PHP Security YouTube Series by Codecourse


This YouTube series from Codecourse gives you a good overview of the most common PHP security issues. They use a very practical approach, showing how the attacks are done and how to protect your code from them.

This course is a series of useful tips and tutorials around the basics of PHP security, which makes it really accessible to all levels of PHP developers.

And, although most of these security problems are already taken care if you use a modern MVC framework like Laravel or Symfony, it’s always good to be aware of how they work and how they are protected within those frameworks.

PHP Security Series Contents:

  1. Include/require file extensions – 3:10
  2. XSS (Cross-site Scripting) – 14:59
  3. Password hashing – 7:47
  4. Directory listing – 3:10
  5. HttpOnly Cookies – 3:52
  6. What you shouldn’t store in cookies – 3:51
  7. CSRF (Cross-site Request Forgery) – 11:32
  8. User defined file includes – 6:51
  9. SQL Injection – 9:16
  10. Error Reporting – 5:53

Total Time – ~1:10:00

Continue reading

Run multiple command line scripts and redirect their outputs on Linux

Recently, I had a situation where I needed to run multiple command line scripts on Linux at the same time while redirecting their outputs to separated log files and wait for them to finish.

If you ever need to do something like that, I leave here the command line script that I used to accomplish this task:


# Add the full path processes to run to the array
PROCESSES_TO_RUN=("/home/joao/Code/test/prog_1/prog1" \
# You can keep adding processes to the array...

for i in ${PROCESSES_TO_RUN[@]}; do
    ${i%/*}/./${i##*/} > ${i}.log 2>&1 &
    # ${i%/*} -> Get folder name until the /
    # ${i##*/} -> Get the filename after the /

# Wait for the processes to finish

Gulp vs Grunt in an awesome presentation

Gulp vs Grunt…

Ever used Grunt or Gulp? Both or none? Don’t worry!

This awesome presentation by Mark Dalgleish called build Build Wars will give you a little overview of the differences and similarities between those two builders and hopefully guide you to a final decision.

This presentation was built using Mark’s DIY Presentation Micro-Framework Bespoke.js.

(To see it, just click on it and use your keyboard arrows to navigate.)

If you are having any problem with viewing the presentation, click here.

(NOTE: This presentation is a little old, and back then Gulp was still pretty new. But still gives a nice overview on both.)

How to play an alarm/sound notification in your (python) application

On the other day, I decided to add a sound notification to my unity pomodoro applet and I did a little research. Turns out there are a few options to do this, but not many examples on the internet. And some of those options depend heavily on the operating system and the installation of external modules.

So I ended up being grateful, again, for the invention of Stack Overflow! :)

My solution:

from os import popen

popen("canberra-gtk-play --file=" +
      os.path.join(os.path.dirname(os.path.realpath(__file__)), 'sounds/sound.ogg') + 
      " > /dev/null 2>&1 || true")

Continue reading

Create your first github repository

Why this post?

I know, I know! You’re thinking: “It’s 2015!! Who doesn’t know how to work with github?”

But unfortunately, I still find myself talking with my developer friends and see them talking about the new widget or plugin they developed for some framework they use and I always ask:

Wow that seems really nice, are you thinking about sharing that on github or something?”

And almost always I get the same response:

“Hum no, I don’t usually do that…” or worst, “I never used github…

How? And why? Since it only takes 4, very simple steps, to share your code on gihub.

Continue reading