How to use optional parameters in URI path in Yii framework

Posted by Stanislav Furman on July 10, 2014

Yii - is one of my favorite frameworks. I've done a few projects using this framework and have been always satisfied with its functionality, flexibility, performance and community support. This post starts a series of "how to" articles where I will give some tips, advises and best practices.

If you need to use optional parameters in URLs here is how you can do it in UrlManager:

Continue reading

Securing a directory with 777 or 775 permissions

Posted by Stanislav Furman on July 6, 2014

If in your project you have a publicly accessible directory that has full permissions (777), then it may cause serious security issues. An attacker may put an executable script or binary on your host and then run it remotely. This is a major security whole and it may lead to major problems if someone decides to attack your website.

However, sometimes on some shared webhosting servers you need have a folder that has risky 777 permissions (or, if possible, 775 which is a little bit better). As an example you can consider a folder where website users can upload their photos or images. In this case it opens a security whole for potential attackers. But, there are a few techniques that can help you to keep your website safe.

Continue reading

Shared web hosting Vs VPS hosting Vs dedicated servers

Posted by Stanislav Furman on June 22, 2014

Are you a web developer or/and web site owner? Then you definitely have shopped around for a website hosting!

Unlike 90s and beginning of 2000s when Yahoo! GeoCities was pretty much the only choice, today, there are a lot of choices for web developers: shared web hosting, virtual private servers, and dedicated servers.

So, which Hosting is right for You? Let's compare the 3 main types of hosting.

Continue reading

Responsive website Vs standalone mobile version

Posted by Stanislav Furman on June 16, 2014

We all use mobile devices every day. Well, at least most of us. All those smartphones, tablets, gadget-watches, etc. Most of us cannot imagine life without these things. Of course, these devices are used a lot to access the Internet. Howerver, not all websites will look the same on different screens. In fact, a lot of websites will look really bad on smaller screens. I'd even say most of web sites!

In the modern web design there is very common dilemma whether to create mobile standalone website, or create responsive design. As usual each option has its pros and cons. In this article I will look at both options and show a sort of comparison.

Comparison

Continue reading

Regular expressions? What's that? Part 2.

Posted by Stanislav Furman on June 2, 2014

Thanks to nightbloos I can continue posting funny code samples that developers meet/write from time to time. :)

Here is another good example of how NOT to do! Please, do not try this at home! This stunt was performed by untrained professionals.  :)


<?php
$forReplace = array(",","."," ","-", "+", "#""/");
foreach($forReplace as $repl){
	$find = str_replace($repl,'',$find)
}

Obviously, in this case a regular expression function must have been used.

If you have another good examples of a funny code samples, please leave it in the comments. ;)


How to update fields from another table in MySQL

Posted by Stanislav Furman on May 28, 2014
Read how to update a bunch of fields from another table in MySQL

Ebay asks its users to change passwords

Posted by Stanislav Furman on May 21, 2014

Ebay asks its users to change passwordseBay Inc., the world's largest Internet auction site, just reported a successful attempt of a hacking attack on its servers. Hackers gained access to that part of the eBay database, where website users store their password hashes. The company's specialists claimed that personal data and financial information remains inaccessible to hackers - that type of data is kept separate and well encrypted.

According to the preliminary investigation, the results of which were published on the corporate blog, the attack happened in late February / early March of this year. Hackers gained access to stored user names, password hashes, emails, home address and phone numbers, as well as dates of birth. 

It's been reported that within next 24 hours eBay users should receive an official notification with information about the attack and recommendations on how to reset password on all eBay websites where the user has used the same password.


Important things you must know before register a domain name

Posted by Stanislav Furman on May 16, 2014

Important things to know before buy a domain name

Most of web developers from time to time buy domain names. But not all web developers know what can be behind that process and what unexpected problems may appear suddenly.

There is plenty of domain name registars like Go Daddy, Enom, 1nd1, etc. Each registar has its pros and cons. Sometimes a domain owner can face a very sudden problem. Unfortunately, this "problem" could have been known if domain buyers read Terms and Conditions carefully before they buy domains. Registars have a lot little "surprises" buried in the fine print of a registrars' "Terms of Service".

I heard a story from one of my collegues that a registar requested a 200$ fee to unblock my collegue's domain name after it was blocked based on a anonymous request! The registar didn't even try to contact the domain owner and understand the nature of the problem. They simply said "Pay us money!". It looks like a virtual extortion.

Continue reading

PHP NG, significant speed-up features coming in PHP 6

Posted by Stanislav Furman on May 15, 2014

Some exciting and promising coming changes in PHP 6 or 7 have been anounced recently by Dmitry Stogov from Zend. A detailed article has been postd here http://news.php.net/php.internals/73888

Briefly, Zend is working on PHP NG (next generation) which will bring better performance and better memory management. According to Dmitry, the PHP application execution typically takes a significant part of the execution time dealing with memory allocations, and that affects PHP performance significantly as well.

I spent a significant amount of time experimenting with JIT, and even created a PoC of transparent LLVM based JIT compiler embedded into OPCache. The results on bench.php was just amazing – (0.219 seconds against 2.175 – *10 times speedup of PHP 5.5*), but on real-life apps we got just few percent speedup., - says Dmitry in his report.

According to his tests PHP developers can gain up to 20% more requests per second (in case with Wordpress for example).

So far it looks like upgrading to PHP NG should be painless (that's the idea). However, some of PHP extensions wil might require some "massage".

Looking forward to test the new PHP 6. Or maybe 7? ;)


Huawei introduces the Ascend P7, its new flagship Android phone

Posted by Stanislav Furman on May 7, 2014

Huawei's Richard Yu introduces the Ascend P7 in Paris on May 7, 2014.

Today, May 7th 2014, Huawei launched its new Ascend P7, a new Android phone which will be their flagship.

Guys from Huawei are going to compete with Samsung and Apple on the smartphone market. Accoring to the sources the new smartphone will have 5-inch 1,920x1,080 display, a 1.8GHz quad-core processor, a 13-megapixel rear-facing camera, an 8-megapixel front-facing camera, and 4G LTE networking. The device will have a trim thickness of 6.5mm.

The price for this new device will be around 430 USD accorting to Huawei Mobile Shop.

Currently, Huawei is taking the third position in global smartphone market trends and they seems to be growing pretty good. It's a good thing, because as we know the good competition is never bad for customers and their pockets. ;-)