Glossary
Web Storage, IndexedDB & Cookies
HTML5
Three client-side storage mechanisms: localStorage (persistent key-value), sessionStorage (tab-scoped), and IndexedDB (structured, queryable) — each suited to different data sizes and use cases.
3mo ago
javascript intermediate
Web Workers
ES2015
Background threads in the browser that run JavaScript without blocking the main thread — essential for CPU-intensive tasks that would otherwise freeze the UI.
3mo ago
javascript advanced
Webhooks
PHP 5.0+
A reverse API — a service POSTs event notifications to a registered URL whenever something occurs, eliminating the need to poll.
3mo ago
architecture beginner
WebSocket Protocol
PHP 7.0+ A full-duplex communication protocol over a single TCP connection — the client and server can both send messages at any time without polling.
3mo ago
networking intermediate
WebSockets
PHP 7.0+
A persistent full-duplex TCP connection enabling real-time bidirectional messaging between browser and server without polling overhead.
3mo ago
architecture intermediate
Xdebug — Debugging & Profiling
PHP 5.0+
1
The essential PHP debugging extension providing step debugging, stack traces, code coverage, and profiling output.
3mo ago
php beginner
XML Entity Expansion (Billion Laughs / XXE)
PHP 5.0+
Denial-of-service via exponentially nested XML entities (Billion Laughs) or SSRF/file-read via external entity references (XXE).
CWE-611 OWASP A5:2021
3mo ago
security intermediate
9.1
XML External Entity (XXE)
PHP 5.0+
A vulnerable XML parser processes external entity references, letting attackers read local files or trigger SSRF.
CWE-611 OWASP A5:2021
3mo ago
security advanced
8.2
XML Injection
PHP 5.0+
1
Unsanitised user input injected into XML documents alters their structure, potentially corrupting data or enabling further attacks.
CWE-91 OWASP A3:2021
3mo ago
security intermediate
7.5
XPath Injection
PHP 5.0+
Unsanitised input manipulates XPath queries against XML documents, enabling data extraction or authentication bypass.
CWE-643 OWASP A3:2021
3mo ago
security intermediate
7.5
YAGNI
PHP 5.0+
You Aren't Gonna Need It — don't implement functionality until it's actually required.
3mo ago
quality beginner
Yoda Conditions
PHP 5.0+
Writing comparisons with the constant on the left (42 === $x) to prevent accidental assignment — largely obsolete with modern tooling.
3mo ago
style beginner
Zero Downtime Deployment
PHP 5.0+
Deploying new application code without dropping a single request — using rolling updates, blue/green swaps, or atomic symlink switches.
3mo ago
devops intermediate
Zero Trust
PHP 5.0+
Never trust, always verify — authenticate and authorise every request regardless of network location.
3mo ago
general intermediate
Zero-Day Vulnerability
A security flaw unknown to the vendor with no available patch — attackers may have exploits in the wild before defenders can respond.
3mo ago
security intermediate
Zip Slip
PHP 5.0+
A path traversal attack via crafted archive filenames (e.g. ../../evil.php) that escape the extraction directory during unzip.
CWE-22 OWASP A1:2021
3mo ago
security intermediate
8.1
Batch Processing
PHP 5.5+
1
Processing records in grouped chunks rather than one at a time, reducing per-record overhead and enabling efficient bulk database operations.
3mo ago
performance intermediate
bcrypt
PHP 5.5+
1
A deliberately slow password hashing algorithm designed to resist brute-force attacks by tunable computational cost.
CWE-327 OWASP A2:2021
3mo ago
security intermediate
Closures & Anonymous Functions
PHP 5.3+
1
First-class anonymous functions that can capture variables from their enclosing scope via the use keyword.
3mo ago
php intermediate
Code Smell
A surface indication in code that usually corresponds to a deeper design problem — not a bug, but a maintainability risk.
3mo ago
quality beginner