

Your posts are always enlightening and right on topic! Keep up the good work over there at Special Education!

I have noted that Chris uses child psychology to convince his so called trolls to give up by pretending they just give him free publicity. That's adoring! ;-)

Anyway Chris would have a hard time to learn anything above child level matters, including psychology.

https://childdevelopmentinfo.c...

---
Silvia Bunge
Psychology Department
University of California, Berkeley

Re:Oh, wow!

Nyet, Kamarad Kriski. Favorite fuck toy is BBW like Super Pochaco, not fat man like football player.

Re:Oh, wow!

You retard fuck, shut the fuck up!

See creimy? it is possible to use the word "fuck" without any sexual connotation. What is your problem with sex anyway? Not having any?

Re:Oh, wow!

Creimer is really smart. He uses every tool at his disposal to optimize his revenu stream.

Re:Oh, wow!

Ten months ago... is a long time between stories on Slashdot.

Hey creimy-dumber, everyone here wishes for that kind of delay (10 months) between your shit posts. Still, that would never be a long enough time!

Re:Oh, wow!

I don't think Slashdot could survive ten months from you shitting your pants between creimer's comments, if this past weekend is any indication.

Re:Oh, wow!

Creimer haven't commented in three days. Keep lashing out by assuming that every AC is Chris.

Re:Oh, wow!

A "creimer shitfest" that you created for three days in a row to keep you occupied.

Re:Oh, wow!

Hahhaa who do you think you're kidding creimer. Your continued posting here isn't some clever scheme to drive your trolls insane. It's simply autistic compulsion

Great

[Hognoxious]

So now all we have to worry about with PHP is everything else.

Re:Great

[wimg]

Which is the same for Ruby, Python, Perl, .Net, Java, Go and every other language. If you don't know how to code, the language doesn't matter.
Perhaps a more constructive comment next time ?

Re:Great

http://php.net/manual/en/intro.pthreads.php
Still no threading in web server environment.
PHP is a shit language.

Re:Great

PHP with Laravel and friends is like spritzing Febreeze all over a big pile of turd. Might smell sort of like lavender, but still definitely smells like shit.

Re:Great

All languages have issues. But PHP is in a special category of bad. It is a language for and by hacks.

Re:Great

[geekymachoman]

Actually, PHP is pretty decent now as of version 7.1, with massive improvements over earlier versions + it remained backward compatible (for the most part).
Just shows that core PHP developers are committed.

Still too easy to make mistakes, that's it's biggest flaw. Too many new programmers copy/pasting outdated code from examples on internet without understanding how it works, and it allows you to do pretty much everything. With proper design, and testing this is not an issue, but again.. many don't do any of this.

Re:Great

[slashrio]

One question:
Has the NSA been involved in this crypto scheme?

Re:Great

[Wraithlyn]

“There are only two kinds of languages: the ones people complain about and the ones nobody uses.”—Bjarne Stroustrup

Hashing

[Pieroxy]

I usually store passwords salted and hashed 100 to 500 thousand times with SHA-256 or MD5.

Should I switch to this now ?

Re:Hashing

[DontBeAMoran]

Dude, that's way too much sodium!

Re:Hashing

You should neither use SHA-256 nor Argon2. Hash functions are compression functions, so they loose entropy with every iteration. Iterate a symmetric block cipher for hashing instead and use SHA3 once at the beginning and SHA3 once at the end.

Re:Hashing

[PhrostyMcByte]

The primary purpose of recent key derivation algorithms like Argon2 is to guard against GPU-accelerated brute-forcing. Traditional methods like salted hashes or PBKDF2 are otherwise still secure.

Re:Hashing

[nospam007]

"I usually store passwords salted and hashed 100 to 500 thousand times with SHA-256 or MD5.

Should I switch to this now ?"

Argon 2? No, Helium 3 is apparently the future.

Re:Hashing

Hash functions are not compression functions. You can not decompress the output of a hash function.

Re:Hashing

> 100 to 500 thousand times with SHA-256

You're doing it wrong.

Re:Hashing

[Pieroxy]

Care to elaborate ?

Re:Hashing

[K.+S.+Kyosuke]

Argon 2? No, Helium 3 is apparently the future

Not to mention that Russians have already been using Argon-16 for decades. So PHP is fourteen versions behind!

Re:Hashing

Assuming you're not joking, when you feed a hash into itself, you are essentially making it less secure because the number of possible values as the input is significantly reduced. The hash always has a fixed length while passwords are not. Plus, the point of the hashing algorithm is that you use it once, not multiple times. If running it through itself was beneficial, that operation would have been built into the hash generation algorithm itself anyways and would be invisible to you.

Re:Hashing

[Megol]

Which means it is a lossy type of compression. Deliberately lossy and very sensitive to small changes in the input (avalanche effect) but still a type of compression.

Re: Hashing

Hydrogen!!! It is the bomb...

Re:Hashing

I might be wrong, but I assume that he did not mean merely using the output as input to the next SHA256 function and then just use the final output. He might mean to apply the output of each to an accumulator, similar to how PBKDF2 works (with HMAC-SHA256 as PRF):

F(Password, Salt, c, i) = U1 ^ U2 ^ ... ^ Uc

where:

U1 = PRF(Password, Salt || INT_32_BE(i))
U2 = PRF(Password, U1)

Uc = PRF(Password, Uc-1)

Re:Hashing

Huh? To quote Charles Babbage: "I am not able to rightly apprehend the kind of confusion of ideas that could provoke such a question."

How is this supposed to work?

If I understand correctly, Argon2 is "memory hard" hashing. It takes a lot of memory to run efficiently in an effort to confound FPGAs and ASICs. How is this supposed to work in an embedded system such as IoT? Those devices are very tiny and might not have enough memory. Isn't delaying 1 second after a failed password attempt enough?

Re:How is this supposed to work?

[TheRealMindChild]

This isn't just about a client authenticating, but you have to consider if someone wanted to build a rainbow table or just bruteforce a list of hashes they got a hold of. For an embedded system, doing one hash and verify won't be too heavy

And...

And this criticism still applies.

ARGON!

The name "argon" is derived from a Greek word, neuter singular form of another Greek word, meaning "lazy" or "inactive".

Yup. PHP dabblers to a T.

Please

[eddeye]

Author knows nothing about security. Updated crypto algorithms / libraries have next to nothing to do with application security.

How many apps are hacked through outdated crypto algorithms? Now how many are hacked through unchecked user input, careless key/password handling, privilege escalation, default passwords, sensitive files left in open locations, and other programming errors?

There's a reason OpenBSD is one of (if not the) most secure operating systems. Code audits, careful input / output checking, sane error handling, etc. It has nothing to do with crypto algorithms.

Re:Please

[PhrostyMcByte]

Author knows nothing about security. Updated crypto algorithms / libraries have next to nothing to do with application security. How many apps are hacked through outdated crypto algorithms?

You've missed the point. This is a second line of defense intended to protect your users after your app has been hacked, when the attacker has dumped your database of password hashes. It helps to prevent them from using GPU-accelerated brute forcing to reverse user passwords that would then be plugged into other websites.

Re:Please

[93+Escort+Wagon]

Well... you have to remember the context. There was a time when php’s crypto was fundamentally broken, and its developers apparently debated whether they were going to fix it or not.

Php has had an abysmal security history - so these sorts of steps are important moves in the right direction.

Re:Please

Yet adding support for better crypto algorithms into the development suite is part of preventing those sorts of errors.

Mod 42

My hash algorithm, which I'll summarize here as taking the mod 42 remainder of the 42nd content byte (*), is computationally much faster than Argon2, although theirs is arguably more secure.

(*) if there are fewer than 42 bytes, the algorithm emits 42. Other details are described in my journal article

That doesn't make PHP more secure

[wonkey_monkey]

PHP got a whole lot more secure this week with the release of the 7.2 branch, a version that improves and modernizes the language's support for cryptography and password hashing algorithms.

Adding new cryptography and hashing methods doesn't make the language itself more secure.

Re:That doesn't make PHP more secure

[Antique+Geekmeister]

Compared to the limited and less secure hashing previously available, I'd suggest that it does make it more secure. It wouldn't address the other commonplace issues.

bcrypt is still great

[bussdriver]

My own tests with Argon2 prove that with it's lowest setting it loads my current server down too much for the hash rate I was getting with bcrypt. I do not have the ability to fine tune it's server load well enough at this point so I've not switched over password hashing to it at this time. Also, I have less free RAM than I'd like to allocate so the benefits of argon2 are significantly limited for me at this time... It is going to be a trade off between server resources and massively parallel GPU attacks and the RAM use is primarily the new defense of Argon2 (not so much parallelism since that is still an area of growth for hardware.)

I've seen tests run with GPU hashing implementing a huge list of algorithms where bcrypt was 100x better than everything else and for the test it was only set to 5! Nobody uses bcrypt set at complexity 5! no benchmarks vs Argon2 other than my own (using server cpus.)

Somebody with bcrypt in FPGAs might knock the wind out of it but bcrypt at level 10+? Going forward, I've already been migrating to argon2 and I will look into formatting it into standard password hash format now that I know it's being used this way; however, I will still be limiting it until server upgrades... and further Argon2 benchmarks performed on gpus, fpgas because it won't matter if my server needs weaken Argon2 too much. (At which point I guess we need to start getting gpus for servers?)

That's nice but Argon2 has problems

There was a mismatch between the specification and the example code/known answers.

Unless that's been fixed in the last few weeks anyone implementing Argon2 will get burned.

Re:Backup your bs w/ proof OrangeTide

Thanks APK!

I am looking forward to our meeting on Wednesday to share revenue stream techniques.

--
cdreimer
https://slashdot.org/~cdreimer

This is what makes PHP so powerful.

[Qbertino]

The PHP crew doesn't hesitate for a second to add in a feature that's useful. PHP gets the job done and that's why it's still holding it's ground even after each and every rails and node fad that comes along.

Re:This is what makes PHP so powerful.

So PHP can handle websockets now and doesn't have a default of 600 connections?

Or wait, does php do anything to sanitize MySQL inputs?

Ohhhhh, you mean PHP suddenly can do vhosting without needing nginx?

What's that you say? It can not do ANY of those things?

Methinks the node 'fad' is here to stay and php is doddering around like an old man smelling of urine and fear.

Call me when php has even 1/100th the client side logic or server side abilities of javascript. By the way, if they really REALLY wanted to do something for php how about implementing CALLBACKS.

I abandoned php years ago, I had no choice, trying to make anything worth making in that dumpster fire of cobbled together languages while still having to use javascript just made it obvious that there was no point in using php anymore.

It makes more logical sense to use javascript, you get vhosting, you get more connections without editing, you get dynamic updates, you get asynchronous logic, you get callback flow control logic, you can pass data clientserverdifferent client without having to long poll, oh and you in mongodb you get a database all with a unified language.

Saying php is powerful is like saying coal is the future. Php sort of just showed us exactly where all the breaks were in data flowing around on a web server and allowed a better language to step up and unify it all. It was nice for it's time when the architecture of how it all works was being figured out, but now that we have a grasp on it, it's obviously past it's due date and should be put out to pasture. I can write a functional webserver in 10 lines of javascript in roughly a minute and a half(I'm not kidding, wouldn't do much, but it would work).

While people might riff on javascript, honestly PHP is beyond being worse. It's legacy will be stinking up the web for decades to come I'm sure, but that shouldn't make anyone idolize the old crippled bastard.

Re:This is what makes PHP so powerful.

Or wait, does php do anything to sanitize MySQL inputs?

There was prepared statement far too long. That incompetent developers hadn't utilised should not be a point to make PHP is bad. Educate yourself before dumping bullshit, kid.

Ohhhhh, you mean PHP suddenly can do vhosting without needing nginx?

PHP was there way before nginx was ever existed. It works well with Apache and vhosting is existed before nginx. What are you talking about, you moron?

Re:This is what makes PHP so powerful.

You haven't even used callbacks in php before? You incompetent developer who blames the tool when yourself should have been blamed. No wonder why you are incompetent and I don't need to see for myself how bad your code must be.

Re:This is what makes PHP so powerful.

Arguing over which is better, PHP or JavaScript is like arguing over which is better, Herpes or Gonorrhea.

Re:This is what makes PHP so powerful.

Actually it is vital to argue over these two.

If you begin a project with an apache webserver and php, you are locked into its reduced set of functionality forever. In order to upgrade you need to re-write all of your code. The difference is tremendous, it's like building one house out of match sticks and another out of concrete, it behooves us to scream to the high heavens that concrete is the obvious solution and stop bloody building things with shite for a foundation.

For instance, if facebook had begun with a nodejs webserver capable of handling much more connections on top of websockets to broadcast events you would be able to free up an enormous amount of wasted resources. A php base install can only handle 600 connections, you get 65,000 default with a websocket.

Now scale that up to how many webservers and how much electricity is needed, the financial and environmental impact is severe.

Once you also take into consideration that each php client is doing long poling (this is just in regards to facebook or other apache/php based web apps) the network storm of data being needlessly sent around, the dollar cost of all of that, is again severe. If they had used a websocket to simply be able to broadcast 'hello i am the server client side script, and I have new data for you because someone sent a new message or posted something' vs the millions of clients each sending a request for new data ever 10 seconds to check if anything is there, 99.999999% of those queries returning no results because there is no new data then you could reduce the electricity required to run facebooks servers along with the data transfer being worthlessly sent around by an order of magnitude.

It is important that a loud rally cry is sent up to cease and desist using php, it just does not fit the bill for a modern website. Currently because most of the upper management or engineers are familiar with php and apache it becomes the defacto for a company creating their web infrastructure and that is causing a hemmorage of data, electricity, server racks, and therefore cost all while implementing slower less operational code.

The kicker? Even if you do go php and apache, your going to need to mix in javascript anyways and most likely jquery/jqueryui. Then you have the fun time of having a database (probably mysql) in one script language, your webserver in php script, and your client side a mixture of javascript and php. All of that could just boil down to javascript, reducing development time, tightening security, improving maintenance, upgrading functionality, and vastly reducing overhead.

It must be said again Javascript is the clear winner hands down and without question and this must be pushed as hard as possible.

Re:This is what makes PHP so powerful.

[Waccoon]

The reason I used PHP is because when I started my web site, I bought space on a shared server, and the only languages available were Perl and PHP. Perl was a PITA because of all the shebang lines (among other annoyances when you don't have admin rights).

In my case, much like JavaScript, I used it because it was really the only option -- not a good one.

Re:This is what makes PHP so powerful.

[Rutulian]

Wait...really?

Perl is a PITA because you have to write "#! /usr/bin/env perl" at the top of your script instead of just mashing out a bunch of html mixed with code?

Re:This is what makes PHP so powerful.

[Waccoon]

It is on shared hosts when they implement stupid security rules that break things. When I started I was just writing my own homepage and a simple BBS -- no way was I going to pay for dedicated hosting for that.

After more than a decade maybe things are different today, but back then, only PHP worked reliably.

Re:This is what makes PHP so powerful.

[Rutulian]

There are plenty of people using Perl on shared hosts, so it really shouldn't be a problem. As far as modules go, I can't imagine what would be available in a default PHP that wouldn't be provided for Perl on a shared host, but there are plenty of ways to install local modules if need be. Heck, you can even install a full Perl distribution locally and avoid the system Perl entirely, which is something you cannot do with PHP. Also, Perl had CGI::Application (http://search.cpan.org/~markstos/CGI-Application-4.50/lib/CGI/Application.pm) long before PHP had CakePHP or Zend. A decade ago MVC frameworks were the new hotness, and Perl had Catalyst, which was quite comparable to CakePHP.

Re:Backup your bs w/ proof OrangeTide

You might be retarded, APK. I went down your rabbit hole of links on links on links. You seem really pissed off at OrangeTide, but just about every link that was supposed to "point" to some "evidence" of whatever you are trying to illustrate are just links back to your own ramblings with links doing the same thing. It is a web of you arguing *something* with yourself, and a handful of ACs

Read posts above them I replied to

The root post was Orangetide's saying I sound like a fool (git). I'm just exposing him for lying. Orangetide said I pick on him? Produce the evidence.

(Orangetide refuses to supply evidence I ever bothered him first or at all much less for years as he said clearly)

* Orangetide is lying and evading answering or supplying evidence of me ever bugging him in fact until now - NOW he has it coming.

(He's also downmod 'burying' my posts confronting him & doesn't seem to "get it" - I repost & no matter how many sockpuppet alternate accounts "his kind" has or 'idiot pals'? They'll NEVER be able to stop me exposing him - I HAVE NO POST LIMITS, they do have limits in modpoints - so TRY shit on me?? I'll fuck you over publicly! Then again shitheads behind FAKE NAMES have no class or honor - they're losers & they KNOW IT using fake names online!)

APK

P.S.=> Lastly - You can quit posting to "defend yourself" by AC posts OrangeTide, especially w/ that bullshit because THIS IS NOT GOING TO STOP as long as you keep running from it boy - you've already been CAUGHT doing that 'defending yoruself' by AC posts (big mistake that one, lol - classic & priceless in fact)... apk

Re:Read posts above them I replied to

You are a fool. Evidence in full right here.
Smoke a blunt, drink a brew, and chill hombre. There are better things in the world to worry about

Backup your bs w/ proof OrangeTide

Backup your bs w/ proof OrangeTide https://it.slashdot.org/comments.pl?sid=11425437&cid=55663429/ provide proof of me picking on you 'for years' as you said - you can't.

(If I had issues w/ you I'd have bookmarked it & I never have before YOU came in calling me a "git" (fool) starting hassles!)

* See you there (somehow I don't think I will & you will continue to embarass yourself as you did starting garbage with me - I am going to let YOU finish YOURSELF boy)

Additionally - CLASSIC & PRICELESS: I also CAUGHT YOU posting UNIDENTIFIABLE AC vs. using your registered 'lusername' yet you point to YOUR POSTthat was done under your REGISTERED 'lusrname' claiming it too (YOU = FLATOUT-BUSTED -> https://slashdot.org/comments.pl?sid=11432439&cid=55667787/ )

SEE YOU DOWNMOD HID THIS LAST 6x TIMES I POSTED IT TOO https://slashdot.org/comments.pl?sid=11430293&cid=55668641/ & https://slashdot.org/comments.pl?sid=11433711&cid=55669021/ + https://slashdot.org/comments.pl?sid=11432725&cid=55669055/ https://slashdot.org/comments.pl?sid=11432725&cid=55669519/ https://slashdot.org/comments.pl?sid=11430293&cid=55669493/ - weak trying to hide it!

APK

P.S.=> This is the 14th time you've done a "Run, Forrest: RUN!!!" vs. it OrangeTide - why's that? I caught you lying?? Cat got your tongue??? Yes, obviously - pitiful... apk

Re:Backup your bs w/ proof OrangeTide

You might be retarded, APK...

Chris, everybody on /. knows you are the retarded!

APK

I'm a fool? Your "advice" is fool's advisement

See subject: Take your POOR advice & your drugs/drink - Your advice is a fool's advice. Drugs/drink f you over!

Take shots @ me by telling lies like OrangeTide (a fake name for his fake life) did?

FINE - I give it back 10 fold! I won't have MY GOOD NAME crapped on by some douche that can't backup HIS bullshit, which he CLEARLY CAN'T! Especially by OrangeTide FAKE NAME for his FAKE LIFE bullshit. ... & apparently, he doesn't like it (neither did I being called names I am not & when he says I called him names & picked on him for YEARS, I merely ask he produce it as fact - HE CANNOT!).

* He's a liar & a smarmy little bitch avoiding the fact I have him pinned in SO BADLY via his own big mouth that started this fiasco, that he avoids replying producing proof of his bullshit lies (rightfully so - he KNOWS he is BUSTED lyingalbeit as AC post/b> (which I caught him doing before no less) but STILL won't backup his bullshit lie https://it.slashdot.org/comments.pl?sid=11425437&cid=55670111/

THAT IS PROOF HE KNOWS HE IS A NO GOOD LITTLE LIAR & that's good enough for me, as I can always toss this right at him for starting trouble & his BIG MOUTH writing CHECKS his lame fairy ass CAN'T CASH!

APK

P.S.=> I don't take shit from "soy boy" weasels - especially those out of FLIMSY WRIST land San Francisco areas - I don't know HOW you were raised OR where you are from but, where I am from? You pull that shit you get KNOCKED THE FUCK OUT (& that's all, IF You're lucky)... apk

Re:I'm a fool? Your "advice" is fool's advisement

Iranian? Israeli? Certainly retarded.

mod this excellent

" php is doddering around like an old man smelling of urine and fear."

I'm stealing that.

OrangeTide's out of downmodpoints so now?

See subject: Now OrangeTide & his multiple sockpuppets i impersonate me & are out of downmodpoint they try bury this (go ahead, I'll just keep it up until he repents for his bullshit lies).

* You CHUMPS just DO NOT "GET IT", do you? I can post without LIMIT & you take shots @ me that tick me off (lies do)?? I'll make sure you RUE THE DAY YOU DID...

(Fake names - it's WHY you use them, like "OrangeTide" - you're shit, you know it. & YOUR MISERABLE LIVES show it!)

APK

P.S.=> Keep it up shitheads - doesn't make me cancel 1/2 a step even, I'll just keep coming (& there is NOTHING you can DO about it)...apk

Re:Backup your bs w/ proof OrangeTide

Should be careful, asshole. Creimer and APK went down the rabbit hole over a year ago. It was an epic battle. The only reason they stopped is that the comment system wouldn't allow any more replies. If you go after APK, you're a dumb fuck. He will bury your little pussy.

Moron: You can take advantage of PHP WebSockets

and a lot more stuff ... Right Now !

Here is the link:
https://reactphp.org/

The NodeJS Fanboys are even worse than the iFanboys :)

Actually - eat this Node Fanboy :)

Swoole:
https://www.swoole.co.uk/

Comment removed

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion

Comment removed

[account_deleted]

Comment removed based on user account deletion