It also works beautifully with other open source tools, such as the MySQL database and the Apache web server. However, as more web sites are developed in PHP, they become targets for malicious attackers, and developers need to prepare for the attacks.Security is an issue that demands attention, given the growing frequency of attacks on web sites. Essential PHP Security explains the most common types of attacks and how to write code that isn't susceptible to them. By examining specific attacks and the techniques used to protect against them, you will have a deeper understanding and appreciation of the safeguards you are about to learn in this book.In the much-needed (and highly-requested) Essential PHP Security, each chapter covers an aspect of a web application (such as form processing, database programming, session management, and authentication). Chapters describe potential attacks with examples and then explain techniques to help you prevent those attacks.Topics covered include:Preventing cross-site scripting (XSS) vulnerabilitiesProtecting against SQL injection attacksComplicating session hijacking attemptsYou are in good hands with author Chris Shiflett, an internationally-recognized expert in the field of PHP security. Shiflett is also the founder and President of Brain Bulb, a PHP consultancy that offers a variety of services to clients around the world.

    Commercial game development expert Robert Nystrom presents an array of general solutions to problems encountered in game development. For example, you'll learn how double-buffering enables a player to perceive smooth and realistic motion, and how the service locator pattern can help you provide access to services such as sound without coupling your code to any particular sound driver or sound hardware. Games have much in common with other software, but also a number of unique constraints. Some of the patterns in this book are well-known in other domains of software development. Other of the patterns are unique to gaming. In either case, Robert Nystrom bridges from the ivory tower world of software architecture to the in-the-trenches reality of hardcore game programming. You'll learn the patterns and the general problems that they solve. You'll come away able to apply powerful and reusable architectural solutions that enable you to produce higher quality games with less effort than before. Applies classic design patterns to game programming. Introduces new patterns specific to game programming. Brings abstract software architecture down to Earth with approachable writing and an emphasis on simple code that shows each pattern in practice. What you'll learn Overcome architectural challenges unique to game programming Apply lessons from the larger software world to games. Tie different parts of a game (graphics, sound, AI) into a cohesive whole. Create elegant and maintainable architecture. Achieve good, low-level performance. Gain insight into professional, game development. Who this book is forGame Programming Patterns is aimed at professional game programmers who, while successful in shipping games, are frustrated at how hard it sometimes is to add and modify features when a game is under development. Game Programming Patterns shows how to apply modern software practices to the problem of game development while still maintaining the blazing-fast performance demanded by hard-core gamers. Game Programming Patterns also appeals to those learning about game programming in their spare time. Hobbyists and aspiring professionals alike will find much to learn in this book about pathfinding, collision detection, and other game-programming problem domains.

    Why? Too many organizations still view software development as just another production line. Too many developers feel that way, too--and they behave accordingly. In The Software Craftsman: Professionalism, Pragmatism, Pride, Sandro Mancuso offers a better and more fulfilling path. If you want to develop software with pride and professionalism; love what you do and do it with excellence; and build a career with autonomy, mastery, and purpose, it starts with the recognition that you are a craftsman. Once you embrace this powerful mindset, you can achieve unprecedented levels of technical excellence and customer satisfaction. Mancuso helped found the world's largest organization of software craftsmen; now, he shares what he's learned through inspiring examples and pragmatic advice you can use in your company, your projects, and your career. You will learn Why agile processes aren't enough and why craftsmanship is crucial to making them work How craftsmanship helps you build software right and helps clients in ways that go beyond code How and when to say "No" and how to provide creative alternatives when you do Why bad code happens to good developers and how to stop creating and justifying it How to make working with legacy code less painful and more productive How to be pragmatic--not dogmatic--about your practices and tools How to lead software craftsmen and attract them to your organization What to avoid when advertising positions, interviewing candidates, and hiring developers How developers and their managers can create a true culture of learning How to drive true technical change and overcome deep patterns of skepticism Sandro Mancuso has coded for startups, software houses, product companies, international consultancies, and investment banks. In October 2013, he cofounded Codurance, a consultancy based on Software Craftsmanship principles and values. His involvement with Software Craftsmanship began in 2010, when he founded the London Software Craftsmanship Community (LSCC), now the world's largest and most active Software Craftsmanship community, with more than two thousand craftsmen. For the past four years, he has inspired and helped developers to organize Software Craftsmanship communities throughout Europe, the United States, and the rest of the world.

    With our Cookbook's unique format, you can learn how to build dynamic web applications that work on any web browser. This revised new edition makes it easy to find specific solutions for programming challenges.PHP Cookbook has a wealth of solutions for problems that you'll face regularly. With topics that range from beginner questions to advanced web programming techniques, this guide contains practical examples -- or "recipes" -- for anyone who uses this scripting language to generate dynamic web content. Updated for PHP 5, this book provides solutions that explain how to use the new language features in detail, including the vastly improved object-oriented capabilities and the new PDO data access extension. New sections on classes and objects are included, along with new material on processing XML, building web services with PHP, and working with SOAP/REST architectures. With each recipe, the authors include a discussion that explains the logic and concepts underlying the solution.

    But can you also build web sites that are usable by machines? That's where the future lies, and that's what RESTful Web Services shows you how to do. The World Wide Web is the most popular distributed application in history, and Web services and mashups have turned it into a powerful distributed computing platform. But today's web service technologies have lost sight of the simplicity that made the Web successful. They don't work like the Web, and they're missing out on its advantages. This book puts the "Web" back into web services. It shows how you can connect to the programmable web with the technologies you already use every day. The key is REST, the architectural style that drives the Web. This book:Emphasizes the power of basic Web technologies -- the HTTP application protocol, the URI naming standard, and the XML markup language Introduces the Resource-Oriented Architecture (ROA), a common-sense set of rules for designing RESTful web services Shows how a RESTful design is simpler, more versatile, and more scalable than a design based on Remote Procedure Calls (RPC) Includes real-world examples of RESTful web services, like Amazon's Simple Storage Service and the Atom Publishing Protocol Discusses web service clients for popular programming languages Shows how to implement RESTful services in three popular frameworks -- Ruby on Rails, Restlet (for Java), and Django (for Python) Focuses on practical issues: how to design and implement RESTful web services and clients This is the first book that applies the REST design philosophy to real web services. It sets down the best practices you need to make your design a success, and the techniques you need to turn your design into working code. You can harness the power of the Web for programmable applications: you just have to work with the Web instead of against it. This book shows you how.

    Designed for readers who don't need the academic formality, it's a fast and easy computer science guide. It teaches essential concepts for people who want to program computers effectively. First, it introduces discrete mathematics, then it exposes the most common algorithms and data structures. It also shows the principles that make computers and programming languages work.

    In this book, you’ll learn how many of the most fundamental data science tools and algorithms work by implementing them from scratch. If you have an aptitude for mathematics and some programming skills, author Joel Grus will help you get comfortable with the math and statistics at the core of data science, and with hacking skills you need to get started as a data scientist. Today’s messy glut of data holds answers to questions no one’s even thought to ask. This book provides you with the know-how to dig those answers out. Get a crash course in Python Learn the basics of linear algebra, statistics, and probability—and understand how and when they're used in data science Collect, explore, clean, munge, and manipulate data Dive into the fundamentals of machine learning Implement models such as k-nearest Neighbors, Naive Bayes, linear and logistic regression, decision trees, neural networks, and clustering Explore recommender systems, natural language processing, network analysis, MapReduce, and databases

    "The Rails(TM) 3 Way"is the only comprehensive, authoritative guide to delivering production-quality code with Rails 3. Pioneering Rails expert Obie Fernandez and a team of leading experts illuminate the entire Rails 3 API, along with the idioms, design approaches, and libraries that make developing applications with Rails so powerful. Drawing on their unsurpassed experience and track record, they address the real challenges development teams face, showing how to use Rails 3 to maximize your productivity. Using numerous detailed code examples, the author systematically covers Rails 3 key capabilities and subsystems, making this book a reference that you will turn to again and again. He presents advanced Rails programming techniques that have been proven effective in day-to-day usage on dozens of production Rails systems and offers important insights into behavior-driven development and production considerations such as scalability. Dive deep into the Rails 3 codebase and discover why Rails is designed the way it is--and how to make it do what you want it to do.This book will help youLearn what's new in Rails 3 Increase your productivity as a web application developer Realize the overall joy in programming with Rails Leverage Rails' powerful capabilities for building REST-compliant APIs Drive implementation and protect long-term maintainability using RSpec Design and manipulate your domain layer using Active Record Understand and program complex program flows using Action Controller Master sophisticated URL routing concepts Use Ajax techniques via Rails 3 support for unobtrusive JavaScript Learn to extend Rails with popular gems and plugins, and how to write your own Extend Rails with the best third-party plug-ins and write your own Integrate email services into your applications with Action Mailer Improve application responsiveness with background processing Create your own non-Active Record domain classes using Active Model Master Rails' utility classes and extensions in Active Support

