Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

RIPSTech.com:
WordPress Configuration Cheat Sheet
Nov 02, 2018 @ 17:23:19

For the WordPress users out there, the RIPSTech.com blog has posted an invaluable "cheat sheet" sharing details on securing your configuration to prevent exploits and other issues down the line.

WordPress is the most frequently installed web application in the world. The system is operated not only by experienced developers but also by beginners. In this blog post, we summarize what to look out for when configuring your WordPress installation’s security.

In our series about misconfigurations of PHP frameworks, we have investigated Symfony, a very versatile and modular framework. Due to the enormous distribution and the multitude of plugins, WordPress is also a very popular target for attackers. This cheat sheet focuses on the wp-config.php file and highlights important settings to check when configuring your secure WordPress installation.

Suggestions made in the guide cover values involving: debugging, database credentials, keys/salts, database repair, external requests and many more. The post provides examples for each of the settings and a recommended value to make it easy to drop in the changes and harden your WordPress installation.

tagged: security configuration wordpress cheatsheet settings tutorial

Link: https://blog.ripstech.com/2018/wordpress-configuration-cheat-sheet/

Mahmoud Zalt:
Eloquent Relationships Cheat Sheet
Oct 06, 2017 @ 16:10:24

Mahmoud Zalt has a recent post to his Medium.com site that shares a cheat sheet for Eloquent relationships you can use with the Eloquent database layer in a Laravel application.

He goes through each of the relationship types and provides both a diagram showing the relationship and some sample code to make it work:

  • One to One
  • One to Many
  • Polymorphic One to Many Relationship
  • Many to Many Relationship
  • Polymorphic Many to Many Relationship

The post ends with a combined table of all of the relationships, how they connect with the other models, the number of tables involved and how to set values to a related model.

tagged: eloquent relationship cheatsheet example diagram laravel

Link: https://medium.com/@Mahmoud_Zalt/eloquent-relationships-cheat-sheet-5155498c209

Laravel News:
Laravel Cheat Sheet
Apr 07, 2016 @ 16:20:09

As is mentioned in this new post to the Laravel News site, there's a handy Laravel Cheat Sheet that's been published to help keep relevant Laravel information at your fingertips.

The Laravel Cheat Sheet is a new project from the EST Group that shows you many of the Laravel features from a filterable web app. For those that have used Laravel for a few years, you may notice the similarities to Jesse O’Briens.

Jesse hasn’t had time to keep his version up to date which left an opening for this new one. However, I’m disappointed in the similarities. Even though both are open source it just feels odd to me that this one looks so much like Jesse’s.

You can view the project directly (via GitHub pages) or grab the source if you'd like to check it out.

tagged: laravel cheatsheet project github information quick reference

Link: https://laravel-news.com/2016/04/laravel-cheat-sheet/

Timoh's Blog:
PHP data encryption cheatsheet
Jun 17, 2014 @ 15:52:44

Timoh has published a data encryption cheatsheet to his blog today. It's "a short guide" to help you prevent some of the more common encryption-related problems in your application, specifically around symmetric data encryption.

This cheatsheet assumes a “client-server” situation, which is probably a typical case with PHP applications. Naturally the recommendations given here are not the “only possible way” to handle data encryption in PHP, but this cheatsheet aims to be straightforward and tries to leave less room for mistakes and (possibly confusing) choices.

The cheatsheet includes information on topics like:

  • Encryption algorithm / mode of operation / nonce (initializing vector)
  • Encryption and authentication keys
  • Key stretching
  • Key storage and management
  • Data compression

It's jam-packed full of great information, so definitely check it out if you're doing any kind of encryption in PHP.

tagged: data encryption cheatsheet common mistakes

Link: https://timoh6.github.io/2014/06/16/PHP-data-encryption-cheatsheet.html

SitePoint PHP Blog:
Composer Cheatsheet
Apr 01, 2014 @ 16:22:35

The SitePoint PHP blog has a new post from Matthew Setter today sharing a Composer cheatsheet he recently discovered with an example of the common commands and "composer.json" file structure.

Unless you’ve been living under a rock, today’s PHP isn’t your grandmother’s PHP; it’s an entirely different, much more elegant and mature language with countless improvements and additions. One of the key additions is Composer, the de facto standard for managing PHP project dependencies which, by default, gives you access to hundreds of ready-made libraries, via Packagist.org.

