Security is not easy. Programmers should leave things like random number and identifier generation to a library (or at least research the best way to do it). A lot of projects learned it the hard way.
Let’s talk for instance of a function I encountered about six months ago:
function generateRandomKey($len = 20)
{
$string = ”;
[...]
Tag Archives: PHP
Security is not easy
Posted in PHP, Symfony Also tagged entropy, full disclosure, random numbers, security, Symfony 5 Comments
Extending plugins in PHP and Symfony
Plugins are great but they are never what you exactly wanted. When they are designed properly, the best way to customize them is to extend them instead of directly editing them.
Now, imagine I have:1
# Penguin.class.php
class Penguin
{
public function __construct()
{
echo "Windows is bad\n";
}
}
# Herd.class.php
class Herd
{
public [...]
Posted in PHP, Symfony Also tagged autoloading, inheritance, monkeypatching, plugins, Symfony Leave a comment
PHP serialization optimization
I recently had to use the serialize() function to store objects in Memcache.
However, I realized that a lot of these objects (Propel objects precisely) were unnecessarily huge when stored: they had a lot of properties with quite long names having their default class value.
That’s when I realized I could use the __sleep() function to store [...]
Posted in PHP, Symfony Also tagged memcached, performance, propel, serialization, Symfony Leave a comment
