News Feed
Jobs Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Mike Lively's Blog:
Improved PHPUnit Filters
February 03, 2009 @ 09:32:26

In a recent post to his blog Mike Lively looks at some improvements that he's worked up for the popular PHP unit testing software - PHPUnit - in regards to its filters.

I have finally gotten some time to do some long awaited work on PHPUnit. The first on my agenda was a small improvement to filtering. This was related to ticket #526. Essentially I added the ability to do both white list and black list filtering.

Besides the Include methods you can add to the data set's filtering, you can also add in Exclude filters to remove the data you don't want in the set. They can also be combined to customize your data set to your heart's content.

0 comments voice your opinion now!
input filter phpunit include exclude whitelist blacklist


Zend Developer Zone:
Security Tips #17 & #18 (When to Secure & File Uploads)
March 28, 2007 @ 17:19:49

The Zend Developer Zone continues their great series of security tips with two new posts - one talking about when to focus on security and the other about file uploads.

From the first, top 17:

Application security should not be a "when all else fails" situation. It's not something you can "put in later". As we've mentioned before, there is no single silver bullet to solve your application security issues. Security is something that should be rolling around in the back of your dead in the design phase, the coding phase, the testing phase, even after you've rolled your code into production.

And, from tip #18:

When you allow users to upload files, your system may be at risk. Always restrict the file types that you allow. Don't rely on a blacklist approach. [...] Be careful with file uploads and make sure you protect them with a whitelist policy instead. Make sure that the file that has been uploaded is of the type that you want to allow.
0 comments voice your opinion now!
securitytip consider security integrate file upload whitelist securitytip consider security integrate file upload whitelist


SitePoint PHP Blog:
Zend_Filter Reviewed, Blacklist / Whitelist Filters
March 28, 2006 @ 18:20:37

The Zend Framework has definitely made a huge splash in the PHP community, and everyone is picking their piece of it to cover. In this new post from the SitePoint PHP blog, Maarten Manders highlights the Zend_Filter module.

I like Zend Framework's Zend_Filter class. It's basically a set of methods for validating untrusted data. Although the two arguably most important features isEmail() and isUri() (the latter can be worked around with Zend_Uri) are still missing, the whole thing looks promising already.

He starts with a few of his thoughts on the package ("Clean up the code of isHostname", "International support for isPhone") and some code to show how it can be implemented - filtering for use in a regular expression, validation of a string by a character whitelist as well as blacklisting, and using the Zend_Filter module for a more flexible isName.

0 comments voice your opinion now!
zend framework zend_filter whitelist blacklist zend framework zend_filter whitelist blacklist



Community Events











Don't see your event here?
Let us know!


component introduction podcast facebook symfony2 composer package framework language series application install release overview opinion hack unittest hhvm security code

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework