Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Laravel News:
20 Laravel Eloquent Tips and Tricks
Apr 16, 2018 @ 14:28:33

On the Laravel News site there's a new post sharing twenty Eloquent tips for the Laravel users out there.

Eloquent ORM seems like a simple mechanism, but under the hood, there’s a lot of semi-hidden functions and less-known ways to achieve more with it. In this article, I will show you a few tricks.

Among the tips and "hidden features" mentioned are tips about:

  • Increments and Decrements
  • Model boot() method
  • Model properties: timestamps, appends etc.
  • Order by relationship
  • Order by Mutator
  • Raw query methods
  • Create additional things when creating a model

...and many more. There's code examples for each of them showing them in use too.

tagged: laravel eloquent tips top20 list database orm

Link: https://laravel-news.com/eloquent-tips-tricks

Programmers Community Blog:
20 controversial programming opinions
Sep 04, 2012 @ 15:14:44

On the Programmers Community Blog there's a post (with quite a bit of feedback) that lists twenty controversial opinions about programming and programmers in general that have been proposed over the years.

One of the very first ideas we had for this blog was to convert some of the wonderful gems of the early era of our site, the undisciplined period, to blog posts. Questions that were once enthusiastically received by the community, but no longer fit Programmer’s scope.

The post has the top twenty answers to the "What’s your most controversial programming opinion?" question as proposed on StackOverflow and includes things like:

  • Programmers who don’t code in their spare time for fun will never become as good as those that do.
  • The only "best practice" you should be using all the time is “Use Your Brain".
  • Not all programmers are created equal.
  • If you only know one language, no matter how well you know it, you’re not a great programmer.
  • Your job is to put yourself out of work.
  • Readability is the most important aspect of your code.

Check out the full post for the complete list...and for the 100+ comments that have been added to it by programmers with both agreeable and disagreeable opinions.

tagged: controversial programming opinion list top20 comments

Link:

Symfony Blog:
Top 20 symfony plugins
Aug 14, 2007 @ 16:16:00

The Symfony project has posted a Top 20 list of the most accessed plugins for the framework, as based on their stats:

A quick look at the analytics of the symfony website tells us a lot about what people need in addition to the symfony core. Here is the top 20 plugins based on the number of page views of the corresponding wiki pages in the last 30 days.

Among those on the list are things like:

Check out the full list for other great plugins that made it into the Top 20.

tagged: symfony framework plugin top20 symfony framework plugin top20

Link:

Symfony Blog:
Top 20 symfony plugins
Aug 14, 2007 @ 16:16:00

The Symfony project has posted a Top 20 list of the most accessed plugins for the framework, as based on their stats:

A quick look at the analytics of the symfony website tells us a lot about what people need in addition to the symfony core. Here is the top 20 plugins based on the number of page views of the corresponding wiki pages in the last 30 days.

Among those on the list are things like:

Check out the full list for other great plugins that made it into the Top 20.

tagged: symfony framework plugin top20 symfony framework plugin top20

Link:

Ed Finkler's Blog:
The PHP App Insecurity Top 20
Apr 19, 2007 @ 12:01:02

In a new post today, Ed Finkler shares some interesting stats he's generated based on some NIST NVD data and graphed out. It shows PHP as being in the top 20 list for more insecure applications.

What follows is a breakdown of the 20 PHP-based applications that had the highest aggregate vulnerability scores (NIST assigns a score from 1-10 for the severity of each entry), and the highest total number of vulnerabilities, over the past 12 months. Of the two, I feel that the aggregate score is a better indicator of security issues.

The Excel charts show the total NVD score and the total number of NVD entries for several popular PHP applications (like phpBB, phpMyAdmin, TikiWiki, and Joomla). He also notes that there are some other extenuating circumstances surrounding these numbers (not a level line) and that the trend seems to be more on the side of issues with forums than any other type of PHP application.

tagged: insecure application top20 forum issue reported score entries graph insecure application top20 forum issue reported score entries graph

Link:

Ed Finkler's Blog:
The PHP App Insecurity Top 20
Apr 19, 2007 @ 12:01:02

In a new post today, Ed Finkler shares some interesting stats he's generated based on some NIST NVD data and graphed out. It shows PHP as being in the top 20 list for more insecure applications.

What follows is a breakdown of the 20 PHP-based applications that had the highest aggregate vulnerability scores (NIST assigns a score from 1-10 for the severity of each entry), and the highest total number of vulnerabilities, over the past 12 months. Of the two, I feel that the aggregate score is a better indicator of security issues.

The Excel charts show the total NVD score and the total number of NVD entries for several popular PHP applications (like phpBB, phpMyAdmin, TikiWiki, and Joomla). He also notes that there are some other extenuating circumstances surrounding these numbers (not a level line) and that the trend seems to be more on the side of issues with forums than any other type of PHP application.

tagged: insecure application top20 forum issue reported score entries graph insecure application top20 forum issue reported score entries graph

Link:

Christian Wenz's Blog:
SANS Top-20 Internet Security Attack Targets (2006 Annual Update)
Nov 27, 2006 @ 16:03:00

In a new post on his blog, Christian Wenz mentions the latest results of the SANS Institute's Top 20 Internet Security Attack Targets list which both includes a new entry ("Users") and several mentions of PHP and PHP-related applications.

Of course you can debate how such a Top list came together and what the real value behind that is, but there are two specific points in this year's list that I found quite interesting.

There's two targets for the PHP community to worry about - sysadmin/hosting and things developers need to keep in mind. Items on these lists include:

  • Always test and deploy patches and new versions of PHP as they are released
  • Use Intrusion Prevention/Detection Systems to block/alert on malicious HTTP requests. Consider using Apache's mod_security to block known PHP attacks
  • If you use PHP, migrate your application to PHP 5.2 as a matter of urgency.
  • Encode all output using htmlentities() or a similar mechanism to avoid XSS attacks
You can check out the full information over on the SANS Institute website.

tagged: sans institute top20 internet security attack target sysadmin hosting developer sans institute top20 internet security attack target sysadmin hosting developer

Link:

Christian Wenz's Blog:
SANS Top-20 Internet Security Attack Targets (2006 Annual Update)
Nov 27, 2006 @ 16:03:00

In a new post on his blog, Christian Wenz mentions the latest results of the SANS Institute's Top 20 Internet Security Attack Targets list which both includes a new entry ("Users") and several mentions of PHP and PHP-related applications.

Of course you can debate how such a Top list came together and what the real value behind that is, but there are two specific points in this year's list that I found quite interesting.

There's two targets for the PHP community to worry about - sysadmin/hosting and things developers need to keep in mind. Items on these lists include:

  • Always test and deploy patches and new versions of PHP as they are released
  • Use Intrusion Prevention/Detection Systems to block/alert on malicious HTTP requests. Consider using Apache's mod_security to block known PHP attacks
  • If you use PHP, migrate your application to PHP 5.2 as a matter of urgency.
  • Encode all output using htmlentities() or a similar mechanism to avoid XSS attacks
You can check out the full information over on the SANS Institute website.

tagged: sans institute top20 internet security attack target sysadmin hosting developer sans institute top20 internet security attack target sysadmin hosting developer

Link:


Trending Topics: