You need to assume it will run in the most hostile environments imaginable -- and design, code, and test accordingly. Writing Secure Code, Second Edition shows you how. This edition draws on the lessons learned and taught throughout Microsoft during the firm s massive 2002 Windows Security Push. It s a huge upgrade to the respected First Edition, with new coverage across the board. Michael Howard and David LeBlanc first help you define what security means to your customers -- and implement a three-pronged strategy for securing design, defaults, and deployment. There s especially useful coverage of threat modeling -- decomposing your application, identifying threats, ranking them, and mitigating them. Then, it s on to in-depth coverage of today s key security issues from the developer s standpoint. Everyone knows buffer overruns are bad: Here s a full chapter on avoiding them. You ll learn how to establish appropriate access controls and default to running with least privilege. There s detailed coverage of overcoming attacks on cryptography (for example, avoiding poor random numbers and bit-flipping attacks). You ll learn countermeasures for virtually every form of user input attack, from malicious database updates to cross-site scripting. We ve just scratched the surface: There are authoritative techniques for securing sockets and RPC, protecting against DOS attacks, building safer .NET applications, reviewing and testing code, adding privacy features, and even writing high-quality security documentation. Following these techniques won t just improve security -- it ll dramatically improve robustness and reliability, too. Bill CamardaBill Camarda is a consultant, writer, and web/multimedia content developer. His 15 books include Special Edition Using Word 2000 and Upgrading & Fixing Networks For Dummies®, Second Edition.

    PHP is a server-side, HTML-embedded scripting language. It is an open source technology, rapidly gaining popularity as a scripting language for people running dynamic websites. One of its major attractions over Perl, JavaScript and other scripting languages is that PHP has a built-in database integration layer and seamless IP connectivity, with LDAP and TCP as well as the IMAP mail interface. Features; Real world, practical experience and techniques From installation and configuration of the PHP engine to advanced dynamic application design Definitive coverage of core PHP language and database addressing: MySQL is covered in depth. Practical e-commerce and business scripting including database application development, together with PHP and XML applications. LDAP connectivity addressed.

    I loved the tutorial-style game-like program development. This book rekindled my earliest joys of programming. Plus, JavaScript!" —Brendan Eich, creator of JavaScriptJavaScript is the language of the Web, and it's at the heart of every modern website from the lowliest personal blog to the mighty Google Apps. Though it's simple for beginners to pick up and play with, JavaScript is not a toy—it's a flexible and complex language, capable of much more than the showy tricks most programmers use it for.Eloquent JavaScript goes beyond the cut-and-paste scripts of the recipe books and teaches you to write code that's elegant and effective. You'll start with the basics of programming, and learn to use variables, control structures, functions, and data structures. Then you'll dive into the real JavaScript artistry: higher-order functions, closures, and object-oriented programming.Along the way you'll learn to:Master basic programming techniques and best practices Harness the power of functional and object-oriented programming Use regular expressions to quickly parse and manipulate strings Gracefully deal with errors and browser incompatibilities Handle browser events and alter the DOM structure Most importantly, Eloquent JavaScript will teach you to express yourself in code with precision and beauty. After all, great programming is an art, not a science—so why settle for a killer app when you can create a masterpiece?

     As someone that has used the Bash shell almost daily for over 15 years, I've accumulated several command line "tricks" that have saved me time and frustration. Bash Command Line Pro Tips is a collection of 10 techniques that you can put to use right away to increase your efficiency at the command line. Here is what you will learn by reading Bash Command Line Pro Tips: Tip 1: Tab Completion Tip 2: Change to the Previous Directory Tip 3: Reuse the Last Item from the Previous Command Line Tip 4: Rerun a Command That Starts with a given String Tip 5: Command Substitution Tip 6: Use a for Loop at the Command Line Tip 7: Rerun the Previous Command with Root Privileges Tip 8: Rerun the Previous Command While Substituting a String Tip 9: Reuse a Word on the Same Command Line Tip 10: Fix Typos and Shorten Lengthy Commands with Aliases Scroll up, click the "Buy Now With 1-Click" button to start leaning these powerful Linux Command Line Tips.

