Blog | falk-m.de
This blog is not for you, not only.
Like other developers, I read articles, test new features, analyze code from others and so on.
Also, I have some interesting code snippets used in projects, if I need them, I always search in old projects.
This blog is my central place now, to collect interesting code snippets, features, etc.
Broadcast challen api
In a post from 2024-02-08, I describe a way to send messages between the scripts in different browser windows with a storage event.
Now I have found a smarter solution for this problem:
svg xss attack
In my last post about htaccess configuration, I found these lines of code in another project:
Header set Content-Security...
htaccess best practices
SEO and performance
set expiration header
ExpiresDefault "access plus 1 week"
ExpiresByType text/html "access plus 600 seconds"
Become a PHP professional developer | Part 1
I want to ride a series to become a professional skill set in web development with PHP.
First, I check online applications searching a senior PHP developers.
Here is a list of required skills.
session management with tokens
This Post is not about OAuth.
The inspected use case is the session management for an API after the authentification (after login).
It is not about the authentification process, code flow, and so o...
Post messages to Slack Channel
find the channel id
There are many ways to find the channel id.
The simplest is, to use the Slack browser application and copy the channel id from the URL after you enter the channel.
The URL looks...
Messages between browser tabs
in some cases, it is necessary to sync browser tabs or send a message to another tab.
For example: In one tab is a voice recorder and in the other is a list of recordings. When the record is finish...
Server side events with php
There are different ways for near real-time browser updates by a server message.
With a PHP website on the server side, you are very restricted, because in normal case you can't run a web socket pr...
Server side event tracking with matomo
if you want to track events, like a click, an error or a login try,
you can do this serverside without cookies, with matomo.
First download and install matomo.
Then you need an authentification tok...
Rewrite to public folder
If you install the symphony framework or a shopware webshop for example, you have to change the routing on our web server, because the applications require, that the webroot be pointed to the '/pub...
Extract SMIME certificate from mail
In an earlier post, I dircript how you can sent a s/mime encrypted mail.
If you want to send encrypted mail, you need the public certificate from the recipient's email address.
One way to recive th...
encrypt emails with s/mime on PHP and send with PHPMailer over smtp
php mail can sign messages but not encrypt them.
For a project, I have to encrypt the mail Body with php.
First, I have to receive the public key from the recipient.
In my case, I test it with the ...
store and play video files from the local file system
For one of my next projects, I have to cache large files locally on the device to use them also in offline mode.
When I stored the files on the local file system, then they were not addicted to th...
The div button :-)
The div button :-)
I know, never use divs as a button.
But:-) But sometimes you need a hole area as a clickable area.
The problem is, that we can`t use block elements like images insight a button e...
OWAS Top 10
The owasp is an organization, to increase the security in www.
This presentation has been created for the Webmontag Meetup.
Open pdf presentation