PHP: Category Archive

Implementing HTTPOnly in PHP

Thursday, August 28th, 2008

Coding Horror has an article today about a little-known extension to the http cookie protocol: HTTPOnly.

Essentially, HTTPOnly makes any browser cookies from the site unreadable to javascript (in supported browsers anyway: IE7, Opera 9.5, FF3), thus raising the bar for XSS attacks considerably.

So how do we turn it on in PHP?
(more…)


Preventing WordPress Post Updates from Changing RSS

Monday, August 18th, 2008

A minor wordpress annoyance that i’ve run across lately is that every time you update a post, the date on the post changes, so it moves to the top of your RSS feed. Thankfully, Ciaran Gultnieks has a solution.


Fixing escaping problems in WP-Syntax

Saturday, August 2nd, 2008

I’ve installed the WP-Syntax wordpress plugin for code highlighting, and am very impressed, except for a nasty bug that was causing code snippets to escape html special characters.

Thankfully Gergely Hodicska has a solution on his blog.

Hopefully this sees integration into the actual plugin’s codebase at some point.


PHP Geocoding tutorial with the Google Maps API – Part One

Friday, August 1st, 2008

So unless you live under a non-Web 2.0-enabled rock, you’ve probably heard of the magic of the Google maps API and google maps mashups. If you’re saavy, you’ve probably even heard that now Google Maps offer translation of addresses into latitude and longitude, aka Geocoding.

What you may not know is that the folks at google exposed this geocoding as a regular old URL-based webservice, which means that whatever Nifty mashups your devious little minds can come up with (as long as they fly with google’s TOS) can be powered on the backend without ever loading a google map!
(more…)