    Although many developers feel that XP is rooted in commonsense, its vastly different approach can bring challenges, frustrations, and constant demands on your patience.Unless you've got unlimited time (and who does these days?), you can't always stop to thumb through hundreds of pages to find the piece of information you need. The Extreme Programming Pocket Guide is the answer. Concise and easy to use, this handy pocket guide to XP is a must-have quick reference for anyone implementing a test-driven development environment.The Extreme Programming Pocket Guide covers XP assumptions, principles, events, artifacts, roles, and resources, and more. It concisely explains the relationships between the XP practices. If you want to adopt XP in stages, the Extreme Programming Pocket Guide will help you choose what to apply and when. You'll be surprised at how much practical information is crammed into this slim volume.O'Reilly's Pocket Guides have become a favorite among developers everywhere. By providing a wealth of important details in a concise, well-organized format, these handy books deliver just what you need to complete the task at hand. When you've reached a sticking point in your work and need to get to a solution quickly, the new Extreme Programming Pocket Guide is the book you'll want to have beside your keyboard.

    Every piece of the web application stack, from HTTP requests to browser-side scripts, comes with important yet subtle security consequences. To keep users safe, it is essential for developers to confidently navigate this landscape.In The Tangled Web, Michal Zalewski, one of the world's top browser security experts, offers a compelling narrative that explains exactly how browsers work and why they're fundamentally insecure. Rather than dispense simplistic advice on vulnerabilities, Zalewski examines the entire browser security model, revealing weak points and providing crucial information for shoring up web application security. You'll learn how to:Perform common but surprisingly complex tasks such as URL parsing and HTML sanitization Use modern security features like Strict Transport Security, Content Security Policy, and Cross-Origin Resource Sharing Leverage many variants of the same-origin policy to safely compartmentalize complex web applications and protect user credentials in case of XSS bugs Build mashups and embed gadgets without getting stung by the tricky frame navigation policy Embed or host user-supplied content without running into the trap of content sniffing For quick reference, "Security Engineering Cheat Sheets" at the end of each chapter offer ready solutions to problems you're most likely to encounter. With coverage extending as far as planned HTML5 features, The Tangled Web will help you create secure web applications that stand the test of time.

    Writing code that handles unexpected errors and still works is really hard. Most of us learn by trial and error. This short book removes the uncertainty. With over 100 pages of content and dozens of working examples, you’ll learn everything from the mechanics of how exceptions work to how to design a robust failure management architecture for your app or library. Whether you are a Ruby novice or a seasoned veteran, Exceptional Ruby will help you write cleaner, more resilient Ruby code.

    This is one of those cases. The UNIX System Administration Handbook is one of the few books we ever measured ourselves against." -From the Foreword by Tim O'Reilly, founder of O'Reilly Media "This book is fun and functional as a desktop reference. If you use UNIX and Linux systems, you need this book in your short-reach library. It covers a bit of the systems' history but doesn't bloviate. It's just straightfoward information delivered in colorful and memorable fashion." -Jason A. Nunnelley"This is a comprehensive guide to the care and feeding of UNIX and Linux systems. The authors present the facts along with seasoned advice and real-world examples. Their perspective on the variations among systems is valuable for anyone who runs a heterogeneous computing facility." -Pat Parseghian The twentieth anniversary edition of the world's best-selling UNIX system administration book has been made even better by adding coverage of the leading Linux distributions: Ubuntu, openSUSE, and RHEL. This book approaches system administration in a practical way and is an invaluable reference for both new administrators and experienced professionals. It details best practices for every facet of system administration, including storage management, network design and administration, email, web hosting, scripting, software configuration management, performance analysis, Windows interoperability, virtualization, DNS, security, management of IT service organizations, and much more. UNIX(R) and Linux(R) System Administration Handbook, Fourth Edition, reflects the current versions of these operating systems: Ubuntu(R) LinuxopenSUSE(R) LinuxRed Hat(R) Enterprise Linux(R)Oracle America(R) Solaris(TM) (formerly Sun Solaris)HP HP-UX(R)IBM AIX(R)

    By reconstructing authentic, complex AI programs using state-of-the-art Common Lisp, the book teaches students and professionals how to build and debug robust practical programs, while demonstrating superior programming style and important AI concepts. The author strongly emphasizes the practical performance issues involved in writing real working programs of significant size. Chapters on troubleshooting and efficiency are included, along with a discussion of the fundamentals of object-oriented programming and a description of the main CLOS functions. This volume is an excellent text for a course on AI programming, a useful supplement for general AI courses and an indispensable reference for the professional programmer.

    An effective testing strategy will deliver new functionality more aggressively, accelerate user feedback, and improve quality. However, for many developers, creating effective automated tests is a unique and unfamiliar challenge. xUnit Test Patterns is the definitive guide to writing automated tests using xUnit, the most popular unit testing framework in use today. Agile coach and test automation expert Gerard Meszaros describes 68 proven patterns for making tests easier to write, understand, and maintain. He then shows you how to make them more robust and repeatable--and far more cost-effective. Loaded with information, this book feels like three books in one. The first part is a detailed tutorial on test automation that covers everything from test strategy to in-depth test coding. The second part, a catalog of 18 frequently encountered "test smells," provides trouble-shooting guidelines to help you determine the root cause of problems and the most applicable patterns. The third part contains detailed descriptions of each pattern, including refactoring instructions illustrated by extensive code samples in multiple programming languages. Topics covered includeWriting better tests--and writing them faster The four phases of automated tests: fixture setup, exercising the system under test, result verification, and fixture teardown Improving test coverage by isolating software from its environment using Test Stubs and Mock Objects Designing software for greater testability Using test "smells" (including code smells, behavior smells, and project smells) to spot problems and know when and how to eliminate them Refactoring tests for greater simplicity, robustness, and execution speed This book will benefit developers, managers, and testers working with any agile or conventional development process, whether doing test-driven development or writing the tests last. While the patterns and smells are especially applicable to all members of the xUnit family, they also apply to next-generation behavior-driven development frameworks such as RSpec and JBehave and to other kinds of test automation tools, including recorded test tools and data-driven test tools such as Fit and FitNesse.Visual Summary of the Pattern Language Foreword Preface Acknowledgments Introduction Refactoring a Test PART I: The Narratives Chapter 1 A Brief Tour Chapter 2 Test Smells Chapter 3 Goals of Test Automation Chapter 4 Philosophy of Test Automation Chapter 5 Principles of Test Automation Chapter 6 Test Automation Strategy Chapter 7 xUnit Basics Chapter 8 Transient Fixture Management Chapter 9 Persistent Fixture Management Chapter 10 Result Verification Chapter 11 Using Test Doubles Chapter 12 Organizing Our Tests Chapter 13 Testing with Databases Chapter 14 A Roadmap to Effective Test Automation PART II: The Test Smells Chapter 15 Code Smells Chapter 16 Behavior Smells Chapter 17 Project Smells PART III: The Patterns Chapter 18 Test Strategy Patterns Chapter 19 xUnit Basics Patterns Chapter 20 Fixture Setup Patterns Chapter 21 Result Verification Patterns Chapter 22 Fixture Teardown Patterns Chapter 23 Test Double Patterns Chapter 24 Test Organization Patterns Chapter 25 Database Patterns Chapter 26 Design-for-Testability Patterns Chapter 27 Value Patterns PART IV: Appendixes Appendix A Test Refactorings Appendix B xUnit Terminology Appendix C xUnit Family Members Appendix D Tools Appendix E Goals and Principles Appendix F Smells, Aliases, and Causes Appendix G Patterns, Aliases, and Variations Glossary References Index "