    His walk through the syntax and semantics of JavaScript is both charming and hugely insightful; reminders of gotchas complement realistic use cases, paced at a comfortable curve. You'll find when you finish the book that you've gained a strong and comprehensive sense of mastery." --Paul Irish, developer advocate, Google Chrome "This is not a book for those looking for shortcuts; rather it is hard-won experience distilled into a guided tour. It's one of the few books on JS that I'll recommend without hesitation." --Alex Russell, TC39 member, software engineer, Google In order to truly master JavaScript, you need to learn how to work effectively with the language's flexible, expressive features and how to avoid its pitfalls. No matter how long you've been writing JavaScript code, Effective JavaScript will help deepen your understanding of this powerful language, so you can build more predictable, reliable, and maintainable programs. Author David Herman, with his years of experience on Ecma's JavaScript standardization committee, illuminates the language's inner workings as never before--helping you take full advantage of JavaScript's expressiveness. Reflecting the latest versions of the JavaScript standard, the book offers well-proven techniques and best practices you'll rely on for years to come. Effective JavaScript is organized around 68 proven approaches for writing better JavaScript, backed by concrete examples. You'll learn how to choose the right programming style for each project, manage unanticipated problems, and work more successfully with every facet of JavaScript programming from data structures to concurrency. Key features include Better ways to use prototype-based object-oriented programming Subtleties and solutions for working with arrays and dictionary objects Precise and practical explanations of JavaScript's functions and variable scoping semantics Useful JavaScript programming patterns and idioms, such as options objects and method chaining In-depth guidance on using JavaScript's unique "run-to-completion" approach to concurrency

    Akka uses Actors-independently executing processes that communicate via message passing—as the foundation for fault-tolerant applications where individual actors can fail without crashing everything. Perfect for high-volume applications that need to scale rapidly, Akka is an efficient foundation for event-driven systems that want to scale elastically up and out on demand, both on multi-core processors and across server nodes.Akka in Action is a comprehensive tutorial on building message-oriented systems using Akka. The book takes a hands-on approach, where each new concept is followed by an example that shows you how it works, how to implement the code, and how to (unit) test it. You'll learn to test and deploy an actor system and scale it up and out, showing off Akka's fault tolerance. As you move along, you'll explore a message-oriented event-driven application in Akka. You'll also tackle key issues like how to model immutable messages and domain models, and apply patterns like Event Sourcing, and CQRS. The book concludes with practical advice on how to tune and customize a system built with Akka.

    By understanding what the browser can and cannot do, you’ll be able to make better design decisions and deliver faster web applications to your users.Author Ilya Grigorik—a developer advocate and web performance engineer at Google—starts with the building blocks of TCP and UDP, and then dives into newer technologies such as HTTP 2.0, WebSockets, and WebRTC. This book explains the benefits of these technologies and helps you determine which ones to use for your next application.- Learn how TCP affects the performance of HTTP- Understand why mobile networks are slower than wired networks- Use best practices to address performance bottlenecks in HTTP- Discover how HTTP 2.0 (based on SPDY) will improve networking- Learn how to use Server Sent Events (SSE) for push updates, and WebSockets for XMPP chat- Explore WebRTC for browser-to-browser applications such as P2P video chat- Examine the architecture of a simple app that uses HTTP 2.0, SSE, WebSockets, and WebRTC

    JavaScript Allongé is for:-- Programmers learning JavaScript who want a thorough grounding in its fundamentals rather than a cursory treatment of its syntax.-- Programmers already using JavaScript who want to go back and take a deep dive into programming with functions and combinators.-- Any programmer curious about programming with functions.JavaScript Allongé's primary focus is functions as first-class values and topics built on those fundamentals such as objects, prototypes, "classes," combinators, method decorators, and fluent APIs.

