It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.Topics covered include:Preventing cross-site scripting (XSS) vulnerabilitiesProtecting against SQL injection attacksComplicating session hijacking attemptsYou are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.

    Each year, the series editor and guest editor curates a truly exceptional collection. The only shared traits among all these diverse styles, voices, and stories are the extraordinarily high caliber of writing, and the pure passion they tap into that can only come from sports.

    This book offers numerous examples to help you avoid the many pitfalls that entrap new and not-so-new database designers. Through the help of use cases and class diagrams modeled in the UML, youll learn how to discover and represent the details and scope of the problem in question.Database design is not an exact science, and solid database design principles and examples help demonstrate the consequences of simplifications and pragmatic decisions. The rationale is to try to keep it simple, but allow room for development as situations change or resources permit. The book also features an introduction for implementing the final design in a relational database.

    This book will help those familiar the command line and basic shell scripting start using Ansible to provision and manage anywhere from one to thousands of servers.The book begins with fundamentals, like installing Ansible, setting up a basic inventory file, and basic concepts, then guides you through Ansible's many uses, including ad-hoc commands, basic and advanced playbooks, application deployments, custom modules, and special cases like running ansible in 'pull' mode when you have thousands of servers to manage (or more). Everything is explained with pertinent real-world examples, often using Vagrant-managed virtual machines.

    

    It presents a learning journey, not definitive guidance. It describes the experiences of a development team with no prior CQRS proficiency in building, deploying (to Windows Azure), and maintaining a sample real-world, complex, enterprise system to showcase various CQRS and ES concepts, challenges, and techniques.The development team did not work in isolation; we actively sought input from industry experts and from a wide group of advisors to ensure that the guidance is both detailed and practical.The CQRS pattern and event sourcing are not mere simplistic solutions to the problems associated with large-scale, distributed systems. By providing you with both a working application and written guidance, we expect you’ll be well prepared to embark on your own CQRS journey.

    Covering everything from adventure, war, murder and slavery to espionage, including the stories of the real war horse, who killed Rasputin, Agatha Christie's greatest mystery and Hitler's English girlfriend, these tales deserve to be told.

    This book explains the technical aspects of hacking, including stack based overflows, heap based overflows, string exploits, return-into-libc, shellcode, and cryptographic attacks on 802.11b.

    In this friendly, pragmatic book, cloud experts John Arundel and Justin Domingus show you what Kubernetes can do--and what you can do with it.You'll learn all about the Kubernetes ecosystem, and use battle-tested solutions to everyday problems. You'll build, step by step, an example cloud native application and its supporting infrastructure, along with a development environment and continuous deployment pipeline that you can use for your own applications.Understand containers and Kubernetes from first principles; no experience necessaryRun your own clusters or choose a managed Kubernetes service from Amazon, Google, and othersUse Kubernetes to manage resource usage and the container lifecycleOptimize clusters for cost, performance, resilience, capacity, and scalabilityLearn the best tools for developing, testing, and deploying your applicationsApply the latest industry practices for security, observability, and monitoringAdopt DevOps principles to help make your development teams lean, fast, and effective

    Intended for developers who are already familiar with the Apex language, and experienced Java and C# developers who are moving to Apex, this book starts where the Force.com documentation leaves off. Instead of trying to cover all of the features of the platform, Advanced Apex programming focuses entirely on the Apex language and core design patterns. You’ll learn how to truly think in Apex – to embrace limits and bulk patterns. You’ll see how to develop architectures for efficient and reliable trigger handling, and for asynchronous operations. You’ll discover that best practices differ radically depending on whether you are building software for a specific organization or for a managed package. And you’ll find approaches for incorporating testing and diagnostic code that can dramatically improve the reliability and deployment of Apex software, and reduce your lifecycle and support costs. Based on his experience both as a consultant and as architect of a major AppExchange package, Dan Appleman focuses on the real-world problems and issues that are faced by Apex developers every day, along with the obscure problems and surprises that can sneak up on you if you are unprepared.

    This hands-on guide shows you how to use this open source software to build a virtual machine for any purpose—including a completely sandboxed, fully provisioned development environment right on your desktop.Vagrant creator Mitchell Hashimoto shows you how to share a virtual machine image with members of your team, set up a separate virtualization for each project, and package virtual machines for use by others. This book covers the V1 (1.0.x) configuration syntax running on top of a V2 (1.1+) core, the most stable configuration format running on the latest core.Build a simple virtual machine with just two commands and no configurationCreate a development environment that closely resembles productionAutomate software installation and management with shell scripts, Chef, or PuppetSet up a network interface to access your virtual machine from any computerUse your own editor and browser to develop and test your applicationsTest complicated multi-machine clusters with a single VagrantfileChange Vagrant’s default operating system to match your production OSExtend Vagrant features with plugins, including components you build yourself

    Is it time to become a manager? Tell your boss he’s a jerk? Join that startup? Author Michael Lopp recalls his own make-or-break moments with Silicon Valley giants such as Apple, Netscape, and Symantec in Being Geek -- an insightful and entertaining book that will help you make better career decisions.With more than 40 standalone stories, Lopp walks through a complete job life cycle, starting with the job interview and ending with the realization that it might be time to find another gig. Many books teach you how to interview for a job or how to manage a project successfully, but only this book helps you handle the baffling circumstances you may encounter throughout your career.Decide what you're worth with the chapter on "The Business"Determine the nature of the miracle your CEO wants with "The Impossible"Give effective presentations with "How Not to Throw Up"Handle liars and people with devious agendas with "Managing Werewolves"Realize when you should be looking for a new gig with "The Itch"

    

    You’ll learn about authenticated encryption, secure randomness, hash functions, block ciphers, and public-key techniques such as RSA and elliptic curve cryptography.You’ll also learn: - Key concepts in cryptography, such as computational security, attacker models, and forward secrecy - The strengths and limitations of the TLS protocol behind HTTPS secure websites - Quantum computation and post-quantum cryptography - About various vulnerabilities by examining numerous code examples and use cases - How to choose the best algorithm or protocol and ask vendors the right questionsEach chapter includes a discussion of common implementation mistakes using real-world examples and details what could go wrong and how to avoid these pitfalls. Whether you’re a seasoned practitioner or a beginner looking to dive into the field, Serious Cryptography will provide a complete survey of modern encryption and its applications.

    Although this computerized future, often called the Internet of Things, carries enormous potential, best- selling author Bruce Schneier argues that catastrophe awaits in its new vulnerabilities and dangers. Forget data theft; cutting- edge digital attackers can now literally crash your car, pacemaker, and home security system, as well as everyone else’s.In Click Here to Kill Everybody, Schneier “sets out detailed solutions that should be required reading for politicians across the world” (Financial Times). From principles for a more resilient Internet of Things to a recipe for sane government oversight, Schneier’s vision is required reading for anyone invested in human flourishing.“Sober, lucid and often wise in diagnosing how the security challenges posed by the expanding Internet came about, and in proposing what should (but probably won’t) be done about them.” — Nature