It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.Topics covered include:Preventing cross-site scripting (XSS) vulnerabilitiesProtecting against SQL injection attacksComplicating session hijacking attemptsYou are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.

    While there will be the inevitable criticism that the material contained in the book could be used maliciously, the fact is that this knowledge is already in the hands of our enemies. This book is truly designed to inform while entertaining (and scaring) the reader, and it will instantly be in demand by readers of "Stealing the Network: How to Own the Box" * A meticulously detailed and technically accurate work of fiction that exposes the very real possibilities of such an event occurring* An informative and scary insight into the boundries of hacking and cyber-terrorism* Written by a team of the most accomplished cyber-security specialists in the world

    Each idiom comes with a detailed description, example code showing the "wrong" way to do it, and code for the idiomatic, "Pythonic" alternative. *This version of the book is for Python 2.7.3+. There is also a Python 3.3+ version available.* "Writing Idiomatic Python" contains the most common and important Python idioms in a format that maximizes identification and understanding. Each idiom is presented as a recommendation to write some commonly used piece of code. It is followed by an explanation of why the idiom is important. It also contains two code samples: the "Harmful" way to write it and the "Idiomatic" way. * The "Harmful" way helps you identify the idiom in your own code. * The "Idiomatic" way shows you how to easily translate that code into idiomatic Python. This book is perfect for you: * If you're coming to Python from another programming language * If you're learning Python as a first programming language * If you're looking to increase the readability, maintainability, and correctness of your Python code What is "Idiomatic" Python? Every programming language has its own idioms. Programming language idioms are nothing more than the generally accepted way of writing a certain piece of code. Consistently writing idiomatic code has a number of important benefits: * Others can read and understand your code easily * Others can maintain and enhance your code with minimal effort * Your code will contain fewer bugs * Your code will teach others to write correct code without any effort on your part

    Plenty of books describe what agile development is or why it helps software projects succeed, but very few combine information for developers, managers, testers, and customers into a single package that they can apply directly. This book provides no-nonsense advice on agile planning, development, delivery, and management taken from the authors' many years of experience with Extreme Programming (XP). You get a gestalt view of the agile development process, including comprehensive guidance for non-technical readers and hands-on technical practices for developers and testers. The Art of Agile Development gives you clear answers to questions such as:How can we adopt agile development? Do we really need to pair program? What metrics should we report? What if I can't get my customer to participate? How much documentation should we write? When do we design and architect? As a non-developer, how should I work with my agile team? Where is my product roadmap? How does QA fit in? The book teaches you how to adopt XP practices, describes each practice in detail, then discusses principles that will allow you to modify XP and create your own agile method. In particular, this book tackles the difficult aspects of agile development: the need for cooperation and trust among team members. Whether you're currently part of an agile team, working with an agile team, or interested in agile development, this book provides the practical tips you need to start practicing agile development. As your experience grows, the book will grow with you, providing exercises and information that will teach you first to understand the rules of agile development, break them, and ultimately abandon rules altogether as you master the art of agile development. "Jim Shore and Shane Warden expertly explain the practices and benefits of Extreme Programming. They offer advice from their real-world experiences in leading teams. They answer questions about the practices and show contraindications - ways that a practice may be mis-applied. They offer alternatives you can try if there are impediments to applying a practice, such as the lack of an on-site customer. --Ken Pugh, Author of Jolt Award Winner, Prefactoring "I will leave a copy of this book with every team I visit." --Brian Marick, Exampler Consulting

    Hacking Exposed Linux provides the most up-to-date coverage available from a large team of topic-focused experts. The book is based on the latest security research and shows you, in full detail, how to lock out intruders and defend your Linux systems against catastrophic attacks.Secure Linux by using attacks and countermeasures from the latest OSSTMM researchFollow attack techniques of PSTN, ISDN, and PSDN over LinuxHarden VoIP, Bluetooth, RF, RFID, and IR devices on LinuxBlock Linux signal jamming, cloning, and eavesdropping attacksApply Trusted Computing and cryptography tools for your best defenseFix vulnerabilities in DNS, SMTP, and Web 2.0 servicesPrevent SPAM, Trojan, phishing, DoS, and DDoS exploitsFind and repair errors in C code with static analysis and Hoare Logic

    The answers aren't easy -- just incredibly successful.

    The books also provides a companion web site that provides the toold and materials necessary to build the hardware and software.

    This book is chock-full of material that will help you with your Django projects.We’ll introduce you to various tips, tricks, patterns, code snippets, and techniques that we’ve picked up over the years.

