Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

RIPSTech.com:
PHP Security Advent Calendar 2018 Announcement
Nov 28, 2018 @ 16:51:33

The folks over at RIPSTech, a PHP-focused security company, have posted the announcement about the latest edition of their PHP Security Advent Calendar. This is the third year they've done this and it's always interesting and fun to find out about some of the vulnerabilities that can lie hidden in everyday PHP code.

The holiday season is coming up again and it’s time for some security fun. For the third time in a row, we are proud to announce our PHP security advent calendar. This year, we will analyze 24 exciting security bugs that we detected in the most widespread WordPress plugins.

In our first calendar edition in 2016, we analyzed exceptional vulnerabilities in some of the most popular open source PHP applications. Last year, we released 24 PHP security challenges with a hidden security pitfall in every day’s code challenge. This year we would like to give once again something back to the great PHP and Infosec community and release another advent calendar with 24 security surprises.

While you can't start on the calendar just yet (as of this post it's only November 28th) it will be coming soon. Be sure to sign up for their newsletter to get updates on when it's officially launched.

tagged: ripstech security advent calendar announcement

Link: https://blog.ripstech.com/2018/php-security-advent-calendar/

RIPS Technologies:
PHP Security Advent Calendar 2017 Wrap-Up
Jan 05, 2018 @ 17:52:08

On their blog, RIPS Technologies have shared a wrap-up of their security advent calendar shared at the end of last year. The calendar provided a daily challenge related to a PHP security issue that may or may not be commonly known.

In this years PHP Security Advent Calendar we published 24 challenges for the PHP community where security issues were hidden in code snippets for fun and training. The challenges are based on real-world security vulnerabilities that we found with the help of RIPS over the last year in popular PHP applications. In this blog post we are going to discuss the main take-aways from our advent calendar regarding PHP security.

The calendar covered several different types of challenges but they fell into a few overall categories: issues with user input, weak typing, odd behavior of built-in features and the overall diversity of possible bugs.

The root cause for the security issues presented in our challenges are not new. But the diversity and combination of these pitfalls are sheer endless that trick even skilled developers. What looks secure at first sight quickly turns into an exploitable security bug. [...] We would like to thank everyone who participated, discussed, and provided great feedback and we hope our challenges helped in sharpening your security skills in a fun way!
tagged: security advent calendar wrapup 2017 ripstech

Link: https://blog.ripstech.com/2018/php-security-advent-calendar-wrap-up/

RIPSTech:
PHP Security Advent Calendar 2017 Announcement
Dec 01, 2017 @ 18:10:38

The RIPSTech group has a post to their site with the announcement of the return of their security-related advent calendar. This year, however, it comes in the form of the PHP Security Advent Calendar with more of a "common security problems in PHP" approach than a list of vulnerabilities.

The end of the year is coming closer and the cheery advent time begins. We are looking back at a spectacular year and it is time to thank and give back to the great PHP, infosec, and RIPS community. Thank you for developing, auditing, and securing your PHP applications with us in 2017!

Similar to last years advent of PHP application vulnerabilities where we released a new application vulnerability each day, we will release a new calendar gift from December 1st to 24th this year again. This time, we will focus on nifty PHP pitfalls and release a daily code challenge for you to solve. Can you spot the daily security bug?

As today is December 1st, the first item has been posted to the calendar covering the use of whitelists versus blacklists. Keep checking back daily for new updates to the calendar and the daily code challenges.

tagged: ripstech security advent calendar common issues

Link: https://blog.ripstech.com/2017/php-security-advent-calendar/

SitePoint PHP Blog:
Calendar as a Service in PHP? Easy, with Google Calendar API!
Jan 26, 2017 @ 16:25:21

On the SitePoint PHP blog there's a new tutorial posted by Wern Ancheta showing you how to offer "calendar as a service" in your application with the help of the Google Calendar API. The Calendar API provides access to all of the features you'd expect from the Google Calendar system and the tutorial helps you make a fully functional overlay integrated with it and living in your application.

In this article, you’ll learn how to work with the Google Calendar API in PHP. You’ll do it by building a calendar app that allows users to add new calendars, add events, and sync calendars to Google Calendar.

The tutorial then walks you through every step of the process you'll need to get your application hooked into the API and the code to use for the integration:

  • Setting up a Google Console Project
  • Building the App
  • Configuring the App
  • Creating a Service Container for the Google Client
  • (Adding) Routes
  • Admin Route Middleware
  • Database setup
  • Home Pages creation
  • Admin Pages creation
  • Creating a Calendar
  • Creating an Event
  • Syncing a Calendar
  • Listing Events
  • Logging Out

The application they create is Laravel based and makes use of a bit of Javascript in the views for the date selector and handlebars templating.

tagged: calendar api google service tutorial laravel jquery

Link: https://www.sitepoint.com/calendar-as-a-service-in-php-easy-with-google-calendar-api/

Freek Van der Herten:
How to setup and use the Google Calendar API
May 10, 2016 @ 17:10:32

In this new tutorial posted to his site Freek Van der Herten shows you how to connect your application to the Google Calendar API, complete with screenshots for a step-by-step process.

For a project I’m working on I needed to interact with a Google Calendar. I’ve your ever worked with some API’s by Google then you know their documentation can be very confusing. It’s not that they don’t have documentation, but code examples of common use cases are simply not present. You must wade through a lot of pages to learn basic things such as how to make an authorized request let alone how to fetch calendar events. In this post I’d like to explain in a human readable way how setup and use the Google Calendar API.

He starts on the Google side with the setup of the application and getting the credentials you'll need for the connection. Next up is setting up the calendar itself and the permissions to allow access to all event information. The post then finishes with a PHP example using the "google/apiclient" library to make the Calendar connection and get all events currently on the calendar. As a bonus he also points out a library he's creating to make it easier to work with events in Laravel-based applications.

tagged: google calendar tutorial api setup configuration connection

Link: https://murze.be/2016/05/how-to-setup-and-use-the-google-calendar-api/

Ben Ramsey:
Dates Are Hard
Feb 24, 2014 @ 15:03:24

In a new post to his site Ben Ramsey talks about why dates are hard and can be frustrating to work with sometimes. It revolves around an issue he recently found with calculating a time for a UUID and days of the week.

No, I’m not talking about a meeting with a lover or potential lover. While those can be stressful, the calendar math used to determine the precise date and time on which such a meeting might occur is infinitely more difficult to perform. To software programmers, this isn’t news, but I recently encountered an issue when calculating the time for an RFC 4122 UUID that had me questioning the accuracy of our modern, accepted calendars, especially with regard to the days of the week on which our dates fall.

In his work on his UUID library, he came across a the bug because of some failing unit tests. It was only happening in certain versions of PHP and upon further investigation found the issue to be a wrong day of the week from a date in 1582 (the correct value being Sunday). As it turned out, the date in question was actually a Saturday and his local environment was reporting bad results. The problem was with a revision made to the Gregorian calendar, removing 10 days causing a difference between the Gregorian and Great Britain versions of 1582.

tagged: date time calendar gregorian unittest greatbriain year

Link: http://benramsey.com/blog/2014/02/dates-are-hard/

Derick Rethans:
ISO 8601 week dates
Sep 24, 2013 @ 14:54:31

Derick Rethans has a new post with details about handling ISO 8601 dates in PHP via the DateTime functionality. It's a response to some bugs filed having to do with week numbering.

Week numbers are defined in this same ISO 8601 standard. Each year has 52 or 53 weeks and weeks always start on a Monday. Week number 1 of each year is the first week in a year that has the first Thursday of the year, or in other words, the week containing January 4th.

He talks about some of the date format arguments that use would use when working with the ISO 8601 formatting and how it relates to the calendar year. He points out that the "Y" format specifier is not the same as the "o" - the first being the calendar year while the second relates to the ISO 8601 year.

As conclusion, this article shows that there are two ways representing dates in PHP. In the Gregorian1 calendar with year, month and day (of month), and in the ISO 8601 calendar with year, week and day (of week). The format characters for the two different years are either Y or o and they should not be confused.
tagged: iso8601 date datetime format specifier gregorian calendar difference

Link: http://derickrethans.nl/iso-8601-weeks.html

Community News:
Web Advent 2012
Dec 03, 2012 @ 14:19:44

From the folks that have brought you the PHP Advent series of posts in the past (Chris Shiflett, Sean Coates and all of their great contributing authors) comes this year's more general selection of articles - webadvent.org.

Christmas is upon us once again, and it's time to have a look at what's under the Web Advent tree. Join us each day as our wonderful authors provide presents of tips, tricks, & tidbits to usher in the new year.

This years posts are (list will be updated as more are added)

You can find articles from previous years in the site's sidebar.

tagged: webadvent12 advent calendar article

Link:

Community News:
PHP Advent 2011 is Complete!
Dec 26, 2011 @ 22:20:56

This year's PHP Advent calendar has finished up and if you haven't gotten a chance to check out some of the great content in this year's edition, be sure to take a look at the full list. It incudes topics like:

  • Front-end testing with SimpleTest
  • Scalable applications
  • Cross-origin ajax
  • working with Chef
  • Error handling
  • Dates and Times

The articles are by several well-knowns both in the PHP community and outside. While you're there, be sure to check out some of the previous years too!

tagged: complete phpadvent advent calendar tutorial article

Link:

Community News:
PHP Advent 2011
Dec 02, 2011 @ 17:02:10

It's that time of year again and this year's PHP Advent has kicked off with the first article posted yesterday. Below is a list of the articles for this year's advent calendar, to be updated as each new one is released:

Check back for the growing list as this year's advent gets more great content every day!

tagged: phpadvent advent calendar community article

Link:


Trending Topics: