Chris Shiflett's Gravatar Chris Shiflett's Profile

About Me: Welcome to my site! There's a lot more about me on the about page.

Last 10 Comments

1

Instead of restarting Firefox every time you change your AMCD, Dan Mills suggests pasting this into the error console to clear the cache:

Components.utils.import("resource://gre/modules/accountmanager/realms.js");
Realms.Service._realmCache.clear();

Posted in /blog/2010/aug/mozilla-account-manager.

Tue, 17 Aug 2010 at 13:32:03: Link

2

Here are the lyrics translated to Japanese. :-)

Posted in /blog/2010/aug/php-anthem.

Fri, 06 Aug 2010 at 11:30:53: Link

3

Glad you like the links, Lee. The thought of you psyching yourself up with Essential PHP Security cracks me up. :-)

Posted in /blog/2010/aug/php-anthem.

Fri, 06 Aug 2010 at 10:54:48: Link

4

Glad you like them, Catherine. :-)

The links were a joint effort between myself and Sean.

Posted in /blog/2010/aug/php-anthem.

Thu, 05 Aug 2010 at 12:54:33: Link

5

Happy to help, Joseph! I'm curious to see if you get even more attention today.

Lee, the photo is from Internext. It's real. :-) I don't think it's from a movie, though.

Posted in /blog/2010/aug/php-anthem.

Thu, 05 Aug 2010 at 11:51:53: Link

6

Here's a beautiful site that started using URL sentences about a month ago:

http://hugsformonsters.com/just-made/a-new-site

Posted in /blog/2010/may/url-sentences.

Tue, 03 Aug 2010 at 13:31:53: Link

7

Glad this was helpful, Cesar. :-)

Posted in /blog/2010/jul/auto-increment-with-mongodb.

Sun, 01 Aug 2010 at 18:06:20: Link

8

Hi John,

How do you avoid race conditions with this?

The findandmodify() command is atomic, so there is no race condition.

Posted in /blog/2010/jul/auto-increment-with-mongodb.

Thu, 29 Jul 2010 at 22:18:51: Link

9

Hey Ivo,

Andrei is best suited to give a full response, since he's the one who researched this before deciding on sequential identifiers.

This post from Kellan explains why Flickr chose sequential identifiers over UUIDs. It's about MySQL rather than MongoDB, but the background and reasoning is very similar. It's a good start.

Posted in /blog/2010/jul/auto-increment-with-mongodb.

Thu, 29 Jul 2010 at 18:01:04: Link

10

Hi Sky,

Using htmlentities($var, ENT_QUOTES, 'UTF-8') is a good practice, but it doesn't solve the problem entirely. If you try that with this example, you'll notice the XSS doesn't work, but that's only because this particular example uses quotes. There are XSS attacks that do not rely on quotes, and those will still work. View source to see what I mean, or try the example using htmlentities($var, ENT_COMPAT, 'UTF-8'), and you'll see that it still works.

Hope that clarifies things. :-)

Posted in /blog/2005/dec/google-xss-example.

Thu, 22 Jul 2010 at 15:05:13: Link

Stats

  • Member Since: 07 Sep 2004
  • Comments: 702

Work and Books

Analog Essential PHP Security HTTP Developer's Handbook