iBlog - Ilia Alshanetsky - Publications

Common Optimization Mistakes Slides

ilia@ilia.ws (Ilia Alshanetsky) — Thu, 05 Mar 2009 15:54:54 -0500

The slides from my PHP Quebec talk on "Common Optimization Mistakes" are now up and can be downloaded from here:
http://ilia.ws/files/phpquebec_2009.pdf

I am pretty happy with the talk, which was a bit strange for me, since I get to talk about some of the downside of optimizations, rather then talking about the various specific optimizations. It looked like the audience liked the talk (I hope), so the results seems positive

Cross-Site Request Forgery in Action

ilia@ilia.ws (Ilia Alshanetsky) — Thu, 23 Mar 2006 18:33:26 -0500

Chris Schifflet has transferred me the reigns of the PHP|Architect's Security Corner; hopefully I will be able to keep up with the tradition of interesting and informative articles on the topic of PHP Security. The first issue was released on March 20ths and takes you on a road of discovery about Cross-Site Request Forgery (CSRF). My approach was to identify the various means of exploitation possible via CSRF and the possible dangers it presents. By taking this approach not only can the uniqueness of the attack's approach can be demonstrated, but the hacking methodologies used by malicious users can seen as well. In my mind, understanding of the problem is half the solution, of course the other half involving prevention techniques design to avert CSRF are covered as well. If you are interested in learning more about CSRF you may want to grab an issue of the magazine.

SQL Injection Chapter on MySQL Developer Zone

ilia@ilia.ws (Ilia Alshanetsky) — Tue, 11 Oct 2005 09:03:44 -0400

I am happy to announce that the SQL Injection chapter from my book, Guide to PHP Security has been published on MySQL's developer zone. You can find this chapter here.

PHP Security Guide now available on Amazon and Barns&Noble

ilia@ilia.ws (Ilia Alshanetsky) — Tue, 04 Oct 2005 09:41:29 -0400

My book, PHP Security Guide is now available for purchase on Amazon and Barnes & Noble.

Unfortunately both of these stores have the book's title wrong in different and "creative" fashions, more so on B&N where they've decided to come up with their own creative title . Hopefuly these will be corrected in short order and additional info about the book (that was sent to them) will appear as well. Non the less, both stores now carry the book and have stock ready to ship, so if you want a copy you can now get one for under $25.

PDO Article and FUDforum review in September PHP|Architect issue.

ilia@ilia.ws (Ilia Alshanetsky) — Mon, 03 Oct 2005 13:47:44 -0400

Two weeks late, but, better late then never, that's what I think .

The September issue of PHP|Architect, has a fairly long and hopefully interesting article on PDO covering all of the new features found at the time. As far as PDO material goes, aside from the manual it is probably the most up to date resource on it that you can find. And even then it does not cover my BC break that was made recently. So if you are considering using PDO, this is definitely something that should be of interest.

The issue also held a pleasant surprise for me, which was a fairly detailed and positive review of FUDforum, yey! It only got 4 stars (out of 5), but I did manage to acquire the missing star directly from Peter (Forums Reviewer, thanks for the review btw) on a napkin, PERFECTION!!! .

Look Ma , I'm a writer!

ilia@ilia.ws (Ilia Alshanetsky) — Tue, 06 Apr 2004 13:03:23 -0400

My inner workaholic is hard at work making sure my daily work load does not drop below the minimum of 12 hours. Consequently I will be writing another article for PHP|Architect in addition to the one (404 handling) that will be published in April's issue. This time I will foray into the exciting world of making complex URL requests via PHP through the newly introduced context parameter in addition to the old favorite, cURL.

On the positive note, Marco will have an absolutely 'smashing time' trying to make sense out of my drivel.
MUWAHAHAHAHA!