The book "Security in PHP" (part 5). Lack of entropy for random values ​​

The book "Security in PHP" (part 5). Lack of entropy for random values ​​
 
The book "Security in PHP" (part 1)
 
The book "Security in PHP" (part 2)
 
The book "Security in PHP" (part 3)
 
The book "Security in PHP" (part 4)
 
Random values ​​in PHP are everywhere. In all frameworks, in many libraries. Probably, you yourself wrote a bunch of code that uses random values ​​to generate tokens and salts, as well as input data for functions. Also, random values ​​play an important role in solving a variety of problems:
 
 
For random selection of options from the pool or a range of known options.
 
To generate the initialization vectors for encryption.
 
To generate ...
+ 0 -

Implementation of object-oriented design in PHP

Implementation of object-oriented design in PHPHello again!
 
 
Well, the next "new" course, which started in late December, is coming to an end - "Backend developer on PHP" . We took various small roughnesses and started a new one. It remains only to look at the release and everything, we'll put another tick.
 
 
And for now, let's look at one interesting article.
 
 
Go.
 
 
In this article, you will learn how to use PHP to manage your company's next DDD project and effectively model real-world situations to help determine your business logic.
 
 
Object-oriented design (Domain-Driven Design, hereinafter - DDD) is a software development ...
+ 0 -

Choose Yii2 or laravel

Choose Yii2 or laravel

Introduction


 
I already wrote a similar article, but it was very incomplete and not provided with examples, so I decided to take a second attempt and try to solve this issue most fully!
 
 
In this article, all the subtleties of development on frameworks will not be considered, since it is not possible to lay it down within the framework of one article. However, you can explain in sufficient detail those nuances that will help in choosing to study or implement a particular project. Compare will be Yii2 and Laravel. I understand that this is a fairly holivar topic, the result of which usually ...[/h]
+ 0 -

Book Security in PHP (Part 4). Lack of security on the transport layer (HTTPS, TLS and SSL)

Book Security in PHP (Part 4). Lack of security on the transport layer (HTTPS, TLS and SSL)
 
The book "Security in PHP" (Part 1)
 
The book "Security in PHP" (part 2)
 
The book "Security in PHP" (part 3)
 
Communication through the Internet between participants in the process involves risks. When you send a payment order to a store using an online service, you absolutely do not want the attacker to be able to intercept, count, change, or retry the HTTP request to the online application. Just imagine the consequences of the fact that the attacker considers the cookie of your session or will change the payee, the goods, the payment address. Or it will insert HTML or jаvascript into ...
+ 0 -

Own field validation for Rules in one class

The validation of input data is deservedly one of the most important rules in the entire IT field. If you narrow down the scope of activities before the development of Web sites, it will mainly deal with the validation of data from forms.
 
 
Own field validation for Rules in one class
 
 
I do not think that many developers like to check the input data and do it carefully enough, therefore in modern frameworks such as Yii 2 , functions are provided. rules () for models and classes-validators, which, although they do not get rid of this routine, but, at least, make this process less tedious.
 
 
In the current documentation Yii 2 ...
Yii / PHP
+ 0 -

We invite you to the first international web conference Kolesa /Web 2018

We invite you to the first international web conference Kolesa /Web 2018
 
 
Hello, Habr! Spring came to the planet, and with it, numerous meetings and meetings.
 
 
We continue to form an IT-community in Kazakhstan and share the experience of web development and use of advanced technologies. April 21 in Almaty we will hold the first international web conference Kolesa /Web 2018!
 
 
In the program 7 reports from the Wheel Roof Market, Avito, Badoo, discussions in breaks and a sea of ​​delicious treats.
 
Registration here is
 
 
The video will be on our YouTube channel . We ...
+ 0 -

Sending mail from the Docker-container (dockerization postfix and sasl)

When I located the application in a Docker container and tried to send an email to a mail server in another Docker container, I encountered an unexpected problem. The postfix mail server by default sends mail to any recipient domain only from the local client. All other domains must be registered in the relay_domains parameter, and if the mynetwors parameter is configured correctly, the mail will be sent to the domains listed in the relay_domains parameter from the client from mynetwors.
 
 
In principle, this was enough for me, because The application should theoretically send mail to exactly ...
+ 0 -

Backend United # 1. The vinaigrette. Announcement

Hey. I want to invite backenders to
Backend United # 1. Vinaigrette
- Mitap, dedicated to cross-language solutions for the development of the server part. We will discuss common approaches and tools for different languages. You will hear reports from representatives of Gett RnD and Avito. The meeting will be held on Wednesday, April 1? in the Moscow office of Avito.
 
Come to Mitap and invite colleagues. Under the cut - abstracts of speeches, links to the registration and videotranslation of the meeting.
 
Backend United # 1. The vinaigrette. Announcement Centrifugo - a cross-platform open-source ...
+ 0 -

Code Conventions: how we store the fast paced development of the PHP

Code Conventions: how we store the fast paced development of the PHPproject.Hello, Habr. My name is Eugene Udodov, I'm the co-founder and technical director of Roistat. I want to share our experience of developing a large and complex product - the analytics system.   TL; DR : We posted it on github our Code Conventions and told in the article how to apply it in practice.  When developing large products, there is a common problem - over time, a lot of legacy code is accumulating, tasks are becoming slower and slower. Also, with the growth of the team, developers start to write the code in different ways and the lack of uniform rules can lead to conflicts and ...
+ 0 -

DoctrineSolrBundle - search for the Doctrine entity based on Solr in Symfony2

DoctrineSolrBundle


 
Good afternoon, I want to introduce my symfony 2 Bands to automatically synchronize the Doctrine entity in Solr and then search. Bundle is designed to work with Solr at the Doctrine entity level and avoids writing low-level queries in solr. The installation process and detailed documentation can be viewed at github .
 
 

Features


 
Implemented the main (not all) search possibilities the standard query parser Solr ...[/h][/h]
+ 0 -