מרץ 19

patrickallaert/php-apm: PHP APM (Alternative PHP Monitor)

APM (Alternative PHP Monitor) is a monitoring extension enabling native Application Performance Management (APM) for PHP. It doesn’t require any modification to your application’s code and let’s you collect performance metrics as well as catching issues that may arise.

Source: patrickallaert/php-apm: PHP APM (Alternative PHP Monitor)

מרץ 06

Moodle 3.3 Database schema / Zoola Analytics

Searching the Moodle database schema is no longer a challenge and table fields names and purposes are no longer a mystery 🙂

With the Zoola analytics DB schema explorer, we can now search and filter tables, table fields, and explorer 1st and 2nd level external key connections between tables.

Source: Moodle 3.3 Database schema / Zoola Analytics

פבר 08

Check your PHP project for known security issues – SensioLabs Security Advisories Checker

“You manage your PHP project dependencies with Composer, right? But are you sure that your project is not dependent on a package with known security issues? The SensioLabs security advisories checker is a simple tool, available as a web service or as an online application, that uses the information from your composer.lock file to check for known security vulnerabilities. This checker is a frontend for the security advisories database.” / SensioLabs.

Source: Check your PHP project for known security issues – SensioLabs Security Advisories Checker

ינו 06

MyToDo list – demonstrate usage of advanced coding techniques available in recent Moodle versions

Simple plugin implementing a personal ToDo list on the user’s Moodle dashboard.

Simple plugin implementing a personal ToDo list on the user’s Moodle dashboard.

The main purpose of this plugin is to demonstrate usage of advanced coding techniques available in recent Moodle versions. Most notably:

Source: Moodle plugins directory: My ToDo list

דצמ 10

phpcs-security-audit – PHP_CodeSniffer

phpcs-security-audit is a set of PHP_CodeSniffer rules that finds flaws or weaknesses related to security in PHP and its popular CMS or frameworks.

It currently has core PHP rules as well as Drupal 7 specific rules. Next planned CMS/framework is Symfony 2, which are also relevant to Moodle.

As a bonus set of rules, the tool also check for CVE issues and security advisories related to CMS/framework. You can use it in order to follow the versioning of components during static code analysis.

The main reasons of this project for being an extension of PHP_CodeSniffer is to have easy integration into continuous integration systems and to be able to find security bugs that are not detected with object oriented analysis (like in RIPS or PHPMD).

phpcs-security-audit is backed by Floe design + technologies and written by Jonathan Marcil.

מקור: FloeDesignTechnologies/phpcs-security-audit

phpStorm setup

  • Install: https://moodle.org/plugins/local_codechecker
  • Git clone above github project (phpcs-security-audit)
  • Follow project’s README install instructions, and also…
  • Copy https://github.com/FloeDesignTechnologies/phpcs-security-audit/tree/master/Security/Sniffs/BadFunctions folder into your Moodle local/codechecker/moodle/Sniffs
  • Copy https://github.com/FloeDesignTechnologies/phpcs-security-audit/tree/master/Security/Sniffs/CVE folder into your Moodle local/codechecker/moodle/Sniffs