Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Joshua Thijssen:
Decoding TLS with PHP
Dec 31, 2013 @ 16:17:19

Joshua Thijssen has posted a walk-through of some work he's done to create a TLS decoder in PHP. TLS (Transport Layer Security) is a method for encrypting data being sent back and forth between the client and server, similar to how SSL is used.

As a proof of concept I wanted to see in how far I could decode some TLS data on the client side. Obviously, this is very complex matter, and even though TLS looks deceptively simple, it isn’t. To make matters worse, PHP isn’t quite helping us making things easy neither.

His solution (code posted here) goes through a few steps to finally get to the actual data:

  • Capturing TLS data
  • Gathering all the necessary fields
  • From pre-master-secret to master-secret (decoding TLS_RSA_WITH_RC4_128_SHA)
  • Partitioning our master-secret
  • Decoding our data
  • Verifying message integrity

For each step along the way he shares the relevant code and a brief description of what's happening. If you want to see the end result and try it out for yourself, check out his repository.

tagged: decode tls transport layer security protocol data tutorial

Link: http://www.adayinthelifeof.nl/2013/12/30/decoding-tls-with-php

Adrian Schneider' Blog:
Testing Zend_Mail
Feb 15, 2010 @ 17:09:56

In needing to test some mailing functionality in his application Adrian Schneider has come across two ways to handle it on a machine that may not have mail up and configured correctly - mail a mail transport class or sent up a pseudo mail server.

I think a staging environment is more appropriate to actually have email being sent out. Nevertheless, it has made testing any email functionality a little cumbersome. I've done a little research, and have found two ways to tackle the problem. I've also included code samples and other resources to get you started.

The first method - the transport class - uses the Zend_Mail_Transport component (and interfaces) to set the transport for the application and handle the routing from an extension of the Abstract class. The second method involves changes to system settings in the php.ini and adding in a simple script to force a forward to the right address. Windows users can also use fakemail to accomplish a similar thing.

tagged: test zendmail transport phpini fakemail tutorial

Link:

Paul Jones' Blog:
Sending Mail with Solar
Jul 18, 2007 @ 18:48:00

Paul Jones has posted a new tutorial about using the mail functionality of the Solar framework - the Solar_Mail and Solar_Stmp packages.

While each of these [PEAR Mail, PhpMailer, SwiftMailer, Zend_Mail] will work with Solar, the new Solar_Mail and Solar_Smtp packages work "natively", in that they support automatic configuration, locale and exception inheritance, and so on. Read on for some examples on how to use them.

In his example he sets up and sends a simple message, setting the contents of the email (sent as an HTML message). Since there's been much talk about the safety of a lot of the mailing systems in frameworks, Paul talks about how it's been secured from header injections, through safe attachments, and from a transport dependency-injection for SMTP.

There's even a method included that lets you take the SMTP information out of the script and put it into the Solar configuration file to use in the entire application.

tagged: mail solar framework tutorial attachment header injection transport dependency mail solar framework tutorial attachment header injection transport dependency

Link:

Paul Jones' Blog:
Sending Mail with Solar
Jul 18, 2007 @ 18:48:00

Paul Jones has posted a new tutorial about using the mail functionality of the Solar framework - the Solar_Mail and Solar_Stmp packages.

While each of these [PEAR Mail, PhpMailer, SwiftMailer, Zend_Mail] will work with Solar, the new Solar_Mail and Solar_Smtp packages work "natively", in that they support automatic configuration, locale and exception inheritance, and so on. Read on for some examples on how to use them.

In his example he sets up and sends a simple message, setting the contents of the email (sent as an HTML message). Since there's been much talk about the safety of a lot of the mailing systems in frameworks, Paul talks about how it's been secured from header injections, through safe attachments, and from a transport dependency-injection for SMTP.

There's even a method included that lets you take the SMTP information out of the script and put it into the Solar configuration file to use in the entire application.

tagged: mail solar framework tutorial attachment header injection transport dependency mail solar framework tutorial attachment header injection transport dependency

Link:


Trending Topics: