Application Architecture

Leverage the power of global variables in PHP to make variables globally available and share data across functions and programs.

Learn how to create, receive and test a JWT in PHP.
JSON Web Token (JWT) is a JSON-based open standard used to create access tokens that assert some number of claims. In a palpable example, the JWT represents a key between a server-client relation: the server generates a token that has the claim “logged in as admin” and give it to a client, which could use that token to prove that is logged in as admin. The tokens are designed to be compact, URL-safe and can also be authenticated or encrypted.

Two recently discovered PHP security flaws could allow an attacker to execute arbitrary code.

The security of sensitive information such as login credentials of an employee is a topic which has always been addressed in every programming language. Learn more password encryption with the most common methods of passwords protection in PHP.

PHP has always had a few simple ways to implement password hashing to an extent. MD5 and SHA1 are examples of this, but the security of these methods is not what it should be. Many developers use MD5 and SHA1 without even adding a SALT, which is a string that helps to add complexity to the application. Some developers use something as awful as base 64 encoding and decoding simply because they can be easily manipulated. But these things are not secure folks, and the clever people who want to hack your site or steal your money can see right through them. Yes, they can.

WebSocket is a relatively new technology that enables a persistent connection between client and server over TCP protocol. In other words, it allows bi-directional socket connections to a server, where both server and client can send the data at any time. This article will focus on WebSocket’s security issues and possible solutions to its vulnerabilities.

One of the most common security features during the user registration process is e-mail verification. It is important to create it according to industry best practices in order to avoid potential security risks. Let’s discuss these best practices and see how to create e-mail verification in PHP.

The “remember me” feature on user login forms (long-term persistent authentication) is one of the most common and convenient web authentication features. It allows the user to be constantly authenticated in the application without having to enter username and password in each session. The feature is based on cookies and handling cookie data in PHP. Since we are talking about authentication, security is important and any possible security issues and solutions will be covered in this tutorial.

CSV files are often employed to import data from an application such as MS Excel into a database. Rob Gravelle demonstrates how to write a PHP script that reads in a CSV file and converts its contents into a multi-dimensional array for insertion into a WordPress database.

how to parse and serialize a JSON object, how to extract data from a database as a JSON string, how to store a JSON object into a database and in the last section of this article you have seen how to encrypt and decrypt a JSON object using OpenSSL.