Tag Archives: PHP

And I thought sfDoctrineGuardPlugin was bad…

By laurentb | Published: 2010-04-03

Update: You can safely ignore this angry rant as the issues have been fixed. I am speechless. While doAuthPlugin looks interesting (especially because it uses inheritance and not some silly secondary Profile table), on the topic of security it is worse than sfDoctrineGuardPlugin. Let’s have a quick look at doAuthTools. public static function rememberHash(User $user) […]

Posted in PHP, Symfony | Also tagged , , , | 3 Comments

Security is not easy

By laurentb | Published: 2010-02-07

Update: After a year, both plugins are finally updated with a better random key generator. Security is not easy. Programmers should leave things like random number and identifier generation to a library (or at least research the best way to do it). A lot of projects learned it the hard way. Let’s talk for instance […]

Posted in PHP, Security, Symfony | Also tagged , , , , | 8 Comments

Extending plugins in PHP and Symfony

By laurentb | Published: 2009-06-22

Plugins are great but they are never what you exactly wanted. When they are designed properly, the best way to customize them is to extend them instead of directly editing them. Now, imagine I have:1 # Penguin.class.php class Penguin { public function __construct() { echo "Windows is bad\n"; } }# Penguin.class.php class Penguin { public […]

Posted in PHP, Symfony | Also tagged , , , , | Leave a comment