WebSocket is a relatively new technology that enables a persistent connection between client and server over TCP protocol. In other words, it allows bi-directional socket connections to a server, where both server and client can send the data at any time. This article will focus on WebSocket’s security issues and possible solutions to its vulnerabilities.
In this section, you will find articles, tutorials, and snippets covering all areas of Application Architecture in PHP.
Leverage the power of global variables in PHP to make variables globally available and share data across functions and programs.
PHP has always had a few simple ways to implement password hashing to an extent. MD5 and SHA1 are examples of this, but the security of these methods is not what it should be. Many developers use MD5 and SHA1 without even adding a SALT, which is a string that helps to add complexity to the application. Some developers use something as awful as base 64 encoding and decoding simply because they can be easily manipulated. But these things are not secure folks, and the clever people who want to hack your site or steal your money can see right through them. Yes, they can.
PHP-FIG is the short name for the PHP Framework Interop Group (am I the only one who finds the naming of PHP groups and libraries after fruits amusing?) and their mission is simple: to find a way to get the PHP frameworks to work together.
The security of sensitive information such as login credentials of an employee is a topic which has always been addressed in every programming language. Learn more password encryption with the most common methods of passwords protection in PHP.
PHP advancements, PHP 5.4
Two recently discovered PHP security flaws could allow an attacker to execute arbitrary code.
It is almost an implicit standard for a modern web app/service to be fault tolerant and load balanced. Depending on the technologies involved, achieving a proper level of each can be difficult. This series will explore a few ways to handle each in PHP.
Docker is an open-source project that automates the deployment of applications inside software containers, by providing an additional layer of abstraction and automation of operating-system-level virtualization on Linux. Learn how to install Docker on Windows, how to create a machine, how to pull/push an image from/to Docker Hub–and mostly importantly–how to run a PHP script by creating our Dockerfile file.
Learn how to create, receive and test a JWT in PHP.
JSON Web Token (JWT) is a JSON-based open standard used to create access tokens that assert some number of claims. In a palpable example, the JWT represents a key between a server-client relation: the server generates a token that has the claim “logged in as admin” and give it to a client, which could use that token to prove that is logged in as admin. The tokens are designed to be compact, URL-safe and can also be authenticated or encrypted.