🚀  We just launched hackr for designers. Visit it here

Hackr.io is a programming community to find and share the best online programming courses & tutorials. Join them, it only takes 30 seconds.

Here's how it works:

share-icon

Anybody can submit a course or a tutorial

thumbs-up

Community upvotes the useful tutorials

upwards-graph

The best tutorials rise to the top

PHP The Right Way (phptherightway.com)

Visit Tutorial
Free
#1 out of total 16 PHP tutorials & courses

Submitter

Educator

Coming Soon

Coming Soon.

Why developers like this tutorial:

Content quality

Qualified Instructor

Video quality

Course Pace

Course depth and Coverage

Add your one-liner here:

Wanna find a programming buddy?

Learning a new programming language can be tough especially if you are a beginner in programming. Find a programming buddy and learn this tutorial in more engaged and fun way.
How finding a programming buddy works?
  1. You tell us that you are looking for a programming buddy. We'll ask you details like your timezone, your preferred language, etc. to connect to the right programming buddy.
  2. We'll connect you with other folks looking for programming buddies. It may take a few hours to few days.
  3. Once connected, you can mutually decide on the medium for chatting and screen sharing. That's it. All the best!

Discuss this tutorial:

Ask a question or write your feedback/review of this course or tell anything to the people taking this course.

2 years ago

Right,.. the "right way",.. and it is telling us to execute arbitrary code over the network by running "curl -s https://getcomposer.org/installer | php"... that's wrong on so many levels.

1 month ago

@matthias-hogerheijde You can always download the code and see what you are installing. Isn't that the same with almost everything else?

@gaurav-gupta It is not the same, because you need a level/web of trust. The act of trusting https://getcomposer.org/installer is not wrong in and of itself, teaching people to blindly copy-paste a command that does remote-code execution is the point that I'm fussing about. We should teach everyone to *first* find out what the level of trust is they put in something. Either by looking at the code and understanding it; or by making sure others (that you trust) have. So the least you should do is explain _why_ you trust the content of https://getcomposer.org/installer _before_ you tell others to blindly run that code. Then, I can figure out if your trust in them means anything to me. If so, I'll follow your advice. If not: I need to double-check.



Again: it's not about the actual command; it's about telling people that this is normal. It shouldn't be.