Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Chris Hartjes' Blog:
What Is Really Considered Documentation?
Jul 23, 2008 @ 15:26:33

In this new post, Chris Hartjes takes a look at something that is one of the banes of most programmers' existence - documentation. In it he wonders what should really be considered documentation and the importance of it.

As a committed user of open source technologies, the difference between me using something and not using something is the documentation. Is there documentation for it? Is it easy to find? Does it answer my questions? Is there someone I can call an idiot if I disagree with the level of documentation? These are all very important questions.

He uses the illustration of the documentation of the CakePHP framework that's helpful, but only really after you learn how to use the framework in the first place. He mentions people on both sides of the fence - those that love the framework and love the documentation and those that moved on to something simpler because they just couldn't get it.

He also mentions the variety of sources that can provide "documentation" for the framework when you're getting a bit stuck - everything from blogs to The Bakery to a different sort of documentation, unit test.

tagged: consider documentation types cakephp example unittest manual blog

Link:

Zend Developer Zone:
Security Tips #17 & #18 (When to Secure & File Uploads)
Mar 28, 2007 @ 22:19:49

The Zend Developer Zone continues their great series of security tips with two new posts - one talking about when to focus on security and the other about file uploads.

From the first, top 17:

Application security should not be a "when all else fails" situation. It's not something you can "put in later". As we've mentioned before, there is no single silver bullet to solve your application security issues. Security is something that should be rolling around in the back of your dead in the design phase, the coding phase, the testing phase, even after you've rolled your code into production.

And, from tip #18:

When you allow users to upload files, your system may be at risk. Always restrict the file types that you allow. Don't rely on a blacklist approach. [...] Be careful with file uploads and make sure you protect them with a whitelist policy instead. Make sure that the file that has been uploaded is of the type that you want to allow.
tagged: securitytip consider security integrate file upload whitelist securitytip consider security integrate file upload whitelist

Link:

Zend Developer Zone:
Security Tips #17 & #18 (When to Secure & File Uploads)
Mar 28, 2007 @ 22:19:49

The Zend Developer Zone continues their great series of security tips with two new posts - one talking about when to focus on security and the other about file uploads.

From the first, top 17:

Application security should not be a "when all else fails" situation. It's not something you can "put in later". As we've mentioned before, there is no single silver bullet to solve your application security issues. Security is something that should be rolling around in the back of your dead in the design phase, the coding phase, the testing phase, even after you've rolled your code into production.

And, from tip #18:

When you allow users to upload files, your system may be at risk. Always restrict the file types that you allow. Don't rely on a blacklist approach. [...] Be careful with file uploads and make sure you protect them with a whitelist policy instead. Make sure that the file that has been uploaded is of the type that you want to allow.
tagged: securitytip consider security integrate file upload whitelist securitytip consider security integrate file upload whitelist

Link:


Trending Topics: