Entries from March 2012
Typing URLs into the Google Search Box
Have you received a message from a customer asking why a website address provided doesn't work? Maybe the address worked just fine when it was initially sent via e-mail, but upon returning at a later date, the page could no longer be found. Well, it may be more than a mistyped address or an Internet connection issue. [Continue reading]
Keeping Code Up-to-Date
When managing websites, keep in mind that the Internet doesn't sit still. That PHP script written 10 years ago probably has a thing or two needing to be updated. There may be security issues, outdated code, etc. In addition to the evolution of programming / scripting languages, you as a developer have likely changed. Your coding practices are likely to be more efficient and more secure. So let's look at why we need to review old scripts on a semi-regular basis. [Continue reading]
Why PHP_SELF Should Be Avoided When Creating Website Links
When looking for articles about PHP_SELF, it seems like most only refer to the dangers of using the variable with HTML forms. However, there are risks with using it in other parts of a website. For example, it may be tempting to use the variable within the href attribute for links. The problem is that those links become susceptible to Cross-Site Scripting (XSS). Let's take a closer look at the security vulnerability of PHP_SELF and a simple alternative to avoid the problem altogether. [Continue reading]
How to Disable (or Modify) the Revision History in WordPress
For some reason, WordPress maintains the revision history for posts in the same database as the live posts. The issue with having the revision posts in the database is the extra overhead. Whenever the website queries the database, it needs to work with all records—including the revisions. Of course, this will unlikely be a problem for most blogs. But for those who prefer to keep websites running as efficiently as possible, the number of revisions can be limited…or stopped altogether. [Continue reading]
