Firdaus Safari

Setting up a local environment doesn't have to be finnicky. Move those config files into the trash bin. Doesnt matter the platform (macOS & Windows compatible), these modern tools make your local environment simpler. Well, at least simpler than XAMPP or MAMP lah. Laravel Herd Blazingly fast, native local environment for PHP and Laravel projects. Also support other frameworks like CI3 and such. Why?   Plug-and-play bro. No manual config required.  Easy access Your projects can be accessed instantly via a .test domain right out of the box. Simply lovely Click-click and you're done. XAMPP or MAMP can never. Installing Laravel Herd macOS: Download Herd for macOS , open the .dmg file, and drag it to your Applications folder.  Windows: Download Herd for Windows , run the .exe, and follow the setup wizard.  Setting Up Your First Project: Open the Herd tray icon and navigate to Settings > Sites.  Click Add site and point it to your project folder.  Ensure ...

This blog have been more or less abandoned for the past few years. Im gonna be a bit more active in 2026 (hopefully). Banyak benda my mind that I can write and share. I dont care if no one read this. I just want to pour my thoughts somewhere. Plus, this is a better place than my private notes.  New changes: Custom domain (finally bought 'firdausbsafari.my' 🎉) New theme centered around tech and programming Added favicon (idk why its square lol) Added google analytics cuz im a nerd New banner (sadly this theme doesnt display the banner) Oh, and by the way, I'm now open for sidegigs. Just hit me up with a DM if you want something done. I can do both Web & App.

Page korang load slow ? Rekod berjuta-juta?  Client bising kena tunggu lebih 10 saat untuk page load ?  Say no more. Perkongsian ilmu kali ni pasal query tuning. Bukan ecu kenderaan je boleh tune untuk bagi laju, database & query pun boleh. Even 1 saat tunggu pun dah boleh masuk kategori slow. Jadi, jom belajar cara lajukan query. Optimize select Jangan guna select * Aku berani bet, kau tak guna pun semua rekod. Max pun lah, maybe 90% field guna. 10% off masih berbaloi untuk buat select panjang2. Pastikan tak select benda sama dua kali   Optimize penggunaan functions Certain functions create temporary table untuk process data sebelum return value. High cost, better buat cara lain. DISTINCT ➡️ lagi laju guna GROUP BY GROUP_CONCAT ➡️ boleh buat satu query lain yg simple, then process, merge both array of object ORDER BY ➡️ sort dkt frontend shj, backend tak perlu Optimize subquery Masa join table, dia akan select all field. Better select terus field apa yg kita nak ma...

Vulnerabilities in Dependencies - A Lesson from 4Chan Case Study: The 4Chan Security Breach The Neglect 4Chan had not updated its project dependencies since 2009. The Vulnerability One specific dependency was publicly known to have multiple critical vulnerabilities: Ghostscript.  Ghostscript Vulnerability Reports (Snyk) Attack Vectors: Local File Inclusion (LFI): The system processed PDF files without verifying if the uploaded file was actually a PDF. Remote Code Execution (RCE): After a successful injection, attackers could run malicious scripts directly on the server. The Wake-Up Call This event serves as a modern reminder of the critical importance of keeping dependencies up to date. Dependencies Audit & Status These are some of the dependencies commonly used. mPDF (Fixed) Vulnerability: Deserialization of untrusted data (similar to the 4Chan/Ghostscript exploit). Risk: Affects all versions lower than 7.1.8. aws/aws-sdk-php (Fixed) Path Traversal Affects versions lower t...

Sebagai leader, jangan sesekali assume orang lain faham komunikasi kita. Kita boleh cakap pasal performance , tapi tak semua orang tahu context perbualan. Orang lain mungkin assume perbualan performance tu pasal kereta instead of application .  Bahaya salah komunikasi dengan teammates, boleh rosak project. Aku dah senarai ciri-ciri komunikasi yang berkesan di bawah: Jelasan Pastikan objektif tercapai. Gunakan konsep MRT (Measurable, Realistic, Timebound). Lengkap Gunakan formula 5W1H (Why, When, Where, Who, What, How). Contoh: "Tolong buat report tentang umur pengguna sistem A dari tarikh B ke C, dalam bentuk excel, submit by Isnin pukul 4. Data ni nak guna untuk marketing ke pengguna." Ringkas Jangan terlalu panjang; elakkan ayat berbunga. Straight to the point. Kukuh & Konkrit Berdasarkan bukti atau data yang spesifik (bukan general). Contoh Teruk: "Ramai kata sistem slow." Contoh Baik: "17 user dari Semenanjung dah komen yang sistem slow pada puku...