Was reading planetmysql.org as usual and found a few blogposts that are worthwhile to read.

Advice to MySQL by Jay Pipes. It’s really interesting to watch how much bashing MySQL receives these days. And every time i get a more worse and worse picture of how bad their code should be. Though i’m really excited about the Drizzle project which solves most of the mentioned problems. Though i haven’t made up my mind yet is a windows build and backwards compatibility crucial to MySQL. Read the comments and decide yourself.

Handling secure web uploads an interesting post by Tim. Though i think that a lot of stuff is obvious like checking file extensions, whitelisting/blacklisting. The php function to check the extension can make you giggle - a bit kindergarden explaining don’t you think?. Though figuring out which extensions should be blacklisted is amazing. Would loved to read more explaining about the various possibilities of attacks using these extensions. The part about IE and content type detection is really mind blowing and i agree with Domas Mituzas that the post is epic. There are not a lot of people that would care to disassemble the IE code and port portions of it to readable PHP code and share it with the world. I think the guy is a true geek in a good way (if there is such a way) to do this and i believe a lot of people will find it very useful ;)

I love diagnostic tools. Having to work with many applications at once it is vital to ensure that everything is working fine. Found a nice post about MySQL diagnostic tools. Should check them out on our production servers. Seems useful.

P.S. I edited the original post to not sound so bashing about Tim’s article.

No tags