News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Joseph Scott:
Stateless CSRF Tokens
August 02, 2013 @ 11:16:44

Joseph Scott has a recent post to his site looking at the idea of stateless CSRF tokens and how to create them while avoiding the typical "store them in a session" mentality.

This is all fine and good until you want to avoid using PHP sessions. Perhaps you have several web servers and don't want to deal with shared session storage. Or have servers in multiple data centers and don't want to try and sync state across them. What ever the reason, popping a token into $_SESSION isn't an option in this case. In short you want some sort of stateless CSRF token.

He looks at two methods to help get around this issue. The first method is based on known values that won't change very frequently (say, maybe 24 hours). His second method, however, has a bit more strength to it. His idea uses a combination of a key, the current time, a timeout and a known string of data - all base64 encoded.

0 comments voice your opinion now!
csrf token stateless tutorial session base64 timeout microtime

Link: https://josephscott.org/archives/2013/07/stateless-csrf-tokens

DevShed:
Benchmarking Applications with PHP
April 23, 2008 @ 21:02:17

DevShed has posted the first part of a new series looking at benchmarking performance in your PHP applications.

If you're anything like me, you have had your head spinning with questions [...] these and other dilemmas (add your own to the list) sometimes make peace of mind a nearly impossible goal.

The tutorial talks about a few simple methods for running benchmark data including the use of microtime(), an OOP method and wrapping the call inside a method of their class.

0 comments voice your opinion now!
benchmark application microtime object oriented tutorial


Hasin Hayder's Blog:
Counting occurrence of a word in a String - Benchmarking of PHP functions
April 30, 2007 @ 10:42:00

In an effort to add to the ever-growing list of "keeping it simple" benchmarks out there, Hasin Hayder presents his own results for the task of fining the number of times a word occurs in a given string.

Today I was just thinking what are the possible ways to count the occurrence of a specific word inside a string. I found some possible ways finally and I just benchmarked them. Wanna see the result?? - for sure you will find it interesting too.

Methods range from a simple split() and count() call out to using the regular expression functions to locate the matches. After running it four times (to check for accuracy), he the stats were pretty much the same. It looks like the substr+count method was the fastest overall with last place falling to the array function method.

0 comments voice your opinion now!
occurance word string function benchmark result microtime occurance word string function benchmark result microtime


Community Crosstalk:
Matthew O'Phinney & Scott Johnson on Dynamic Function/Method Calls
June 26, 2006 @ 06:14:51

In two related posts from Scott Johnson and Matthew Weir O'Phinney, there's a question about metaprogramming in PHP, specifically between the use of call_user_func, call_user_func_array, and variable function calls (as asked by Scott).

One of the characteristics of meta programming is lots and lots of dynamicism everywhere. So here's my php question: Is there a real difference between call_user_func versus call_user_func_array and the variable function syntax i.e. $function_name() ? As best as a quick experiment shows they seem to function the same although I did a quick hack / quick doc check as opposed to really drilling into it. Any efficiency benefits in doing it one way or another?

Matthew replies on his blog by running some benchmarks (and wondering why Scott didn't run his own).

Back to benchmarking. Scott asks, "Is there a real difference between call_user_func versus call_user_func_array and the variable function syntax i.e. $function_name()?"

The short answer: absolutely. The long answer? Read on.

He details what the differences are in the functionality (how they're used and all) as well as examples of their usage. He whips up a test class and function to go through different benchmarks, testing response times with the microtime functionality of PHP. He results aren't too surprising, but you'll have to check out his post to get the full details.

0 comments voice your opinion now!
dynamic function method benchmark class microtime call_user_func dynamic function method benchmark class microtime call_user_func


Matt Kalinowski's Blog:
Determine Browser Speed with PHP
May 31, 2006 @ 05:52:52

On Matt Kalinowski's blog, there's a quick post with some code to help you test just how fast your user's browser speed is as they hit your site.

So, you have a site that offers both an enhanced and standard style page. However, you realize that not every web user is going to know if they would be best suited for either version. Therefor, this speed test will allow you to determine their speed. This could also be used in other situations as well, but the one stated above is the one I found most appropriate.

Basically, the script works with the microtime functionality in PHP to do some speed tests for the amount of data given divided by how long it takes that data to get out to the user.

0 comments voice your opinion now!
determine browser speed microtime divide determine browser speed microtime divide



Community Events





Don't see your event here?
Let us know!


introduction laravel code api install testing series symfony2 framework developer refactor release community interview list threedevsandamaybe unittest podcast language opinion

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework