How we can End Injection Vulnerabilities https://t.co/0Rt0HaEwye #Security #programming

Are you safe from injection vulnerabilities? Even using abstraction layers like Doctrine or parameterised queries mistakes can still happen. @craigfrancis shows us how mistakes can be made and what can be done to mitigate them. Buy your ticket here: https://t.co/6KQurQyIDA

Speaker Announcement 🚨 Want to uncover how to spot and prevent SQL injection mistakes—even in complex codebases? Join Craig Francis' (@craigfrancis) talk, "Ending Injection Vulnerabilities," at the PHP UK Conference 2025! 🐘 Buy a ticket now 🎟️ https://t.co/V0gURTRZx6

MDN HTTP Observatory was updated yesterday, check your sites; it looks like the new top score is 145 :-) https://t.co/Q6C1mYr1Nr

I know they are boring/simple, but… Can use overhead cables for power. Can go very fast. Can drive themselves. Can carry considerably more people. And metal wheels on a metal track is not only considerably more efficient, it’s easier/cheaper to maintain than roads.

Even if you ignore the environment, fossil fuels will get too expensive to extract from the ground. But, there isn’t enough lithium for everyone… so, trains?

Korok School Bus! #Zelda #TearsoftheKindom

After few weeks of rising code-quality of private project, I want to try the #fixai in the wild 😇 What open-source #php project you recommend to rise @phpstan level? RT helps

Static Analysis Results Baseliner (SARB) v1.7.0 released. Adds support for PHP 8.2. Drops support for PHP 7.* https://t.co/jGLKMVENcA

Really enjoyed reading through this slide deck on tackling DOM XSS with Trusted Types and Sanitizer API by @spazef0rze!

EXCELLENT read from @NielsProvos! #PasswordsCon friends: mandatory read. https://t.co/egd7qYYUbh

Sitting here, wearing lilac, thinking of the wisdom of Sam Vimes… Today, on the Glorious 25th, you can now download the City Watch series, brilliantly read by @jonculshaw : https://t.co/xKZh4645u1

#TransDayOfVisibility I know I’m not directly affected, but TERFs seem to want this…

#WordPress 6.2 has been released, and includes my patch to escape Identifiers in SQL, using `%i`. This allows the $query in wpdb::prepare() to be a `literal-string`, which ensures you can’t have an SQL Injection Vulnerability 🥳

It is with profound sadness that we mourn the loss of our friend and mentor, @aloria. Kelly had an indomitable spirit, and our world is a bit darker without her.

My talk "Effective Code Review" that I gave @PHPUKConference is now available on YouTube. If you're thinking of introducing code review to your workflow, or you're not getting much benefit from code review, hopefully my talk will help you:

HMRC collected £715.5 billion in taxes in 2021 to 2022, I assume all of this will be spent?

Time to give up on old domains? After removing 7, my yearly renewals go from $201 to $124 (saving $77), and no yearly reminder of those long gone projects.

Can we make Blob URLs safe against XSS, and turn them into a native alternative for sandbox domains? https://t.co/QrrHagy6Nt

floating point representation

Looking at the editorial, “they can be quite funny, since they were based on the assumption that the world would be a much better place if it was run by journalists.” Terry Pratchett, Making Money