All entries of my technical and business blog.

Namespacing is important - even in PHP

Perl, Java and xml people are very aware of what a namespace is… even wikipedia tells us they are. But, certain languages, such as PHP, don’t support namespaces yet. (However, thank you Dmitry for your proposal.) But are namespaces really important? PHP has made it this far without them, so why should you be concerned? Well, lets see: (more…)

php

Highlighting Source Files

I have been writing code snippets in this wordpress blog alot - and I wanted to possibly have the code highlighted. One of the things that happened with code highlighting plugins I’ve noticed is that the code has to be valid (I’ve posted invalid PHP because stupid wordpress kept eating it) or one type of code (I post javascript/html combinations, with ellipses and such…), and so I finally decided to not highlight my code -... (more…)

AJAX Security Research and Findings - Round 2

Round 2, and the final round, is complete! The previous article here talked about my initial findings. Well, I was able to try some proofs of concepts on my javascript finding, and I put together our top level recommendations for (”the triangle”). Lets see: (more…)

When your linkd causes you problems, you must convertd it!

For the setup I use at (“the triangle”), I have a lot of filesystem links - and these are made on win32 with the linkd.exe command (the version I got is from the windows 2000 resource cd). When I start a new project, I pass into my script which directories I’d like to make and checkout code into, and which I’d rather just linkd to. Well, every once in a while a link’d folder needs... (more…)

Send e-mail from outlook using PHP

While working on some code at (“the triangle”), I run into some issues with the mail() function. On our linux qa and production servers, we can use the mail() function no problem - but on my development platform, windowsxp, I cannot with our current configuration. Normally, you can put in the smtp server in the php.ini file, but our setup doesn’t allow this. We have an exchange server who’s relaying settings restrict it to a... (more…)

Real world stories of a prepared statement

A couple months ago, I was out in Rochester MN at IBM for a multi-day meeting about communication between the iSeries(system-i, i5, as400, whatever its called now a days) and PHP/Apache. One of the things we talked about was our use of ODBC at (“the triangle”) currently to which they asked a good question - Are we using prepared statements over odbc? Well, right now, we’re not, but I think we should. As always, its... (more…)

PHP Script Installer

A couple weeks ago I was reading a blog posting about PHP Script installing. I don’t remember the exact context of the article (or where it was for that matter - otherwise I’d link to it!), but I had suggested someone make a php script packager - an all in one file to install a php project. (more…)

php

Unobtrusive JS to stop form submission

On one of the sites at (“the triangle”), one of the programmers on my team had this strange attachment to the Yahoo User Interface libraries - but I guess that was a good thing as it taught him a good lesson - use unobtrusive javascript. Recently, I had to go through and clean up some of the code (and do a security audit), and I discovered his usage of the YUI library functions. I was... (more…)

Security Issue with Subversion Deployment?

I use Subversion (SVN) for source control and deployment both for JEMDiary and at (“the triangle”). While working on my local copy of one of the websites, I got to thinking about the .svn folder and all of its files. The .svn folder is a local cache/db of the file changes in order to support diffs, reverts, and to give cues about file changes and the need to commit. I started poking around inside of... (more…)

Tamper Data Firefox Extension - is it worth it?

As you can probably tell from my last test of a firefox extension here, I am constantly looking for new tools to make my job more accurate (see: lazier). Another similar extension I came across is Tamper Data. Tamper Data doesn’t have a lot of documentation, so it was harder to actually determine the uses of this extension. Some tutorials on the net claimed that Tamper Data was better than Live Headers or Load Time... (more…)

⬅ Newer | Older ➡
Page 48 of 50
or use RSS