News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

NetTuts.com:
Five Hidden Gems of Laravel
August 22, 2014 @ 11:51:20

The NetTuts.com site has posted a list of their five hidden gems in Laravel, a popular PHP framework. They look at a wide range of these "hidden" features that can help make your Laravel experience even better.

Many developers who use Laravel are probably only barely scratching the surface of what the framework has to offer. While the documentation does cover the most common use cases and the obvious features, it doesn't cover everything. Don't get me wrong, the documentation is fine, it's just that there's so much you can do, it's hard to document everything. Because of that, we're going to take a look at some of the hidden gems that lurk within Laravel.

The five items on their list come complete with summaries about the feature, when they were added, if they're documented and a code sample with them in use:

  • Cascading Views
  • Collections (with sorting, filtering and pagination)
  • Regular Expression Filters
  • The Message Bag
  • Fluent
0 comments voice your opinion now!
hidden gems laravel framework views collections regex filter message fluent

Link: http://code.tutsplus.com/articles/five-hidden-gems-of-laravel--cms-21907

SitePoint PHP Blog:
Using PHP Streams Effectively
November 21, 2013 @ 11:54:02

Vito Tardia has a new tutorial posted to the SitePoint PHP blog today showing you how to use PHP streams effectively, a continuation of his streams series started here.

n my previous article we've discovered the basics of PHP Streams and how powerful they were. In this tutorial we are going to use this power in the real world. First I'll show you how to build your custom filters and attach them to a stream, then we'll package our filters inside a document parser application.

He starts out by introducing the concept of filters in streams - bits of code that can be attached to the stream to perform operations on the data traveling through it. He includes a simple base64 encoding example with a fopen call to illustrate. He gets into more complex filtering by creating a Markdown filter capable of translating the incoming Markdown-formatted data into a document using the MarkdownExtra library. He also includes an example of another filter added on post-Markdown conversion, a Template filter using the RainTPL templating library.

0 comments voice your opinion now!
using streams filter markdown template tutorial

Link: http://www.sitepoint.com/using-php-streams-effectively/

Extending Twig Templates:
Inheritance, Filters, and Functions
April 16, 2013 @ 11:05:22

On PHPMaster.com today there's a new tutorial for the Twig templating users out there showing you how to extend your templates via inheritance, filters and functions - all abilities already built in to the tool.

When working within an MVC architecture, it's common to use a template library to populate the dynamic content of our views. There are dozens of such libraries available for PHP, but Twig is one of the standouts because of the ability to extend core features with custom implementations. In this article we'll explore how Twig templates can be extended using template inheritance, filters, and functions.

He starts first with some of the common limitations of templating frameworks (extension) and how Twig gets around this. He shows the use of the "extends" keyword and the "block"/"endblock" for splitting up the page into reusable chunks. He also shows how to use filters and functions in your Twig tags, allowing for more customized content and functionality for your output.

0 comments voice your opinion now!
taig template tag filter function inheritance tutorial

Link: http://phpmaster.com/extending-twig-templates-inheritance-filters-and-functions/

Ulrich Kautz:
PHP Validation & Sanitization
November 28, 2012 @ 11:57:35

Ulrich Kautz has recently taken a look at validation and sanitization of data in PHP applications. He talks about several different methods - both in core PHP and in various frameworks.

Validation and sanitization are extremely important topics, any developer should be aware of. Especially with powerful, modern frameworks, people seem to forget about the underlying concepts and wrongly assume it's already solved somehow. Correctly used and early on integrated, both play the central role in defending against attacks on your application.

He talks a bit about why you should care about the topic, some of the common issues/threats that could come up because of it and some general information on what validation and sanitization are. He looks at implementation with the filter extension and touches on functionality from Symfony 2, Laravel 3, CakePHP 2 and shares his own data filtering module with examples of its use.

0 comments voice your opinion now!
validation sanitization framework filter extension tutorial security


MaltBlue.com:
Painless Data Traversal with PHP FilterIterators
October 25, 2012 @ 08:54:35

On the MaltBlue blog Matt Setter has a new post introducing you to using FilterIterators for data traversal:

There's load of ways to traverse data, especially in PHP where there are a variety of loops available; including while, do while, for and foreach. These are fine for normal structures, such as scalar and associative arrays. But what if you want to get a bit more fancy?

He includes a bit of code showing the typical looping approach that a lot of developers take and how, using a FilterIterator, you can extend the default and make a custom "accept" method to remove certain matching items from the data set.