    This authoritative book scrapes away these bad features to reveal a subset of JavaScript that's more reliable, readable, and maintainable than the language as a whole--a subset you can use to create truly extensible and efficient code.Considered the JavaScript expert by many people in the development community, author Douglas Crockford identifies the abundance of good ideas that make JavaScript an outstanding object-oriented programming language-ideas such as functions, loose typing, dynamic objects, and an expressive object literal notation. Unfortunately, these good ideas are mixed in with bad and downright awful ideas, like a programming model based on global variables.When Java applets failed, JavaScript became the language of the Web by default, making its popularity almost completely independent of its qualities as a programming language. In JavaScript: The Good Parts, Crockford finally digs through the steaming pile of good intentions and blunders to give you a detailed look at all the genuinely elegant parts of JavaScript, including:SyntaxObjectsFunctionsInheritanceArraysRegular expressionsMethodsStyleBeautiful featuresThe real beauty? As you move ahead with the subset of JavaScript that this book presents, you'll also sidestep the need to unlearn all the bad parts. Of course, if you want to find out more about the bad parts and how to use them badly, simply consult any other JavaScript book.With JavaScript: The Good Parts, you'll discover a beautiful, elegant, lightweight and highly expressive language that lets you create effective code, whether you're managing object libraries or just trying to get Ajax to run fast. If you develop sites or applications for the Web, this book is an absolute must.

    This bestseller talks to readers at their level, explaining every aspect of how to get started and learn the C language quickly. Readers also find out where to learn more about C. This book includes tear-out reference card of C functions and statements, a hierarchy chart, and other valuable information. It uses special icons, notes, clues, warnings, and rewards to make understanding easier. And the clear and friendly style presumes no programming knowledge.

    Based on B. P. Lathi's widely used book, Linear Systems and Signals, it features additional applications to communications, controls, and filtering as well as new chapters on analog and digital filters and digital signal processing. Lathi emphasizes the physical appreciation of concepts rather than the mere mathematical manipulation of symbols. Avoiding the tendency to treat engineering as a branch of applied mathematics, he uses mathematics to enhance physical and intuitive understanding of concepts, instead of employing it only to prove axiomatic theory. Theoretical results are supported by carefully chosen examples and analogies, allowing students to intuitively discover meaning for themselves.

    You'll begin by getting Redis set up properly and then exploring the key-value model. Then, you'll dive into real use cases including simple caching, distributed ad targeting, and more. You'll learn how to scale Redis from small jobs to massive datasets. Experienced developers will appreciate chapters on clustering and internal scripting to make Redis easier to use.About the TechnologyWhen you need near-real-time access to a fast-moving data stream, key-value stores like Redis are the way to go. Redis expands on the key-value pattern by accepting a wide variety of data types, including hashes, strings, lists, and other structures. It provides lightning-fast operations on in-memory datasets, and also makes it easy to persist to disk on the fly. Plus, it's free and open source.About this bookRedis in Action introduces Redis and the key-value model. You'll quickly dive into real use cases including simple caching, distributed ad targeting, and more. You'll learn how to scale Redis from small jobs to massive datasets and discover how to integrate with traditional RDBMS or other NoSQL stores. Experienced developers will appreciate the in-depth chapters on clustering and internal scripting.Written for developers familiar with database concepts. No prior exposure to NoSQL database concepts nor to Redis itself is required. Appropriate for systems administrators comfortable with programming.Purchase of the print book includes a free eBook in PDF, Kindle, and ePub formats from Manning Publications.What's InsideRedis from the ground upPreprocessing real-time dataManaging in-memory datasetsPub/sub and configurationPersisting to diskAbout the AuthorDr. Josiah L. Carlson is a seasoned database professional and an active contributor to the Redis community.Table of ContentsPART 1 GETTING STARTEDGetting to know RedisAnatomy of a Redis web applicationPART 2 CORE CONCEPTSCommands in RedisKeeping data safe and ensuring performanceUsing Redis for application supportApplication components in RedisSearch-based applicationsBuilding a simple social networkPART 3 NEXT STEPSReducing memory useScaling RedisScripting Redis with Lua

