The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

  • Twitter Updates

  • My Flickr Stream

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 2,482 other followers

Archive for the ‘PHP’ Category

Making it dead simple to implement @haveibeenpwnd in your applications, including strength warning if found in @troyhunt’s password collection.

Posted by jpluimers on 2020/12/02

I wasn’t aware that Troy Hunt created an API [WayBack] for [WayBack] Have I Been Pwned: Check if your email has been compromised in a data breach.

He did, as I noticed through [WayBack] Michelangelo van Dam on Twitter: “Making it dead simple to implement @haveibeenpwnd in my applications, including strength warning if found in @troyhunt’s password collection. Check out to try it out yourself. #ImproveSecurity #haveibeenpwnd”.

There are in fact plenty of other packages, web-sites and apps using the API as seen on [WayBack] Have I Been Pwned: API consumers.

Many people ask “if it is safe” (often assuming passwords are sent in clear, or hashes are sent in full; my fear is that those people implement security somewhere).

It is safe:

PHP source is at [WayBack] GitHub – DragonBe/hibp: A composer package to verify if a password was previously used in a breach using Have I Been Pwned API.

There is also a [WayBack] composer package at [WayBack] dragonbe/hibp – Packagist.

A really cool thing on it is this:

This project was also the subject of my talk [WayBack] Mutation Testing with Infection where the code base was not only covered by unit tests, but also was subjected to Mutation Testing using [WayBack] Infection to ensure no coding mistakes could slip into the codebase.

Apart from the tests, the most important source is at [WayBack] hibp/Hibp.php at master · DragonBe/hibp · GitHub

Related:

–jeroen

Posted in Development, Mobile Development, PHP, Python, Scripting, Software Development, Web Development | Leave a Comment »

Check your PHP project for known security issues – SensioLabs Security Advisories Checker

Posted by jpluimers on 2020/02/05

If I ever cross a PHP project, this is my first requirement to pass: [WayBack] Check your PHP project for known security issues – SensioLabs Security Advisories Checker

–jeroen

Posted in Development, PHP, Scripting, Software Development | Leave a Comment »

Design Patterns & Refactoring

Posted by jpluimers on 2019/07/16

Design Patterns and Refactoring articles and guides. Design Patterns video tutorials for newbies. Simple descriptions and full source code examples in Java, C++, C#, PHP and Delphi.

Source: [WayBackDesign Patterns & Refactoring.

And indeed a lot of examples in Delphi too; few sites have that: Delphi site:sourcemaking.com.

–jeroen

Via: [WayBack] I stumbled upon this yesterday, very informative, accessible and also with Delphi examples – among other languages. – Steffen Nyeland – Google+

Posted in .NET, C, C#, C++, Delphi, Design Patterns, Development, Java, Java Platform, PHP, Scripting, Software Development | Leave a Comment »

Lesson learned: do not copy/paste code from the `Visual` WordPress.com editor…

Posted by jpluimers on 2019/04/16

[WayBack] Lesson learned: do not copy/paste code from the Visual WordPress.com editor; copy from the Text editor or the Preview… – Jeroen Wiert Pluimers – Google+.

Note: likely the HTML below got rendered badly by WordPress.com, so the gist below has the same text as a MarkDown file.

Ever wonder why copy-pasting code from your WordPress.com post fails?

The first statement fails, but the second works:

[root@linux:/etc] # useradd --create-home --shell /bin/false autossh24
useradd: unrecognized option '--shell /bin/false'
...
[root@linux:/etc] # useradd --create-home --shell /bin/false autossh24
[root@linux:/etc] #

The reason is that the first is copied from the Visual WordPress.com editor that renders this HTML inserting   which is a different unicode characer (0x00A0) than a normal space (0x0020):

<blockquote><p><code data-mce-selected="1"># <strong>useradd --create-home --shell&nbsp;/bin/false autossh24</strong></code></p></blockquote>

However, the the second copied from the Text WordPress.com editor succeeds because it has all regular spaces:

<blockquote><code># <strong>useradd --create-home --shell /bin/false autossh24</strong></code></blockquote>

Luckily the Preview render is correct:

<blockquote><p><code># <strong>useradd --create-home --shell /bin/false autossh24</strong></code></p></blockquote>

Lesson learned: do not copy/paste code from the Visual WordPress.com editor; copy from the Text editor or the Preview.

–jeroen

[WayBackEver wonder why copy-pasting code from your WordPress.com post fails?

Read the rest of this entry »

Posted in Development, PHP, Scripting, SocialMedia, Software Development, Web Development, WordPress, WordPress | Leave a Comment »

GitHub – sdsalyer/gplus-archiver: A tool for exporting content from Google+

Posted by jpluimers on 2019/02/27

[WayBack] GitHub – sdsalyer/gplus-archiver: A tool for exporting content from Google+

Example saves: [WayBack] gplus-archiver

Via:

–jeroen

Posted in Development, G+: GooglePlus, PHP, Power User, Scripting, SocialMedia, Software Development, Web Development | Leave a Comment »

 
%d bloggers like this: