pankajparashar-zz

The new Secure Password Hashing API in PHP 5.5

The [RFC for a new simple to use password hashing API][rfc] has just been accepted for PHP 5.5. As the RFC itself is rather technical and most of the sample codes are something you should not use, I want to give a very quick overview of the new API:

Why do we need a new API?

Everybody knows that you should be hashing their passwords using bcrypt, but still a surprising number of developers uses insecure md5 or sha1 hashes (just look at the recent password leaks). One of the reasons for this is that the crypt() API is ridiculously hard to use and very prone to programming mistakes.

pankajparashar-zz

/*
 * Updated to use the function-based method described in http://www.phpied.com/social-button-bffs/
 * Better handling of scripts without supplied ids.
 *
 * N.B. Be sure to include Google Analytics's _gaq and Facebook's fbAsyncInit prior to this function.
 */

(function(doc, script) {
    var js, 
        fjs = doc.getElementsByTagName(script)[0],

pankajparashar-zz

<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<title>Responsive Design Testing</title>
	<style>
		body { margin: 20px; font-family: sans-serif; overflow-x: scroll; }
		.wrapper { width: 6000px; }
		.frame { float: left; }
		h2 { margin: 0 0 5px 0; }

pankajparashar-zz

Using Upperdog Interactive’s CSS Twitter logo as reference, and I wrote some circle-circle intersection code (a.k.a. math) to specify the Twitter logo as sequence of elliptical arc segments. There are other versions of the Twitter logo in SVG, but as best I can tell, they use cubic Béziers. I found it mathematically unsettling to use Béziers when circular arcs would suffice.

pankajparashar-zz

<?PHP
// Generates a strong password of N length containing at least one lower case letter,
// one uppercase letter, one digit, and one special character. The remaining characters
// in the password are chosen at random from those four sets.
//
// The available characters in each set are user friendly - there are no ambiguous
// characters such as i, l, 1, o, 0, etc. This, coupled with the $add_dashes option,
// makes it much easier for users to manually type or speak their passwords.
//
// Note: the $add_dashes option will increase the length of the password by

pankajparashar-zz

<!DOCTYPE html>
<html>
	<head>
		<title>Box Shadow</title>
		
		<style>
			.box {
				height: 150px;
				width: 300px;
				margin: 20px;

pankajparashar-zz

An ongoing project to catalogue all of these sneaky, hidden, bleeding edge selectors as I prepare my JSConf EU 2012 talk.

Everything is broken up by tag, but within each the selectors aren't particularly ordered.

I have not tested/verified all of these. Have I missed some or got it wrong? Let me know. - A

A friendly reminder that you may need to set this property on your target/selected element to get the styling results you want:

-webkit-appearance:none;

pankajparashar-zz

@mixin retina($ratio: 1.5) {
  $dpi: $ratio * 96;
  $opera-ratio: $ratio * 100;

  @media only screen and (-webkit-min-device-pixel-ratio: #{$ratio}),
         only screen and (     -o-min-device-pixel-ratio: '#{$opera-ratio}/100'),
         only screen and (                min-resolution: #{$dpi}dpi),
         only screen and (                min-resolution: #{$ratio}dppx) {
    @content;
  }

pankajparashar-zz

Sass/Less Comparison

In this document I am using Sass's SCSS syntax. You can choose to use the indented syntax in sass, if you prefer it, it has no functional differences from the SCSS syntax.

For Less, I'm using the JavaScript version because this is what they suggest on the website. The ruby version may be different.

Variables

pankajparashar-zz

#!/bin/sh

#
# A word about this shell script:
#
# It must work only on systems with a /bin/bash.
#

# cat readme.md || exit 1