Invidious is an alternative front-end to YouTube

• Audio-only mode (and no need to keep window open on mobile)
• Open-source (AGPLv3 licensed)
• No ads
• No need to create a Google account to save subscriptions
• Lightweight (homepage is ~4 KB compressed)
• Tools for managing subscriptions:
• Only show unseen videos
• Only show latest (or latest unseen) video from each channel
• Delivers notifications from all subscribed channels
• Automatically redirect homepage to feed
• Import subscriptions from YouTube
• Dark mode
• Embed support
• Set default player options (speed, quality, autoplay, loop)
• Does not require JS to play videos
• Support for Reddit comments in place of YT comments
• Import/Export subscriptions, watch history, preferences
• Does not use any of the official YouTube APIs
• Developer API

Federated link aggregation powered by ActivityPub.

Hello, stranger!

Forget is a service that automatically deletes your old posts that everyone has forgotten about. Shouldn't databases forget too?

Features

Delete your stale bad posts without even having to look at them again!
Set it and forget it. Once you set up an post age limit and/or a post count limit, posts will be considered for deletion as soon as they age past these limits.
Choose your pace: delete one post every minute, one post a day, etc...
Optionally mark posts that you want to keep, by giving them a like / favourite / florp.
Optionally keep posts with media.

Freier Zugang zu unseren Gesetzen.

Ein privater Verlag bestimmt darüber, wie unsere Gesetze in Kraft treten. Wer Gesetzesblätter des Bundes durchsuchen, kopieren oder ausdrucken will, wird zur Kasse gebeten.

Das ändern wir!
Wir stellen das Bundesgesetzblatt in digitaler Form kostenfrei zur Verfügung.

The ArchiveTeam Warrior is a virtual archiving appliance. You can run it to help with the ArchiveTeam archiving efforts. It will download sites and upload them to our archive — and it’s really easy to do!

The warrior is a virtual machine, so there is no risk to your computer. The warrior will only use your bandwidth and some of your disk space.

The warrior runs on Windows, OS X and Linux. You’ll need VirtualBox (recommended), VMware or a similar program to run the virtual machine.

There’s a lot of outdated information on the Web that leads new PHP users astray, propagating bad practices and insecure code. PHP: The Right Way is an easy-to-read, quick reference for PHP popular coding standards, links to authoritative tutorials around the Web and what the contributors consider to be best practices at the present time.

There is no canonical way to use PHP. This website aims to introduce new PHP developers to some topics which they may not discover until it is too late, and aims to give seasoned pros some fresh ideas on those topics they’ve been doing for years without ever reconsidering. This website will also not tell you which tools to use, but instead offer suggestions for multiple options, when possible explaining the differences in approach and use-case.

This is a living document and will continue to be updated with more helpful information and examples as they become available.

Here it is: a real restoration project for the infamous Donkey Kong Country for GBA. It wasn’t a bad port after all, the gameplay was completely intact and also had the new Hero and Attack modes.

It’s still a little behind from the SNES version due to the resolution reducement and soundtrack (which sounds worse, but still sounds good!). But it’s an undeniable improvement.

This wasn’t the typical SNES to GBA palette restoration. This was hell. After Rare reduced all sprites and tilesets, none of the palettes matched so they had to be repaletted manually using Photoshop and a custom tool made exclusively for this.

Libre Lounge is a podcast where we casually discuss various topics involving user freedom, crossing free software, free culture, network and hosting freedom, and libre hardware designs. We discuss everything from policy and licensing to deep dives on technical topics... whatever seems interesting that week. At some point we might even have guests!

Playnite is open source video game library manager with one simple goal: To provide a unified interface for all of your games.

CryptPad is a private-by-design alternative to popular office tools and cloud services. All the content stored on CryptPad is encrypted before being sent, which means nobody can access your data unless you give them the keys (not even us).

Sublime Notebook is an attempt to use Sublime Text as a complete note taking application.

Collect your thoughts and notes
without leaving the command line

The app that started the collaborative editing revolution is back. Write articles, code, notes or meeting minutes with friends – wherever they are. Ideal for extreme programming sessions, tutoring and creative writing. And now it is free and open source!

H̵e̵l̵l̵o̵ ̵t̵e̵x̵t̵ ̵s̵t̵r̵i̵n̵g̵ ̵m̵y̵ ̵o̵l̵d̵ ̵f̵r̵i̵e̵n̵d̵.̵
H̶e̶l̶l̶o̶ ̶t̶e̶x̶t̶ ̶s̶t̶r̶i̶n̶g̶ ̶m̶y̶ ̶o̶l̶d̶ ̶f̶r̶i̶e̶n̶d̶.̶
H̷e̷l̷l̷o̷ ̷t̷e̷x̷t̷ ̷s̷t̷r̷i̷n̷g̷ ̷m̷y̷ ̷o̷l̷d̷ ̷f̷r̷i̷e̷n̷d̷.̷
H̸e̸l̸l̸o̸ ̸t̸e̸x̸t̸ ̸s̸t̸r̸i̸n̸g̸ ̸m̸y̸ ̸o̸l̸d̸ ̸f̸r̸i̸e̸n̸d̸.̸
e̴l̴l̴o̴ ̴t̴e̴x̴t̴ ̴s̴t̴r̴i̴n̴g̴ ̴m̴y̴ ̴o̴l̴d̴ ̴f̴r̴i̴e̴n̴d̴.̴

Stop!

