a programmer's best friend Comments

gERD: FIT for PHP

nospam@example.com (gERD) — Wed, 18 Oct 2006 00:18:53 +0200

It's not so much on top Unit-Tests, it is more about communication.

Unit-Tests (usually) are visible for testers and programmers. FIT-(HTML)-Documents are e.g. written by your customer. Hence it contains all your client's expectaions. Now PHPFIT automatically compares those expectations with actual results.

So, for example we use Simple-Test (like PHPUnit) for plenty of tests on API-level (check functions and methods). At the same time FIT gives the answers to questions like: "Is it possible to store my chinese address?"

Give it a go, I guess you'll like it.

Geoffrey: FIT for PHP

nospam@example.com (Geoffrey) — Tue, 17 Oct 2006 22:55:24 +0200

If I understand well, it's something you put on top of unit tests ? Can it integrates with existing unit tests done with, say, phpunit ?

looks interesting

Lars: PHP Design Patterns published

nospam@example.com (Lars) — Wed, 11 Oct 2006 09:45:40 +0200

I just received my copy and had a short look into it. I like it very much.
I like your example code (I work in a company
which has to do a lot with cars ).

Shows in a very clean and "close to reality" way, what it means to program object-oriented, and how to take it on the next level with design patterns.

Good book.

tiddy: PHP Design Patterns published

nospam@example.com (tiddy) — Tue, 10 Oct 2006 21:07:41 +0200

yeah, i like that book - received it last friday from amazon. very practical examples and up-to-date to newest php-features.

orixilus: PHP Design Patterns published

nospam@example.com (orixilus) — Tue, 10 Oct 2006 19:42:28 +0200

I bought "php|architect's Guide to PHP Design Patterns" and wasn't that great also. too much focus on unit testing, I think...

Anon: PHP Design Patterns published

nospam@example.com (Anon) — Tue, 10 Oct 2006 19:29:37 +0200

In English, I think the closest competitor to your book is "PHP 5 Objects, Patterns, and Practice", which I thought was good but not great. If your book is better than that one, it should definitely be published in English.

There's a typo in your hyperlink for Propel.

Jay: PHP Design Patterns published

nospam@example.com (Jay) — Tue, 10 Oct 2006 04:11:22 +0200

I would definitely like to see an english version as well.

schst: PHP Design Patterns published

nospam@example.com (schst) — Mon, 09 Oct 2006 22:53:48 +0200

That depends on whether it is successful in Germany and whether O'Reilly wants to publish it in English...

orixilus: PHP Design Patterns published

nospam@example.com (orixilus) — Mon, 09 Oct 2006 20:13:58 +0200

are you planning to release it in english anytime soon?

eremit: Analyzing aide (advanced intrusion detection environment) output with PHP

nospam@example.com (eremit) — Tue, 29 Aug 2006 07:56:35 +0200

Hi Luckec,

first please take my apology. I was reading out of your post something like:
"We got hacked several times now, and to detect a successfull hack we use aide, without rethinking anything of our base setup."
The last part of the sentence was something I interpreted into your post, without it being actually there.

luckec: Analyzing aide (advanced intrusion detection environment) output with PHP

nospam@example.com (luckec) — Mon, 28 Aug 2006 20:28:51 +0200

Hi Eremit,

what you understood about the the post regarding that our server had been hacked is correct. But apart from that you have quite an ability to pervert the facts!

You can be damn sure that there is none of the pat nor the 3rdPEARty code tampered in any way! It is a pity if you think you have to uninstall those packages (BTW: The sources are open and readable to anyone, just try it ).

Furthermore, you seem to be pretty confident that we're not very skilled in administration concerns. Be sure, whenever the server got hacked (which happened quite some time ago) we did of course setup everything from scratch and checked everything. I'm properly convinced that a lot of people had a cracker on their server who can be considered good administrators. Anyhow, I see no sense in arguing with you about those skills.

And finally let me moke one last thing clear: I didn't write the AideAnalyzer because I fear each day that the system could have been hacked because I am such a poor admin. The only reason I did this is because it saves me some minutes every time I analyze the aide-output (and maybe some other people, too).

I definitely agree with you that a rock-solid and secure system is a must have. But after all I think one is better off with aide knowing the system has been compromised than someone who thinks he owns a secure system of which he doesn't know what's going on behind the scenes.

eremit: Analyzing aide (advanced intrusion detection environment) output with PHP

nospam@example.com (eremit) — Mon, 28 Aug 2006 14:35:08 +0200

The sentence i quoted, suggest the php-tools.net servers has been hacked more than once.
There i one conclusion for me, instead of thinking about how to parse and evaluate a logfile of a tool which only detects a hack, the hack itself should be prevented by hiring a professional administrator.

Further, i for myself have removed every pear package from this site, because of the following fact:
If this site has got hacked often enough to think about writing an aide parser, i do not want possible tampered code from your pear repository on my servers anymore. - At least not until i had the time to inspect every package by myself.

Remember, security is only as strong as the weakest part in the chain, and from reading the first sentence, which suggest a total lack of security sense the part has to be removed from the chain.

luckec: Analyzing aide (advanced intrusion detection environment) output with PHP

nospam@example.com (luckec) — Mon, 28 Aug 2006 13:46:15 +0200

Ummmm ok. What exactly do you mean?

(a) Professional admins do not need a tool like aide?

(b) Professional admins enjoy looking manually through lengthy logs even if they had the chance to make their life easier?

(c) Something else?

eremit: Analyzing aide (advanced intrusion detection environment) output with PHP

nospam@example.com (eremit) — Mon, 28 Aug 2006 12:26:17 +0200

>> Since we started hosting our sites on our own server we had some nasty cracker-attacks (most often certainly script-kiddies) causing lots of traffic by hosting crappy italian movies or by installing rootkits.

What about hiring a professional administrator instead of writing an aide analyzer?

gERD Schaufelberger: PHP Design Patterns finished

nospam@example.com (gERD Schaufelberger) — Tue, 22 Aug 2006 13:22:45 +0200

Great! I'm going order a few copies, I reckon