    Test-driven development (TDD) is a modern software development practice that can dramatically reduce the number of defects in systems, produce more maintainable code, and give you the confidence to change your software to meet changing needs. But C++ programmers have been ignored by those promoting TDD--until now. In this book, Jeff Langr gives you hands-on lessons in the challenges and rewards of doing TDD in C++.Modern C++ Programming With Test-Driven Development, the only comprehensive treatment on TDD in C++ provides you with everything you need to know about TDD, and the challenges and benefits of implementing it in your C++ systems. Its many detailed code examples take you step-by-step from TDD basics to advanced concepts. As a veteran C++ programmer, you're already writing high-quality code, and you work hard to maintain code quality. It doesn't have to be that hard. In this book, you'll learn: how to use TDD to improve legacy C++ systems how to identify and deal with troublesome system dependencies how to do dependency injection, which is particularly tricky in C++ how to use testing tools for C++ that aid TDD new C++11 features that facilitate TDD As you grow in TDD mastery, you'll discover how to keep a massive C++ system from becoming a design mess over time, as well as particular C++ trouble spots to avoid. You'll find out how to prevent your tests from being a maintenance burden and how to think in TDD without giving up your hard-won C++ skills. Finally, you'll see how to grow and sustain TDD in your team. Whether you're a complete unit-testing novice or an experienced tester, this book will lead you to mastery of test-driven development in C++.What You Need A C++ compiler running under Windows or Linux, preferably one that supports C++11. Examples presented in the book were built under gcc 4.7.2. Google Mock 1.6 (downloadable for free; it contains Google Test as well) or an alternate C++ unit testing tool. Most examples in the book are written for Google Mock, but it isn't difficult to translate them to your tool of choice. A good programmer's editor or IDE. cmake, preferably. Of course, you can use your own preferred make too. CMakeLists.txt files are provided for each project. Examples provided were built using cmake version 2.8.9. Various freely-available third-party libraries are used as the basis for examples in the book. These include: - cURL - JsonCpp - Boost (filesystem, date_time/gregorian, algorithm, assign) Several examples use the boost headers/libraries. Only one example uses cURL and JsonCpp.

    Before we delve into the intricacies of JavaScript, we need to know why it is used. While HTML tells your browser how your webpage will look, JavaScript is used for dynamic content and to add functionality. Using this book, you will understand the concept of JavaScript and its use in web designing. You will also have a look at jQuery in general. You will learn about Functions, Operators, the concept of Variables, Conditions and Loops, Arrays, and the basics of jQuery in this book. Instead of wandering through loads of theory, we have used practical examples in this book. The examples in this book are compatible with almost every browser. Instead of using the verbatim code, you can modify the code and see the change in the output thereby understanding the subtle nuances of JavaScript. By the end of the book, with practice, you can achieve better things and get more acquainted with JavaScript.

    To successfully build upon, integrate with, or even create a cloud environment requires an understanding of its common inner mechanics, architectural layers, and models, as well as an understanding of the business and economic factors that result from the adoption and real-world use of cloud-based services.In Cloud Computing: Concepts, Technology & Architecture, Thomas Erl, one of the world's top-selling IT authors, teams up with cloud computing experts and researchers to break down proven and mature cloud computing technologies and practices into a series of well-defined concepts, models, technology mechanisms, and technology architectures, all from an industry-centric and vendor-neutral point of view. In doing so, the book establishes concrete, academic coverage with a focus on structure, clarity, and well-defined building blocks for mainstream cloud computing platforms and solutions.Subsequent to technology-centric coverage, the book proceeds to establish business-centric models and metrics that allow for the financial assessment of cloud-based IT resources and their comparison to those hosted on traditional IT enterprise premises. Also provided are templates and formulas for calculating SLA-related quality-of-service values and numerous explorations of the SaaS, PaaS, and IaaS delivery models.With more than 260 figures, 29 architectural models, and 20 mechanisms, this indispensable guide provides a comprehensive education of cloud computing essentials that will never leave your side.