Level up with Alfred

Nathan Page
20th Nov 2018

OSX's Spotlight tool made searching files and starting tasks a dream. That dream, though, still had space for more. What if you could execute commands from Spotlight? Or do *really* clever things?

Cue Alfred, stage left.

Read more

Level up with a shiny shell

Nathan Page
13th Nov 2018

Everyone has their preferred command shell. The bravest amongst us probably has some highly customised craziness, and the more unsure probably are using the plain mac Terminal. Somewhere in between, though, lies a world of fun that really should be explored. There are some great tools out there, and one of our favourites is Zsh.

Zsh is a shell that encapsulates all of BASH, and then a whole load of useful, 'standard' and 'other' features. Generally it's been nice to work with, though I must confess I've not by any means plumbed the depths of what it's capable of.

What...

Read more

Beware File::getFileUri()!

9th Nov 2018

I'll keep this short and sweet, but we thought this would be a useful tip to share with the world as a potential security issue with the combined use of File::getFileUri() and FileSystem::realpath().

Consider the following code excerpt :

$file = File::load($some_file_uri);

if ($file) {
  $uri = $file->getFileUri();
  $file_realpath = \Drupal::service('file_system')->realpath($uri);
}

Seems pretty harmless right? Load up the file from $some_file_uri , If we have a valid file then get the URI and then grab the real path.

Wrong (potentially, depending on what you do with $file_realpath).

If $file is a valid file, but for whatever reason the file is...

Read more

Level up with PHPStorm

Nathan Page
6th Nov 2018

There is a whole world of functionality that opens up when your editor can not only edit your code but understand it, and that's why we use PHPStorm. Read on for some thoughts, advice and tips for getting the most out of your IDE.

Read more