0 comments voice your opinion now!
filteriterator data traversal filter spl iterator array


David Müller:
Why URL validation with filter_var might not be a good idea
September 20, 2012 @ 08:09:31

David Müller has a new post to his site today showing why validating URLs with filter_var is a good thing for the security of your application.

Since PHP 5.2 brought us the filter_var function, the time of such [regular expressions-based] monsters was over. [With] the simple, yet effective syntax [and] with a third parameter, filter flags can be passed, [...] 4 flags are available [for URL filtering].

He shows how to use it to filter out a simple XSS issue (a "script" tag in the URL) and some examples of issues that the filter_var function doesn't prevent - like injection of other schemes (like "php://" or "javascript://"). He recommends adding a wrapper around the method to check for the correct scheme (ex. "http" or "https" for URLs) and reminds you that filter_var is not multibyte capable.

0 comments voice your opinion now!
filtervar url validation security filter input


NetTuts.com:
Build Web Apps From Scratch With Laravel Filters, Validations, and Files
August 01, 2012 @ 13:55:10

NetTuts.com has posted the latest in their series about the Laravel framework with this new post, a look at creating filters, validators and working with files.

In this Nettuts+ mini-series, we'll build a web application from scratch, while diving into a great new PHP framework that's rapidly picking up steam, called Laravel. In this lesson, we'll be learning about some very useful Laravel features: filters, and both the validation and files libraries.

They continue improving their sample application ("Instapics") and show you how to:

  • Create a filter to run before or after the request is handled
  • Apply a set of validation rules to a given dataset
  • Handle custom error messaging
  • Work with local files and uploads

They then take all of this and apply it to their application, creating an "auth" filter and login form, creating a form and doing some validation on its results and letting the user upload an image file.

0 comments voice your opinion now!
laravel framework tutorial filter validation files


Thomas Weinart:
What Iterators Can Do For You
August 01, 2012 @ 09:55:22

Thomas Weinert has a new post to his site showing some of the things that iterators can do for you (including working with arrays and aggregation).

Basically Iterators provide a list interface for an object. Like all interfaces they are a contract how something can be used. If you use an interface it is not relevant how it is implemented - the implementation logic is encapsulated. It is of course relevant on the integration level. A bad implementation can impact the performance of you application. Even an good implementation may need special resources (like a database). But all this does not impact how you use it. Your code using the object with the Iterator interface stays the same.

He shows how to use the IteratorAggregate, ArrayIterator, FilterIterator and how to create a custom Iterator that you can extend in your own code.

0 comments voice your opinion now!
iterator tutorial array filter aggregate custom


PHPMaster.com:
Input Validation Using Filter Functions
June 01, 2012 @ 15:53:28

On PHPMaster.com today there's a good tutorial that gives you some methods to do one of the most important things in any application - validating input. Their examples show how to use some of PHP's own filter functions to accomplish this.

Filter functions in PHP might not be sexy, but they can improve the stability, security, and even maintainability of your code if you learn how to use them correctly. In this article I'll explain why input validation is important, why using PHPs built-in functions for performing input validation is important, and then throw together some examples (namely using filter_input() and filter_var()), discuss some potential pitfalls, and finish with a nice, juicy call to action.

He talks about why validation is important to protect your application (and users) from malicious things like cross-site scripting. He emphasizes the use of PHP's own filter methods because they are established and, well, included in the language - no additional libraries needed. Example code is included showing how to use them to filter email addresses and check that something is an integer.

You can find out more about these functions on their manual pages: filter_input, filter_var.

0 comments voice your opinion now!
input validation filter tutorial bestpractice filtervar filterinput


Reddit.com:
Protecting against attack?
May 18, 2012 @ 10:19:35

In this recent post to Reddit.com, the question of application security is asked - the poster wants recommendations on how he should keep his app safe from would-be attackers:

I can code fairly well in PHP these days, but my security isn't so hot. Is there a tutorial or plugin you guys can recommend as to how I should be protecting my php pages/inputs? I want to avoid common attacks like XSS, inputs with NULL or DROP TABLE etc?

Responses on the post include recommendations related to:

  • Using the Chorizo scanner to find common issues in your code
  • Using PDO for database connections (with bound parameters)
  • Not trusting "$_SERVER"
  • Data sanitization

There's also links to a few other resources with more details.

0 comments voice your opinion now!
security attack opinion xss pdo validate filter



Community Events





Don't see your event here?
Let us know!


laravel release language configure symfony install podcast developer wordpress list community library interview bugfix threedevsandamaybe api code application series introduction

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework