User:SVG/Helpful

local pages

 * Secure coding and code review for MediaWiki/Tutorial

external webpages

 * Open Web Application Security Project: http://www.owasp.com/

some other things

 * don't use $IP, use dirname( __FILE__ ) instead ( e.g. require_once ( dirname( __FILE__ ) . '/extensions/ReplaceText/ReplaceText.php' ); )
 * avoid raw SQL code, use builders like Database::select
 * new MediaWiki can't be used in frames anymore
 * append &* to API urls so IE 6 doesn't detect urls as extensions
 * only open caching data you need so you only publish needed data and no privates
 *   tags allow executing data in the intended context
 * http://bugzilla.wikimedia.org/show_bug.cgi?id=34907
 * http://tstarling.com/presentations