This seems like a no-brain-er but I have seen it more times than I can count and I have seen it happen to some very experienced developers. Put simply: authentication is not enough; you need to make sure that the authenticated user is actually authorized to perform an action. It is one thing to know who a user is and an entirely different — though equally important — thing to know what a user is allowed to do.
This article covers the concepts of authentication and authorization.
One of the things that separates a good web application from a great one is how gracefully they handle failures. One of the often overlooked cases is when a user attempts to upload a file that exceeds the set PHP upload file size. This article shows how to detect when the user tries to upload a file that is too large and display an appropriate message.
Continue Reading »
You are in for a headache if you have try to call a method or create a member variable with the name of a reserved word in Actionscript. It can lead to such fun situations as having variables called: insert; update; deleteSomething. Because calling the third variable “delete” may be logical but it is a reserved word so that is out of the question. It gets hairier when you don’t necessarily have control over the object format (such is often the case with remote calls). I ran into this today when trying to call the “node_delete” (or “node.delete”) method in Drupal via Services and AMFPHP. This is frustrating so I’m going to show two situations where you could run into this problem and how I fixed them.
Continue Reading »
Rest assured. Soon I will be writing “Things about PHP 5.3 that make me cringe” but for now I sing the praises of the latest release of PHP that that came out today. I’ve been playing with the new release for months and there are indeed many good things about it and many of them have been a long time coming.
The other day I was reading the release notes and I couldn’t help but smile.
Continue Reading »
Every display markup language has its frustrating moments. Adobe Flex isn’t any exception. I ran into a little trouble a while back when trying to put a drop shadow on a HBox component. Here is the effect that I wanted to achieve:
Flex form with drop shadow header