[French version available here]
Are we willingly making our servers vulnerable to denial-of-service? After a reminder about hash algorithms and the reasons for their use, let’s discuss their cost on our infrastructures.
I recently realized that these algorithms were much more complex to implement than expected. Beware, don’t jump to conclusions: hashing passwords is still the most effective way to (not) store them today. But it seems that we should prepare for the next step.
We all have developed applications that identify their users through a login form that asks for a password. It is up to us…
 This discussion has indirectly resulted in a new serialization mechanism added to PHP 7.4. This post is now obsolete.
PHP serialization/unserialization has several drawbacks ^1.
On the serialization side, the
On the unserialization side:
unserialize()on user-submitted data;
PHP_Incomplete_Class, which behave in an unusual manner and most importantly break the semantics of the original…
In Making Symfony’s Router 77.7x faster - 1/2, we learned how to build a faster URL matcher, using hash-map lookups for static routes, and combined regular expressions for routes with placeholders, while preserving all the advanced features of the Symfony router. However, more work was needed for some real world apps, as at least one of them experienced a slow down. Let’s see how fixing this provided us with (one of) the fastest PHP routers out there.
First and foremost, there is no faster way to match a static route than a hash-map lookup. …
Was it slow? Not at all. In 2014, Nikita Popov published an inspiring blog post entitled Fast request routing using regular expressions. The article explains how one can match HTTP routes at very high performance, by combining them together in bigger regular expressions. Its conclusion rightfully reminds us that routing will usually not be a bottleneck in your apps, but also hints some of us are building high throughput HTTP servers in PHP, ending with this sentence: “If you tried to put the Symfony router behind such a server, it would totally cripple your performance.” …