http://davelozier.com Listening to Black Sabath at 78 speed... Wed, 15 Jul 2009 03:13:24 +0000 http://backend.userland.com/rss092 en There does not seem to be many options for lightbox functionality when it comes to YUI. I've come across two so far and they both are great but they are also a bit heavier than I wanted. I really enjoy working with YUI, especially as my understanding of the ... http://davelozier.com/2009/07/14/yui-simple-lightbox/ PHP 5.3 has been released. Also, Eclipse Galileo was recently released as well as PDT 2.1 which has support for PHP 5.3! The PHP development team is proud to announce the immediate release of PHP 5.3.0. ... http://davelozier.com/2009/06/30/php-53-released/ Researchers from MIT, Stanford and Syracuse have developed a program named "Ardilla" which can analyze PHP code for Cross-Site Scripting (XSS) and SQL injection attack vulnerabilities. The researchers say Ardilla found 68 never-before found vulnerabilities in five different PHP applications using the tool -- 23 SQL injection and 45 XSS ... http://davelozier.com/2009/06/19/php-xss-and-sql-exploit-testing/ This is a maintenance release but well worth upgrading to of course. The Zend Framework team is pleased to announce the immediate availability of the 1.8.2 release. This release is the second maintenance release in the 1.8 series.  Fixes for this release focus on Zend_Db and autoloading improvements. In all, over 50 issues were ... http://davelozier.com/2009/05/27/zend-framework-182/ Zend Framework 1.8.0 has been released. This is the first in the 1.8 series of releases. You can get it here: http://framework.zend.com/download/latest Over 200 bug and feature fixes have been added for this minor release! Here is list of the primary feature additions for Zend Framework 1.8.0: Zend_Tool, contributed by Ralph Schindler Zend_Application, contributed by Ben ... http://davelozier.com/2009/04/30/zend-framework-180-released/ Every now and then I find myself needing to create a MySQL database while on the command line. Often it is just as fast or faster than loading up another program or accessing phpMyAdmin in a browser. So, first things first, we need to connect to the database: mysql -u root ... http://davelozier.com/2009/04/08/create-mysql-database-command-line/ The Zend Framework library is based around the MVC (Model, View, Controller) and Front Controller design patterns. The Front Controller is the point of entry for all requests that are NOT being served up directly by your web server. Such requests include style sheets, javascript, images and other static files. ... http://davelozier.com/2009/03/22/zend-framework-hello-world/ Just a heads up to those using the Zend Framework. Wil Sinclair posted the following to the Zend Framework announcements mailing list: The Zend Framework team was recently notified of an XSS attack vector in its Zend_Filter_StripTags class. Zend_Filter_StripTags offers the ability to strip HTML tags from text, but also to ... http://davelozier.com/2009/03/20/zend-filter-striptags-xss/ 1. Never trust user input! Doing so can lead to security issues such a hijacked sessions, SQL injection and your entire site being compromised. This goes for all of the PHP superglobals such as $_SERVER and not just $_GET, $_POST and $_REQUEST arrays. The only exception would be the $_SESSION ... http://davelozier.com/2009/03/11/coding-mistakes-php-newbies-make/ I analyzed my blog with Typealyzer and it says I am of the type ISTP - The Mechanics. The independent and problem-solving type. They are especially attuned to the demands of the moment are masters of responding to challenges that arise spontaneously. They generally prefer to think things out for themselves ... http://davelozier.com/2009/03/07/type-analyzer/