php/archived-presentations
1
0
Fork 0
mirror of https://github.com/php/presentations.git synced 2026-03-23 23:22:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

- Added Montreal data security talk

Browse Source 
- Updated some slides from Hungary
This commit is contained in:
Derick Rethans
2005-03-23 12:36:11 +00:00
parent 3df96c78d7
commit dbfda10b85
49 changed files with 494 additions and 158 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
perf-hungary.xml
View File

@@ -18,7 +18,6 @@
<url>http://files.derickrethans.nl/perf-hungary.pdf</url>
<slide>slides/perf/title.xml</slide>
<slide>slides/xdebug/questions.xml</slide>
<slide>slides/perf/groups2.xml</slide>
<!-- CACHING OPTIMIZATION -->

63
playingsafe-quebec-2005.xml Normal file
View File

@@ -0,0 +1,63 @@
<?xml version="1.0" encoding="iso-8859-1"?>
<presentation
template="css"
navmode="html"
navbarbackground="#4373b4"
navbartopiclinks="0"
navColor="#f1fbff"
logo1=""
stylesheet="presentations/slides/perf/ezp.css"
backgroundfixed="1" >
<topic>Security</topic>
<title>Playing Safe</title>
<event>PHP Quebec</event>
<location>Montréal, Canada</location>
<date>April 1st, 2005</date>
<speaker>Derick Rethans</speaker>
<email>dr@ez.no</email>
<url>http://files.derickrethans.nl/playingsafe-quebec-2005.pdf</url>
<slide>slides/encryption/title.xml</slide>
<!-- Crypto Intro -->
<slide>slides/encryption/quote-gov.xml</slide>
<slide>slides/encryption/algorithms.xml</slide>
<slide>slides/encryption/rotational.xml</slide>
<slide>slides/encryption/transposition.xml</slide>
<slide>slides/encryption/asymmetric.xml</slide>
<!-- Hash functions -->
<slide>slides/encryption/hash.xml</slide>
<slide>slides/encryption/hash-example.xml</slide>
<slide>slides/encryption/hash-2104.xml</slide>
<slide>slides/encryption/hash-mysql-old.xml</slide>
<slide>slides/encryption/hash-mysql.xml</slide>
<slide>slides/encryption/hash-mysql-auth.xml</slide>
<slide>slides/encryption/hash-mysql-auth2.xml</slide>
<slide>slides/encryption/quote-fail.xml</slide>
<slide>slides/encryption/hash-paying1.xml</slide>
<slide>slides/encryption/hash-paying-quote.xml</slide>
<slide>slides/encryption/hash-paying2.xml</slide>
<slide>slides/encryption/hash-paying3.xml</slide>
<!-- Symmetric -->
<slide>slides/encryption/symmetric.xml</slide>
<slide>slides/encryption/modes.xml</slide>
<!-- mcrypt examples -->
<slide>slides/encryption/mcrypt-generic.xml</slide>
<slide>slides/encryption/mcrypt-crypt.xml</slide>
<slide>slides/encryption/mcrypt-cavearts.xml</slide>
<slide>slides/encryption/mcrypt-supported.xml</slide>
<slide>slides/encryption/quote-false.xml</slide>
<!-- storing data -->
<slide>slides/encryption/store-data-in-db.xml</slide>
<slide>slides/encryption/store-data-in-db-ex-store.xml</slide>
<slide>slides/encryption/store-data-in-db-ex-retrieve.xml</slide>
<slide>slides/encryption/store-data-in-db-why-ssl.xml</slide>
<slide>slides/xdebug/questions.xml</slide>
<slide>slides/encryption/puzzle.xml</slide>
<slide>slides/encryption/resources.xml</slide>
</presentation>

3
slides/encryption/algorithms.xml
View File

@@ -2,8 +2,7 @@
<slide>
<title>Cipher groups</title>
<break lines="8"/>
<list fontsize="5em">
<list>
<bullet>Rotational (ceasar)</bullet>
<bullet>Transposition (xor)</bullet>
<bullet>Symmetric (DES, Blowfish, AES)</bullet>

BIN
slides/encryption/caesar.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 27 KiB

After

Width:  |  Height:  |  Size: 42 KiB

29
slides/encryption/hash-2104.xml
View File

@@ -2,22 +2,21 @@
<slide>
<title>Crypt_MHAC example</title>
<break lines="1"/>
<example fontsize="1.7em"><![CDATA[<?php
require_once 'Crypt/HMAC.php';
$hash = new Crypt_HMAC('SECRETKEY', 'sha1');
if (isset($_COOKIE['stamp'])) {
if ($_COOKIE['stamp'] == $hash->hash($_COOKIE['data'])) {
echo "Validated!\n";
} else {
echo "<blink>Not validated</blink>";
}
} else {
$_COOKIE['data'] = '00110100011';
$_COOKIE['stamp'] = $hash->hash($_COOKIE['data']);
}
require_once 'Crypt/HMAC.php';
$hash = new Crypt_HMAC('SECRETKEY', 'sha1');
if (isset($_COOKIE['stamp'])) {
if ($_COOKIE['stamp'] == $hash->hash($_COOKIE['data'])) {
echo "Validated!\n";
} else {
echo "<blink>Not validated</blink>";
}
} else {
$_COOKIE['data'] = '00110100011';
$_COOKIE['stamp'] = $hash->hash($_COOKIE['data']);
}
?>]]></example>
<list fontsize="4em">

23
slides/encryption/hash-example.xml
View File

@@ -2,18 +2,19 @@
<slide>
<title>Hash Example</title>
<break lines="3"/>
<example fontsize="1.7em"><![CDATA[<?php
if (isset($_COOKIE['stamp'])) {
if ($_COOKIE['stamp'] == sha1($_COOKIE['data'] . 'SECRETKEY')) {
echo "Validated!\n";
} else {
echo "<blink>Not validated</blink>";
}
} else {
$_COOKIE['data'] = '00110100011';
$_COOKIE['stamp'] = sha1($_COOKIE['data'] . 'SECRETKEY');
}
define('SECRETKEY', 'quis custodiet ipsos custodes');
if (isset($_COOKIE['stamp'])) {
if ($_COOKIE['stamp'] == sha1($_COOKIE['data'] . 'SECRETKEY')) {
echo "Validated!\n";
} else {
echo "<blink>Not validated</blink>";
}
} else {
$_COOKIE['data'] = '00110100011';
$_COOKIE['stamp'] = sha1($_COOKIE['data'] . 'SECRETKEY');
}
?>]]></example>
<break/>

6
slides/encryption/hash-mysql-auth.xml Normal file
View File

@@ -0,0 +1,6 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>MySQL authentication</title>
<image filename='mysql-auth.png' align="center"/>
</slide>

13
slides/encryption/hash-mysql-auth2.xml Normal file
View File

@@ -0,0 +1,13 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>MySQL authentication (2)</title>
<list>
<bullet>Client connects to Server</bullet>
<bullet>Server sends salt: *%S%*</bullet>
<bullet>Client sends hash over hashed password and salt: *%H(H'(P) S)%*</bullet>
<bullet>Server compares received hash with it's own computed hash (from the hashed password *%H'(P)%* stored in the database)</bullet>
</list>
<blurb>A salt is used because without it you can authenticate simply by using a replay attack</blurb>
</slide>

19
slides/encryption/hash-mysql-old.xml Normal file
View File

@@ -0,0 +1,19 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Bad Hash!</title>
<example fontsize="1.7em"><![CDATA[mysql> SELECT OLD_PASSWORD('aaaaaa') AS bad_hash UNION
-> SELECT OLD_PASSWORD('aaaaab') UNION
-> SELECT OLD_PASSWORD('aaaaac');
+------------------+
| bad_hash |
+------------------+
| 3af111f42d178bb8 |
| 3af113e92d178dad |
| 3af11d9e2d178f62 |
+------------------+]]></example>
<list fontsize="4em">
<bullet>Distribution of the hash key is bad and thus quite insecure</bullet>
</list>
</slide>

19
slides/encryption/hash-mysql.xml Normal file
View File

@@ -0,0 +1,19 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>New Hash Function</title>
<example fontsize="1.7em"><![CDATA[mysql> SELECT PASSWORD('aaaaaa') AS goodhash UNION
-> SELECT PASSWORD('aaaaab') UNION
-> SELECT PASSWORD('aaaaac');
+-------------------------------------------+
| goodhash |
+-------------------------------------------+
| *B1461C9C68AFA1129A5F968C343636192A084ADB |
| *E4CF0FD33485536A57EC1660C2B443D06F6367AA |
| *05B529FF460DF128463DFA53EF18C80CE427E9A0 |
+-------------------------------------------+]]></example>
<list fontsize="4em">
<bullet>Based on: SHA-1</bullet>
</list>
</slide>

10
slides/encryption/hash-paying-quote.xml Normal file
View File

@@ -0,0 +1,10 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>"Ignorance is Bliss"</title>
<break lines="10"/>
<blurb class="quote">Yes, we are aware of all these issues, but we've used this method for
nearly five years, and we are not aware of any incidents where this
have been exploited.</blurb>
<blurb class="quote_attr">~Anonymous~</blurb>
</slide>

8
slides/encryption/hash-paying1.xml Normal file
View File

@@ -0,0 +1,8 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Payment Gateway</title>
<image align="center" filename="pay1.png"/>
<blurb>What is wrong here?</blurb>
</slide>

7
slides/encryption/hash-paying2.xml Normal file
View File

@@ -0,0 +1,7 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Payment Gateway (2)</title>
<image align="center" filename="pay2.png"/>
<blurb>Using a hash algorithm in combination with a shared secret word to provide authentication.</blurb>
</slide>

26
slides/encryption/hash-paying3.xml Normal file
View File

@@ -0,0 +1,26 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Payment Gateway</title>
<example><![CDATA[<?php
function requestValidation()
{
$original = $this->data["id"] . $this->data["subid"] .
(100 * $this->data["amount"]) . $this->data["currency"] .
$this->data["utref"] . $this->data["irrn"] .
$this->ini->variable("PaynetSettings", "SecretWord");
if (sha1($original) == $this->data["VERIFICATION"])
{
$this->log( 'The verification hash is correct' );
return true;
}
$this->log( 'The verification hash is INCORRECT.' );
return false;
}
?>]]></example>
<break lines="3"/>
<blurb>Secret word:</blurb>
<example><![CDATA[jcgQXRP5mI!VnwfUGzbrT8FyWt3x2o7YaEJ1pHi6AKN4qLOdCeDhBvslSku9Z#M]]></example>
</slide>

8
slides/encryption/hash.xml
View File

@@ -6,12 +6,8 @@
<image align="center" filename="hash.png"/>
<list fontsize="4em">
<bullet>Not reversable</bullet>
</list>
<list fontsize="4em">
<bullet>PHP: sha1(), md5(); mhash: GOST, HAVAL</bullet>
</list>
<image align="right" marginright="5em" filename="hash2.png"/>
<list fontsize="4em">
<bullet>Distribution in hash keys is important</bullet>
<bullet>PHP: sha1(), md5(); mhash: GOST, HAVAL, SHA-256</bullet>
<bullet>Used for in signatures and validation</bullet>
</list>
</slide>

15
slides/encryption/mcrypt-cavearts.xml Normal file
View File

@@ -0,0 +1,15 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Cavearts</title>
<list>
<bullet>Encrypting happens on binary data</bullet>
<bullet>Mcrypt pads plain text with \0 to fill up a whole block</bullet>
<bullet>It's up to you to strip excessive padding</bullet>
</list>
<list>
<bullet>The IV for encryption and decryption should always be the same.</bullet>
<bullet>*But* it does not need to be secret, only unique and random.</bullet>
</list>
</slide>

13
slides/encryption/mcrypt-crypt.xml
View File

@@ -2,10 +2,10 @@
<slide>
<title>Encrypting</title>
<example fontsize="1.5em" result="1"><![CDATA[<?php
$td = @mcrypt_module_open('rijndael-256', '', 'cfb', '');
if ($td) {
<example encoding="iso-8859-1" fontsize="1.5em" result="1"><![CDATA[<?php
$td = @mcrypt_module_open('rijndael-256', '', 'cfb', '');
if ($td) {
$iv_size = mcrypt_enc_get_iv_size($td);
$key_size = mcrypt_enc_get_key_size($td);
$iv = mcrypt_create_iv($iv_size);
@@ -16,12 +16,13 @@
/* Encrypt text */
$crypt_text = mcrypt_generic($td, "very important data");
echo $crypt_text;
echo $crypt_text, "<br/>";
echo base64_encode($crypt_text);
/* Clean up cipher */
mcrypt_generic_deinit($td);
mcrypt_module_close($td);
}
}
?>]]></example>
</slide>

8
slides/encryption/mcrypt-generic.xml
View File

@@ -4,9 +4,9 @@
<break lines="2"/>
<example fontsize="1.8em" result="0"><![CDATA[<?php
$td = @mcrypt_module_open('rijndael-256', '', 'cfb', '');
if ($td) {
$td = @mcrypt_module_open('rijndael-256', '', 'cfb', '');
if ($td) {
/* Get key size and IV size */
$iv_size = mcrypt_enc_get_iv_size($td);
$key_size = mcrypt_enc_get_key_size($td);
@@ -17,7 +17,7 @@
/* Init encryption module */
mcrypt_generic_init($td, $key, $iv);
}
}
?>]]></example>
</slide>

37
slides/encryption/mcrypt-modules.xml
View File

@@ -3,22 +3,27 @@
<title>Mcrypt Modules</title>
<example fontsize="1.4em" result="1"><![CDATA[<?php
error_reporting(E_ALL);
$td = @mcrypt_module_open('rijndael-256', '', 'cfb', '');
if ($td) {
echo mcrypt_enc_get_algorithms_name($td). "/";
echo mcrypt_enc_get_modes_name($td). "<br />";
echo "IV Size: ". mcrypt_enc_get_iv_size($td). "; ";
echo "Block Size: ". mcrypt_enc_get_block_size($td). "; ";
echo "Key Size: ". mcrypt_enc_get_key_size($td). "<br />";
echo "Key Sizes: ". join(", ", mcrypt_enc_get_supported_key_sizes($td)). "<br />";
echo "Is Block A/M: ". (mcrypt_enc_is_block_algorithm_mode($td) ? "Y" : "N"). "; ";
echo "Is Block A: ". (mcrypt_enc_is_block_algorithm($td) ? "Y" : "N"). "; ";
echo "Is Block M: ". (mcrypt_enc_is_block_mode($td) ? "Y" : "N"). "<br /> ";
echo "Selftest: ". (mcrypt_enc_self_test($td) ? "N" : "Y");
}
error_reporting(E_ALL);
$td = @mcrypt_module_open('rijndael-256', '', 'cfb', '');
if ($td) {
echo mcrypt_enc_get_algorithms_name($td). "/";
echo mcrypt_enc_get_modes_name($td). "<br />";
echo "IV Size: ". mcrypt_enc_get_iv_size($td). "; ";
echo "Block Size: ". mcrypt_enc_get_block_size($td). "; ";
echo "Key Size: ". mcrypt_enc_get_key_size($td). "<br />";
echo "Key Sizes: ".
join(", ", mcrypt_enc_get_supported_key_sizes($td)). "<br />";
echo "Is Block A/M: ".
(mcrypt_enc_is_block_algorithm_mode($td) ? "Y" : "N"). "; ";
echo "Is Block A: ".
(mcrypt_enc_is_block_algorithm($td) ? "Y" : "N"). "; ";
echo "Is Block M: ".
(mcrypt_enc_is_block_mode($td) ? "Y" : "N"). "<br /> ";
echo "Selftest: ".
(mcrypt_enc_self_test($td) ? "N" : "Y");
}
?>]]></example>
</slide>

2
slides/encryption/mcrypt-supported.xml
View File

@@ -2,7 +2,7 @@
<slide>
<title>Supported modes and ciphers</title>
<example fontsize="1.5em" result="1"><![CDATA[<pre><font size="6"><?php
<example fontsize="1.5em" result="1"><![CDATA[<pre><font size="5"><?php
$modes = mcrypt_list_modes();
$algos = mcrypt_list_algorithms();

3
slides/encryption/mode-cfb.xml
View File

@@ -2,11 +2,10 @@
<slide fontsize="3em">
<title>CFB and OFB</title>
<break lines="1"/>
<image align="center" filename="cfb.png"/>
<list marginleft="-2em" fontsize="3em" marginright="2em">
<bullet type="none">CFB: text is xor'ed with the encrypted output of the IV; cipher output is new IV for next block</bullet>
<bullet type="none">CFB: text is xor'ed with encrypted output of the IV; cipher output is new IV for next block</bullet>
</list>
<break lines="1"/>

1
slides/encryption/mode-ecb.xml
View File

@@ -2,7 +2,6 @@
<slide fontsize="3em">
<title>ECB and CBC</title>
<break lines="1"/>
<image align="center" filename="ecb.png"/>
<list marginleft="-2em" fontsize="3em" marginright="2em">

BIN
slides/encryption/mysql-auth.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 46 KiB

BIN
slides/encryption/pay1.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 80 KiB

BIN
slides/encryption/pay2.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 80 KiB

BIN
slides/encryption/paynet.xcf Normal file
View File

Binary file not shown.

9
slides/encryption/puzzle.xml Normal file
View File

@@ -0,0 +1,9 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Puzzle</title>
<blurb>
peg te ot ceouls rer rnao aer yll go marpi yekensts lts bdai tahtea eoh
nahf fnn
</blurb>
</slide>

7
slides/encryption/quote-fail.xml
View File

@@ -2,8 +2,7 @@
<slide fontsize="6em">
<title>Quote</title>
<break lines="6"/>
<blurb fontsize="5em">"most security failures in its area of interest are due to failures in implementation, not failure in algorithms or protocols"</blurb>
<blurb align="right" fontsize="4em">~The NSA~</blurb>
<break lines="8"/>
<blurb class="quote">"most security failures in its area of interest are due to failures in implementation, not failure in algorithms or protocols"</blurb>
<blurb class="quote_attr">~The NSA~</blurb>
</slide>

7
slides/encryption/quote-false.xml
View File

@@ -2,8 +2,7 @@
<slide fontsize="6em">
<title>Quote</title>
<break lines="9"/>
<blurb fontsize="5em">A *false* sense of security is worse than being unsure.</blurb>
<blurb align="right" fontsize="4em">~grc.com~</blurb>
<break lines="16"/>
<blurb class="quote">A *false* sense of security is worse than being unsure.</blurb>
<blurb class="quote_attr">~grc.com~</blurb>
</slide>

7
slides/encryption/quote-gov.xml
View File

@@ -2,8 +2,7 @@
<slide fontsize="6em">
<title>Quote</title>
<break lines="9"/>
<blurb fontsize="5em">"People who are willing to rely on the government to keep them safe are pretty much standing on Darwin's mat, pounding on the door, screaming, 'Take me, take me!'"</blurb>
<blurb align="right" fontsize="4em">~Carl Jacobs, Alt.Sysadmin.Recovery~</blurb>
<break lines="8"/>
<blurb class="quote">"People who are willing to rely on the government to keep them safe are pretty much standing on Darwin's mat, pounding on the door, screaming, 'Take me, take me!'"</blurb>
<blurb class="quote_attr">~Carl Jacobs, Alt.Sysadmin.Recovery~</blurb>
</slide>

6
slides/encryption/quote-perl.xml
View File

@@ -2,8 +2,6 @@
<slide fontsize="6em">
<title>Quote</title>
<break lines="15"/>
<blurb fontsize="5em">"Perl - The only language that looks the same before and after RSA encryption."</blurb>
<blurb align="right" fontsize="4em">~Keith Bostic~</blurb>
<blurb class="quote">"Perl - The only language that looks the same before and after RSA encryption."</blurb>
<blurb class="quote_attr">~Keith Bostic~</blurb>
</slide>

10
slides/encryption/rotational.xml
View File

@@ -2,14 +2,12 @@
<slide>
<title>Rotational ciphers</title>
<image align="center" filename="caesar.png"/>
<list fontsize="5em" marginleft="-0.3em">
<image filename="caesar.png"/>
<break lines="12"/>
<list>
<bullet>Rotate characters depending on key</bullet>
</list>
<list fontsize="5em" effect="slide">
<bullet>Easy to crack unless key is same size as plain text</bullet>
</list>
<list fontsize="5em" effect="slide">
<bullet>But we always have str_rot13() :-)</bullet>
</list>
</slide>

51
slides/encryption/store-data-in-db-ex-retrieve.xml Normal file
View File

@@ -0,0 +1,51 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Storing Sensitive Data in a DB (3)</title>
<example result="1"><![CDATA[<form method="post">
Username: <input type="text" name="username"/><br/>
Password: <input type="text" name="password"/><br/>
<input type="submit"/>
</form>
<?php
if (!isset($_POST['username']) || !isset($_POST['password']))
{
return;
}
mysql_connect('localhost', 'root');
mysql_select_db('encryption');
$username = $_POST['username'];
$password = sha1($_POST['password']);
/* Retrieve data */
$q = <<<END
SELECT * FROM userdata
WHERE username = '$username' AND password = '$password'
END;
$res = mysql_query($q);
if (mysql_num_rows($res) == 1) {
list($id, $username, $password, $adres, $ccnr) =
mysql_fetch_row($res);
/* Init mcrypt environment */
$td = @mcrypt_module_open('rijndael-256', '', 'cfb', '');
$iv_size = mcrypt_enc_get_iv_size($td);
$key_size = mcrypt_enc_get_key_size($td);
$key = $iv = substr($password, 0, $key_size);
mcrypt_generic_init($td, $key, $iv);
/* Decrypt data */
echo "Retrieved data:<br/>\n";
echo "Address: ",
mdecrypt_generic($td, base64_decode($adres)), "<br/>\n";
echo "CC#",
mdecrypt_generic($td, base64_decode($ccnr)), "<br/>\n";
} else {
echo 'wrong credentials!';
}
]]></example>
</slide>

42
slides/encryption/store-data-in-db-ex-store.xml Normal file
View File

@@ -0,0 +1,42 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Storing Sensitive Data in a DB (2)</title>
<example result="1"><![CDATA[<form method="post">
Username: <input type="text" name="username"/><br/>
Password: <input type="text" name="password"/><br/>
Address: <input type="text" name="adres"/><br/>
CC#: <input type="text" name="ccnr"/><br/>
<input type="submit"/>
</form>
<?php
if (!isset($_POST['username']) || !isset($_POST['password']))
{
return;
}
mysql_connect('localhost', 'root');
mysql_select_db('encryption');
/* Init mcrypt environment */
$td = @mcrypt_module_open('rijndael-256', '', 'cfb', '');
$iv_size = mcrypt_enc_get_iv_size($td);
$key_size = mcrypt_enc_get_key_size($td);
/* Prepare data to insert */
$username = $_POST['username'];
$password = sha1($_POST['password']);
$key = $iv = substr($password, 0, $key_size);
mcrypt_generic_init($td, $key, $iv);
$adres = base64_encode(mcrypt_generic($td, $_POST['adres']));
$ccnr = base64_encode(mcrypt_generic($td, $_POST['ccnr']));
$q = <<<END
INSERT INTO userdata(username, password, adres, ccnr)
VALUES ('$username', '$password', '$adres', '$ccnr')
END;
mysql_query($q);
echo "New User Id=", mysql_insert_id(), "<br/>\n";
]]></example>
</slide>

26
slides/encryption/store-data-in-db-why-ssl.xml Normal file
View File

@@ -0,0 +1,26 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Storing Sensitive Data in a DB</title>
<example type="shell"><![CDATA[POST /show.php/playingsafe-quebec-2005/27 HTTP/1.1
Host: pres
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5)
Gecko/20041219 Firefox/1.0 (Debian package 1.0+dfsg.1-1)
Accept: text/xml,application/xml,application/xhtml+xml,
text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: UTF-8,*
Keep-Alive: 300
Connection: keep-alive
Referer: http://pres/show.php/playingsafe-quebec-2005/27
Cookie: dims=1024_736; PHPSESSID=d4b509c80d199dc624e56f2e672661eb
Content-Type: application/x-www-form-urlencoded
Content-Length: 31
username=test+7&password=wee123]]></example>
<list>
<bullet>SSL will fix this...</bullet>
</list>
</slide>

10
slides/encryption/store-data-in-db.xml Normal file
View File

@@ -0,0 +1,10 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<slide>
<title>Storing Sensitive Data in a DB</title>
<blurb>Goal:</blurb>
<list>
<bullet>User wants to store senstive data on a site (so that he doesn't have to enter it all the time)</bullet>
<bullet>Data is not allowed to be stored unencrypted because of privacy regulations</bullet>
</list>
</slide>

7
slides/encryption/symmetric.xml
View File

@@ -2,18 +2,11 @@
<slide>
<title>Symmetric ciphers</title>
<break lines="2"/>
<image align="center" filename="symmetric.png"/>
<list fontsize="4em">
<bullet>Key to encrypt is the same as the key to decrypt</bullet>
</list>
<list fontsize="4em">
<bullet>mcrypt: DES, Blowfish, Rijndael (AES)</bullet>
</list>
<list fontsize="4em">
<bullet>Used for session keys and in secure environment</bullet>
</list>
<list fontsize="4em">
<bullet>*Not* used for key distribution</bullet>
</list>
</slide>

6
slides/encryption/transposition.xml
View File

@@ -5,12 +5,8 @@
<break lines="3"/>
<list fontsize="5em">
<bullet>XOR plain text with key</bullet>
</list>
<list fontsize="5em">
<bullet>Easy to crack with small key</bullet>
</list>
<list fontsize="5em">
<bullet>Impossible to crack when<![CDATA[<br />&nbsp;&nbsp;&nbsp;]]>strlen(plain) == strlen(key)</bullet>
<bullet>Impossible to crack when strlen(plain) == strlen(key)</bullet>
</list>
<break lines="3"/>
<image align="center" filename="xor.png"/>

2
slides/i18nl10n/cyrillic.xml
View File

@@ -7,7 +7,7 @@
$string = <<<END
След малко се запътвам съм автобусната спирка, от там на
летището, после пак на летището и пак на автобусната спирка
и в Пловдив.
и в Пловдив. Мозафока.
END;

44
slides/perf/ezp.css
View File

@@ -6,6 +6,7 @@ body {
margin-bottom:0em;
background-image: url(presentations/slides/perf/ezp.png);
background-attachment: fixed;
overflow: -moz-scrollbars-none;
}
div.sticky {
margin: 0;
@@ -46,9 +47,12 @@ right: 10px;
bottom: 0px;
}
div.mainarea {
position: fixed;
margin-top: 120px;
top: 150px;
width: 725px;
width: 733px;
height: 600px;
overflow: auto;
overflow: -moz-scrollbars-vertical;
}
ul.pres {
list-style: circle;
@@ -116,6 +120,19 @@ div.large_blurb_center {
text-align: center;
}
div.quote {
font-size: 48px;
text-align: center;
margin-left: 40px;
margin-right: 40px;
}
div.quote_attr {
font-size: 32px;
text-align: right;
margin-right: 40px;
}
div.xx_large_blurb_center {
font-size: 80px;
text-align: center;
@@ -131,21 +148,31 @@ div.shadow, code {
}
div.example code, div.highlight code, div.bit_larger, div.bit_larger code, div.bit_larger_output {
background: #ccc;
font-size: 20px;
background: #eee;
font-size: 23px;
width: 100%;
font-weight: bold;
}
div.example, div.highlight, div.bit_larger, div.bit_larger_output {
margin-left: 20px;
margin-right: 20px;
}
div.large code, div.large {
font-size: 32px;
background: #eee;
font-weight: bold;
margin-left: 20px;
margin-right: 20px;
}
div.highlight code, div.highlight {
background: #fffc00;
font-weight: bold;
}
div.code_small, div.code_medium, div.code_large, div.example {
background: #ccc;
background: #eee;
}
div.code_small code {
font-size: 12px;
@@ -156,6 +183,9 @@ div.code_medium code, div.code_medium pre {
div.code_large code, div.code_large pre {
font-size: 24px;
}
div.example pre {
font-size: 23px;
}
div.event, div.event-date, div.event-presenter {
text-align: center;
@@ -173,4 +203,8 @@ img.spaced {
margin-top: 25px;
margin-bottom: 25px;
}
table {
font-size: 20pt;
}
</style>

22
slides/perf/ezpublish-static.xml
View File

@@ -4,24 +4,22 @@
<subtitle>An Example of On-Publish Generation</subtitle>
<example><![CDATA[<?php
function cacheURL( $url, $nodeID = false, $skipExisting = false )
function cacheURL($url, $nodeID = false, $skipExisting = false)
{
$fileName = "http://$hostname$dir$url";
$content = @file_get_contents( $fileName );
$this->storeCachedFile( $file, $content );
$content = @file_get_contents($fileName);
$this->storeCachedFile($file, $content);
}
function storeCachedFile( $file, $content )
function storeCachedFile($file, $content)
{
$fp = fopen( $tmpFileName, 'w' );
if ( $fp )
{
fwrite( $fp, $content );
fclose( $fp );
rename( $tmpFileName, $file );
$fp = fopen($tmpFileName, 'w');
if ($fp) {
fwrite($fp, $content);
fclose($fp);
rename($tmpFileName, $file);
}
}
?>]]></example>
}]]></example>
<break/>
<blurb>Set up RewriteRules:</blurb>

16
slides/phpperform/path1.xml
View File

@@ -5,13 +5,13 @@
<image align="center" filename="path1.png" />
<blurb fontsize="5em">Path strings:</blurb>
<break/>
<example fontsize="2em"><![CDATA[ Id | Parent Id | Path String | Path Identification String | Depth
---+-----------+----------------+--------------------------------+------
87 | 2 | /1/2/87/ | countries | 2
88 | 87 | /1/2/87/88/ | countries/belgium | 3
89 | 87 | /1/2/87/89/ | countries/netherlands | 3
91 | 89 | /1/2/87/89/91/ | countries/netherlands/business | 4
92 | 89 | /1/2/87/89/92/ | countries/netherlands/economy | 4
90 | 87 | /1/2/87/90/ | countries/germany | 3]]></example>
<example fontsize="2em"><![CDATA[Id | ParentId | PathString | Path Identification String | Depth
---+----------+------------+--------------------------------+------
87 | 2 | /87/ | countries | 2
88 | 87 | /87/88/ | countries/belgium | 3
89 | 87 | /87/89/ | countries/netherlands | 3
91 | 89 | /87/89/91/ | countries/netherlands/business | 4
92 | 89 | /87/89/92/ | countries/netherlands/economy | 4
90 | 87 | /87/90/ | countries/germany | 3]]></example>
</slide>

21
slides/phpperform/path2.xml
View File

@@ -4,26 +4,27 @@
<subtitle>Adding a Child</subtitle>
<break/>
<example><![CDATA[ id | parent_id | path_string | path_identification_string | depth
---+-----------+----------------+--------------------------------+------
87 | 2 | /1/2/87/ | countries | 2
88 | 87 | /1/2/87/88/ | countries/belgium | 3]]></example>
<example class="highlight"><![CDATA[ 89 | 87 | /1/2/87/89/ | countries/netherlands | 3]]></example>
<example><![CDATA[ 91 | 89 | /1/2/87/89/91/ | countries/netherlands/business | 4
92 | 89 | /1/2/87/89/92/ | countries/netherlands/economy | 4
90 | 87 | /1/2/87/90/ | countries/germany | 3]]></example>
<example><![CDATA[id | parent_id | path_string| path_identification_string | depth
---+-----------+------------+--------------------------------+------
87 | 2 | /87/ | countries | 2
88 | 87 | /87/88/ | countries/belgium | 3]]></example>
<example class="highlight"><![CDATA[89 | 87 | /87/89/ | countries/netherlands | 3]]></example>
<example><![CDATA[91 | 89 | /87/89/91/ | countries/netherlands/business | 4
92 | 89 | /87/89/92/ | countries/netherlands/economy | 4
90 | 87 | /87/90/ | countries/germany | 3]]></example>
<list>
<bullet>Figure out new ID</bullet>
<bullet>Insert new item</bullet>
<bullet>Insert new item:</bullet>
</list>
<blurb>Query:</blurb>
<example><![CDATA[INSERT INTO ezcontentobject_tree(id) VALUES (NULL);
SELECT LAST_INSERT_ID();
UPDATE ezcontentobject_tree SET
parent_node_id = 89, path_string = '/1/2/87/89/93/',
parent_node_id = 89, path_string = '/87/89/93/',
path_identification_string = 'countries/netherlands/food',
depth = 4
WHERE id = 93;

20
slides/phpperform/path4.xml
View File

@@ -4,15 +4,17 @@
<subtitle>Selecting a Subtree</subtitle>
<break/>
<example><![CDATA[ id | parent_id | path_string | path_identification_string | depth
---+-----------+----------------+--------------------------------+------
87 | 2 | /1/2/87/ | countries | 2
88 | 87 | /1/2/87/88/ | countries/belgium | 3]]></example>
<example class="highlight"><![CDATA[ 89 | 87 | /1/2/87/89/ | countries/netherlands | 3
91 | 89 | /1/2/87/89/91/ | countries/netherlands/business | 4
92 | 89 | /1/2/87/89/92/ | countries/netherlands/economy | 4]]></example>
<example><![CDATA[ 90 | 87 | /1/2/87/90/ | countries/germany | 3]]></example>
<example><![CDATA[id | parent_id | path_string| path_identification_string | depth
---+-----------+------------+--------------------------------+------
87 | 2 | /87/ | countries | 2
88 | 87 | /87/88/ | countries/belgium | 3]]></example>
<example class="highlight"><![CDATA[89 | 87 | /87/89/ | countries/netherlands | 3
91 | 89 | /87/89/91/ | countries/netherlands/business | 4
92 | 89 | /87/89/92/ | countries/netherlands/economy | 4]]></example>
<example><![CDATA[90 | 87 | /87/90/ | countries/germany | 3]]></example>
<break lines="4"/>
<blurb>SELECT * FROM ezcontentobject_tree WHERE path_string LIKE '/1/2/87/89/%'</blurb>
<blurb>Query:</blurb>
<example class="large">SELECT * FROM ezcontentobject_tree
WHERE path_string LIKE '/87/89/%'</example>
</slide>

BIN
slides/phpperform/tree2.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 41 KiB

After

Width:  |  Height:  |  Size: 41 KiB

19
slides/phpperform/visitation1.xml
View File

@@ -30,16 +30,13 @@
<blurb fontsize="5em">Retrieve list with:</blurb>
<example fontsize="1.1em"><![CDATA[<?php
function gimmeParent($id) {
global $dir;
$res = mysql_query("SELECT parent, name FROM directory WHERE id = $id");
if (mysql_num_rows($res) > 0) {
$dir[] = ($row = mysql_fetch_row($res));
gimmeParent($row['parent']);
}
function gimmeParent($id) {
global $dir;
$res = mysql_query("SELECT parent, name FROM dir WHERE id=$id");
if (mysql_num_rows($res) > 0) {
$dir[] = ($row = mysql_fetch_row($res));
gimmeParent($row['parent']);
}
gimmeParent(7);
? >]]></example>
}
gimmeParent(7);]]></example>
</slide>

2
slides/phpperform/visitation3.xml
View File

@@ -7,7 +7,7 @@
<image align="center" filename="tree3.png" />
<blurb fontsize="5em">Query:</blurb>
<example fontsize="2em"><![CDATA[SELECT * FROM directory
<example class="large"><![CDATA[SELECT * FROM directory
WHERE
left <= 5 AND right >= 6]]></example>
</slide>

2
slides/phpperform/visitation4.xml
View File

@@ -7,7 +7,7 @@
<image align="center" filename="tree4.png" />
<blurb fontsize="5em">Query:</blurb>
<example fontsize="2em"><![CDATA[SELECT * FROM directory
<example class="large"><![CDATA[SELECT * FROM directory
WHERE
right - left = 1]]></example>
</slide>

2
slides/phpperform/visitation5.xml
View File

@@ -7,7 +7,7 @@
<image align="center" filename="tree5.png" />
<blurb fontsize="5em">Query:</blurb>
<example fontsize="2em"><![CDATA[SELECT * FROM directory
<example class="large"><![CDATA[SELECT * FROM directory
WHERE
left >= 4 AND right <= 9]]></example>
</slide>