News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

C7Y:
Practical Uses for the PHP Tokenizer
August 20, 2008 @ 09:31:55

A new tutorial has been posted to php|architects C7Y community site looking at some practical uses of the PHP tokenizer to work with your source.

In this article we take a look at the PHP tokenizer and its potential at analyzing and processing PHP source code. We will build several working examples, which you can start using and extending for your own purposes.

The author, Stan Vassilev, explains what the tokenizer is for, how it parses the code (via a lexer) and how to get at the tokens that are created. He uses the token_get_all and token_name functions to get the information and creates a wrapper class around them to strip whitespace and comments.

1 comment voice your opinion now!
tokenizer practical use tutorial strip whitespace filter class


Stefan Esser's Blog:
Suhosin 0.9.21 - XSS Protection
November 30, 2007 @ 11:17:00

Stefan Esser has posted about the release of the latest version of the Suhosin security patch for PHP - version 0.9.21.

It has been a very long time since the last Suhosin extension has been released, but today this has changed with the release of Suhosin 0.9.21. Among the changes are two new features that will protect applications that put to much trust into the SERVER variables from several XSS (and SQL injection) attacks. These features are suhosin.server.strip and suhosin.server.encode.

He details these two features and gives examples of what they protect from. You can find out more about the Suhosin patch on its website.

0 comments voice your opinion now!
xss protection suhosin server strip encode xss protection suhosin server strip encode


Ivo Jansch's Blog:
How a PHP notice revealed a quirk of Norton Internet Security
April 05, 2006 @ 07:00:13

While hacking around on one of his recent PHP scripts, Ivo Jansch noticed something odd - a notice message that seemed to appear out of nowhere.

I thought 'Que?!', as I have not modified the code in class.atkoutput.inc in weeks, and certainly not tonight.

This code worked in all browsers, for years, without notices, because the HTTP_ACCEPT_ENCODING header is usually set for most major browsers.

He made a connection as to a probable cause - the error showed up when he had installed the Norton Internet Security software on his laptop. The firewall in this software was grabbing the header in the notice (the index for HTTP_ACCEPT_ENCODING in $_SERVER) and stripping it from the connection.

The (undocumented?) side effect is that with Norton Internet Security active, no page will be send gzipped. This is a performance penalty I think. They probably do it to be able to scan the text before it arrives in the browser (unzipping, scanning and rezipping would probably take too much time).

0 comments voice your opinion now!
norton internet security software strip header HTTP_ACCEPT_ENCODING norton internet security software strip header HTTP_ACCEPT_ENCODING


Richard Davey's Blog:
$_LIFE - Release regularly, release often (the webcomic)
December 04, 2005 @ 16:32:09

Richard Davey has posted this new entry over on his blog, CorePHP, with a "little something different" - a weekly comic strip dedicated to a PHP development company.

How about something a little different? A weekly comic strip dedicated to a PHP development company. Come on in and meet the team...

This strip is dedicated to a sys admin I know who went through exactly this. Meet the guys here each week and see what they get up to!

I'll be interested to see how this pans out - personally, I'd love to have a little PHP humor on the web - especially PHP related. Nice work on the illustration as well, Richard! Keep 'em coming!

0 comments voice your opinion now!
$_LIFE comic strip programming $_LIFE comic strip programming



Community Events





Don't see your event here?
Let us know!


symfony laravel interview library release security introduction version voicesoftheelephpant composer language update package tool opinion install framework series community podcast

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework