Home
Videos uploaded by user “Luke Briner”
Installing PHP 5.6 on Windows 7 with IIS7
 
15:47
This video shows an installation of PHP 5.6 on a fresh install of Windows 7 including installing and configuring IIS7. There are some delays due to User Account Controls and waiting for IIS to install but I don't currently have the tools to edit the video.
Views: 83232 Luke Briner
Simsig Tutorial 1 - Basic layout of screens
 
09:04
In this first tutorial video for simsig, I describe what the screen looks like and what the basic elements of every simulation are. It does not look at every single piece of functionality, which we will look at in future videos.
Views: 3304 Luke Briner
OWASP Top 10 - A1 Injection explained
 
21:00
In the first of (hopefully) 10 videos, I want to explain each of the OWASP Top 10, what they might look like in an application and how to fix them.
Views: 15358 Luke Briner
OWASP Top 10 - A10 Unvalidated redirects and forwards
 
13:17
This is simply redirecting the user on the server-side with unvalidated data that has originated outside of your control such as a querystring or previously saved data. An attacker can abuse this to forward a victim via the vulnerable web application to an attackers site.
Views: 5043 Luke Briner
OAuth2 and OpenID Connect
 
40:13
What OAuth2 does, why it isn't designed for authentication and how OpenID connect solves the problems.
Views: 36468 Luke Briner
OWASP Top 10 - A3 XSS explained
 
22:22
An explanation fo Cross Site Scripting (XSS) what it looks like and how to stop it.
Views: 6159 Luke Briner
A beginners guide to simsig using the Royston simulation
 
29:27
Royston is the simplest simulation from simsig.co.uk but contains most of the information you need to know to operate all of the simulations. This is a brief introduction to how the user interface works, how to route trains and how to change headcodes.
Views: 4930 Luke Briner
OWASP Top 10 - A4 Insecure direct object references explained
 
19:32
Direct object references exist on almost all web applications as a way to tell the server what object you are accessing. If you do not carry out authorisation checks on that request, the reference is insecure and an attacker can easily exploit it to see objects they shouldn't. The vulnerability is most often related to URLs but applies to any user input where an object id is used such as search boxes and form posts.
Views: 7403 Luke Briner
Yii 2.0 Part 8 - Role-based Access Control (rbac)
 
36:27
This video looks at the default access control mechanism in Yii 2.0 (Access Control Lists) and how this is very limited and not very useful for a production site that has more than a few users. We discuss the concepts of role-based access control and what some example hierarchies look like and then show how this is enabled by adding a database migration and the use of an rbac admin extension. We then look at how we check permissions in code and how we can use the routes restriction provided by the plugin to more easily control permissions. See https://github.com/yiisoft/yii2/blob/master/docs/guide/security-authorization.md for more details. The source code for the tutorial is on github here: https://github.com/lukos/yii2-tutorial but please note that changes are continually made to the repository as the tutorials are made and might not match the tutorial exactly.
Views: 42020 Luke Briner
Yii 2.0 Part 5 - Displaying related data in views
 
13:06
By default, Yii will display an edit box for the id number of a foreign key. Most of the time, the user will want something more useful like a display name or similar in, perhaps, a drop down list. This video shows how your relationships are used to populate a dropdownlist control, something you will probably want to do soon after you start developing. The source code for the tutorial is on github here: https://github.com/lukos/yii2-tutorial but please note that changes are continually made to the repository as the tutorials are made and might not match the tutorial exactly.
Views: 13561 Luke Briner
Understanding Authentication and Authorisation Protocols
 
35:57
Some background, basic details and comparison of SAML/Shibboleth, OpenID, OAuth2 and OpenID Connect to give an idea of the single-sign-on authentication landscape.
Views: 8353 Luke Briner
OWASP Top 10 - A2 Broken authentication and session management explained
 
21:03
A very brief overview of session management and authentication and ways in which it can be subverted if you are using a weak system to implement it. This video can't go into too much detail because there is a lot to know about it but hopefully this gives a basic overview of what it means.
Views: 12867 Luke Briner
Yii 2.0 Part 1 - Creating an application on Windows 7
 
14:45
Briefly discusses the merits of using Yii 2 as a framework and then describes how we download and create a Yii 2 application, as well as some of the problems with Composer. It then describes setting up the site in IIS7 ready to test and develop. The source code for the tutorial is on github here: https://github.com/lukos/yii2-tutorial but please note that changes are continually made to the repository as the tutorials are made and might not match the tutorial exactly.
Views: 11876 Luke Briner
Yii 2.0 Part 7 - User functionality
 
29:12
This video looks at how the "web user" class in the Yii framework links to a user-provided model class responsible for authenticating the user. We discuss the shortcomings of the basic template in that it lacks the database table for users and then we copy over the content from the advanced template to rectify this and end up with a database-driven user system. The problem I had with the password range validator was that I had set 'not' to 'true' but I should have used true instead. Apologies for the errors during this tutorial, I was having to do it on the fly and at one point I have to pause the video to fix something. This was caused by me copying content from a modified advanced template site, not a fresh one. If you copy from a freshly created template, you will not have the same errors. The source code for the tutorial is on github here: https://github.com/lukos/yii2-tutorial but please note that changes are continually made to the repository as the tutorials are made and might not match the tutorial exactly.
Views: 7885 Luke Briner
Yii 2.0 Part 4 - Rules and validation
 
21:19
This video looks at Yii 2.0's validation and rules, including data type validators, non-validation validators! and using the SafeValidator for marking properties as safe for "massive assignment". The list of available validators can be found here: http://www.yiiframework.com/doc-2.0/yii-validators-validator.html and some more description about models, scenarios and validation can be found here: https://github.com/yiisoft/yii2/blob/master/docs/guide/structure-models.md The source code for the tutorial is on github here: https://github.com/lukos/yii2-tutorial but please note that changes are continually made to the repository as the tutorials are made and might not match the tutorial exactly.
Views: 6745 Luke Briner
Yii 2.0 Part 3 - Model, views and controller
 
21:20
Continuing on from the previous video, this video looks at creating models from database tables, including relationships automatically generated by Gii from foreign keys. It then looks at creating the controller and views for this model, demonstrates what these look like by default and shows how to handle updating the model when the database changes. The source code for the tutorial is on github here: https://github.com/lukos/yii2-tutorial but please note that changes are continually made to the repository as the tutorials are made and might not match the tutorial exactly.
Views: 9038 Luke Briner
PIC Microcontroller Tutorial 1 - What is a Microcontroller?
 
18:12
The first in a series of PIC microcontroller tutorials covering some basic programs followed by some more advanced features.
Views: 5920 Luke Briner
Simsig Tutorial 4 - Basic route setting
 
20:17
The basic NX (entry/exit) route setting system as well as how the absolute block works on Aston.
Views: 2471 Luke Briner
OWASP Top 10 - A8 Cross site request forgery (CSRF) explained
 
19:06
Cross-site request forgery is basically caused by tabbed browsers sharing session between tabs and automatically sending any cookies to a URL that originated them. An attacker abuses this by calling an action on another site that the user is logged into and without CSRF protection, the target site will not distinguish between user and attacker and carry out the action.
Views: 6666 Luke Briner
Simsig Tutorial 2 - Simsig menus
 
17:55
In this video I will look at the various menus inside simsig and which of these are the most useful.
Views: 1734 Luke Briner
OWASP Top 10 - A7 Missing function-level access control
 
15:24
This video is about function-level access control which simply means checking inside every action on your application that the current user has permission to call that action. Just because you didn't offer somebody a button or menu item, doesn't mean they can't call the action on the server, which is why the check is important.
Views: 2739 Luke Briner
Yii 2.0 Part 18 - The GridView widget
 
33:41
This video goes through the various parts of the gridview control, how we bind it to data and how to implement filtering/searching.
Views: 8841 Luke Briner
Yii 2.0 Part 15 - Database Migrations
 
20:47
This brief video talks about how to use database migrations - storing your database changes in files so that they can be applied in order to a database, they can synchronize developers and help deploy to production sites without lots of manual work or manually running SQL directly on databases. The reason my demo of $this-primaryKey didn't work is that the demo project is running on an older version of Yii2. Run "composer update" in the root of the project and it should give you a newer version with helpful shortcuts to use in migrations like: :code examples not allowed: etc. See http://www.yiiframework.com/doc-2.0/yii-db-schemabuildertrait.html for details No new code was added but the demo project is here: https://github.com/lukos/yii2-tutorial
Views: 5466 Luke Briner
Yii 2.0 Part 9 - Internationalisation
 
34:54
Yii provides some really powerful tools to translate both text and also numbers and dates into locale-specific formats and languages. This video walks through how this works, how to set it up and use it and also an example of how you could use a language selector widget to make it easy for the current user to change language. The Yii guide for internationalisation is here: https://github.com/yiisoft/yii2/blob/master/docs/guide/tutorial-i18n.md Any questions or comments, please add below. The source code for the tutorial is on github here: https://github.com/lukos/yii2-tutorial but please note that changes are continually made to the repository as the tutorials are made and might not match the tutorial exactly.
Views: 11222 Luke Briner
Yii 2.0 Part 11 - The advanced template
 
27:02
In this video, I look at the advanced template and explain the directory layout and the use of environments and configuration.
Views: 3647 Luke Briner
Yii 2.0 Part 10 - Routing and URL Creation
 
43:07
This video covers how Yii routes the urls to the controller actions and in reverse how it creates urls based on controllers/actions which can be used in hyperlinks, menus etc. This is quite a long video but covers most of what is found in the guide: http://www.yiiframework.com/doc-2.0/guide-runtime-routing.html The source code for this tutorial is found at github: https://github.com/lukos/yii2-tutorial Please leave comments or questions below.
Views: 10709 Luke Briner
Yii 2.0 Part 6 - Views, Models and ViewModels
 
15:37
When you first install Yii and run the CRUD generator, it is obvious how views can bind to single models, which bind to single database tables but what if we need to do something more complex like binding to multiple database models or when there is data in the form but it is not used for saving to the database. What if we need to display static data? This video looks at how views bind to models and the two types of models available to us to perform either simple or more complex binding of views to data. The source code for the tutorial is on github here: https://github.com/lukos/yii2-tutorial but please note that changes are continually made to the repository as the tutorials are made and might not match the tutorial exactly.
Views: 4945 Luke Briner
OWASP Top 10 - A9 Components with known vulnerabilities
 
12:56
Most of us use third-party libraries an components for all kinds of things in our applications, databases and servers. Each of these can contain vulnerabilities but we can only act on the known ones. Using a combination of process, policy, homework and CVE databases, we should try and make sure we are regularly checking our software for these known vulnerabilities and patching them to suit.
Views: 2527 Luke Briner
OWASP Top 10 - A6 Sensitive data exposure explained
 
27:19
Sensitive data is any data that has value i.e. most of it! We need to consider the value of the data we hold and apply suitable mostly cryptographic protections to ensure this data is not exposed incorrectly. Data is also protected by other items in the top 10 such as SQL injection protection and insecure direct object reference protection.
Views: 3651 Luke Briner
How to get IdentityServer3 up and running on your MVC client in .Net
 
27:10
A very quick run-down of what it looks like when you follow this tutorial: https://identityserver.github.io/Documentation/docsv2/overview/mvcGettingStarted.html This starts with the client setup and then looks at the server-side, and the additional settings that are available when configuring the server library.
Views: 10951 Luke Briner
Yii 2.0 Part 2 - A tour and basic database usage
 
32:38
Starting from a freshly installed Yii 2.0 basic template, this video introduces Netbeans as an IDE and looks at the folder layout for Yii 2.0 and then creates a Sqlite database, populating it with a basic table. Gii is introduced with the model generator demonstrated and then database migration is described as a way of controlling database work. The source code for the tutorial is on github here: https://github.com/lukos/yii2-tutorial but please note that changes are continually made to the repository as the tutorials are made and might not match the tutorial exactly.
Views: 8104 Luke Briner
Yii 2.0 Part 13 - Database Access Part 1: DAO and QueryBuilder
 
42:57
In this video, I introduce the foundations of Yii2 database access and discuss DAO and QueryBuilder. In most cases, you will not use these directly, you would use ActiveRecord but since ActiveRecord is based on these and shares some of the same functionality, I thought it best to start here. Code is on github here: https://github.com/lukos/yii2-tutorial
Views: 4982 Luke Briner
Simsig Tutorial 3 - timetables and headcodes
 
10:48
Each train that you need to signal through your control area is based on a timetable and has a headcode. The timetable dictates the timings that are planned for the service and which will minimise disruption to passengers. The headcodes are unique within a control area and allow the signaller to have an idea of where each service is going to.
Views: 1503 Luke Briner
Yii 2.0 Part 12 - Managing Assets
 
01:11:32
This is quite a long video that looks at some of the background of assets - CSS and Javascript files mainly - (bundles, minifying, caching) and then looks at how the AssetManager only supports these indirectly. The AssetManager is mainly designed for dependency management of assets and programmable ability to add assets to views.
Views: 3619 Luke Briner
Simsig Bristol Introduction
 
18:35
This is an overview of the various parts of the Bristol simulation provided by simsig.co.uk. This is a difficult and busy simulation and although it is just about manageable for one person with the speed turned down and without a spare second to think, it is much more practical to do with 3 to 5 people, each looking after one of the 5 panels. Any questions or comments, please post below.
Views: 1054 Luke Briner
Yii 2.0 Part 16 - Composer Packages
 
13:08
A brief introduction to Composer packages in Yii. The difference between require and require-dev is that with the dev requirements, you have the option of ignoring them when performing an install or an update with composer. This can be useful when running composer on a production server where you don't want the dev dependencies installed. Code is here: https://github.com/lukos/yii2-tutorial
Views: 1397 Luke Briner
OWASP Top 10 - A5 Security misconfiguration explained
 
21:54
Security misconfiguration is a blanket term used to describe configuration at all levels in the web application stack from the OS but including databases, firewalls, frameworks and the web server. There is lots to get right but there are tools and guides to most of it that will need to be understood to do things properly.
Views: 4479 Luke Briner
PIC Microcontroller Tutorial 3 - Reading and reacting to inputs
 
24:54
In this video, we look at how to read inputs both in C and Assembly and also refer to the difference between "active high" and "active low" wiring. We also look at the problem that switch bounce can cause when being read very quickly by a microcontroller input.
Views: 3340 Luke Briner
Yii 2.0 Part 19 - REST APIs
 
38:15
A quick run through of the various Yii2 functions that allow very rapid creation of REST APIs including binding to a mongodb database instead of the usual SQL one. Code is based on the basic template with changes as described at https://www.yiiframework.com/doc/guide/2.0/en/rest-quick-start If you want the template code to work from, it is uploaded at: https://github.com/lukos/yii2-api-mongo
Views: 2360 Luke Briner
Yii 2.0 Part 17 - Caching
 
59:19
In this video, we look at caching: data, fragments, pages and the use of dependencies. Client caching is not covered here but is in the guide: http://www.yiiframework.com/doc-2.0/guide-caching-http.html Sorry about the problem with the books controller. It was caused because somehow the namespace in BookController was changed from app\controllers to app\Controllers. I also forgot to mention database caching. Two examples can be found in SiteController::actionIndex() commented out (works for Active Record and DAO!) Code is here: https://github.com/lukos/yii2-tutorial
Views: 3493 Luke Briner
Simsig Birmingham New Street Introduction
 
29:06
I have just started trying this simulation out and wanted to share my experiences for anyone else interested in buying it. It is just about workable by yourself but it is busy and you might get 3 TRTS at the same time!
Views: 2808 Luke Briner
Unboxing a Graham Farish N gauge/N scale "N" class loco
 
19:32
I bought two brand new Graham Farish "N" class locomotives in N gauge/N scale and this is me unboxing one of them for the first time, having a look at what is included and putting it on my test track for some running-in before fitting a Lenz silver mini decoder.
Views: 2225 Luke Briner
Part 1 - Creating games with CocosSharp and Visual Studio
 
37:47
The first of a series of videos helping you to setup Visual Studio for creating cross-platform games using CocosSharp. This video takes you from an introduction to creating and running the default Android "game" in the Android virtual device. The instructions for adding the CocosSharp templates are here: https://forums.xamarin.com/discussion/30701/cocossharp-project-templates-for-visual-studio Home page for CocosSharp is here: https://github.com/mono/cocossharp
Views: 905 Luke Briner
Yii 2.0 Part 14 - Database Access Part 2: ActiveRecord
 
52:18
A slightly longer video covering lots of stuff to do with ActiveRecord database access. I'm sure you have loads of questions but hopefully this should answer some of them! Code is here: https://github.com/lukos/yii2-tutorial
Views: 3772 Luke Briner
Regular Expressions - A Quick Introduction
 
17:54
This video is a PowerPoint presentation introducing Regular Expressions, what they are for and some of the basic patterns to use. It is aimed at the people viewing the Yii 2 tutorial videos since regexes are used a few times in Yii 2. Any questions or comments, please leave below.
Views: 190 Luke Briner
PIC Microcontroller Tutorial 2 - Your first program, switching on an output
 
36:46
In this video, we look at the most basic program for a PIC in C and Assembly - switching on a single output on the device. There is some configuration to understand and a standard way of laying out a program.
Views: 2577 Luke Briner
Simsig Exeter Introduction
 
27:11
An intro to the operation of the Exeter signalling area courtesey of simsig.co.uk. An easier simulation for newbies and people with a little more experience that starts slow but has plenty to occupy once the morning rush starts. Exeter covers the main lines between Bridgwater and Ivybridge with branches to Paington, Barnstaple and the old LSWR line towards Honiton.
Views: 154 Luke Briner
Simsig Carlisle Introduction (easy 2000s mode)
 
30:03
A description of the Carlisle simsig simulation with the 2006 timetable and the 2000s era, an engaging simulation for one or more people.
Views: 139 Luke Briner
Simsig Derby Introduction
 
22:51
A walk through of the basics of Derby, what to watch out for and where most of the services are running.
Views: 311 Luke Briner
Simsig Brighton Introduction
 
31:56
A tour round the simsig Brighton simulation.
Views: 648 Luke Briner