Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Zend Framework Blog:
Filter input using zend-filter
Jun 09, 2017 @ 10:58:19

The Zend Framework blog has posted a new tutorial covering a single component of the framework. In this latest article ZF lead developer Matthew Weier O'Phinney covers the zend-filter component for filtering input from your users.

When securing your website, the mantra is "Filter input, escape output." We previously covered escaping output with our post on zend-escaper. We're now going to turn to filtering input.

Filtering input is rather complex and spans a number of practices: filtering/normalizing input [and] validating input. For now, we're going to look at the first item, filtering and normalizing input, using the component zend-filter.

He shows you how to get the component installed, via Composer, and talks about some of the dependencies it needs, optional and required. Since they'll be using the "FilterChain" functionality, he also requires that. He moves into the code, showing the interface required for a validator to work (basically just defining a "filter" method). He talks about some of the common filtered included and how to refactor custom validation handling into a FilterChain performing the same operations. He ends with another example of reading from a file and how to use it on an array of values, each line as a string from the file.

tagged: zendframework component tutorial introduction zendfilter input

Link: https://framework.zend.com/blog/2017-06-08-zend-filter.html

Rob Allen:
Stand-alone usage of Zend-InputFilter
Feb 15, 2017 @ 09:58:51

Rob Allen has written up a brief tutorial showing you how to use the Zend/Filter component independently from a Zend Framework application. In his example he integrates it into a simple API endpoint.

Any data that you receive needs to be checked and validated. There are number of ways to do this including PHP's filter_var, but I prefer Zend-InputFilter. This is how to use it as a stand-alone component.

He shows you how to get the component installed (along with the Zend ServiceManager) and the creation of a basic validation/filtering on "author" data. He explains the different parts that make up the instance: required, filters and validators. He then shows how to use it in your request and the resulting output if something fails.

tagged: zendframework zendfilter component standalone usage tutorial

Link: https://akrabat.com/standalone-usage-of-zend-inputfilter/

Sameer Borate's Blog:
Encrypting uploaded files in PHP
Nov 09, 2010 @ 09:43:13

In this new post to his blog Sameer Borate looks at a method he's come up with to encrypt files uploaded into your application with the help of the Zend_Filter component of the Zend Framework.

As earlier I’d encountered Zends wonderful Zend_Filter class, I decided to go with it and use the Zend_Filter_Encrypt and Zend_Filter_Decrypt to accomplish the work. The Zend_Filter component provides a set of common useful data filters, among which are the encryption filters. Although my project was not developed in Zend, I could easily integrate the required classes in the code. Note that Zend has a great upload library, Zend_File_Transfer, that lets you easily manage file uploading and also encryption, but as I already had the upload code tested, I decided to just add the encryption part.

He includes the step-by-step process to get everything you need and which files you'll need to have included from the framework to make things work. He includes code for both encrypting and decrypting the file information as well as hints on selecting an algorithm and a random initialization vector. You can download the complete source if you want to jump right in.

tagged: encrypt upload file tutorial zendframework zendfilter

Link: