Archive for March 5th, 2007
PHP Developer - March 5th, 2007
The Zend Developer Zone has starting up their own contribution to the security side of the PHP community - a “Security Tip of the Week” starting with the first three new ones posted just recently:
-
Tip number one involves a good recommendation - keeping your PHP version up to date. Many security issues and exploits have come around because of older versions and the issues they hold.
- Tip number two focuses on the errors that your site gives to the viewing public and the information they can betray (file locations, etc)
- Tip number three talks about using other applications to help you find issues in your code that you might not even know were there - such as Chorizo and the PHPSecInfo reporting tool.
Stay tuned for even more security goodness from Cal and the Zend Developer Zone over the coming weeks…
Continue Reading ·
PHP Developer - March 5th, 2007
The latest version of the popular (and simple) PHP security audit tool, PHPSecInfo, has been released - version 0.2.
The major changes in this version [zip] include:
- “More info” links to give you details on the specified issue
- CSS/layout changes to make understanding the results simpler
- a new test - PhpSecInfo_Test_Session_Save_Path
- and more…
Check out the Changelog for complete information on the update or just head over and download it now.
Continue Reading ·
Dev Shed - March 5th, 2007
Unnecessary and balanced instantiation of PHP classes are issues that can be easily solved by using the flyweight design pattern. If you want to learn more about it you should start reading this article. Welcome to the final part of the series Using the flyweight pattern with PHP 5. As you may have guessed this series walks you through the implementation of this helpful pattern with PHP and shows you how to apply it in concrete cases….
Rackspace: Save on Web Hosting in March! Start working with The Hosting Experts today and Save - Get Free Setup in March!
Continue Reading ·
PHP Developer - March 5th, 2007
Stefan Esser has released the latest version of his Suhosin security patch for PHP:
Yesterday I released Suhosin 0.9.17 in response to a bug report by Ilia Alshanetsky and some crash problems with PHP 4 that were reported during the last weeks.
The issue dealt with a method to “bypass the hard_memory_limit of Suhosin due to a bug in PHP” that could result in memory consumption up into the gigabyte range for a single script. The patch takes care of the issue by not allowing negative memory_limit settings, preventing the problem from happening.
Continue Reading ·
PHP Developer - March 5th, 2007
DevShed concludes their look at the Flyweight pattern with this new tutorial - the second part focusing on building an actual application with the pattern implemented.
In this final part of the series, I’m going to teach you in a step-by-step format how to create in PHP 5 a flyweight class to balance the instantiation of objects that will be used to generate web documents on the fly. Hopefully, by the end of this article, you should have acquired a considerable background in how to apply the flyweight pattern in a real-world situation.
They create a simple application that generates dynamic HTML elements - DIV tags - with a simple interface to define things like content, name, and ID. Their Flyweight factory class creates and manages the number of DIVs that are created, blocking requests for any more. Finally, they apply it, showing the creation of a simple web page with multiple DIVs in it.
Continue Reading ·