You're making a mistake here. Oh, no, you've picked the right PHP functions to make your data a bit safer. That's fine. Your mistake is in the order of operations, and how and where to use these functions.

It's important to understand the difference between sanitizing and validating user data, escaping data for storage, and escaping data for presentation.

Sanitizing and Validating User Data

When users submit data, you need to make sure that they've provided something you expect.

Sanitization and Filtering

For example, if you expect a number, make sure the submitted data is a number. You can also cast user data into other types. Everything submitted is initially treated like a string, so forcing known-numeric data into being an integer or float makes sanitization fast and painless.

What about free-form text fields and textareas? You need to make sure that there's nothing unexpected in those fields. Mainly, you need to make sure that fields that should not have any HTML content do not actually contain HTML. There are two ways you can deal with this problem.

First, you can try escaping HTML input with htmlspecialchars. You should not use htmlentities to neutralize HTML, as it will also perform encoding of accented and other characters that it thinks also need to be encoded.

Second, you can try removing any possible HTML. strip_tags is quick and easy, but also sloppy. HTML Purifier does a much more thorough job of both stripping out all HTML and also allowing a selective whitelist of tags and attributes through.

Modern PHP versions ship with the filter extension, which provides a comprehensive way to sanitize user input.

Validation

Making sure that submitted data is free from unexpected content is only half of the job. You also need to try and make sure that the data submitted contains values you can actually work with.

If you're expecting a number between 1 and 10, you need to check that value. If you're using one of those new fancy HTML5-era numeric inputs with a spinner and steps, make sure that the submitted data is in line with the step.

If that data came from what should be a drop-down menu, make sure that the submitted value is one that appeared in the menu.

What about text inputs that fulfill other needs? For example, date inputs should be validated through strtotime or the DateTime class. The given date should be between the ranges you expect. What about email addresses? The previously mentioned filter extension can check that an address is well-formed, though I'm a fan of the is_email library.

The same is true for all other form controls. Have radio buttons? Validate against the list. Have checkboxes? Validate against the list. Have a file upload? Make sure the file is of an expected type, and treat the filename like unfiltered user data.

Every modern browser comes with a complete set of developer tools built right in, which makes it trivial for anyone to manipulate your form. Your code should assume that the user has completely removed all client-side restrictions on form content!

Escaping Data for Storage

Now that you've made sure that your data is in the expected format and contains only expected values, you need to worry about persisting that data to storage.

Every single data storage mechanism has a specific way to make sure data is properly escaped and encoded. If you're building SQL, then the accepted way to pass data in queries is through prepared statements with placeholders.

One of the better ways to work with most SQL databases in PHP is the PDO extension. It follows the common pattern of preparing a statement, binding variables to the statement, then sending the statement and variables to the server. If you haven't worked with PDO before here's a pretty good MySQL-oriented tutorial.

Some SQL databases have their own specialty extensions in PHP, including SQL Server, PostgreSQL and SQLite 3. Each of those extensions has prepared statement support that operates in the same prepare-bind-execute fashion as PDO. Sometimes you may need to use these extensions instead of PDO to support non-standard features or behavior.

MySQL also has its own PHP extensions. Two of them, in fact. You only want to ever use the one called mysqli. The old "mysql" extension has been deprecated and is not safe or sane to use in the modern era.

I'm personally not a fan of mysqli. The way it performs variable binding on prepared statements is inflexible and can be a pain to use. When in doubt, use PDO instead.

If you are not using an SQL database to store your data, check the documentation for the database interface you're using to determine how to safely pass data through it.

When possible, make sure that your database stores your data in an appropriate format. Store numbers in numeric fields. Store dates in date fields. Store money in a decimal field, not a floating point field. Review the documentation provided by your database on how to properly store different data types.

Escaping Data for Presentation

Every time you show data to users, you must make sure that the data is safely escaped, unless you know that it shouldn't be escaped.

When emitting HTML, you should almost always pass any data that was originally user-supplied through htmlspecialchars. In fact, the only time you shouldn't do this is when you know that the user provided HTML, and that you know that it's already been sanitized it using a whitelist.

Sometimes you need to generate some Javascript using PHP. Javascript does not have the same escaping rules as HTML! A safe way to provide user-supplied values to Javascript via PHP is through json_encode.

And More

There are many more nuances to data validation.

For example, character set encoding can be a huge trap. Your application should follow the practices outlined in "UTF-8 all the way through". There are hypothetical attacks that can occur when you treat string data as the wrong character set.

Earlier I mentioned browser debug tools. These tools can also be used to manipulate cookie data. Cookies should be treated as untrusted user input.

Data validation and escaping are only one aspect of web application security. You should make yourself aware of web application attack methodologies so that you can build defenses against them.

Get a trusted software to transfer and save your music, messages, files and data. Safely back up any iPhone, iPad or iPod touch. Powerful and user-friendly, iMazing is simply the best iOS device manager for Mac and PC.

Go beyond iTunes. Get iMazing.