05 Apr 2014

Check User-Submitted URLs for Malware and Phishing in Your Application

If you write software for the web that allows users to submit or share URLs (comment systems, mail clients, forums, URL shorteners, etc), you may find yourself in a position where you need to filter out malicious links.

14 Oct 2010

Firefox Addons for Penetration/XSS Testing

2010 was supposed to be the year of the Tiger, but it’s felt more like the year of Pwny so far. This article covers some Firefox add-ons that help you test your own apps, whether you’re working with a penetration tester, or by default, you are the penetration tester.

05 Dec 2009

Microsoft Web Developer’s Summit 2009

I had the opportunity this week to go out to Redmond, Washington to attend the Microsoft Web Developer’s Summit at the MS headquarters. For this summit, about 25 leaders in the PHP (and PHP project) community were invited out to sit down with members of the MS product development teams

10 Oct 2009

Funky characters in HTML mail using PHPMailer

While working on a client project, I ended up having to send HTML email notifications to users. During testing, I discovered some stray characters at the beginning of the email.

10 Sep 2009

PHP Regex to Make Twitter Links Clickable

This is just a quicky post, not one of my usual long, rambling diatribes. This week is madness, even by my own absurd standards, but I didn’t want to miss jotting this down in case it might be helpful to others.

23 Jul 2009

Writing Your First Twitter Application with OAuth

If you’re interested in writing a web-based Twitter application but aren’t sure where to start, the Twitter OAuth library from Abraham Wiliams makes authenticating with OAuth and Twitter a breeze.