PHP has always had a few simple ways to implement password hashing to an extent. MD5 and SHA1 are examples of this, but the security of these methods is not what it should be. Many developers use MD5 and SHA1 without even adding a SALT, which is a string that helps to add complexity to the application. Some developers use something as awful as base 64 encoding and decoding simply because they can be easily manipulated. But these things are not secure folks, and the clever people who want to hack your site or steal your money can see right through them. Yes, they can.
In this section, you will find articles, tutorials, and snippets covering all areas of Application Architecture in PHP.
In my previous article, I expanded a few ideas around test helpers and how to use setUp() and tearDown(). However, we still stayed in the realm of things built in to PHPUnit. Here, I want to expand on a helper function I include in most of my main testing classes that allows for the concept of setUp(), but grants a bit more flexibility.
The security of sensitive information such as login credentials of an employee is a topic which has always been addressed in every programming language. Learn more password encryption with the most common methods of passwords protection in PHP.
Version 1.0 of the Zend Engine functions much like the heart and brain of PHP 4.0. It contains the process that provides the sub-structure and facilities to the functional modules. It also implements the language syntax, as well. The Zend Engine 1.0 is actually the second revision of the PHP scripting engine. It is still based on the same rules as the PHP 3.0 engine that was basically Zend Engine 0.5. Now it is permissible to migrate the path from PHP 3.0 to 4.0. The development has the same â??state of mindâ?? as per PHP 3.0. We feel it is right time to start working towards a revision of the Zend Engine. It would also incorporate new structures and solutions to some of the most difficult problems faced by the PHP designer or developers
Two recently discovered PHP security flaws could allow an attacker to execute arbitrary code.
Test Driven Design is the process of writing unit tests first (expecting them to fail) and then writing the code to make the tests pass. The benefits of doing this include:
â?¢ forces the programmer to plan out the functionality head of time
â?¢ forces the functions to be small, concise, and testable
â?¢ leaves the programmer with a full unit test suite with 100% test coverage
Learn how to create, receive and test a JWT in PHP.
JSON Web Token (JWT) is a JSON-based open standard used to create access tokens that assert some number of claims. In a palpable example, the JWT represents a key between a server-client relation: the server generates a token that has the claim “logged in as admin” and give it to a client, which could use that token to prove that is logged in as admin. The tokens are designed to be compact, URL-safe and can also be authenticated or encrypted.
The cloud is the newest buzzword in all things development, and there are many different options for utilizing the nebulous cloud. Amazon Web Services, Microsoft Azure, and Digital Ocean (just to name a few) are some providers that give you various levels of cloud computing. While all three give you Virtual Private Hosting, Microsoft has stepped up their offering.
Leverage the power of global variables in PHP to make variables globally available and share data across functions and programs.
PHP-FIG is the short name for the PHP Framework Interop Group (am I the only one who finds the naming of PHP groups and libraries after fruits amusing?) and their mission is simple: to find a way to get the PHP frameworks to work together.