News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

NetTuts.com:
Protecting Your Keys From GitHub
March 05, 2015 @ 12:03:05

On the NetTuts.com site there's a new post talking about protecting your keys when using a public site like GitHub. This relates to an easy thing to forget - removing hard-coded credentials from code before pushing it public.

In December 2014, Slashdot ran an alarming story Bots Scanning GitHub To Steal Amazon EC2 Keys, based on developer and blogger Andrew Hoffman's experience trying out Ruby on Rails on Amazon with AWS S3. He inadvertently committed an application.yml file with his AWS keys. [...] It's an easy mistake and most of us have probably done a similar thing at one point or another. And it's not just AWS keys that are at risk. As our use of cloud-based services increases, the expanding use of a broad variety of service API keys can be leveraged by hackers and spammers alike.

He goes through a solution he's found to help protect those credentials, in this case working with the configuration of a Yii framework-based application. He starts with a mention of .gitignore but points out that it could have unexpected results from "quirks" in its handling. He suggests a different option - using a configuration file that lives someplace outside of the main git directory and can be referenced directly from inside the application. He provides two kinds of examples: one using a PHP-based configuration and another based on an INI file. He finishes the post with a mention about WordPress plugins and the fact that they're (usually) stored in a database and open to exposure if a SQL injection vulnerability is found.

0 comments voice your opinion now!
github protect keys commit public exposure configuration file gitignore

Link: http://code.tutsplus.com/tutorials/protecting-your-keys-from-github--cms-23002

PHPMaster.com:
Generators in PHP
August 06, 2013 @ 12:25:50

On PHPMaster.com a tutorial has been posted talking about one of the newer features in PHP - generators. In the tutorial Stefan Froelich walks you through how they work and a few examples of their use.

Generators in PHP If you've followed my previous posts about iterators then you'll know that iteration is an important programming concept, but implementing the required interfaces to create an iterable object can be a hassle at best because of the amount of boilerplate code that is required. With the release of PHP 5.5, we finally have generators!

He starts with a more practical example - pulling lines from a file, one at a time, without the overhead of having to read in the entire file at once. He also includes an example of returning the keys from the generator (not just the value) and injecting values with the "send" method.

0 comments voice your opinion now!
generator tutorial introduction example yield inject keys

Link: http://phpmaster.com/generators-in-php


Community Events

Don't see your event here?
Let us know!


example conference api release series introduction interview community laravel extension podcast framework library symfony2 install voicesoftheelephpant performance opinion version php7

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework