Server-Side Magazine

As you may know, inheriting from multiple objects in PHP 5 is impossible, because of the language restrictions. You can’t write code such as this:

1
2
3

class Child extends Mother, Father {
	//class code here
}

Continue Reading →

The usage of sessions is the php developer’s most common use since we constantly need to transact data from step to step. An average programmer would say that using sessions is far more secure than letís say cookies since the session data is server side data, thing that is partially correct.

The fact that the attacker can’t have a clear look at what and where you store comes to your advantage but a more dedicated attacker can go a bit further than this presumption.

A must have for the attacker in a session hijack is the Session Identifier so he can impersonate the attack. Let’s presume for example that you have your website hosted on a shared hosting on which PHP is installed as an Apache module, thing that makes session files belong to the web user, in other words: accessible.

Continue Reading →

ASP.Net

• HowTo: Basics of ASP.NET MVC or why MVC?
• Creating ASPX Page Dynamically in ASP.Net

Continue Reading →

CSRF stand for Cross Site Request Forgeries, it’s a method that allows an outside attacker to send malformed HTTP requests to a website, but from a victim’s computer. In this case the actual victim is the accomplice to this attack.

Stronger security measures must be implemented in order to avoid CSRF attacks, and to make sure the website and it’s users are not vulnerable.

To better understand CSRF attacks let’s look at an example. Let’s say you’re signed in to Facebook, you browse around and in the mean time you open a new window or a new tab and visit another site. It’s a typical scenario. Now, your still signed in at Facebook on the other tab and you visit a site where there’s a CSRF attack implemented. Now the CSRF site actually could send out spam to your Facebook friends or even delete your account, all this using your credentials, because a session is saved when you logged into Facebook (remember, on the other tab).

Continue Reading →

Here at Server-Side Magazine we like to keep an eye on other server-side programming related sites and tutorials. We collected a few links for you to read and enjoy.

PHP

• Working with RAR, LZF and BZ2 Compression Formats in PHP
• CodeIgniter: Extending the native ‘Model’ and make it your own
• Scalability in PHP (SlideShare)

This tutorial will cover the basic syntax and common features of PHP. It assumes that you already know what is a server-side scripting language and you have already installed and set up PHP on your development machine.

If you want to learn PHP, you should start by reading this article, which covers the absolute basics of PHP programming language.

Continue Reading →

The author of the website wrote a nice article on cross site request forgeries (CSRF), what to watch out for when implementing such security measure.

You may want to have a look at his post at: http://blog.preinheimer.com/index.php?/archives/283-Stop-Messing-up-CSRF-Protection.html

That’s right, you could win $200 US for writing an article for Server-Side Magazine.

How to Win

Submit your article before November 27th, 2008. You will have a good fat 3 weeks to work on your article. The e-mail address is: contest [ you_know ] serversidemagazine [you know] com

Continue Reading →

Bootstrapping means that every server request are funneled through a single (or a few) PHP file. This file will be the “bootstrapper” of our application. It will help instantiate objects that are needed by every page in general such as starting a session, connecting to a database, defining constants and default variables, etc.

Continue Reading →

We can say that PHP is a mature language with lot’s of useful, but potentially dangerous features. The rapid growth of the language and the dynamic nature of the Web let people easily create dynamic web pages without any prior knowledge in computer science or the architecture of the Internet.

In this tutorial we’ll have a look at 4 important PHP security measures that you should implement in order to develop a safer website.

Continue Reading →

Server-Side Magazine is proud to present the PHP 5 online cheat sheet.

You can view the cheat sheet at: www.serversidemagazine.com/cheat-sheets/PHP5/

If you like it and have any suggestions please let us know.

Ruby and ASP.Net cheat sheets are on the way, if you want to contribute please contact us.

The process of backing up sensitive information became more and more important as software and hardware failures tend to happen more often with complex web applications.

If you’re never had any information loss, subversion repository corruption, etc. then consider yourself lucky. You don’t want to be in the shoes of a web developer that just lost a year of work, source code snippets, mockups, designs, proprietary code, etc.

If you don’t put your work in subversion repositories then it’s time to do it and let’s see how to write a PHP shell script to make the backup almost a transparent task.

Hello, This is Server-Side Magazine.

We collect the most interesting PHP, Ruby and ASP.Net (for now) tutorials, how-to, tips and tricks.

We hope you enjoy these tutorials, if you want to contribute, maybe get a little coverage for your website or blog, then contact us at: www.serversidemagazine.com/contact