Jeśli jesteś właścicielem tej strony, możesz wyłączyć reklamę poniżej zmieniając pakiet na PRO lub VIP w panelu naszego hostingu już od 4zł!
Strony WWWSerwery VPSDomenyHostingDarmowy Hosting CBA.pl

Archive for Luty, 2018

Websec.io: Using Canaries for Input Detection and Response

Websec.io: Using Canaries for Input Detection and Response

The Websec.io site has posted a new tutorial today showing how to use "canary" values and the psecio/canary PHP package to detect and respond to potentially malicious input.

I’m sure you’ve heard the common phrase “a canary in a coal mine” when people talk about safety and detection of issues. When miners used to go down to work, there was a danger of trapped gasses being released as they were digging. Some of these gasses were hard for humans to detect and, if enough was breathed in, could lead to illness or even death. In order to help the miners detect and avoid these kinds of issues, they would take a canary (the bird) down into the mine with them.

[...] The idea of a "canary" value in the security world is pretty similar. A "canary" value is one that – real or faked – is somehow exposed outside of your own system. If this value is used you need to be notified immediately so you can take action and gather more information about the usage and any other associated issues.

The tutorial then introduces the psecio/canary package and shows some of its basic use detecting input and setting up notifications. It also covers some of the package’s integrations for notifications with services like Slack, PagerDuty and custom Monolog handling. It also provides an example of it in a more "real world" situation of a Slim framework middleware that detects incoming GET parameters.

Source: http://www.phpdeveloper.org/news/26012

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Websec.io: Using Canaries for Input Detection and Response

Websec.io: Using Canaries for Input Detection and Response

The Websec.io site has posted a new tutorial today showing how to use "canary" values and the psecio/canary PHP package to detect and respond to potentially malicious input.

I’m sure you’ve heard the common phrase “a canary in a coal mine” when people talk about safety and detection of issues. When miners used to go down to work, there was a danger of trapped gasses being released as they were digging. Some of these gasses were hard for humans to detect and, if enough was breathed in, could lead to illness or even death. In order to help the miners detect and avoid these kinds of issues, they would take a canary (the bird) down into the mine with them.

[...] The idea of a "canary" value in the security world is pretty similar. A "canary" value is one that – real or faked – is somehow exposed outside of your own system. If this value is used you need to be notified immediately so you can take action and gather more information about the usage and any other associated issues.

The tutorial then introduces the psecio/canary package and shows some of its basic use detecting input and setting up notifications. It also covers some of the package’s integrations for notifications with services like Slack, PagerDuty and custom Monolog handling. It also provides an example of it in a more "real world" situation of a Slim framework middleware that detects incoming GET parameters.

Source: http://www.phpdeveloper.org/news/26012

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Sergey Zhuk: Working With FileSystem In ReactPHP

Sergey Zhuk: Working With FileSystem In ReactPHP

Sergey Zhuk has posted another ReactPHP tutorial to his site, this time focusing on working with the filesystem from a ReactPHP application.

I/O operations in the filesystem are often very slow, compared with CPU calculations. In an asynchronous PHP application this means that every time we access the filesystem even with a simple fopen() call, the event loop is being blocked. All other operations cannot be executed while we are reading or writing on the disk.

[...] So, what is the solution? ReactPHP ecosystem already has a component that allows you to work asynchronously with a filesystem: reactphp/filesystem. This component provides a promise-based interface for the most commonly used operations within a filesystem.

He starts the code with a bit of setup, creating the initial event loop, the related Filesystem instance and a pointer to a "test.txt" file. He then walks through the basic filesystem operations and the code required: reading in the file contents, creating a new file and writing content back out to a file. The next section goes through the same functionality for directories. He ends the post with a look at symbolic link creation, read and delete operations.

Source: http://www.phpdeveloper.org/news/26011

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Sergey Zhuk: Working With FileSystem In ReactPHP

Sergey Zhuk: Working With FileSystem In ReactPHP

Sergey Zhuk has posted another ReactPHP tutorial to his site, this time focusing on working with the filesystem from a ReactPHP application.

I/O operations in the filesystem are often very slow, compared with CPU calculations. In an asynchronous PHP application this means that every time we access the filesystem even with a simple fopen() call, the event loop is being blocked. All other operations cannot be executed while we are reading or writing on the disk.

[...] So, what is the solution? ReactPHP ecosystem already has a component that allows you to work asynchronously with a filesystem: reactphp/filesystem. This component provides a promise-based interface for the most commonly used operations within a filesystem.

He starts the code with a bit of setup, creating the initial event loop, the related Filesystem instance and a pointer to a "test.txt" file. He then walks through the basic filesystem operations and the code required: reading in the file contents, creating a new file and writing content back out to a file. The next section goes through the same functionality for directories. He ends the post with a look at symbolic link creation, read and delete operations.

Source: http://www.phpdeveloper.org/news/26011

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

php[architect] Podcast Episode 7: Know Your Tools

php[architect] Podcast Episode 7: Know Your Tools

The php[architect] podcast, hosted by Eric van Johnson and John Congdon, has posted their latest episode today: Episode #7 – Know Your Tools.

Eric and John dive into the Know Your Tools issue for the month of February 2018.

Topics mentioned in this episode include the contents of the February article, mentions of Drupal, Symfony and Scout as well as a mention of the upcoming php[tek] conference. They also interview Ed Barnard, the author of the magazine’s "Education Station" column. You can listen to this latest episode either through the in-page audio player or by downloading the mp3 directly. If you enjoy the show be sure to subscribe to their feed and follow them on Twitter to get updates when new shows are released.

Source: http://www.phpdeveloper.org/news/26010

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

php[architect] Podcast Episode 7: Know Your Tools

php[architect] Podcast Episode 7: Know Your Tools

The php[architect] podcast, hosted by Eric van Johnson and John Congdon, has posted their latest episode today: Episode #7 – Know Your Tools.

Eric and John dive into the Know Your Tools issue for the month of February 2018.

Topics mentioned in this episode include the contents of the February article, mentions of Drupal, Symfony and Scout as well as a mention of the upcoming php[tek] conference. They also interview Ed Barnard, the author of the magazine’s "Education Station" column. You can listen to this latest episode either through the in-page audio player or by downloading the mp3 directly. If you enjoy the show be sure to subscribe to their feed and follow them on Twitter to get updates when new shows are released.

Source: http://www.phpdeveloper.org/news/26010

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

php[architect] Podcast Episode 7: Know Your Tools

php[architect] Podcast Episode 7: Know Your Tools

The php[architect] podcast, hosted by Eric van Johnson and John Congdon, has posted their latest episode today: Episode #7 – Know Your Tools.

Eric and John dive into the Know Your Tools issue for the month of February 2018.

Topics mentioned in this episode include the contents of the February article, mentions of Drupal, Symfony and Scout as well as a mention of the upcoming php[tek] conference. They also interview Ed Barnard, the author of the magazine’s "Education Station" column. You can listen to this latest episode either through the in-page audio player or by downloading the mp3 directly. If you enjoy the show be sure to subscribe to their feed and follow them on Twitter to get updates when new shows are released.

Source: http://www.phpdeveloper.org/news/26010

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Community News: Recent posts from PHP Quickfix (02.28.2018)

Community News: Recent posts from PHP Quickfix (02.28.2018)

Recent posts from the PHP Quickfix site:

Source: http://www.phpdeveloper.org/news/26009

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Tomas Votruba: How to change PHP code with Abstract Syntax Tree

Tomas Votruba: How to change PHP code with Abstract Syntax Tree

Tomas Votruba has a post to his site that (sort of) continues his look at the parsing of PHP code into an AST and the use of the nikic/php-parser library. In this new post however, he covers several of the things that can be changed in PHP code using the library.

Today we can do amazing things with PHP. Thanks to AST and nikic/php-parser we can create very narrow artificial intelligence, which can work for us.

Let’s create first its synapse!

He starts with a clarification about the difference between "php-ast" (an extension) and "PHP AST" (the actual abstract syntax tree). It then gets into some of the functionality that the php-parser library provides for modifying the PHP code being parsed. This includes changing method names, renaming properties, splitting classes and even potentially upgrading an application to a newer version. As an example he shows how to change the name of a method and write the result out to a file (all code is included).

Source: http://www.phpdeveloper.org/news/26008

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>

Laravel News: Data-driven testing with PHPUnit

Laravel News: Data-driven testing with PHPUnit

The Laravel News site has a tutorial posted that approaches a common development task – writing tests – from a data-driven approach rather than a strictly functional one.

Testing your code is an essential part of the development process, but sometimes it could also be expensive when you try to emulate many uses cases based on a set of different input data.

In many cases, you could end up with a massive directory of tests repeating the same block of code over and over for each possible user interaction.

They start with an example of a feature to test (Markdown parsing) and how traditional testing would have methods for each of the transformations. With a data-driven approach they turn the tests around and make use of data providers to set up the initial string, transformer to use and the correct result. Code is included showing an example of this kind of testing for the same Markdown parsing example and what a failure would look like in a dataset with multiple items.

Source: http://www.phpdeveloper.org/news/26007

<!–
var d = new Date();
r = escape(d.getTime()*Math.random());
document.writeln('’);
//–>