He goes through the parts of the guide, introducing some of the commands and covering the details of the full "composer.json" JSON structure. There's also a video introduction if you'd like the more visual version.

tagged: composer cheatsheet introduction commands json structure

Link: http://www.sitepoint.com/composer-cheatsheet

Jim Bird:
How to Cheat at Application Security
Sep 13, 2012 @ 15:42:22

Jim Bird has a new post with links to a few different resources helping you "cheat" at application security - links to cheat sheets with highlights of key points to keep an eye out for.

Developers need to know a lot in order to build secure applications. Some of this is good software engineering and defensive design and programming – using (safe) APIs properly, carefully checking for errors and exceptions, adding diagnostics and logging, and never trusting anything from outside of your code (including data and other people’s code). But there are also lots of technical details about security weaknesses and vulnerabilities in different architectures and platforms and technology-specific risks that you have to understand and that you have to make sure that you deal with properly. Even appsec specialists have trouble keeping up with all of it.

He links to several of the OWASP cheat sheets for things like:

tagged: cheatsheet application security owasp list

Link:

PHPMaster.com:
PHP Security: Cross-Site Scripting Attacks (XSS)
May 01, 2012 @ 16:59:28

PHPMaster.com has a new tutorial posted today (by George Fekete) about preventing cross-site scripting attacks in your PHP-based applications.

Unfortunately, cross-site scripting attacks occurs mostly, because developers are failing to deliver secure code. Every PHP programmer has the responsibility to understand how attacks can be carried out against their PHP scripts to exploit possible security vulnerabilities. Reading this article, you’ll find out more about cross-site scripting attacks and how to prevent them in your code.

Included in the tutorial is an example with a simple form and definitions of different types of XSS attacks - reflected XSS, persistent XSS and three ways to prevent them: data filtering, output filtering and data validation. He also links to a few "cheatsheets" to help even more (including this guide and a Zend Framework set of XSS test data.

tagged: tutorial security xss filter validate data output cheatsheet

Link:

Mayflower Blog:
Zend Framework Application.ini Cheat Sheet
Feb 06, 2012 @ 17:42:22

On the Mayflower blog today there's a new post sharing a Zend Framework application.ini "cheat sheet" with links to pages in the ZF manual explaining the details about each of the front controller options.

All this is long gone in the past since the introduction of Zend_Application and the bootstrapping resource adapters. Zend introduced a standard bootstrapping mechanism into their framework. Many of the options from different framework components can now be configured in the applications configuration file application.ini. One problem persists although: the documentation. All the parameters for components like View, Session, Database etc. are documented either with the bootstrap resource, the component itself or both.

They've posted it to github complete with sections detailing:

  • CacheManager
  • Db
  • FrontController
  • Layout
  • Navigation
  • Router
  • Translate

...and quite a few more. This is a great reference for anyone using the Zend Framework, no matter your experience level.

tagged: zendframework applicationini cheatsheet configuration reference

Link:

Sudheer Satyanarayana's Blog:
Zend Date Class Constants Cheat Sheet
Dec 28, 2010 @ 16:04:21

Sudheer Satyanarayana has provided a handy cheat sheet for those using the Zend_Date component of the Zend Framework listing the default values of the constants it provides.

Date and time handling in general is a problem in programming. For PHP programmers, there's a good library out there that performs all the difficult tasks and provides convenient APIs. Zend_Date has several constants defined. It is good to know what each one of them represents.

You can either come back to this post if you need a reference or you can download the PDF and have it right at your fingertips.

tagged: zenddate zendframework constants cheatsheet pdf

Link:

Smashing Magaine:
Drupal Cheat Sheet Desktop Wallpaper
Jun 15, 2010 @ 15:29:11

If you're a Drupal developer and find yourself constantly referring back to the documentation when using some of the more popular variables for the system, you should check out this new wallpaper over on Smashing Magazine that will put that information at your fingertips.

In this post we release a yet another freebie: a Drupal Cheat Sheet Desktop Wallpaper, a desktop wallpaper that features most popular variables of the open source content management system Drupal. The wallpaper was created by Giovanni Scala for Smashing Magazine and its readers.

There's multiple sizes you can download for several of the popular resolutions like 1024x768, 1440x900 and 1920x1200. The cheatsheet describes the Page.tpl.php, Node.tpl.php, Comment.tpl.php, Nlock.tpl.php and Box.tpl.php interfaces.

tagged: drupal cheatsheet wallpaper download

Link:


Trending Topics: