ohryan.ca

A Web Developer in Winnipeg

Tag: php

  • Huge Vulnerability in WordPress 4.8

    Anthony Ferrara discovered a significant security vulnerability and an even more fundamental security flaw in WordPress. The correct fix is to ditch this whole prepare mechanism (which returns a string SQL query). Do what basically everyone else does and return a statement/query object or execute the query directly. That way you can’t double-prepare a string.…

  • Assault on the Hash (or how to make secure your passwords)

    In a recent episode of Build & Analyze Marco Armet (creator of Instapaper) explained that the standard practice of salting a hash is no longer a really good way to secure passwords. CPUs (and GPUs) are so fast that they can effectively guess your salt in a reasonable amount of time*. The solution, use bcrypt.…

  • How To: File Upload Progress Bar. No Flash. No PHP addons.

    Upload progressbars are pretty common on the web these days, they add a touch of feedback to the long and mysterious process of uploading a file to a website. Unfortunately, the most common methods for doing so involve flash or baring that PHP addons that require a recompiling. In this post I’m going to talk about…