Security
CORS HTTP hlavičky2023-04-04 12:00:00
Cross-Origin Resource Sharing (CORS) je bezpečnostní mechanismus, který umožňuje webovým stránkám z jednoho zdroje přistupovat k datům ze serverů s jiným zdrojem. Bez CORS by takový přístup byl zakázán kvůli bezpečnostním důvodům. CORS tedy umožňuje…
Code obsolescence - how to maintain compatibility2022-07-29 17:10:00
When developing large systems (e.g., enterprise applications, shared software packages, libraries, ...) where multiple layers and developers communicate with each other, the problem of how to handle the release of new code versions arises.
Let's…
Refactoring a legacy PHP project - how to catch up on technology debt2021-05-11 20:45:00
When consulting with knowledgeable and experienced project owners, I often come across the question of the long-term sustainability of a digital project. Many large projects that exceed 3 years of development start to become internally obsolete and…
GitHub Actions - the best CI for 20212021-02-07 15:46:39
Since you've been developing web applications for a while now, you've probably noticed that many things are routinely repetitive for you, even though they shouldn't be. Very often it's technical project management, file versioning, automated code…
Getting the user's IP address in PHP2020-02-28 10:30:21
In PHP, it is very easy to detect an IP address at a basic level:
echo 'You know, your IP address is' . $_SERVER['REMOTE_ADDR'] . '?';
Warning: Getting the IP address as the key of the $_SERVER['REMOTE_ADDR'] field is only possible if PHP was…
The eval() function in PHP2020-02-16 18:37:20
The eval function is used to execute the passed string as PHP code.
PHP language design and practical features
PHP is an interpreted language, which means in particular that its code is evaluated by an interpreter, a special type of program that…
Safe application2019-10-01 14:19:04
If you are serious about developing web applications and the site will later be available on the Internet, it is very important to address security.
Realistically, the following threats await developers:
The application has an internal error, for…
Hashing strings and passwords2019-09-11 10:13:30
The hashing process (as opposed to encryption) produces an output from the input from which the original string can no longer be derived.
It is therefore well suited for protecting sensitive strings, passwords and checksums.
Another nice feature of…
Caesar's cipher - how it works2019-08-23 15:43:02
Warning: This article was written many years ago and some information may be outdated or incorrect. Please bear this in mind when reading.
The Caesar cipher is one of the simplest hashing functions. In its day it was virtually unbreakable, but in…
How to break the md5 function2019-08-23 15:33:10
MD5 is a very commonly used function for calculating hashes.
Beginners often use it for password hashing, which is not a good idea because there are many ways to retrieve the original password.
This article describes specific methods for doing so.…
Include security in PHP and file attachment2019-08-22 20:48:46
Often, we may want to attach a file to a page that we have stored on disk somewhere else. If we enter its exact name directly into the attach function, there is nothing to worry about.
Securely attaching a file
include 'menu.html';
The previous…
Addcslashes2019-08-22 20:48:46
Support PHP4, PHP5
addcslashes - C-style slash string
Description
string addcslashes (string $str, string $charlist)
Returns a string with backslashes before the characters that are specified in the charlist parameter.
Parameters
str Text string…