- Php
- Features
- Autoload
- Class Reflection
- Magic Methods
- Exceptions
- Late Static Binding
- Type Hinting
- SPL
- PHPUNIT
- PHAR
- Composer
- Guzzle
- Carbon
- Faker
- Math
- Requests
- Design Patterns
- Singleton Pattern
- Observer Pattern
- Strategy Pattern
- Registry
- Symfony
- Routes
- Annotations
- Flex
- Controllers
- Doctrine
- Templating
- Versions
- Php7.4
- Php8.0
- Security
- Filter Input
- Remote Code Injection
- Sql Injection
- Session Fixation
- File Uploads
- Cross Site Scripting
- Spoofed Forms
- CSRF
- Session Hijacking
- Modern Php
- Composer
- Slim Framework
- Autoloader
- Package
- Releases
- Generators
- Dependency Injection
- Middleware
- Create Framework
- App ♣
- Http Foundation
- Front Controller
- Routing
- Render Controller
- Resolver
- SoC
- Frameworks
- Symfony V5
- Laravel V8
- Laminas V3
- Codeigniter V4
App
Let's start with the simplest web application we can think of in PHP.
/**
* HTTP Framework (Request/Response) - index.php
*
* php -S localhost:8000
* http://localhost/index.php?name=John
* Hello John
*/
ini_set("display_errors", 1);
$name = $_GET['name'];
printf("Hello %s", $name);
Warning
Fixing the undefined php warning.
/**
* Fix Warning - index2.php
*
* php -S localhost:8000
* http://localhost/index.php
* Warning: Undefined array key "name"
*
* http://localhost:8000/index2.php?name=John
* Hello John
* http://localhost:8000/index2.php
* Hello World
*/
ini_set("display_errors", 1);
$name = $_GET['name'] ?? "Wolrd"; // Fix Warning
printf("Hello %s", $name);
XSS
Fixing XSS vulnerability - Cross Site Scripting
/**
* Fix XSS - index3.php
*
* php -S localhost:8000
* http://localhost:8000/index2.php?name=<script>alert('Hack!');</script>
* XSS vulernambility
* http://localhost:8000/index3.php?name=<script>alert('Hack!');</script>
* Hello <script>alert('Hack!');</script>
*/
ini_set("display_errors", 1);
$name = $_GET['name'] ?? "World";
header('Content-Type: text/html; charset=utf-8');
printf("Hello %s", htmlspecialchars($name, ENT_QUOTES, 'UTF-8'));
Testing
This simple code is not that simple anymore and is hard to test.T
/**
* test.php - unit tests
*
* cd ../test/framework/custom/
* composer require --dev phpunit/phpunit
*
* vendor/bin/phpunit test.php
* OK (1 test, 1 assertion)
*
*/
require __DIR__ . "/vendor/autoload.php";
use PHPUnit\Framework\TestCase;
final class Test extends TestCase
{
public function test_Hello()
{
$_GET['name'] = "Fabian";
ob_start(); // not naturaly and ugly
include "hello.php";
$content = ob_get_clean();
$this->assertEquals("Hello Fabian", $content);
}
}
Last update: 62 days ago