Today's Question:  What does your personal desk look like?        GIVE A SHOUT

SEARCH KEYWORD -- Border

  PHP Security

1. IntroductionWriting PHP applications is pretty easy. Most people grasp the syntax rather quickly and will within short time be able to produce a script that works using tutorials, references, books, and help forum forums like the one we have here at PHP Freaks. The problem is that most people forget one of the most important aspects that one must consider when writing PHP applications. Many beginners forget the security aspect of PHP. Generally, your users are nice people, they will...

   PHP,Security,SQL Injection,XSS Cross sit     2011-10-01 02:25:31

  Linus Torvalds’s Lessons on Software Development Management

If anyone knows the joys and sorrows of managing software development projects, it would be Linus Torvalds, creator of the world's most popular open-source software program: the Linux operating system. For more than 20 years, Torvalds has been directing thousands of developers to improve the open source OS. He and I sat down to talk about effective techniques in running large-scale distributed programming teams – and the things that don’t work, too.Torvalds says there are...

   Linux,Software development,Linus Tonalds     2011-09-28 09:16:02

  Cracking Siri

On October 14, 2011, Apple introduced the new iPhone 4S. One of its major new features was Siri, a personal assistant application. Siri uses a natural language processing technology to interact with the user.Interestingly, Apple explained that Siri works by sending data to a remote server (that’s probably why Siri only works over 3G or WiFi). As soon as we could put our hands on the new iPhone 4S, we decided to have a sneak peek at how it really works.Today, we managed to crack ...

   Siri,Cracking,Defect,Speech to text,Record,AI     2011-11-15 08:38:23

  Get vs Post in HTML form

In HTML, one can specify two different submission methods for a form. The method is specified inside a FORM element, using the METHOD attribute. The difference between METHOD="GET" (the default) and METHOD="POST" is primarily defined in terms of form data encoding. The official recommendations say that "GET" should be used if and only if the form processing is idempotent, which typically means a pure query form. Generally it is advisabl...

   Get,Post,HTML,form,data submission     2011-05-10 11:12:04

  A Hello, World Servlet

Servlets are the pure Java solution to handle web requests. Many application will use servlets instead of JSP and others will use servlets in conjunction with JSP. Experienced JSP programmers use servlets in conjunction with JSP to create clearer and simpler applications. The servlets handle Java processing: form handing, calculation and database queries. JSP formats the results. Servlets belong in WEB-INF/classes. On this machine, the source is in Java source in /var/www/hosts/www.caucho.com/we...

   Web.xml,Tomcat,Servlet,WEB-INF     2011-05-08 10:31:39

  The Death Of The Spec

Earlier today, my colleague Matt Burns wrote a post noting that most tablet makers may be largely failing because they’ve sold their soul to Android and are now just in the middle of a spec war, which no one can win. I’m gonna go one step further in that line of thinking: the spec is dead.There have been a few key stories from the past couple of weeks that highlight this new reality. Barnes & Noble unveiled the new Nook Tablet. Consumer Reports looked at the...

   Specification,Android,Platform,Software design     2011-11-15 08:20:22

  Cross Browser HTML5 Drag and Drop

HTML5 Drag and Drop has been talked about a lot lately, but it’s hard to find really useful information about implementing it across multiple browsers.Mozilla, Apple and Microsoft all have pages describing how to use it, but their examples seem to work only in their particular browser (Apple’s example doesn’t even work in their own! Updated, Jan. 11, 2009: Although I have not been able to get this example working on Safari 2.0.4 and 3....

   HTML5,Drag and drop, Demo,Source code,Cr     2011-09-20 13:42:45

  SQL Injection through HTTP Headers

During vulnerability assessment or penetration testing, identifying the input vectors of the target application is a primordial step. Sometimes, when dealing with Web application testing, verification routines related to SQL injection flaws discovery are restricted to the GET and POST variables as the unique inputs vectors ever. What about other HTTP header parameters? Aren’t they potential input vectors for SQL injection attacks? How can one test all these HTTP parameters and whic...

   Code security,SQL injection,HTTP header     2012-04-05 11:42:04

  The trap of the performance sweet spot

This post is about JavaScript performance but I would like to start it by telling a story that might seem unrelated to JS. Please bear with me if you don’t like C.A story of a C programmer writing JavaScriptMr. C. is a C programmer as you can probably guess from his name. Today he was asked by his boss to write a very simple function: given an array of numbered 2d points calculate vector sum of all even numbered points... He opens his favorite text editor and quickly types somet...

   C,JavaScript,Sweet spot,Memory,Low level,Trap     2011-11-06 14:45:01

  Don't. Waste. Time.

Stuff we startups do that doesn't delight users:Office spaceLaunch partiesHealth insurance plansSalary negotiationsFounder equity splitsSeries F stockOffice Food Team-building activitiesCRM systemsBookkeepingHead countWorking in SOMAConvertible debt capsValuationsTechCrunchKarma scoresISOsPowerpointBusiness CardsBanksLawyersDesks1099sBug TrackersAgile ProcessesAdvisory BoardsHiringCap TablesPayrollMeetupsMeetingsOf course, much of this stuff still needs to get done.  At some point.&nbs...

   Time management,Work,Startup,How to     2011-11-21 09:55:06

RECENT