Security Considerations Sessions can be attacked. That’s a fact. And there are many ways to attack them. Three of the most common ways to do this are “session fixation” , “session hijacking” and “session flooding”. In simple words, session fixation is about tricking someone to use a session ID that does not belong to him/her….
I will start by saying a few things for the purpose of sessions. As we know, the main web protocol, which most communications are based on, is HTTP. By nature, HTTP is a stateless protocol. Requests are not associated to each other and, because of this, they should contain enough information on their own to…
Introduction: Let me start by saying that I am mainly a back-end developer. My front-end skills were a bit outdated and limited to building some decent UIs with Javascript/jQuery and Bootstrap. At least, until one month ago. The last month I had to go through a crash course involving the following front-end technologies: ES6, React.js,…
Precision is a basic requirements for effective communication. Software engineering is not an exception. That’s why establishing clear terminology is vital. When each party uses the same term to describe a different concept, chaos will rise. One common example in the domain of software engineering where such confusion often exists is the distinction between Dependency…
If this is the first time that you hear the term “Event Loop” used alongside the word PHP, then you are, probably, not familiar with the Asynchronous programming advances in the PHP world, at least for the last 2-3 years. That’s ok, but there are some really interesting things going on there that allow us…
If you are a newcomer to the caching world, you may probable thing: “Why should I use Memcached? MySQL cache is faster.” This is true. But real life problems are quite different than theory. So, before I answer, let me set the stage using a simple scenario. I have a demo database table named “snames”…
Intro Let’s start with some notes that set a baseline for the discussion. We have two types of inheritance. Interfaces and parent classes. An interface is similar to a parent class, but does not provide any implementation. The child class must override all methods. A middle ground is an abstract class where some methods are…
Xdebug is a PHP debugging extension that allows you to follow the code execution flow of your application (while running on a server) through your IDE. It allows you to control the execution (e.g line-by-line or function by function), pause the execution at any point and examine which variables are defined and the values they…
Reflection is one of these language features that most developer may have never used and may never use in their lifetime. And that’s fine! Reflection is there to handle some very specialized cases. It’s not there for fun. But I am sure that many of you may wonder how often this feature is being used…
Sometimes we need to test a method from class A that contain static method calls to another class B. Static calls are always a pain for testing and the discussion about the necessity of static methods or variables can be long. So, let’s concentrate on how can we build such tests. We will use Mockery….
Let’s start by some OAuth definition from Wikipedia and try to break it down: “OAuth provides to clients a “secure delegated access” to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without sharing their credentials” So, what do we have…
Remote-tracking branches is an advanced concept not easily understood by newcomers to the Git world. But you have to deal with them as you soon as you master the Git basics and, of course, if you are planning to work in a team environment. First, let’s make it clear one more time that a branch is…