public marks

PUBLIC MARKS from mbertier with tags bestpractices & "groupe:clever age"

July 2007

White Paper: Intelligent Updates to Configuration Files - Spike Developer Zone

In this paper, we provide a new two­fold solution – automated merging of changes that are done by a software provider after installation and manual merging of changes performed by the user thereafter. While some manual intervention is required in this approach, it is a more reliable solution. This approach also includes a tool to ease the manual file comparison and merge process.

MySQL AB :: How to write a successful patch

Submitting patches to Open Source code doesn't come naturally to everyone.

Exceptional Performance

by 3 others
Yahoo!'s Exceptional Performance team evangelizes best practices for improving web performance. They conduct research, build tools, write articles and blogs, and speak at conferences. Their best practices center around the rules for high performance web sites.

Projects: Transliteration Extension - Derick Rethans

This extension allows you to transliterate text in non-latin characters (such as Chinese, Cyrillic, Greek etc) to latin characters. Besides the transliteration the extension also contains filters to upper- and lowercase latin, cyrillic and greek, and perform special forms of transliteration such as converting ligatures such as the Norwegian "æ" to "ae" and normalizing punctuation and spacing.

[ANN] mod_concat

The ability to concatenate CSS or javascript files into a single HTTP request.

0x000000 ◊ The Hacker Webzine

I've talked about CSRF before, but this time I wanted to show some of the underlying basics of it and explain why it isn't a new trick or something special. It is part of browsers and the way HTTP works, also to remove any argument that POST should be safer then GET. I know this is Internet basics, it still can be refreshing to read it over from time to time.

June 2007

PEAR :: Package :: PHP_DocBlockGenerator

Creates the file Page block and the DocBlocks for includes, global variables, functions, parameters, classes, constants, properties and methods. Accepts parameters to set the category name, the package name, the author's name and email, the license, the package link, etc... Attempts to guess variable and parameters types.

XSS (Cross Site Scripting) Cheat Sheet

by 17 others (via)
This page is for people who already understand the basics of XSS attacks but want a deep understanding of the nuances regarding filter evasion.

HTML Purifier - Filter your HTML the standards-compliant way!

by 18 others
HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C's specifications.

Mike Davidson: How To Keep Widgets From Slowing Down Sites: WEDJE

WEDJE is similar to the innerHTML method above except it creates what is effectively a cross-platform, cross-browser defer, enabling your script to load and execute asynchronously across all environments.

James Carr » Blog Archive » TDD Anti-Patterns

by 1 other (via)
Recently I began to write a paper on TDD Anti-Patterns, and decided to first quickly jot down some of the most common ones that others or myself have encountered “in the wild.”

Common Locale Data Repository

by 2 others (via)
The Unicode CLDR provides key building blocks for software to support the world's languages. CLDR is by far the largest and most extensive standard repository of locale data. This data is used by a wide spectrum of companies for their software internationalization and localization: adapting software to the conventions of different languages for such common software tasks as formatting of dates, times, time zones, numbers, and currency values; sorting text; choosing languages or countries by name; and many others. Exception-Handling Antipatterns

by 1 other (via)
Should you throw an exception, or return null? Should you use checked or unchecked exceptions? For many novice to mid-level developers, exception handling tends to be an afterthought. Their typical pattern is usually a simple try/catch/printStackTrace(). When they try to get more creative, they usually stumble into one or more common exception handling antipatterns.

May 2007

Jimdo and Northclick Dev-Blog » Getting the PHP fatal errors

by 1 other (via)
One big issue of the PHP error handling is that there’s no built-in way to catch fatal errors with an user-defined error handler. So I thought a little bit about it and maybe you have better approaches or solutions … The short goal is to send the error via e-mail to the developer(s). As we are security-aware, we’re logging errors and do not display them to the world. (Hint: that should be your default on every production machine!)

April 2007

BehaviourDrivenDevelopment - Behaviour-Driven Development

by 4 others (via)
Behaviour-Driven Development (BDD) is an evolution in the thinking behind TestDrivenDevelopment and AcceptanceTestDrivenPlanning.

February 2007

Streamed Lines: Branching Patterns for Parallel Software Development

by 3 others (via)
Most software version control systems provide mechanisms for branching into multiple lines of development and merging source code from one development line into another. However, the techniques, policies and guidelines for using these mechanisms are often misapplied or not fully understood. This is unfortunate, since the use or misuse of branching and merging can make or break a parallel software development project. Streamed Lines is a pattern language for organizing related lines of development into appropriately diverging and converging streams of source code changes.

January 2007