 | News Feed |
 | Jobs Feed |
Sections
|
| feed this: |  |
Chris Jones: Excitement! Updated Underground PHP and Oracle Manual is Available for Download
by Chris Cornutt December 12, 2012 @ 10:27:31
As Chris Jones has posted on his Oracle blog, there's been a recent update to the Underground PHP and Oracle Manual with a complete refresh of content from more recent versions of the powerful database.
The Underground PHP and Oracle Manual is designed to bridge the gap between the many PHP scripting language and the many Oracle Database books available. It contains unique material about PHP's OCI8 extension for Oracle Database, and about other components in the PHP-Oracle ecosystem. It shows PHP developers how to use PHP and Oracle together, efficiently and easily.
Updates include new content related to the Oracle XE 11g release and the latest updates to their OCI8 extension for PHP. Other updates include information about using PHP with Oracle TimesTen, NetBeans and Oracle Tuxedo as well as getting PHP installed on the Oracle Solaris operating system.
voice your opinion now!
oracle underground manual update content
PHPMaster.com: Master Dynamic Content with WordPress Shortcodes
by Chris Cornutt July 09, 2012 @ 11:47:13
On PHPMaster.com today there's a new tutorial for the WordPress users out there looking to work with dynamic content and shortcodes to make your site easier to use and to bring more content to user's attention.
The advantages to using shortcodes are obvious. First and foremost, it allows page designs to become far more unique. It also relieves the website administrator from having to create a large list of custom fields in order to perform basic content insertion. [...] And, finally, shortcodes allow a design to come alive and be truly dynamic and interesting to the end user. Too many WordPress blogs and magazine websites have adhered to the format of a big title, a standard block of text, and comments. That no longer has to be case.
They talk about using the "functions.php" file for the custom functionality, who to use them in your posts and how to use them in the theme-specific instances. Using the "add_shortcode" you can relate these custom functions to their codes for both simple and more advanced calls (code included).
voice your opinion now!
wordpress dynamic content shortcode
Pádraic Brady's Blog: Automatic Output Escaping In PHP & The Real Future Of Preventing XSS
by Chris Cornutt June 18, 2012 @ 11:58:22
Pádraic Brady has a new post to his blog about the state of output escaping in PHP and the steps that need to be taken to help prevent and protect applications from the real threat of cross-site scripting.
Automatic escaping has a certain appeal given its goal of removing the need to type escape() all over your templates. Funny thing, though, is that this is basically its one and only advantage. The second claimed goal is to remove a factor of human error (i.e. forgetting to type escape() somewhere), however, this hasn't posed an issue for me in the past where simple analysis of templates can quickly locate such omissions. And no, using automatic escaping does not remove the need to analyse templates for security issues - that's still needed regardless.
He goes on to define what "automatic escaping" is and isn't and how it relates to the context of the information (the same data may not always be filtered the same way in every place). He talks about scope-limited escaping, context-aware escaping and an idea that could help make life easier - a content security policy defining how the client should behave when interpreting HTML.
voice your opinion now!
escape automatic xss crosssitescripting security content policy
WebSpeaks.in: Extract the Content of Zip file Using PHP
by Chris Cornutt June 13, 2012 @ 10:44:44
On the WebSpeaks.in site, there's a recent tutorial posted showing how you can extract the contents of a zip file from inside a PHP application.
Sometimes you may want the users on your site to upload the zip file and then check what are the contents of that zip file. In this article I will tell you how to extract the contents of the zip file. I temporarily extract the zip files to a directory and then delete it afterwards. You can chose to keep the extracted content if you want.
The tutorial walks you through the code, showing you how to use their "ZipArchive" class to grab the file, extract the contents and display a list of the "child files" inside it. You can see a live demo of it in action or just download the source and dive right in.
voice your opinion now!
extract content zip archive list tutorial demo
PHPMaster.com: Documentation Makes the World Go Round
by Chris Cornutt October 04, 2011 @ 09:03:16
On PHPMaster.com today there's a new article emphasizing something that lots of developers forget to make a part of their process when writing code - creating useful documentation to help make your code that much clearer.
If you're writing code that will be shared with others, put yourself in their shoes. Don't let your project lose potential users, community members, and possible contributors all because of insufficient documentation.
He (Matthew Turland) suggests a few things to keep in mind as you're writing up your documentation - the content is "king" (an emphasis on good descriptions/examples/use cases), open it up to external contributions using things like wikis (or even stored in the source code repository) and a focus on technical writing skills. Even the best tools out there can suffer if there's poor or no documentation.
voice your opinion now!
documentation application code opinion content usecase example technical writing
DashExamples.com: Add a Content Security Policy(CSP) to your Web Site with PHP
by Chris Cornutt August 25, 2011 @ 13:11:36
Related to this other post about content security policies in PHP sites, DashExamples.com has a quick new post about what you'll need to add to your application to implement a policy of your own.
Content Security Policy(CSP) is a mechanism in the browser that restricts what content will be requested and run by the browser. CSP does this by passing in a specific response header that tells the browser what resources (images, javascript, css, frames, etc) can be requested and accepted to execute. There are multiple ways to setup CSP for your web site, you can use your web server configuration like I showed in a previous example or use a dynamic scripting language like PHP.
What it really boils down to is setting a header, either X-Content-Security-Policy or X-Content-Security-Policy-Report-Only, to tell the browser what security policy to use and how to honor it. You can find out more about content security policies from this page on the Mozilla wiki. CSPs allow you to define how your site's content interacts and help to prevent issues like XSS and data injection.
voice your opinion now!
content security policy tutorial header
|
Community Events
Don't see your event here? Let us know!
|