Category Archives: PHP

Cross-site scripting in millions of web sites

In August 2014 I found a severe cross-site scripting security vulnerability in the latest version (1.13.0) of the ‘jQuery Validation Plugin‘ during a security penetration test for a customer. This jQuery plugin which adds easy form validation functionality to a web site, is … Continue reading

Posted in cross site scripting, Google, PHP, responsible disclosure | 62 Comments

“Implicaties applicatieconfiguratie opslaan in PHP constanten?”

Hieronder mijn antwoord dat ik voor iemand geschreven heb die mij de volgende vraag stelde: “Is het wijs om de applicatieconfiguratie op te slaan in constanten, in plaats van in een array?” Het voordeel van het opslaan van waardes in … Continue reading

Posted in PHP, PHP security | Leave a comment

Setting cookies in PHP

My experience with setting cookies with PHP, a must read for every developer that uses Windows XP and doesn’t want to spend his time debugging cookies. If you’re using Windows XP with Internet Explorer and have a local web server … Continue reading

Posted in bug, PHP | Leave a comment

Monty Hall probability calculation

I was fascinated by the Monty Hall problem: “Suppose you’re on a game show, and you’re given the choice of three doors: Behind one door is a car; behind the others, goats. You pick a door, say No. 1, and … Continue reading

Posted in PHP, puzzle | Leave a comment