     As someone that has used the Bash shell almost daily for over 15 years, I've accumulated several command line "tricks" that have saved me time and frustration. Bash Command Line Pro Tips is a collection of 10 techniques that you can put to use right away to increase your efficiency at the command line. Here is what you will learn by reading Bash Command Line Pro Tips: Tip 1: Tab Completion Tip 2: Change to the Previous Directory Tip 3: Reuse the Last Item from the Previous Command Line Tip 4: Rerun a Command That Starts with a given String Tip 5: Command Substitution Tip 6: Use a for Loop at the Command Line Tip 7: Rerun the Previous Command with Root Privileges Tip 8: Rerun the Previous Command While Substituting a String Tip 9: Reuse a Word on the Same Command Line Tip 10: Fix Typos and Shorten Lengthy Commands with Aliases Scroll up, click the "Buy Now With 1-Click" button to start leaning these powerful Linux Command Line Tips.

    This book is both an example-driven programmer's guide and a keep-on-your-desk reference, with new chapters that explain everything you need to know to get the most out of JavaScript, including:Scripted HTTP and Ajax XML processing Client-side graphics using the canvas tag Namespaces in JavaScript--essential when writing complex programs Classes, closures, persistence, Flash, and JavaScript embedded in Java applicationsPart I explains the core JavaScript language in detail. If you are new to JavaScript, it will teach you the language. If you are already a JavaScript programmer, Part I will sharpen your skills and deepen your understanding of the language.Part II explains the scripting environment provided by web browsers, with a focus on DOM scripting with unobtrusive JavaScript. The broad and deep coverage of client-side JavaScript is illustrated with many sophisticated examples that demonstrate how to:Generate a table of contents for an HTML document Display DHTML animations Automate form validation Draw dynamic pie charts Make HTML elements draggable Define keyboard shortcuts for web applications Create Ajax-enabled tool tips Use XPath and XSLT on XML documents loaded with Ajax And much morePart III is a complete reference for core JavaScript. It documents every class, object, constructor, method, function, property, and constant defined by JavaScript 1.5 and ECMAScript Version 3.Part IV is a reference for client-side JavaScript, covering legacy web browser APIs, the standard Level 2 DOM API, and emerging standards such as the XMLHttpRequest object and the canvas tag.More than 300,000 JavaScript programmers around the world have made this their indispensable reference book for building JavaScript applications."A must-have reference for expert JavaScript programmers...well-organized and detailed."-- Brendan Eich, creator of JavaScript

    While it's safe to say that relational databases aren't going anywhere, we can also say that the ecosystem around data is never going to be the same.Of all the new tools and solutions, for me, Redis has been the most exciting. Why? First because it's unbelievably easy to learn. Hours is the right unit to use when talking about length of time it takes to get comfortable with Redis. Secondly, it solves a specific set of problems while at the same time being quite generic. What exactly does that mean? Redis doesn't try to be all things to all data. As you get to know Redis, it'll become increasingly evident what does and what does not belong in it. And when it does, as a developer, it's a great experience.While you can build a complete system using Redis only, I think most people will find that it supplements their more generic data solution - whether that be a traditional relational database, a document-oriented system, or something else. It's the kind of solution you use to implement specific features. In that way, it's similar to an indexing engine. You wouldn't build your entire application on Lucene. But when you need good search, it's a much better experience - for both you and your users. Of course, the similarities between Redis and indexing engines end there.The goal of this book is to build the foundation you'll need to master Redis. We'll focus on learning Redis' five data structures and look at various data modeling approaches. We'll also touch on some key administrative details and debugging techniques.LicenseThe Little Redis Book is licensed under the Attribution-NonCommercial 3.0 Unported license. You should not have paid for this book.You are free to copy, distribute, modify or display the book. However, I ask that you always attribute the book to me, Karl Seguin, and do not use it for commercial purposes.You can see the full text of the license at:http://creativecommons.org/licenses/b...About The AuthorKarl Seguin is a developer with experience across various fields and technologies. He's an active contributor to Open-Source Software projects, a technical writer and an occasional speaker. He's written various articles, as well as a few tools, about Redis. Redis powers the ranking and statistics of his free service for casual game developers: mogade.com.Karl wrote The Little MongoDB Book, the free and popular book about MongoDB.His blog can be found at http://openmymind.net and he tweets via @karlseguinWith Thanks ToA special thanks to Perry Neal for lending me his eyes, mind and passion. You provided me with invaluable help. Thank you.Latest VersionThe latest source of this book is available at: http://github.com/karlseguin/the-litt...

    Used in university courses and professional seminars all over the world, the text has proven its ability to open minds and sharpen thinking.Originally published in 1975 and reprinted more than twenty times over a quarter century -- and now available for the first time from Dorset House Publishing -- the text uses clear writing and basic algebraic principles to explore new approaches to projects, products, organizations, and virtually any kind of system.Scientists, engineers, organization leaders, managers, doctors, students, and thinkers of all disciplines can use this book to dispel the mental fog that clouds problem-solving. As author Gerald M. Weinberg writes in the new preface to the Silver Anniversary Edition, "I haven’t changed my conviction that most people don’t think nearly as well as they could had they been taught some principles of thinking.”Now an award-winning author of nearly forty books spanning the entire software development life cycle, Weinberg had already acquired extensive experience as a programmer, manager, university professor, and consultant when this book was originally published.With helpful illustrations, numerous end-of-chapter exercises, and an appendix on a mathematical notation used in problem-solving, An Introduction to General Systems Thinking may be your most powerful tool in working with problems, systems, and solutions.

