Why HTTP_HOST is evil
When browsing Stackoverflow I often notice users asking questions somehow involving the use of HTTP_HOST. I nonchalantly hint on its vulnerable nature and fail to produce a hint on an article...
View ArticleThe whitespace of death
As the first entry to the list of my PHP-related WTFs, I present: The whitespace of death This one has taken me almost a full hour to sort out. There may be some good features to PHP, yet this one I...
View ArticleTwitter plugin for WordPress
I recently installed V.J. Catkick@’s Twitter Plugin for WordPress. Shortly thereafter I noticed my HTML validator Firefox Plugin changing from a pleasing green check mark to a nasty red cross...
View ArticleTo deprecate or not to deprecate
As of version 5.3 of PHP, certain features and functions are considered deprecated. It comes with the territory. In major version changes, new features are added while old stuff is discarded....
View ArticleWorst “trojan” ever
While idly browsing pastebin (yes, sometimes I do that), I found something interesting. It’s some mildly obfuscated PHP scripted malware. Curious what it might do, I started reverse engineering it and...
View ArticleThe Boolean paradox
A small comparison just cost me half an hour of valueable time. In an ongoing series, I shall present another PHP WTF: The Boolean paradox. 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137...
View Article