Phars and distributing PHP CLI apps

Published: July 25, 2017


First things first, let’s address a question that I couldn’t easily find an answer to on Google. Is PHP required to execute a phar?

The answer is a loud and clear yes.

In fact, not only is PHP required to execute a phar, but the version of PHP installed on the system that will execute the phar must be in line with the version of PHP used by the phar author.

Dealing with Jekyll Tags and Case Sensitivity

Published: July 24, 2017


To the chagrin of some, tags in Jekyll are case sensitive. This means that “MySQL” and “mysql” are not the same tag.

No matter whether you’re using jekyll-archives for your tag archives pages, or a custom solution, it’s likely that you’ve felt some pain as a result of case sensitivity. I recently went through every post on this blog and to add consistent casing to my tags.

Here I’ll outline a solution I’ve developed to help alleviate the pain of dealing with case sensitivity and tags in Jekyll.

Parsing Set-Cookie Headers In PHP with Guzzle

Published: July 19, 2017


I recently had the need to extract the value of a Set-Cookie response header in PHP. Google lead me http_parse_cookie. Unfortunately, http_parse_cookie requires pecl_http which isn’t available with PHP out of box, and is a pain to install.

Other Google results suggest defining your own function.

After a bit of research, I found the SetCookie class in Guzzle. The implementation is really clean and is the best option for parsing Set-Cookie headers in PHP in my opinion.

Here’s a quick overview of how to use it…

Findings on XML External Entity Behavior in PHP

Published: July 3, 2017


Recently, I’ve been experimenting with XXE (XML External Entity) vulnerabilities in PHP.

I’ve found some inconsistent behavior and posts on the internet that don’t exactly line up with my experience. Here, I wanted to document what I’ve found…

An Intro To XSS For Magento Developers

Published: June 15, 2017

XSS is an abbreviation which stands for “Cross Site Scripting”. It is a classification of cyber-attack which is currently listed as #3 on the OWASP top 10. In this post, I’ll explain, in detail, what XSS is, and outline what you need to know about it, as a Magento developer

Scheduling tweets at specific times for twitter_ebooks bots

Published: June 2, 2017


In the documentation for twitter_ebooks you’ll see the following code.

 def on_startup
  scheduler.every '24h' do
    # Tweet something every 24 hours
    # See
    # tweet("hi")
    # pictweet("hi", "cuteselfie.jpg")

This will cause your ebooks_bot to tweet every 24 hours. However, what if you want your bot to Tweet at a specific schedule every day? We’ll take a look at how to set that up here…