Kategorie: Tim’s Weblog

The Oracle Technology Network has a friendly article on PHP: „Remember the heady days of HTML version 1.0 to version 2.0, when mastering a new Web language was as simple as looking at the code behind a Web site? Remember the ease of learning that came with basic HTML? Remember being able to hack out…

David Sklar: PHP and the OWASP Top Ten Security Vulnerabilities John Coggeshall at ONLamp.com: ONLamp.com: PHP Security, Part 1, Part 2, and Part 3. Clancy Malcolm at ONLamp.com: Ten Security Checks for PHP, Part 1, and Part 2. Jordan Dimov at PHPAdvisory.com: On the Security of PHP (Part 1) Quite old: Shaun Clowes‘ A Study…

Babeldoc seems to have a sound concept. Excerpts from their Whitepaper (PDF): „Babeldoc is based around the concept of pipeline processing. Pipeline processing is where an input document is subjected to a linear succession of processing. The document is successively transformed into useful information. Examples of this might be to convert a purchase order document…

SiteMesh sounds like a good idea (found this through PHP-Mesh): „SiteMesh intercepts requests to any static or dynamically generated HTML page requested through the web-server, parses the page, obtains properties and data from the content and generates an appropriate final page with modifications to the original. This is based upon the well-known GangOfFour Decorator design…

phpPatterns: „So, you have looked at XUL and think it’s pretty cool stuff. But, you hate programming with javascript and are stuggling to leverage the power of your favorite scripting language, PHP. There are ways around this, but the minefield of the Gecko security model is a little to much work to figure out. Well,…

Andy Oram points to a fascinating Swedish court decision: „Mrs Lindqvist also described the work done by her colleagues and their hobbies in mildly humorous terms. In several cases their family circumstances, their telephone number and other information were given. She also mentioned that one of her colleagues had injured her foot and was working…

Jason Coombs on Bugtraq: „I wrote an information security book last year under contract with Microsoft Press. The book was never published — among other things it explains truthfully the poor security condition of Windows and offers detailed instructions and advice for defending against Microsoft’s bad business practices and incorrect security decisions. URLs for the…

Clay Shirky does a great job explaining why the Semantic Web is a myth: „Descriptions of the Semantic Web exhibit an inversion of trivial and hard issues because the core goal does as well. The Semantic Web takes for granted that many important aspects of the world can be specified in an unambiguous and universally…

Jon Udell: „Point-to-point integration is out; event-driven communication across a common message bus is in. When you build a system this way, message queues are the first and best way to take the pulse of its real-time state.“

What’s the right way to design/structure a Web Service? These two articles show the limitations of SOAP: Hao He explains why SOAP is not SOA. And Paul Prescod promotes REST… „[REST] applies the principles of the Web to transaction-oriented services, rather than publishing-oriented sites. When we apply the strategy in the real world, we do…