Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Rob Allen:
A few Phing tips
Dec 02, 2014 @ 16:40:07

Rob Allen has shared a few Phing tips in the latest post to his site today. Phing is a PHP-based automation tools most popularly used for the deployment and configuration of PHP applications.

Following on from my last post, here's a few other Phing things that I've found helps me.

He shares three short but useful tips:

  • Hiding targets from Phing -l
  • Main target vs subtarget
  • List available targets by default

Each tip includes the XML markup you'll need to make it functional. You can find out more about Phing and what it's capable of on its website.

tagged: phing tips hide target subtarget available list

Link: http://akrabat.com/php/a-few-phing-tips/

PHPMaster.com:
Using Phing
Jan 05, 2012 @ 16:41:40

On PHPMaster.com today there's a new tutorial posted about using the Phing build tool to automate a process, usually a build for a website launch. In his example, he shows a simple "Hello World" example and how to work with multiple targets in the same build file.

Phing is a PHP project build tool based on Apache Ant. A build system helps you to perform a group of actions using a single command. [...] Phing helps overcome [human error] issues by automating tasks like running unit tests, applying database changes, deploying application code, etc. In this article I’ll show you some of the basics of working with Phing.

He includes the commands you'll need to install Phing (if it's not already) via the PEAR installer and a basic "build.xml" file. He explains the parts of the file - tags for "project", "target" "echo" and "property - and includes a more complex build example with multiple targets (and how to call one specifically from the command line).

tagged: phing build tool tutorial multiple target helloworld

Link:

Web Development Blog:
Save bandwidth with PHProxy and ip2nation
Jun 08, 2007 @ 12:58:00

From the Web Development Blog, there's a quick tutorial posted about using the PHProxy package and ip2nation tool to save you some money on your bandwidth bills each month.

If your website becomes a little busy the websites bandwidth becomes very valuable. If your visitors using too much bandwidth and the conversions from your website are very low or just moderate, it’s possible that you get broke with also a good internet website project.

Their solution uses the PHProxy functionality and the IP address information (database dump) from ip2nation to create targeted user content. They include the setup for the proxy as well as some code that will need to be inserted to use the ip2nation data. Last but not least, there's also the code to insert into the page and make the magic happen.

tagged: phproxy ip2nation target content bandwidth proxy phproxy ip2nation target content bandwidth proxy

Link:

Web Development Blog:
Save bandwidth with PHProxy and ip2nation
Jun 08, 2007 @ 12:58:00

From the Web Development Blog, there's a quick tutorial posted about using the PHProxy package and ip2nation tool to save you some money on your bandwidth bills each month.

If your website becomes a little busy the websites bandwidth becomes very valuable. If your visitors using too much bandwidth and the conversions from your website are very low or just moderate, it’s possible that you get broke with also a good internet website project.

Their solution uses the PHProxy functionality and the IP address information (database dump) from ip2nation to create targeted user content. They include the setup for the proxy as well as some code that will need to be inserted to use the ip2nation data. Last but not least, there's also the code to insert into the page and make the magic happen.

tagged: phproxy ip2nation target content bandwidth proxy phproxy ip2nation target content bandwidth proxy

Link:

Christian Wenz's Blog:
SANS Top-20 Internet Security Attack Targets (2006 Annual Update)
Nov 27, 2006 @ 16:03:00

In a new post on his blog, Christian Wenz mentions the latest results of the SANS Institute's Top 20 Internet Security Attack Targets list which both includes a new entry ("Users") and several mentions of PHP and PHP-related applications.

Of course you can debate how such a Top list came together and what the real value behind that is, but there are two specific points in this year's list that I found quite interesting.

There's two targets for the PHP community to worry about - sysadmin/hosting and things developers need to keep in mind. Items on these lists include:

  • Always test and deploy patches and new versions of PHP as they are released
  • Use Intrusion Prevention/Detection Systems to block/alert on malicious HTTP requests. Consider using Apache's mod_security to block known PHP attacks
  • If you use PHP, migrate your application to PHP 5.2 as a matter of urgency.
  • Encode all output using htmlentities() or a similar mechanism to avoid XSS attacks
You can check out the full information over on the SANS Institute website.

tagged: sans institute top20 internet security attack target sysadmin hosting developer sans institute top20 internet security attack target sysadmin hosting developer

Link:

Christian Wenz's Blog:
SANS Top-20 Internet Security Attack Targets (2006 Annual Update)
Nov 27, 2006 @ 16:03:00

In a new post on his blog, Christian Wenz mentions the latest results of the SANS Institute's Top 20 Internet Security Attack Targets list which both includes a new entry ("Users") and several mentions of PHP and PHP-related applications.

Of course you can debate how such a Top list came together and what the real value behind that is, but there are two specific points in this year's list that I found quite interesting.

There's two targets for the PHP community to worry about - sysadmin/hosting and things developers need to keep in mind. Items on these lists include:

  • Always test and deploy patches and new versions of PHP as they are released
  • Use Intrusion Prevention/Detection Systems to block/alert on malicious HTTP requests. Consider using Apache's mod_security to block known PHP attacks
  • If you use PHP, migrate your application to PHP 5.2 as a matter of urgency.
  • Encode all output using htmlentities() or a similar mechanism to avoid XSS attacks
You can check out the full information over on the SANS Institute website.

tagged: sans institute top20 internet security attack target sysadmin hosting developer sans institute top20 internet security attack target sysadmin hosting developer

Link:

Builder.com:
Match users to their geo-location with PHP and PEAR Net:Geo
Aug 10, 2006 @ 12:37:29

Builder.com has a new tutorial posted today about the use of the PEAR Net_GeoIP package to help with the geo-location of the visitors to your website.

Ever wondered how sites like Google and Yahoo! always seem to know which country you're in, and automatically redirect you to the most appropriate country sub-site? Or how some Web sites display advertisements perfectly targeted to your city or region? Well, it isn't magic -- these sites are simply mapping your IP address to a geographical database to identify your location, and then using this information to send you precisely-targeted data.

They work through the steps to get it up and working - the installation, a few basic code examples to show how to use it, and a full example of how to target different areas with different kinds of ads (geographically-targeted advertising).

tagged: pear geographically target advertising net_geoip package tutorial pear geographically target advertising net_geoip package tutorial

Link:

Builder.com:
Match users to their geo-location with PHP and PEAR Net:Geo
Aug 10, 2006 @ 12:37:29

Builder.com has a new tutorial posted today about the use of the PEAR Net_GeoIP package to help with the geo-location of the visitors to your website.

Ever wondered how sites like Google and Yahoo! always seem to know which country you're in, and automatically redirect you to the most appropriate country sub-site? Or how some Web sites display advertisements perfectly targeted to your city or region? Well, it isn't magic -- these sites are simply mapping your IP address to a geographical database to identify your location, and then using this information to send you precisely-targeted data.

They work through the steps to get it up and working - the installation, a few basic code examples to show how to use it, and a full example of how to target different areas with different kinds of ads (geographically-targeted advertising).

tagged: pear geographically target advertising net_geoip package tutorial pear geographically target advertising net_geoip package tutorial

Link:

NetCraft.com:
PHP Apps A Growing Target for Hackers
Feb 01, 2006 @ 13:48:27

According to this new article from Netcraft, PHP applications are becoming more and more at risk for hacking attempts.

Security holes in PHP-based content management and forum apps are an increasingly active front in Internet security, as hackers target unpatched weaknesses. The latest example is Monday's hack of chip maker AMD's customer support forums, in which an older version of Invision Power Board was compromised and used to distribute malware using the Windows Metafile (WMF) exploit.

While Windows flaws like the WMF vulnerability are useful to hackers assembling armies of compromised desktop computers, security holes in PHP applications provide access to more powerful servers hooked directly to high-speed network connections.

They go on to talk about the growth of CMSs that PHP has fueled - both the good and the bad - and how a less than religious application of patches to those CMSs can cause big headaches down the road.

It is good, though, that they make the distinction:

Most of the security issues with PHP-driven programs are found not in PHP itself, but rather in the libraries and applications built atop the server-side scripting language.

tagged: application growing target hackers content management system application growing target hackers content management system

Link:

NetCraft.com:
PHP Apps A Growing Target for Hackers
Feb 01, 2006 @ 13:48:27

According to this new article from Netcraft, PHP applications are becoming more and more at risk for hacking attempts.

Security holes in PHP-based content management and forum apps are an increasingly active front in Internet security, as hackers target unpatched weaknesses. The latest example is Monday's hack of chip maker AMD's customer support forums, in which an older version of Invision Power Board was compromised and used to distribute malware using the Windows Metafile (WMF) exploit.

While Windows flaws like the WMF vulnerability are useful to hackers assembling armies of compromised desktop computers, security holes in PHP applications provide access to more powerful servers hooked directly to high-speed network connections.

They go on to talk about the growth of CMSs that PHP has fueled - both the good and the bad - and how a less than religious application of patches to those CMSs can cause big headaches down the road.

It is good, though, that they make the distinction:

Most of the security issues with PHP-driven programs are found not in PHP itself, but rather in the libraries and applications built atop the server-side scripting language.

tagged: application growing target hackers content management system application growing target hackers content management system

Link:


Trending Topics: