Tag: PHP

Intro to basic web application security

Intro to basic web application security” is an excellent overview of the most common mistakes web developers make when it comes to security. The article provides practical examples (including code snippets and screenshots), which illustrate the problems and ways to solve them. The list includes:

  • SQL injection (of course! no such guide would be complete without it)
  • Cross-site scripting (XSS)
  • Cross-site Request Forgery (CSRF/XSRF)
  • Local file inclusion (LFI)
  • Insufficient password hashing
  • Man in the middle (MITM)
  • Command injection
  • XML external entity (XXE)
  • Sensitive data exposure (including error messages and exceptions)
  • Login rate limits
  • and a variety of other, small, but potentially dangerous issues.

Refactoring.Guru : Design Patterns + PHP

Refactoring.Guru is a great resource for learning about refactoring best practices and design patterns. A lot of the website’s content is also available as Dive into Design Patterns ebook.

Today I came across this GitHub repository, which makes this resource even better specifically for PHP developers. Yup, that’s right, the GitHub repository features all code examples written in PHP 7.3, making it super easy to jump into coding.

And if you aren’t a PHP developer, have a look at the other repositories, which do the same for a few other programming languages.

When I started writing PHP…

When I started writing PHP…” is a nice look at how PHP ecosystem has changed in the last 20 years. Those of us who have been using it since then, are guaranteed to drop a nostalgic tear.

The running joke “you’re not a real PHP developer until you’ve written your own CMS and discarded it” wasn’t a joke yet. It was just becoming reality, but it wasn’t old enough yet to be a joke. (Yes, I wrote my own CMS and discarded it.)

Semantic Versioning – why you should care

Semantic Versioning – why you should care” is a nice take on Semantic Versioning and how and why people should is. I particularly liked the practical examples of changes and which version bump they correspond to.

I frequently find myself explaining the Semantic Versioning to developers, and going over some example changes. Now I can just send the link to that article instead and safe myself some time.

Very nicely done!

Tips to Speed up Your PHPunit Tests

I came across this collection of “Tips to Speed up Your PHPunit Tests“. Apart from the few usual ones, like disabling XDebug and using groups, I found a couple that linked to handy tools:

  • ParaTest – a PHPUnit extension that runs PHPUnit tests in parallel, significantly minimizing the test run time, and
  • PHPUnit Report – a tool that visualizes test run times, clearly showing which unit tests take the longest to run.

Very cool! Needs trying …