Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Sameer Borate:
Creating custom stream filters in PHP
Apr 11, 2018 @ 14:45:43

Sameer Borate has a new post to his site showing you how to create custom stream filters for use with the streams functionality already included in the PHP language. The streams handling provides a resource instance (filesystem, network connection, etc) that can be interacted with in a more standardized way.

In this post we will see how to create a custom stream filter. Streams, first introduced in PHP 4.3, provide an abstraction layer for file access. A number of different resources besides files – like network connections, compression protocols etc. can be regarded as “streams” of data which can be serially read and written to.

He shows how to get the current list of streams available and includes an example of one in use, the "string.strip_tags" filter. From there he shows the creation of a custom filter, one that replaces any URLs detected in a string with a string of [--URL--]. He includes the code for the filter and shows how to register it using the stream_filter_register function. He also includes an example of it in use, grabbing the contents of the BBC site and having the filter automatically applied.

tagged: custom filter tutorial beginner strip url

Link: https://www.codediesel.com/php/creating-custom-stream-filters/

C7Y:
Practical Uses for the PHP Tokenizer
Aug 20, 2008 @ 14:31:55

A new tutorial has been posted to php|architects C7Y community site looking at some practical uses of the PHP tokenizer to work with your source.

In this article we take a look at the PHP tokenizer and its potential at analyzing and processing PHP source code. We will build several working examples, which you can start using and extending for your own purposes.

The author, Stan Vassilev, explains what the tokenizer is for, how it parses the code (via a lexer) and how to get at the tokens that are created. He uses the token_get_all and token_name functions to get the information and creates a wrapper class around them to strip whitespace and comments.

tagged: tokenizer practical use tutorial strip whitespace filter class

Link:

Stefan Esser's Blog:
Suhosin 0.9.21 - XSS Protection
Nov 30, 2007 @ 17:17:00

Stefan Esser has posted about the release of the latest version of the Suhosin security patch for PHP - version 0.9.21.

It has been a very long time since the last Suhosin extension has been released, but today this has changed with the release of Suhosin 0.9.21. Among the changes are two new features that will protect applications that put to much trust into the SERVER variables from several XSS (and SQL injection) attacks. These features are suhosin.server.strip and suhosin.server.encode.

He details these two features and gives examples of what they protect from. You can find out more about the Suhosin patch on its website.

tagged: xss protection suhosin server strip encode xss protection suhosin server strip encode

Link:

Stefan Esser's Blog:
Suhosin 0.9.21 - XSS Protection
Nov 30, 2007 @ 17:17:00

Stefan Esser has posted about the release of the latest version of the Suhosin security patch for PHP - version 0.9.21.

It has been a very long time since the last Suhosin extension has been released, but today this has changed with the release of Suhosin 0.9.21. Among the changes are two new features that will protect applications that put to much trust into the SERVER variables from several XSS (and SQL injection) attacks. These features are suhosin.server.strip and suhosin.server.encode.

He details these two features and gives examples of what they protect from. You can find out more about the Suhosin patch on its website.

tagged: xss protection suhosin server strip encode xss protection suhosin server strip encode

Link:

Ivo Jansch's Blog:
How a PHP notice revealed a quirk of Norton Internet Security
Apr 05, 2006 @ 12:00:13

While hacking around on one of his recent PHP scripts, Ivo Jansch noticed something odd - a notice message that seemed to appear out of nowhere.

I thought 'Que?!', as I have not modified the code in class.atkoutput.inc in weeks, and certainly not tonight.

This code worked in all browsers, for years, without notices, because the HTTP_ACCEPT_ENCODING header is usually set for most major browsers.

He made a connection as to a probable cause - the error showed up when he had installed the Norton Internet Security software on his laptop. The firewall in this software was grabbing the header in the notice (the index for HTTP_ACCEPT_ENCODING in $_SERVER) and stripping it from the connection.

The (undocumented?) side effect is that with Norton Internet Security active, no page will be send gzipped. This is a performance penalty I think. They probably do it to be able to scan the text before it arrives in the browser (unzipping, scanning and rezipping would probably take too much time).

tagged: norton internet security software strip header HTTP_ACCEPT_ENCODING norton internet security software strip header HTTP_ACCEPT_ENCODING

Link:

Ivo Jansch's Blog:
How a PHP notice revealed a quirk of Norton Internet Security
Apr 05, 2006 @ 12:00:13

While hacking around on one of his recent PHP scripts, Ivo Jansch noticed something odd - a notice message that seemed to appear out of nowhere.

I thought 'Que?!', as I have not modified the code in class.atkoutput.inc in weeks, and certainly not tonight.

This code worked in all browsers, for years, without notices, because the HTTP_ACCEPT_ENCODING header is usually set for most major browsers.

He made a connection as to a probable cause - the error showed up when he had installed the Norton Internet Security software on his laptop. The firewall in this software was grabbing the header in the notice (the index for HTTP_ACCEPT_ENCODING in $_SERVER) and stripping it from the connection.

The (undocumented?) side effect is that with Norton Internet Security active, no page will be send gzipped. This is a performance penalty I think. They probably do it to be able to scan the text before it arrives in the browser (unzipping, scanning and rezipping would probably take too much time).

tagged: norton internet security software strip header HTTP_ACCEPT_ENCODING norton internet security software strip header HTTP_ACCEPT_ENCODING

Link:

Richard Davey's Blog:
$_LIFE - Release regularly, release often (the webcomic)
Dec 04, 2005 @ 22:32:09

Richard Davey has posted this new entry over on his blog, CorePHP, with a "little something different" - a weekly comic strip dedicated to a PHP development company.

How about something a little different? A weekly comic strip dedicated to a PHP development company. Come on in and meet the team...

This strip is dedicated to a sys admin I know who went through exactly this. Meet the guys here each week and see what they get up to!

I'll be interested to see how this pans out - personally, I'd love to have a little PHP humor on the web - especially PHP related. Nice work on the illustration as well, Richard! Keep 'em coming!

tagged: $_LIFE comic strip programming $_LIFE comic strip programming

Link:

Richard Davey's Blog:
$_LIFE - Release regularly, release often (the webcomic)
Dec 04, 2005 @ 22:32:09

Richard Davey has posted this new entry over on his blog, CorePHP, with a "little something different" - a weekly comic strip dedicated to a PHP development company.

How about something a little different? A weekly comic strip dedicated to a PHP development company. Come on in and meet the team...

This strip is dedicated to a sys admin I know who went through exactly this. Meet the guys here each week and see what they get up to!

I'll be interested to see how this pans out - personally, I'd love to have a little PHP humor on the web - especially PHP related. Nice work on the illustration as well, Richard! Keep 'em coming!

tagged: $_LIFE comic strip programming $_LIFE comic strip programming

Link:


Trending Topics: