Recent releases from the Packagist:Respect/Data (0.1.6)
dhorrigan/db-wrapper (2.0.0, 1.0.2)
dhorrigan/capsule (2.0.0, 1.0.2)
There are numerous articles on the web about how to properly use bcrypt in PHP. So this time, rather than write yet-another-how-to-use-bcrypt article, I'm going to focus on the mistakes that are commonly made when implementing bcrypt. So, let's dive right in:Read more A
Latest PEAR Releases:
My post for this year's Web Advent was posted last night - Security in the Round. It's a pretty high level look at something that's easy for developers to forget about. To quote Bruce Schneier:
The mantra of any good security engineer is aoSecurity is not a product, but a process.
It's more than just designing strong cryptography into a system; it's designing the entire system such that all security measures, including cryptography, work together.
It's about people, networks, systems, hardware,...
Maybe you struggle with object oriented code, understanding it and writing it. Perhaps you're tired of having to rewrite code that doesn't pass code review or introduces a bug you didn't expect. Maybe you'd like to impress your boss by improving your skills without having to attend an expensive conference. If any of that describes [...]
Alex InfAhr has a pretty awesome blog post on how to execute non-alpha PHP with only $_=+();. Pretty amazing stuff please check it out here:
Non-Alpha PHP in 6-7 charset. To create assert it would be 99mb! Hehe.
As a developer, I know it's easy to get tunnel vision when it comes to security. You look through the lines of code in your app and try to think like an attacker. You try to break things, perform injection attacks, and escape your output appropriately, but you're missing something. Stick with me, and you'll see what I mean.
There has always been theater of one sort or another. As long as there've been stories to tell, there've been people sitting in a group enjoying them. Theater troupes were formed to...
I like using OS X's built-in packages where possible, but unfortunately Apple is way behind with their PHP package, having it locked on 5.3.15. In the past I've seen people use tools like Mamp, or Xampp to provide this for them, but frankly I'm not a big fan of these tools.
Homebrew provides a solution. Homebrew is OS X missing package manager, and it's an absolute great tool to work with. Getting started with it is a bit harder, as there's a few bigger dependencies you need, such as an up-to-date XCode...
Recent releases from the Packagist:opensoft/simple-serializer (1.0.0)
doctrine/doctrine-orm-module (0.5.6, 0.5.5)
dlu/dlutwbootstrapdemo (0.1.2, 0.1.1)
No one knows if it was a man, or a woman, or a child that first did it, but we do know that about 40,000 years ago, someone put a faint red dot on the wall of a cave in Spain.
Humankind has always felt a burning desire to record information and transmit it into the future. What that dot meant, no one really knows. Perhaps it was the first expression of binary?Perhaps it was just a dot.7,000 years later, and our ancestors were expressing themselves in the form of horses, panthers, cave bears, mammoths,...
Recently, Aura is creating some buzz that components of PHP frameworks should not have any dependencies. To quote Paul M. Jones' recent article on Aura:
The distinction is that all Aura packages (with the exception of the Framework package) are completely independent, and have no cross-package dependencies, whereas at least some of the components from Symfony2 and ZF2 have dependency requirements.
Or, quoting this article on replacing Silex with Aura.Micro:
I was recently working on a small project that...
Recent releases from the Packagist:gremo/ede-bundle (v1.0.0)
gremo/subscription-bundle (v1.0.0, 1.0.0)
jasonlewis/expressive-date (v1.0.1, v1.0.0)
Have you ever had a remote terminal session running, only to have your connection drop out half way through a large task? Then, you reconnect, not knowing anything about its progress (if any) and current status.
Screen is the solution to this problem. Screen allows you to start terminal sessions that you can disconnect from and resume at any time.I personally use screen a lot with Node.js web servers, so I can kick off the process, and resume my terminal session to check logs or errors, or restart the...
My experience taught me to be verbose and meaningful. I will not talk about code cosmetics. Here are three simple questions. How many times will you write this line of code? How many times will you read that line? How many other people will read it?
The answer to the first question is usually aoonea and the answer to others is aomore than onea. Simple logic tells us that code must be optimized for reading, not writing. Say you just saved 4 characters on a function name. At your typing speed, that's 1...
On the Enrise blog Tim de Pater has posted about a different sort of method for debugging your web applications - using a combination of Wireshark and tcpdump to monitor your application's input and output.Everything is running great, until suddenly the monitoring is yelling, the load on several servers is rising, MySQL queries/second and the memcached commands/second going through the roof, Apache processes are higher than usual, and the website starts giving timeouts. Yes, that sucks. Of course you'll...
In this recent post to his site Jonathan Hill takes a look at the PHP semaphore extension and talks about some of the issues he's had with it.He lists five different pain points he discovered when trying to use the extension:
Lack of a true Semaphore
Undefined error handling
Undefined behavior of sem_get()
Cannot disable semaphore auto-releasing
A semaphore may be deleted when other processes are waiting to acquire it
The semaphore extension provides a PHP-based wrapper for the System V IPC family of...
On the Websanova.com site there's a recent post about doing timezones the right way when working with them in PHP and storing them in your (MySQL) database.Timezones are actually a very trivial concept but they seem to be overlooked and over complicated. [...] Rather than storing a timezone with each date it's better to just accept a standard time to store all your dates with, thus doing the conversion to that standard time before storing the value in the database. It doesn't really matter what time we...
With all of the recent talk about the Aura framework that's been happening lately, Stan Lemon thought it would be interesting to see how a microframework based on the Aura packages would be to create. He's posted about his experiences on his site today.I was recently working on a small project that used Silex. As I browsed my vendor folder, I realized how much extra "stuff" I had inherited with Silex. There were a bunch of other components required when all I wanted was some quick and easy routing,...
The holidays can be a trying time of year for everyone, with all the gift buying and stress and all. I wanted to take this time to make a plea. The open source software that all of us use is powered by volunteers! Show them your support by donating! I'm compiling a list here ofAprominentAcontributors to donate to, and I strongly urge you to consider saying "thank you" to people who work hard to give you the tools and knowledge that you use every day! So, without anything further:Read more A
Recent releases from the Packagist:friendsofsymfony/jsrouting-bundle (1.1.0)
willdurand/expose-translation-bundle (0.1.0, 0.0.5, 0.0.4, 0.0.3)
simonjodet/gumdrop (1.3.0, 1.2.4)