With PECL Zip you can read, add, delete, set and read archive comment, it’s a very useful package for searching and managing Zipped archive kind of data.
let’s begin with the installation
fire up your PECL installer to install Zip; you’ll see some information verbosed while installed PECL Zip like the following
wget http://pecl.php.net/get/zip && tar -zxvf zip && cd zip-1.6.0/ && phpize5 && sudo ./configure && sudo make && sudo make install
During the installation you will be flooded with verbosed information ; it’s useful to watch and try to understand what’s going behind the scene; keep your eye on the verbose to see if any error popup like missing library or permission problem, if the installation went fine; at the end you will see
Read the rest of this entry »
Posted on Thursday, July 27th, 2006
Under: Code, HowTo, PECL, PHP | 2 Comments »
The Open Web Application Security Project released a helpful document that lists what they think are the top ten security vulnerabilities in web applications.
These vulnerabilities can, of course, exist in PHP applications. Here are some tips on how to avoid them. I’ve included related links and references where relevant.
1. Unvalidated Parameters
Most importantly, turn off register_globals. This configuration setting defaults to off in PHP 4.2.0 and later. Access values from URLs, forms, and cookies through the superglobal arrays $_GET, $_POST, and $_COOKIE.
Before you use values from the superglobal arrays, validate them to make sure they don’t contain unexpected input. If you know what type of value you are expecting, make sure what you’ve got conforms to an expected format. For example, if you’re expecting a US ZIP Code, make sure your value is either five digits or five digits, a hyphen, and four more digits (ZIP+4). Often, regular expressions are the easiest way to validate data:
Read the rest of this entry »
Posted on Friday, July 7th, 2006
Under: Code, Community, PHP | No Comments »