Tag Archives: php

Getting the basics right

I almost missed this story about a how mistyped opening PHP tag exposed a bunch of Tumblr data. This wasn’t sensitive data like usernames and passwords but rather the slip revealed database-related information and private API keys related to the … Continue reading

Posted in Web development | Tagged , | Comments Off

Horses for courses

I’m sick of the sniping — especially from those in the Ruby community. Ruby is nothing special nor new. The language itself didn’t arrive with the invention of Rails — some fellow and students and I toyed with it at … Continue reading

Posted in Web development | Tagged , | Comments Off

Intruder alert

PHP is often derided as insecure. Most frequently however, weakness is not down to the language itself but poor programming techniques by amateur coders who are unfamiliar with the myriad security practices that should be employed in a defensive programming … Continue reading

Posted in Web development | Tagged , | 2 Comments

Behind the scenes

The PQP profiler from Particletree is a very handy thing to have in your development toolbox. However, it doesn’t deal with the ever-increasing amount of work done via Ajax requests. Or, at least, it didn’t. Back in the days when … Continue reading

Posted in Web development | Tagged | Comments Off

Restoring PDO functionality

A few years ago, while PHP 5 was still in a state of flux, a change was made to the way that PDO handles parameters bound to prepared statements. Somewhere between versions 5.2.0 and 5.2.1 a change was made that … Continue reading

Posted in Web development | Tagged , , , | Comments Off

I am the one and only

After previously explaining how to harden PDO I’m going to expand on the basic class I developed with the help of some design patterns. A large part of using design patterns lies in recognising the situations in which each one … Continue reading

Posted in Web development | Tagged , , , | Comments Off

Catching at source

If your application does not catch the exception thrown from the PDO constructor, the default action taken by the zend engine is to terminate the script and display a back trace. This back trace will likely reveal the full database … Continue reading

Posted in Web development | Tagged , , , | Comments Off

A better phpinfo

The phpinfo() command comes in very useful when you want to check details about your PHP install and server setup. However, there is a lot of output and you won’t need it all. Not everyone knows that you can pass … Continue reading

Posted in Web development | Tagged , , | 2 Comments