Group items tagged

This is all you need to know for Facebook Connect

I use Google Analytics for my web sites, you might use Mint or something else bespoke, but if you're using JavaScript to track those stats (as Google does), you're not capturing how many users you have that don't have JavaScript installed.

Krumo is a replacement for print_r() and var_dump()

WP plugin to greet visitors from specific referrals

Vanilla is an open-source, standards-compliant, multi-lingual, theme-able, pluggable discussion forum for the web.

Open Source Web Analytics Framework

"Viewstate (ASP.NET) ASP.NET has an option to maintain your ViewState. The ViewState indicates the status of a page when submitted to the server. The status is defined through a hidden field placed on each page with a control. Viewstate can be used as a CSRF defense, as it is difficult for an attacker to forge a valid Viewstate. It is not impossible to forge a valid Viewstate since it is feasible that parameter values could be obtained or guessed by the attacker. However, if the current session ID is added to the ViewState, it then makes each Viewstate unique, and thus immune to CSRF. To use the ViewStateUserKey property within the Viewstate to protect against spoofed post backs. Add the following in the OnInit virtual method of the Page-derived class (This property must be set in the Page.Init event) protected override OnInit(EventArgs e) { base.OnInit(e); if (User.Identity.IsAuthenticated) ViewStateUserKey = Session.SessionID; } The following keys the Viewstate to an individual using a unique value of your choice. (Page.ViewStateUserKey) This must be applied in Page_Init because the key has to be provided to ASP.NET before Viewstate is loaded. This option has been available since ASP.NET 1.1. However, there are limitations on this mechanism. Such as, ViewState MACs are only checked on POSTback, so any other application requests not using postbacks will happily allow CSRF. "