    You’ll learn about authenticated encryption, secure randomness, hash functions, block ciphers, and public-key techniques such as RSA and elliptic curve cryptography.You’ll also learn: - Key concepts in cryptography, such as computational security, attacker models, and forward secrecy - The strengths and limitations of the TLS protocol behind HTTPS secure websites - Quantum computation and post-quantum cryptography - About various vulnerabilities by examining numerous code examples and use cases - How to choose the best algorithm or protocol and ask vendors the right questionsEach chapter includes a discussion of common implementation mistakes using real-world examples and details what could go wrong and how to avoid these pitfalls. Whether you’re a seasoned practitioner or a beginner looking to dive into the field, Serious Cryptography will provide a complete survey of modern encryption and its applications.

    Distinct from the details of implementation, algorithm, and data representation, an architecture holds the key to achieving system quality, is a reusable asset that can be applied to subsequent systems, and is crucial to a software organization's business strategy.Drawing on their own extensive experience, the authors cover the essential technical topics for designing, specifying, and validating a system. They also emphasize the importance of the business context in which large systems are designed. Their aim is to present software architecture in a real-world setting, reflecting both the opportunities and constraints that companies encounter. To that end, case studies that describe successful architectures illustrate key points of both technical and organizational discussions.Topics new to this edition include: Architecture design and analysis, including the Architecture Tradeoff Analysis Method (ATAM) Capturing quality requirements and achieving them through quality scenarios and tactics Using architecture reconstruction to recover undocumented architectures Documenting architectures using the Unified Modeling Language (UML) New case studies, including Web-based examples and a wireless Enterprise JavaBeans™ (EJB) system designed to support wearable computers The financial aspects of architectures, including use of the Cost Benefit Analysis Method (CBAM) to make decisions If you design, develop, or manage the building of large software systems (or plan to do so), or if you are interested in acquiring such systems for your corporation or government agency, use Software Architecture in Practice, Second Edition, to get up to speed on the current state of software architecture.

    This is a deeply technical book and focuses on the software engineering skills to ace your interview. The book is over 500 pages and includes 150 programming interview questions and answers, as well as other advice.The full list of topics are as follows:The Interview ProcessThis section offers an overview on questions are selected and how you will be evaluated. What happens when you get a question wrong? When should you start preparing, and how? What language should you use? All these questions and more are answered.Behind the ScenesLearn what happens behind the scenes during your interview, how decisions really get made, who you interview with, and what they ask you. Companies covered include Google, Amazon, Yahoo, Microsoft, Apple and Facebook.Special SituationsThis section explains the process for experience candidates, Program Managers, Dev Managers, Testers / SDETs, and more. Learn what your interviewers are looking for and how much code you need to know.Before the InterviewIn order to ace the interview, you first need to get an interview. This section describes what a software engineer's resume should look like and what you should be doing well before your interview.Behavioral PreparationAlthough most of a software engineering interview will be technical, behavioral questions matter too. This section covers how to prepare for behavioral questions and how to give strong, structured responses.Technical Questions (+ 5 Algorithm Approaches)This section covers how to prepare for technical questions (without wasting your time) and teaches actionable ways to solve the trickiest algorithm problems. It also teaches you what exactly "good coding" is when it comes to an interview.150 Programming Questions and AnswersThis section forms the bulk of the book. Each section opens with a discussion of the core knowledge and strategies to tackle this type of question, diving into exactly how you break down and solve it. Topics covered include• Arrays and Strings• Linked Lists• Stacks and Queues• Trees and Graphs• Bit Manipulation• Brain Teasers• Mathematics and Probability• Object-Oriented Design• Recursion and Dynamic Programming• Sorting and Searching• Scalability and Memory Limits• Testing• C and C++• Java• Databases• Threads and LocksFor the widest degree of readability, the solutions are almost entirely written with Java (with the exception of C / C++ questions). A link is provided with the book so that you can download, compile, and play with the solutions yourself.Changes from the Fourth Edition: The fifth edition includes over 200 pages of new content, bringing the book from 300 pages to over 500 pages. Major revisions were done to almost every solution, including a number of alternate solutions added. The introductory chapters were massively expanded, as were the opening of each of the chapters under Technical Questions. In addition, 24 new questions were added.Cracking the Coding Interview, Fifth Edition is the most expansive, detailed guide on how to ace your software development / programming interviews.