News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
Check Your Code's Quality with SensioLabs Insight
August 07, 2014 @ 12:25:20

On the SitePoint PHP blog today there's a new post by Peter Nijssen introducing you to the SensioLabs Insight service and how it can improve your code quality (including locating security concerns).

The quality of your code is as important as testing your application. Recently, we have seen multiple articles which hopefully helped you on your way to providing a more stable application. Today, we are going to have a closer look at SensioLabs Insight. If you used Symfony or Silex in the past, you are probably familiar with SensioLabs, since they are the main sponsor of the Symfony framework.

He quickly introduces the service, mentioning what it has to offer and how to get your account all set up (free for open source libraries but it requires the results to be public). He includes some screenshots showing what the setup and scan results of your project might look like. He shows how to get more detail on the findings and how they can easily be exported to your bug tracker for fixing. He also covers some of the configuration you can do (through a YAML file) to tell Insight things like: php.ini settings, directories to exclude and specific rules to run during the scans.

0 comments voice your opinion now!
sensiolabs insight introduction service scan code quality

Link: http://www.sitepoint.com/check-codes-quality-sensiolabs-insight/

DeveloperTutorials.com:
Port Scanning and Service Status Checking in PHP
April 08, 2009 @ 08:49:21

On the DeveloperTutorials.com site today there's a new tutorial showing the creation of a port scanner with PHP - a tool that, given some of the familiar ports that services (like web or email servers) run on, can check to see if they're responding.

While building web applications, it's often important to keep an eye on the other services running on your server. Having access to the current status of public servers can empower your applications to make decisions and respond to problems automatically. Acknowledging a service is offline can also save endless support emails. In this tutorial, I'll show you how to keep track of your server status by scanning ports on your server with PHP.

Their example makes a socket connection to the remote port to see if there's a valid hookup. The wrap this inside a loop for ports 1 through 1000 to see what ports are open and responding on your local machine (doing this on a remote machine is just asking for trouble).

Their full example defines some of the common ports in an array and loops to check on their status. It sets out a base you can build on top of with things like their suggestions - logging scan results, repoting downtime and running a service-specific task.

0 comments voice your opinion now!
port scan fsockopen socket http ftp pop3 check connection


NETTUTS.com:
Scanning Folders with PHP
November 13, 2008 @ 14:18:28

The NETTUTS.com site has posted a new PHP-related screencast that covers a simple script to scan over the contents of folders in PHP. To illustrate, they create an image gallery script that mirrors the filesystem structure.

Let's imagine that you want to build a page that will display snapshots of your latest work. [...] In such instances, the best solution is to make PHP scan your "portfolio" folder and dynamically create the code for you. If you want to update your page with a new snapshot, all that you need to do is drag the image, and its respective thumbnail, into the appropriate folders - and PHP will do the rest. Let's build it now!

The screencast comes complete with the entire source and a link to a demo to show the end result.

0 comments voice your opinion now!
scan folder filesystem directory tutorial photo gallery screencast


Developer Tutorials Blog:
Port Scanning and Service Status Checking in PHP
June 10, 2008 @ 08:46:08

The Developer Tutorials blog has posted a new tutorial covering how to scan ports and checking a remote service's status with PHP.

Having access to the current status of public servers can empower your applications to make decisions and respond to problems automatically. Acknowledging a service is offline can also save endless support emails. In this tutorial, I'll show you how to keep track of your server status by scanning ports on your server with PHP.

They show how to check a remote instance (a socket open with a timeout) and how to run through a list of ports, looping from one to one-thousand and running an fsockopen on each. They make a sample script to show these two combined - a simple page that loops through the common protocols (HTTP, FTP, SSH, etc) and checks to see if the remote machine is running something on that port.

0 comments voice your opinion now!
port scan service status check fsockopen http ftp ssh


PHP Security Blog:
A Trio of Javascript Issues
December 01, 2006 @ 13:22:28

On the PHP Security Blog, there's three new posts that Stefan Esser has written up that demonstrate some of the more destructive uses of Javascript that he's found:

While the first two are interesting, it's the last of these that most directly applies to PHP. He gives a simple "proof of concept" that checks to see if the embedded image is the correct "size" to be related to a webserver running PHP with the expose_php setting set to "on".

0 comments voice your opinion now!
javascript security issue portscan http auth firefox exposephp scan javascript security issue portscan http auth firefox exposephp scan


David Coallier's Blog:
Free PHP Security Scan
November 15, 2006 @ 07:06:07

David Coallier has posted about his ideas for an Open Source, free PHP security scanner:

The idea of this project is quite simple, I was thinking that offering this service to anyone who requests it could be a very nice idea. Offering to run the scan is the only way I could ensure that people are not using this scanner against any website.

Basically, his idea is to offer this service free of charge, but still restrict it to avoid malicious use. It would involve validation via an md5 hash to ensure that the website has been authorized to run it. Check out the blog entry for more details on how the scan would be run.

1 comment voice your opinion now!
free security scan open source md5 validation authorized process free security scan open source md5 validation authorized process



Community Events





Don't see your event here?
Let us know!


wordpress community release api code podcast series project configure bugfix threedevsandamaybe interview list introduction developer laravel library application framework language

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework