Showing posts with label development. Show all posts
Showing posts with label development. Show all posts

Monday 19 November 2012

PHP 5.5 To Include Simple And Secure Password Hashing API

Few days ago, we saw the release of PHP 5.5.0 Alpha 1 to the public. The PHP development team is serious about addressing all the criticism it gets time and again. With the recent leaks of several high profile sites, a simple to use yet secure password hashing API has been introduced now.

Here's the RFC for simple password hashing API proposed by ircmaxell and now it has been implemented as a PHP core in 5.5.0 Alpha 1 release and will continue to be part of the PHP core in future releases.

In case you would like to use the API functions in older releases, there's a compatible PHP library for PHP >= 5.3.7. The reason for this is that PHP prior to 5.3.7 contains a security issue with its BCRYPT implementation.

Basically the idea behind simple password hashing API is that most of the PHP developers either don't understand or don't think worth the effort the whole concept of strong password hashing. By providing a simple API that can be called, which takes care of all of those issues for you, hopefully more projects and developers will be able to use secure password hashing.

Using the API is quite simple. All you have to do to get the hash is:

$hash = password_hash($password, PASSWORD_BCRYPT);

Verifying the password is also quite simple.

if (password_verify($password, $hash)) {
    // pass is correct :)
} else {
    // pass is correct :/

The simple password hashing API provides sets of password_* functions for the developers to make use of strong password hashing.

Reading materials

RFC for simple password hashing API

Designing an API

PHP 5.5.0 Alpha 1 released


Thursday 22 December 2011

First Thing To Try When Encountered An Odd Error In Eclipse

Hi everybody, this is always worth trying when you encounter some unknown and odd error while developing applications with Eclipse IDE. You may encounter errors even though every line of your code is syntactically correct and still you can't find what exactly is the error. Sometimes you might spend hours trying to find error but actually there might be no error in your application.

To clean the current project in Eclipse, go to Project -> Clean and it will clean all the compiled stuffs and will give you a fresh start for the compilation. Keep in mind this little trick and you might find useful several times while you are working on Eclipse.


Tuesday 27 September 2011

Qt4 Development Using Monkey Studio

Monkey Studio is a free and open-source crossplatform Qt 4 IDE. It is developed using the Qt library itself, meaning it will run on any platform supported by Qt 4. This allows you to work on the same project on multiple platforms using the same IDE. Monkey Studio uses the Qt Project file (.pro) to manage the project, and there are no extra files created.

With a active forum and wiki, Monkey Studio IDE offers pretty cool features for developing Qt4 Apps. Its noticeable features are:

- Monkey Studio also features * Advanced, customizable code editor, based on QScintilla.
- Syntax highlighting for more than 22 programming languages
- Templates wizard - create files or projects from templates
- Code restyling - quickly fix/update style of your code using AStyle
- Qt Designer integration
- Qt Assistant integration

To install MonkeyStudio in ubuntu, open the terminal and type:

sudo apt-get install monkeystudio

For downloads for other platforms and more information, visit official website.