Welcome to "Ilya Kaplan"...

• Job Posting: Wikimedia Foundation Seeks Senior Software Developer (San Francisco, CA)

In this recent post to Reddit.com, the question of application security is asked - the poster wants recommendations on how he should keep his app safe from would-be attackers:

I can code fairly well in PHP these days, but my security isn't so hot. Is there a tutorial or plugin you guys can recommend as to how I should be protecting my php pages/inputs? I want to avoid common attacks like XSS, inputs with NULL or DROP TABLE etc?

Responses on the post include recommendations related to:

• Using the Chorizo scanner to find common issues in your code
• Using PDO for database connections (with bound parameters)
• Not trusting "$_SERVER"
• Data sanitization

There's also links to a few other resources with more details.

Klaus Silveira has submitted a project he's been working on to make browsing through git repositories a bit simpler with a local tool - gitlist.

GitList is an elegant and modern web interface for interacting with multiple git repositories. It allows you to browse repositories using your favorite browser, viewing files under different revisions, commit history, diffs. It also generates RSS feeds for each repository, allowing you to stay up-to-date with the latest changes anytime, anywhere. GitList was written in PHP, on top of the Silex microframework and powered by the Twig template engine. This means that GitList is easy to install and easy to customize. Also, the GitList gorgeous interface was made possible due to Bootstrap.

Since it's just a PHP-based application, installing it is as easy as cloning the source to a web-accessible directory and setting up a "config.ini" file with your settings. You can find out more about this project based on the popular Silex microframework on its GitHub page.