Categories


Recent Posts


Archives


Fuzzing PHP

Fuzzers are a category of security testing software that will throw all sorts of random data at a software system looking for flaws that can then be exploited by individual penetration testers. Sort of like throwing a bunch of paint around the room trying to find the invisible man. I found this talk about a PHP Internals Fuzzer from [...]

astorm

Cracking Foundation

This post by Julia Evans (author and artist of the amazing Bite Sized Linux zine) caught my eye. I can’t tell if this is an old-man-computer thing or if it’s a legitimate troubling trend (probably both), but as consumer web sites increasingly become a Squarespace/Wix sort of thing and not a DIY sort of thing, the DIY tools [...]

astorm

A Few Notes on Zephir

Zephir is a programming language for building PHP extensions. As in, the .so files that extend the PHP language itself. Normally you need to use the C programming language to create a PHP extension, but Zephir is an intermediate language you can compile down to C code, (using the provided tooling). Its build system also automatically [...]

astorm

Never Gonna Give you Up

In the begining (or near enough to it), PHP had a set of functions for talking to MySQL databases — mysql_connect, mysql_query, mysql_.... While newer database APIs like the mysqli_ functions and PDO came along these older functions hung in there and remained hugely popular right up until the end. The end being their removal from [...]

astorm

Pestle 1.4.3 Released

I just released version 1.4.3 of pestle over the weekend. Mostly a maintaince release and tightening up things I stumbled across while working through the Learning Magento with Pestle screencast series with my patreons. We’v also got a few additional contributors to the project. Pestle is a command line framework I built to manage [...]

astorm

Tab Completion for Pestle

Pestle (my PHP command line script frameowrk and Magento 2 code generation tool) has has a bash tab completion script for a while, but I finally wrote up some basic instructions for using it in the pestle README. It’s super annoying that MacOS doesn’t ship with the more robust bash-completion program installed by default, but [...]

astorm

A History of PHP

This high level history of PHP passed my desk — I didn’t start using the language until version three (and I still, to this day, forget access modifiers on my class method names or type things like public thisIsMyMethod because the typing cadence for defining a method was two words) so it’s nice to have some high level [...]

astorm

Just Enough C for PHP: C Macros

This entry is part 4 of 6 in the series Just Enough C for PHP. Earlier posts include Just Enough C for PHP, Just Enough C for PHP: Running C Programs, and Just Enough C for PHP: Variables and Types. Later posts include There's no Such Thing as PHP, and Just Enough C for PHP: Make Basics. First, a quick note from your author. When I [...]

astorm

PHP and strace

Another set of slides from a Benoit Jacquemont talk I would have loved to see. My high level summary Don’t forget that your PHP program isn’t talking with anything directly, all activity goes through the your operating system’s kernel, and there are tools (strace on linux) for looking at the system calls your program is [...]

astorm