The High Desert Web Developers group meets the first Tuesday of every month. This local group is a nice place for people to learn and talk about coding for the web. We talk about web development in general, covering all aspects from planning, design, development, and maintaining a web site. RSVP is not required and attendance is free. Tell all your friends!
What are we going to talk about?
So, it seems towards the end (when I left anyway) there was a good discussion on security related problems. Most was focused on WordPress, but pretty much every CMS and many other web application have had its run ins with security problems. There are many types of security problems developers run into from simple SQL injection and session hijacking to CSRF (Cross-Site Request Forgery) and XSS (Cross Site Scripting).
It seems most are working with PHP and MySQL (Drupal, WordPress, custom applications). Always, always audit code you have not made yourself and try to get someone else to audit yours. Just because "Super-awesome Widget 1" seems popular and is recommended by "l33tCM$dude" doesnt mean it cant have a backdoor or vulnerability.
All of my latest projects use a simple framework I have compiled over the years that forces ALL content received (Cookies, Requests, Post, Get, Server, Session, etc.) from outside the script is first "made safe". It trusts absolutely nothing and will only make items unsafe if requested directly. Including simple obfuscating techniques such as MD5 Hashing (with salt!), RC4 and generic encoding (Base64, Hex, etc.)
Anyone up for some basic PHP and MySQL tricks to help prevent SQL Injection, XSS, CSRF, Session Hi-jacking? Keep in mind, I am not a security expert, but have worked in industrial control and electronic medical records fields that have some pretty strict requirements.
Community Time / Lightning Talks
We'll open up the floor to the community where anyone can talk about anything technology related. Do you have anything cool you want to share with the community this month? Share your knowledge!!! Post your lightning talk in the comments.
Where are we meeting?
We are meeting in the McDonalds conference room at the Apple Valley McDonalds on the corner of Apple Valley Rd and Bear Valley Rd. The room seats up to 49 people and is free to use.
If you plan on attending, RVSP for the meeting. You DO NOT have to RSVP on this site to attend, you can just show up. If you do RSVP, you'll be emailed a reminder for the meeting on one day before the meeting.
Feel free to leave a comment if you have any suggestions or want to give a lightning talk.