News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Anthony Ferrara:
Our Failure As An Industry
May 07, 2013 @ 09:19:34

Anthony Ferrara has a new post to his site today describing what he sees as a failure in our industry - letting security become an after-thought to the development process.

In the April issue of the PHPArch magazine (also published on her blog), Elizabeth Tucker Long wrote a really interesting editorial piece coining a concept she called Security-Driven-Development. She (quite correctly) identified a problem in the current development community where security has become an after-thought (if it's thought of at all). This isn't a new concept, in fact it's a concept that I and many others have been preaching for quite a while now. However I've been coming to realize that I've had it wrong the whole time. And I think the entire industry is getting it wrong today.

He talks some about the current state of web application development and how, even with more powerful technologies than ever, we still fall short in security testing. He suggests that the current way of doing things - treating security testing as a "throw it over the wall" or "someone else's job" problem - needs to stop. Security needs to be integrated with development and he suggests that managers and developers of open source projects should take the lead.

0 comments voice your opinion now!
failure industry security testing development opinion

Link: http://www.lornajane.net/posts/2013/setting-multiple-headers-in-a-php-stream-context

PHPMaster.com:
PCI Compliance and the PHP Developer
March 07, 2013 @ 11:08:11

On PHPMaster.com today there's a new tutorial that talks about PCI compliance with PHP applications and some of the technology you can use to help conform to its requirements.

In reality, PCI is a set of security guidelines drawn up by a consortium of credit card companies and industry security experts to govern how applications should behave when handling credit or debit card information. The card companies impose these standards on the banks who then impose them on those of us who operate e-commerce sites and the like. In this article we will dispel a couple of persistent myths about PCI, take a 20,000-foot look at what PCI encompasses, and then zero in on those requirements that are most closely associated with coding in general and PHP specifically.

He starts with some common myths about PCI (Payment Card Industry) compliance, including that it only applies to "the big guys" taking payments on the web. He then goes through some of the major points of the PCI requirements and talks about a few of them that specifically relate to the backend code side of things.

0 comments voice your opinion now!
pci compliance payment card industry fundamentals


Symfony Blog:
Symfony in the health industry
July 22, 2010 @ 11:12:13

On the Symfony blog today there's a quick case study posted by Stefan Koopmanschap about a role that the Symfony framework is playing in a health education company.

Enovation was engaged by one of his long term clients in the Health education sector to aid and enable them in designing a solution for the management of curricular activities. The college had an immediate requirement to replace an existing expensive, commercial online database, with a bespoke system which could better manage their curriculum and student rotations within training hospitals. The project was quite large, and the clock was ticking; it was time to learn a new framework, and fast!
The post talks about what the needs of the project were fast development, the ability to perform the usual CRUD on multiple tables and an app that would be secure. The Admin Generator made most of these requests simple - as easy as running a few commands.

0 comments voice your opinion now!
symfony health industry enovation


Cal Evans' Blog:
A little PHP fun while you are winding down for the holidays (PHPCity)
December 20, 2007 @ 10:23:00

In the spirit of holiday fun, Cal Evans has founded a city somewhere in Jamacia via the MyMiniCity.com site - PHPCity:

I thought it may be fun to do a PHP community building instead of real work this close to the holidays, so I set up PHP City. To participate, just click the link to PHP City and you are a resident. If you really want to get involved, pick yourself a title (I'm Mayor McCal) and post a proclamation as a news bulletin.

There's not much to it - each visit to the site increases the population by one and there's other links to help with other areas of the city (like Industry and Transportation and others down the line). So visit our city and check out how much its grown (top 10 in the first day!) and add your hits to the growing population of PHPCity.

Other people mentioning the city: Padraic Brady, Nick Halstead, Felix Geisendorfer

0 comments voice your opinion now!
phpcity myminicity popluation industry transportation phpcity myminicity popluation industry transportation



Community Events





Don't see your event here?
Let us know!


library symfony bugfix language list series community interview tips threedevsandamaybe framework deployment opinion release conference podcast introduction zendserver laravel api

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework