Jeśli jesteś właścicielem tej strony, możesz wyłączyć reklamę poniżej zmieniając pakiet na PRO lub VIP w panelu naszego hostingu już od 4zł!

Archive for Wrzesień, 2012

Thomas Hunter: CouchDB and PHP Web Development (Book Review)

Thomas Hunter: CouchDB and PHP Web Development (Book Review)

Thomas Hunter has posted a (nice long) book review of the Packt Publishing book “CouchDB and PHP Web Development” to his site.

When I first picked up this book, I was expecting a boring, text-book approach to code examples for PHP talking with CouchDB. Boy was I wrong. What I found was a book that has you build a complete working application. And by complete, I mean you’ll add the Twitter Bootstrap framework and it will be sexy.

He mentions parts of the app you’ll create – a PHP framework, 3rd party libraries, working with git/github – and goes through the sections of the book, talking about good and bad points along the way. Chapters cover things like: an introduction to NoSQL, REST/HTTP verbs, installation/config of CouchDB, using version control and deploying the app using the PHPFog PaaS hosting.

Source: http://www.phpdeveloper.org/news/18522

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Thomas Hunter: CouchDB and PHP Web Development (Book Review)

Thomas Hunter: CouchDB and PHP Web Development (Book Review)

Thomas Hunter has posted a (nice long) book review of the Packt Publishing book “CouchDB and PHP Web Development” to his site.

When I first picked up this book, I was expecting a boring, text-book approach to code examples for PHP talking with CouchDB. Boy was I wrong. What I found was a book that has you build a complete working application. And by complete, I mean you’ll add the Twitter Bootstrap framework and it will be sexy.

He mentions parts of the app you’ll create – a PHP framework, 3rd party libraries, working with git/github – and goes through the sections of the book, talking about good and bad points along the way. Chapters cover things like: an introduction to NoSQL, REST/HTTP verbs, installation/config of CouchDB, using version control and deploying the app using the PHPFog PaaS hosting.

Source: http://www.phpdeveloper.org/news/18522

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Ars Technica: Questions abound as malicious phpMyAdmin backdoor found on SourceForge site

Ars Technica: Questions abound as malicious phpMyAdmin backdoor found on SourceForge site

As Ars Technica reports, there was a recent exploit found on the SourceForce website’s installation of phpMyAdmin that allowed an attacker to POST anything to the site to be executed.

Developers of phpMyAdmin warned users they may be running a malicious version of the open-source software package after discovering backdoor code was snuck into a package being distributed over the widely used SourceForge repository. The backdoor contains code that allows remote attackers to take control of the underlying server running the modified phpMyAdmin, which is a Web-based tool for managing MySQL databases. The PHP script is found in a file named server_sync.php, and it reads PHP code embedded in standard POST Web requests and then executes it. T

The backdoor was somehow snuck into the code of phpMyAdmin on one of the mirrors and distributed to those downloading version 3.5.2.2. They think that the only downloads that were tainted with this issue were on the “cdnetworks” mirror site. You can find out more about the issue in this advisory – be sure you check your installation for a “server_sync.php” file and remove it if it exists.

Source: http://www.phpdeveloper.org/news/18521

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Ars Technica: Questions abound as malicious phpMyAdmin backdoor found on SourceForge site

Ars Technica: Questions abound as malicious phpMyAdmin backdoor found on SourceForge site

As Ars Technica reports, there was a recent exploit found on the SourceForce website’s installation of phpMyAdmin that allowed an attacker to POST anything to the site to be executed.

Developers of phpMyAdmin warned users they may be running a malicious version of the open-source software package after discovering backdoor code was snuck into a package being distributed over the widely used SourceForge repository. The backdoor contains code that allows remote attackers to take control of the underlying server running the modified phpMyAdmin, which is a Web-based tool for managing MySQL databases. The PHP script is found in a file named server_sync.php, and it reads PHP code embedded in standard POST Web requests and then executes it. T

The backdoor was somehow snuck into the code of phpMyAdmin on one of the mirrors and distributed to those downloading version 3.5.2.2. They think that the only downloads that were tainted with this issue were on the “cdnetworks” mirror site. You can find out more about the issue in this advisory – be sure you check your installation for a “server_sync.php” file and remove it if it exists.

Source: http://www.phpdeveloper.org/news/18521

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Ulf Wendel: Not only SQL injection: I don’t trust you!

Ulf Wendel: Not only SQL injection: I don’t trust you!

On his site today Ulf Wendel talks about SQL injection and some comments that came up during a recent webinar about common MySQL mistakes PHP developers make.

Never trust user input! Injection is a threat . You are the new web developer, aren’t you?. Never trust user input is the first rule I had to learn as a web developer in anchient times. Injection can happen whenever user input is interpreted or used to compose new data. A quick recap of the #3 mistake from todays Top 10 MySQL Tips and Mistakes for PHP Developers web presentation. A webinar recording should be available in a couple of days.

He points out a few “don’t” things to avoid – like directly injecting superglobal values into your query and to remember that not all SQL injections are because of escaping issues. The real key? Validating input – be sure you’re putting values into your query that are of the correct type and contain what you expect.

Source: http://www.phpdeveloper.org/news/18520

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Ulf Wendel: Not only SQL injection: I don’t trust you!

Ulf Wendel: Not only SQL injection: I don’t trust you!

On his site today Ulf Wendel talks about SQL injection and some comments that came up during a recent webinar about common MySQL mistakes PHP developers make.

Never trust user input! Injection is a threat . You are the new web developer, aren’t you?. Never trust user input is the first rule I had to learn as a web developer in anchient times. Injection can happen whenever user input is interpreted or used to compose new data. A quick recap of the #3 mistake from todays Top 10 MySQL Tips and Mistakes for PHP Developers web presentation. A webinar recording should be available in a couple of days.

He points out a few “don’t” things to avoid – like directly injecting superglobal values into your query and to remember that not all SQL injections are because of escaping issues. The real key? Validating input – be sure you’re putting values into your query that are of the correct type and contain what you expect.

Source: http://www.phpdeveloper.org/news/18520

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Ulf Wendel: Not only SQL injection: I don’t trust you!

Ulf Wendel: Not only SQL injection: I don’t trust you!

On his site today Ulf Wendel talks about SQL injection and some comments that came up during a recent webinar about common MySQL mistakes PHP developers make.

Never trust user input! Injection is a threat . You are the new web developer, aren’t you?. Never trust user input is the first rule I had to learn as a web developer in anchient times. Injection can happen whenever user input is interpreted or used to compose new data. A quick recap of the #3 mistake from todays Top 10 MySQL Tips and Mistakes for PHP Developers web presentation. A webinar recording should be available in a couple of days.

He points out a few “don’t” things to avoid – like directly injecting superglobal values into your query and to remember that not all SQL injections are because of escaping issues. The real key? Validating input – be sure you’re putting values into your query that are of the correct type and contain what you expect.

Source: http://www.phpdeveloper.org/news/18520

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Ulf Wendel: Not only SQL injection: I don’t trust you!

Ulf Wendel: Not only SQL injection: I don’t trust you!

On his site today Ulf Wendel talks about SQL injection and some comments that came up during a recent webinar about common MySQL mistakes PHP developers make.

Never trust user input! Injection is a threat . You are the new web developer, aren’t you?. Never trust user input is the first rule I had to learn as a web developer in anchient times. Injection can happen whenever user input is interpreted or used to compose new data. A quick recap of the #3 mistake from todays Top 10 MySQL Tips and Mistakes for PHP Developers web presentation. A webinar recording should be available in a couple of days.

He points out a few “don’t” things to avoid – like directly injecting superglobal values into your query and to remember that not all SQL injections are because of escaping issues. The real key? Validating input – be sure you’re putting values into your query that are of the correct type and contain what you expect.

Source: http://www.phpdeveloper.org/news/18520

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Community News: Latest Releases from PHPClasses.org

Community News: Latest Releases from PHPClasses.org

Source: http://www.phpdeveloper.org/news/18519

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Community News: Latest Releases from PHPClasses.org

Community News: Latest Releases from PHPClasses.org

Source: http://www.phpdeveloper.org/news/18519

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>