Utah PHP Users Group » Jon Jensen

Mozy coding deathmatch offers $20,000 in cash prizes

Jon Jensen — Fri, 06 Apr 2007 17:24:48 +0000

Berkeley Data Systems, creators of Mozy Online Backup, will be holding its second semiannual coding deathmatch on Saturday, April 14. Billed as a “thinly disguised recruiting effort to find the best local engineers,” the competition is open to all Utah residents.

The previous deathmatch saw over 100 participants and was a success both for the 8 finalists who received prize money, and for BDS who hired 4 new engineers in the process.

SQL Injection

Jon Jensen — Wed, 07 Jun 2006 02:55:20 +0000

Are your apps sufficiently protected against SQL injection? Do you currently validate and sanitize all types (strings, numbers) and methods (forms, cookies, query strings) of user input before using it in a database query? If not, it’s only a matter of time before serious pwnage…

This article is good primer for newbies and reminder for gurus…

SQL Injection Attacks by Example

If you aren’t already using prepared statements, now’s as good a time as any to start:

SQLite, PHP and ALTER TABLE

Jon Jensen — Wed, 04 Aug 2004 23:19:55 +0000

Since SQLite comes bundled with PHP 5, I thought I’d post this for those interested.

SQLite currently does not support ALTER TABLE statements. This can make developing/modifying an app a bit cumbersome, since modifying a table requires creating a temp table and copying data back and forth. To this end, I’ve created a PHP wrapper for SQLite that does the dirty work for you and supports all types of ALTER TABLE statements. The source is in the public domain, so you may use it however you like.

Documentation:
http://code.jenseng.com/db/

Source:
http://code.jenseng.com/db/sql.txt

I will be releasing an optimized version with cleaner code, more comments, and additional functionality (such as RENAME TABLE) in a few weeks.