One of the most common security threats in web applications is SQL injection. It continues to top the OWASP application security risk list. Yet somehow many developers don't even know what it is. SQL injection is when a malicious SQL query is injected into a legitimate query run by the application, usually by a nefarious user through an input field in the user interface. It happens when the application isn't protecting the database from raw user input—common in so many…
Read on ›

Wow, my last post got way more attention than I expected, even making it all the way to the front page of Hacker News this past Saturday! To my surprise most of the response was positive. Even Reddit and Hacker News weren't too brutal. There was the expected amount of snark, to be sure, but there was also some genuine misunderstanding and confusion about a few things, so let's clear them up.

The full post ›
I've got a challenge for you. The next time you start a new project, try not using a PHP framework. Now, this isn't an anti-framework screed. Neither is it a promotion of not-invented-here thinking. After all, we're going to be using some packages written by several framework developers in this tutorial. I've got nothing but great respect for the innovation going on in that space. This isn't about them. This is about you. It's about giving yourself…
Read on ›

I love this contrasting pair of quotes, perfectly capturing the mindset of great leaders.

The full post ›
According to psychologist Mihaly Csikszentmihalyi, the human nervous system can only process about 110 bits of information per second. Understanding someone speaking to you requires about 60 bits per second. That's why we can't listen to more than one person at a time. Multitasking isn’t actually doing multiple things at once. It’s rapidly switching between multiple things with incredible frequency. It fatigues the brain and results in much lower quality decision-making all around. If you're feeling overwhelmed and like…
Read on ›
If your company is like the typical digital agency or software shop, you've got deadlines slapped on every bit of work in the entire organization as a way to get your people to deliver work quickly. If you're honest with yourself, you know that your people will miss their deadlines on plenty—if not most—of the work they do. And while you might crack the whip and fuss about it, you know deep down that it's expected. You're…
Read on ›

Is Your Team Feeling Scattered and Unfocused?

Not everything needs attention right this minute
In the world of design and development, your team's getting a lot thrown at it. It's true if you're running a software shop responsible for churning out a single product, and it's especially problematic for digital agencies with multiple clients. But when everything's an emergency, nothing is. We need a better way of keeping on top of all those demands and knowing which ones we should focus on right now. I've been through the ringer with project…
Read on ›
Next Page ›