    Find out how the Swedish police combined XP, Scrum, and Kanban in a 60-person project. From start to finish, you'll see how to deliver a successful product using Lean principles. We start with an organization in desperate need of a new way of doing things and finish with a group of sixty, all working in sync to develop a scalable, complex system. You'll walk through the project step by step, from customer engagement, to the daily "cocktail party," version control, bug tracking, and release. In this honest look at what works--and what doesn't--you'll find out how to: Make quality everyone's business, not just the testers. Keep everyone moving in the same direction without micromanagement. Use simple and powerful metrics to aid in planning and process improvement. Balance between low-level feature focus and high-level system focus. You'll be ready to jump into the trenches and streamline your own development process.ContentsForewordPrefacePART I: HOW WE WORK1. About the Project1.1 Timeline 51.2 How We Sliced the Elephant 61.3 How We Involved the Customer 72. Structuring the Teams3. Attending the Daily Cocktail Party3.1 First Tier: Feature Team Daily Stand-up3.2 Second Tier: Sync Meetings per Specialty3.3 Third Tier: Project Sync Meeting4. The Project Board4.1 Our Cadences4.2 How We Handle Urgent Issues and Impediments5. Scaling the Kanban Boards6. Tracking the High-Level Goal7. Defining Ready and Done7.1 Ready for Development7.2 Ready for System Test7.3 How This Improved Collaboration 8. Handling Tech Stories8.1 Example 1: System Test Bottleneck8.2 Example 2: Day Before the Release8.3 Example 3: The 7-Meter Class9. Handling Bugs9.1 Continuous System Test9.2 Fix the Bugs Immediately9.3 Why We Limit the Number of Bugs in the Bug Tracker9.4 Visualizing Bugs9.5 Preventing Recurring Bugs10. Continuously Improving the Process10.1 Team Retrospectives10.2 Process Improvement Workshops10.3 Managing the Rate of Change11. Managing Work in Progress11.1 Using WIP Limits11.2 Why WIP Limits Apply Only to Features12. Capturing and Using Process Metrics12.1 Velocity (Features per Week)12.2 Why We Don’t Use Story Points12.3 Cycle Time (Weeks per Feature)12.4 Cumulative Flow12.5 Process Cycle Efficiency13. Planning the Sprint and Release13.1 Backlog Grooming13.2 Selecting the Top Ten Features13.3 Why We Moved Backlog Grooming Out of the Sprint Planning Meeting13.4 Planning the Release14. How We Do Version Control14.1 No Junk on the Trunk14.2 Team Branches14.3 System Test Branch15. Why We Use Only Physical Kanban Boards16. What We Learned16.1 Know Your Goal16.2 Experiment16.3 Embrace Failure16.4 Solve Real Problems16.5 Have Dedicated Change Agents16.6 Involve PeoplePART II: A CLOSER LOOK AT THE TECHNIQUES 17. Agile and Lean in a Nutshell17.1 Agile in a Nutshell17.2 Lean in a Nutshell17.3 Scrum in a Nutshell17.4 XP in a Nutshell17.5 Kanban in a Nutshell18. Reducing the Test Automation Backlog18.1 What to Do About It18.2 How to Improve Test Coverage a Little Bit Each Iteration18.3 Step 1: List Your Test Cases18.4 Step 2: Classify Each Test18.5 Step 3: Sort the List in Priority Order18.6 Step 4: Automate a Few Tests Each Iteration18.7 Does This Solve the Problem?19. Sizing the Backlog with Planning Poker19.1 Estimating Without Planning Poker19.2 Estimating with Planning Poker19.3 Special Cards20. Cause-Effect Diagrams20.1 Solve Problems, Not Symptoms20.2 The Lean Problem-Solving Approach: A3 Thinking20.3 How to Use Cause-Effect Diagrams20.4 Example 1: Long Release Cycle20.5 Example 2: Defects Released to Production20.6 Example 3: Lack of Pair Programming20.7 Example 4: Lots of Problems20.8 Practical Issues: How to Create and Maintain the Diagrams20.9 Pitfalls20.10 Why Use Cause-Effect Diagrams?21. Final WordsA1. Glossary: How We Avoid Buzzword BingoIndex