This is a presentation I put together and presented for my colleagues at IBM back in 2006. I started on the section featuring heap exploits and never finished it. I want to finish it someday.
PHP has its own treasure chest of classic mistakes that surprises even the most seasoned expert : code that dies just by changing its namespace, strpos() that fails to find strings or arrays that changes without touching them. Do that get on your nerves too? Let’s make a list of them, so we can always teach them to the new guys, spot them during code reviews and kick them out of our code once and for all. Come on, you’re not frightening us?
This is a presentation I put together and presented for my colleagues at IBM back in 2006. I started on the section featuring heap exploits and never finished it. I want to finish it someday.
PHP has its own treasure chest of classic mistakes that surprises even the most seasoned expert : code that dies just by changing its namespace, strpos() that fails to find strings or arrays that changes without touching them. Do that get on your nerves too? Let’s make a list of them, so we can always teach them to the new guys, spot them during code reviews and kick them out of our code once and for all. Come on, you’re not frightening us?
In which Richard will tell you about some things you should never (probably ever) do to or in Python. Warranties may be voided. The recording of this talk is online at http://www.youtube.com/watch?v=H2yfXnUb1S4
As a result of an engine rewrite with focus on more efficient data structures, PHP 7 offers much improved performance and memory usage. This session describes important aspects of the new implementation and how it compares to PHP 5. A particular focus will be on the representation of values, arrays and objects.
PHP 7 – What changed internally? (Forum PHP 2015)Nikita Popov
One of the main selling points of PHP 7 is greatly improved performance, with many real-world applications now running twice as fast… But where do these improvements come from?
At the core of PHP 7 lies an engine rewrite with focus on improving memory usage and performance. This talk provides an overview of the most significant changes, briefly covering everything from data structure changes, over enhancements in the executor, to the new compiler implementation.
This talk was part tongue in cheek, part serious, but entirely fun and given twice as a lightning talk - once at Europython & once at the ACCU python uk 05. It presents a generic python like language parser which does actually work. Think of it as an alternative to brackets in Lisp!
Conheça um pouco mais sobre Perl 6, uma linguagem de programação moderna, poderosa e robusta que permitirá que você escreva código de forma ágil e eficiente.
Revue de parcours des pièges les plus classiques en PHP, entre les références qui pendouillent, les opérateurs et leur précédence, array_merge() en boucle, ou encore les fonctionnalités natives oubliées et les améliorations de PHP 8.0.
This presentation covers Python most important data structures like Lists, Dictionaries, Sets and Tuples. Exception Handling and Random number generation using simple python module "random" also covered. Added simple python programs at the end of the presentation
A tour of Python: slides from presentation given in 2012.
[Some slides are not properly rendered in SlideShare: the original is still available at http://www.aleksa.org/2015/04/python-presentation_7.html.]
There are a lot of operators in Perl 6, so many that it can be called an OOL: operator oriented language. Here I describe most of them from the angle of contexts, which Perl 6 has also much more than Perl 5.
PHP 7 – What changed internally? (PHP Barcelona 2015)Nikita Popov
One of the main selling points of PHP 7 is greatly improved performance, with many real-world applications now running twice as fast… But where do these improvements come from? At the core of PHP 7 lies an engine rewrite with focus on improving memory usage and performance. This talk provides an overview of the most significant changes, briefly covering everything from data structure changes, over enhancements in the executor, to the new compiler implementation.
In which Richard will tell you about some things you should never (probably ever) do to or in Python. Warranties may be voided. The recording of this talk is online at http://www.youtube.com/watch?v=H2yfXnUb1S4
As a result of an engine rewrite with focus on more efficient data structures, PHP 7 offers much improved performance and memory usage. This session describes important aspects of the new implementation and how it compares to PHP 5. A particular focus will be on the representation of values, arrays and objects.
PHP 7 – What changed internally? (Forum PHP 2015)Nikita Popov
One of the main selling points of PHP 7 is greatly improved performance, with many real-world applications now running twice as fast… But where do these improvements come from?
At the core of PHP 7 lies an engine rewrite with focus on improving memory usage and performance. This talk provides an overview of the most significant changes, briefly covering everything from data structure changes, over enhancements in the executor, to the new compiler implementation.
This talk was part tongue in cheek, part serious, but entirely fun and given twice as a lightning talk - once at Europython & once at the ACCU python uk 05. It presents a generic python like language parser which does actually work. Think of it as an alternative to brackets in Lisp!
Conheça um pouco mais sobre Perl 6, uma linguagem de programação moderna, poderosa e robusta que permitirá que você escreva código de forma ágil e eficiente.
Revue de parcours des pièges les plus classiques en PHP, entre les références qui pendouillent, les opérateurs et leur précédence, array_merge() en boucle, ou encore les fonctionnalités natives oubliées et les améliorations de PHP 8.0.
This presentation covers Python most important data structures like Lists, Dictionaries, Sets and Tuples. Exception Handling and Random number generation using simple python module "random" also covered. Added simple python programs at the end of the presentation
A tour of Python: slides from presentation given in 2012.
[Some slides are not properly rendered in SlideShare: the original is still available at http://www.aleksa.org/2015/04/python-presentation_7.html.]
There are a lot of operators in Perl 6, so many that it can be called an OOL: operator oriented language. Here I describe most of them from the angle of contexts, which Perl 6 has also much more than Perl 5.
PHP 7 – What changed internally? (PHP Barcelona 2015)Nikita Popov
One of the main selling points of PHP 7 is greatly improved performance, with many real-world applications now running twice as fast… But where do these improvements come from? At the core of PHP 7 lies an engine rewrite with focus on improving memory usage and performance. This talk provides an overview of the most significant changes, briefly covering everything from data structure changes, over enhancements in the executor, to the new compiler implementation.
Object Orientation vs. Functional Programming in PythonPython Ireland
Python is a multi-paradigm language meaning it supports different programming styles, Object Orientation and Functional Programming being the major ones. However choice is not always a good thing, if you are interested in writing modular programs that are easy to maintain and promote code reuse what should you do? This talk discusses modularity in this context looking at Python's support for both paradigms, comparing and contrasting them. We then look at Python techniques and tools that bridge the perceived impedance mismatch between Object Orientation and Functional Programming.
Arpad Ray's PHPNW08 slides:
Looking at websites from the perspective of potential attackers is a useful technique not only for security professionals.
This talk demonstrates how to use simple PHP scripts to exploit many common security holes in PHP applications, hopefully giving developers a deeper understanding of what it is they are protecting against.
* Getting around common precautions against SQL injection
* Free spam with SMTP injection
* Making a malicious website to exploit PHP sessions
* The holes every attacker hopes for
* Making use of a newly exploited website
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
2. #!/usr/bin/python import sys import random def scramble(word): if len(word) < 4: return word innards = list(word[1:-1]) random.shuffle(innards) return word[0] + ''.join(innards) + word[-1] while 1: line = sys.stdin.readline() if not line: break sys.stdout.write(' '.join([scramble(w) for w in line.split()]) + '') In the beginning
3. Adding basic niceties #!/usr/bin/ env python # -*- coding: utf-8 -*- import sys import random def scramble(word): if len(word) < 4: return word innards = list(word[1:-1]) random.shuffle(innards) return word[0] + ''.join(innards) + word[-1] def _main(): while 1: line = sys.stdin.readline() if not line: break sys.stdout.write(' '.join([scramble(w) for w in line.split()]) + '') return 0 if __name__ == "__main__": sys.exit(_main())
4. stephenj@lords:~$ python Python 2.5.2 (r252:60911, Oct 5 2008, 19:24:49) [GCC 4.3.2] on linux2 Type "help", "copyright", "credits" or "license" for more information. >>> import scramble >>> scramble.scramble('scramble') 'srlacmbe' >>>
5. from optparse import OptionParser ... def _main(filename=None): ... if __name__ == "__main__": usage = "usage: %prog [options] [filename]" parser = OptionParser(usage=usage) parser.add_option('--profile', '-P', help = "Print out profiling stats", action = 'store_true') parser.add_option('--test', '-t', help ='Run doctests', action = 'store_true') parser.add_option('--verbose', '-v', help ='print debugging output', action = 'store_true') (options, args) = parser.parse_args() # Assign non-flag arguments here. filename = None if len(args) > 0: filename = args[0]
6. stephenj@lords:~$ python scramble.py -h Usage: scramble.py [options] [filename] Options: -h, --help show this help message and exit -P, --profile Print out profiling stats -t, --test Run doctests -v, --verbose print debugging output
7. Tests are good def scramble(word): """ Returns a scrambled version if it is longer than 3 chars. Scrambling preserves the first and last characters. >>> scramble('a') 'a' >>> scramble('an') 'an' >>> scramble('the') 'the' >>> scramble('cart') in ['cart', 'crat'] True """ if len(word) < 4: return word innards = list(word[1:-1]) random.shuffle(innards) return word[0] + ''.join(innards) + word[-1] def _test(verbose=False): import doctest doctest.testmod(verbose=verbose)
8. stephenj@lords:~$ python scramble.py --test --verbose Trying: scramble('a') Expecting: 'a' ok Trying: scramble('an') Expecting: 'an' ok Trying: scramble('the') Expecting: 'the' ok Trying: scramble('cart') in ['cart', 'crat'] Expecting: True ok 5 items had no tests: __main__ __main__._main __main__._profile_main __main__._test __main__.really_blurt 1 items passed all tests: 4 tests in __main__.scramble 4 tests in 6 items. 4 passed and 0 failed. Test passed. stephenj@lords:~$
9. Now I'm a real boy Unix filter def _blurt(s, f): pass def _main(filename=None): f = sys.stdin if filename: try: f = file(filename) except Exception, ex: print "Couldn't open file %s: %s" % (filename, ex) return 1 while 1: line = f.readline() if not line: break _blurt("Original line was: %s" % line) sys.stdout.write(' '.join([scramble(w) for w in line.split()]) + '') return 0 if __name__ == "__main__": ... if options.verbose: def really_blurt(s, f=()): sys.stderr.write(s % f + '') _blurt = really_blurt ... if len(args) > 0: filename = args[0] _blurt("filename is %s", filename) sys.exit(_main(filename))
11. Making use of our options stephenj@lords:~$ python scramble.py asdf Couldn't open file asdf: [Errno 2] No such file or directory: 'asdf' stephenj@lords:~$ echo $? 1 stephenj@lords:~$ echo "You should probably be able to understand this" | python scramble.py -v Original line was: You should probably be able to understand this You suhold pbrbolay be able to usedanrntd this stephenj@lords:~$ echo "You should probably be able to understand this" | python scramble.py -P You sluohd pbalbroy be albe to unrdentsad tihs 57 function calls in 0.000 CPU seconds Ordered by: internal time List reduced from 12 to 10 due to restriction <10> ncalls tottime percall cumtime percall filename:lineno(function) 5 0.000 0.000 0.000 0.000 /usr/lib/python2.5/random.py:250(shuffle) 8 0.000 0.000 0.000 0.000 scramble.py:16(scramble) 1 0.000 0.000 0.000 0.000 scramble.py:59(_main) 1 0.000 0.000 0.000 0.000 {method 'write' of 'file' objects} 17 0.000 0.000 0.000 0.000 {method 'random' of '_random.Random' objects} 2 0.000 0.000 0.000 0.000 {method 'readline' of 'file' objects} 13 0.000 0.000 0.000 0.000 {len} 6 0.000 0.000 0.000 0.000 {method 'join' of 'str' objects} 1 0.000 0.000 0.000 0.000 <string>:1(<module>) 1 0.000 0.000 0.000 0.000 {method 'split' of 'str' objects}
13. Original inspiration Guido's post and subsequent commentary http://www.artima.com/forums/flat.jsp?forum=106&thread=4829 Google app engine help http://code.google.com/appengine/kb/commontasks.html#profiling The scrambled text meme http://www.snopes.com/language/apocryph/cambridge.asp