Last major update: 25.08.2020
- Что такое авторизация/аутентификация
- Где хранить токены
- Как ставить куки ?
- Процесс логина
- Процесс рефреш токенов
- Кража токенов/Механизм контроля токенов
Andrii Volin angyvolin
rondy
/ Effective_Engineer.md
Last active
December 16, 2025 13:28
FWIW: I (@rondy) am not the creator of the content shared here, which is an excerpt from Edmond Lau's book. I simply copied and pasted it from another location and saved it as a personal note, before it gained popularity on news.ycombinator.com. Unfortunately, I cannot recall the exact origin of the original source, nor was I able to find the author's name, so I am can't provide the appropriate credits.
- By Edmond Lau
- Highly Recommended 👍
- http://www.theeffectiveengineer.com/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Disables any PHP by unlinking all PHP versions and stopping all PHP services | |
| # | |
| # Enables the PHP of the provided version. | |
| # If no version is provided, no PHP will be enabled, effectively disabling homebrew PHP. | |
| # | |
| # Usage: php-switch 70 | |
| php-switch() { | |
| brew list | grep -e ^php..$ | xargs brew unlink | |
| brew services list | grep started | cut -d" " -f1 | grep -e ^php | xargs brew services stop |
mindplay-dk
/ session-life-cycle.md
Last active
August 26, 2024 23:46
Complete overview of the PHP SessionHandler life-cycle
This page provides a full overview of PHP's SessionHandler
life-cycle - this was generated by a set of test-scripts, in order to provide an exact overview of when and
what you can expect will be called in your custom SessionHandler implementation.
Each example is a separate script being run by a client with cookies enabled.
To the left, you can see the function being called in your script, and to the right, you can see the resulting calls being made to a custom session-handler registed using session_set_save_handler().
sdepablos
/ gist:f2704672eb8feef7f339
Created
December 23, 2014 08:01
Testing has table collision keys
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| # More info at http://lukasmartinelli.ch/web/2014/11/17/php-dos-attack-revisited.html | |
| $file = 'https://github.com/lukasmartinelli/php-dos-attack/blob/master/collision_keys.txt'; | |
| $handle = fopen($file, 'r'); | |
| $a = []; | |
| while (($buffer = fgets($handle)) !== false) { | |
| $a[$buffer] = $buffer; | |
| } | |
| fclose($handle); |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| parameters | |
| --level=psr2 --verbose fix $FileDir$/$FileName$ | |
| working directory | |
| $ProjectFileDir$ |
fgm
/ Symfony2 GraphvizDumper demo
Last active
May 23, 2025 14:05
Demonstrate how to use the GraphViz Dumper in a Symfony 2.4 project.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * @file | |
| * gvdump.php | |
| * | |
| * @author: Frédéric G. MARAND <fgm@osinet.fr> | |
| * | |
| * @copyright (c) 2014 Ouest Systèmes Informatiques (OSInet). | |
| * | |
| * @license MIT |
ogrrd
/ Mac Dev Setup.md
Last active
November 12, 2020 22:16
Installing nginx, PHP and MySQL on OS X Mavericks
This is a requirement for brew in the next step. You can install XCode and then install Command Line Tools through the XCode preferences, or you can install just the Command Line Tools.
$ xcode-select --install
willurd
/ web-servers.md
Last active
December 17, 2025 08:46
Big list of http static server one-liners
Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.
$ python -m SimpleHTTPServer 8000
barneycarroll
/ fileInput.css
Last active
April 2, 2023 22:21
Total input[type=file] style control with pure CSS. File type inputs are notoriously hard to style, due to different semi-serious style restrictions in the name of security (the argument being that a file input presents access to the user's private file system, and should as such always look unambiguously like what it is — redundant if you ask m…
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| .fileContainer { | |
| overflow: hidden; | |
| position: relative; | |
| } | |
| .fileContainer [type=file] { | |
| cursor: inherit; | |
| display: block; | |
| font-size: 999px; | |
| filter: alpha(opacity=0); |
NewerOlder