Upload
fareez-nan
View
222
Download
0
Embed Size (px)
Citation preview
8/12/2019 Advanced Php Final
1/97
2006 Agathon Grouphttp://www.agathongroup.com/talks/gospelcon06/advancedphp/
Advanced PHP
Peter Green and Joel Boonstra
Agathon Group
Originally presented at Gospelcon 2006
8/12/2019 Advanced Php Final
2/97
Introduction
8/12/2019 Advanced Php Final
3/97
Security, reusability, efficiency
8/12/2019 Advanced Php Final
4/97
Security, reusability, efficiency
Any problem worth solving is worthsolving the right way
8/12/2019 Advanced Php Final
5/97
Security, reusability, efficiency
Any problem worth solving is worthsolving the right way
Solving a problem the right way is hard
8/12/2019 Advanced Php Final
6/97
Security, reusability, efficiency
Any problem worth solving is worthsolving the right way
Solving a problem the right way is hard
Solving the same hard problem morethan once is silly
8/12/2019 Advanced Php Final
7/97
Techniques
8/12/2019 Advanced Php Final
8/97
Techniques
Directory organization
8/12/2019 Advanced Php Final
9/97
Techniques
Directory organization
Using pre-written libraries
8/12/2019 Advanced Php Final
10/97
Techniques
Directory organization
Using pre-written libraries
Writing your own libraries
8/12/2019 Advanced Php Final
11/97
Tools
8/12/2019 Advanced Php Final
12/97
Tools
PEAR: a code repository for PHP
8/12/2019 Advanced Php Final
13/97
Tools
PEAR: a code repository for PHPSmarty: a template language for PHP
8/12/2019 Advanced Php Final
14/97
8/12/2019 Advanced Php Final
15/97
Tools
PEAR: a code repository for PHPSmarty: a template language for PHP
php.ini: your friend in site organization
various PHP functions for securing data
8/12/2019 Advanced Php Final
16/97
Step 0: Organizing your directory
8/12/2019 Advanced Php Final
17/97
8/12/2019 Advanced Php Final
18/97
Concepts covered
8/12/2019 Advanced Php Final
19/97
Concepts covered
Slow down, you move too fast!
8/12/2019 Advanced Php Final
20/97
Concepts covered
Slow down, you move too fast!Separation of logic from presentation
8/12/2019 Advanced Php Final
21/97
8/12/2019 Advanced Php Final
22/97
Concepts covered
Slow down, you move too fast!Separation of logic from presentation
Prevent access to sensitive files
Self-contained, portable development
8/12/2019 Advanced Php Final
23/97
PHP settings, functions, libraries
8/12/2019 Advanced Php Final
24/97
PHP settings, functions, libraries
php.ini: include_path: normalize includes
8/12/2019 Advanced Php Final
25/97
PHP settings, functions, libraries
php.ini: include_path: normalize includes
php.ini: auto_prepend_file: apply a commonsettings file to all PHP files
8/12/2019 Advanced Php Final
26/97
PHP settings, functions, libraries
php.ini: include_path: normalize includes
php.ini: auto_prepend_file: apply a commonsettings file to all PHP files
function: ini_set(): access php.ini values
8/12/2019 Advanced Php Final
27/97
PHP settings, functions, libraries
php.ini: include_path: normalize includes
php.ini: auto_prepend_file: apply a commonsettings file to all PHP files
function: ini_set(): access php.ini values
library: Smarty: templating
8/12/2019 Advanced Php Final
28/97
8/12/2019 Advanced Php Final
29/97
8/12/2019 Advanced Php Final
30/97
8/12/2019 Advanced Php Final
31/97
php.ini
8/12/2019 Advanced Php Final
32/97
private/lib/auto_prepend.php
8/12/2019 Advanced Php Final
33/97
index.php
8/12/2019 Advanced Php Final
34/97
8/12/2019 Advanced Php Final
35/97
Lets take a look
8/12/2019 Advanced Php Final
36/97
[ page source ]
St 1 C ti il f
8/12/2019 Advanced Php Final
37/97
Step 1: Creating email forms
8/12/2019 Advanced Php Final
38/97
Concepts covered
8/12/2019 Advanced Php Final
39/97
Concepts covered
Centralized form processing script
8/12/2019 Advanced Php Final
40/97
Concepts covered
Centralized form processing script
Modular form processing, based onfunction
8/12/2019 Advanced Php Final
41/97
Tools used
8/12/2019 Advanced Php Final
42/97
Tools used
Smarty!
8/12/2019 Advanced Php Final
43/97
Tools used
Smarty!
Smartys html_optionsand related functionsfor quickly creating forms
8/12/2019 Advanced Php Final
44/97
PHP used
8/12/2019 Advanced Php Final
45/97
PHP used
mail(): basic function to send email
8/12/2019 Advanced Php Final
46/97
PHP used
mail(): basic function to send emailinclude_once(), require_once(): load in acommon set of functions
8/12/2019 Advanced Php Final
47/97
PHP used
mail(): basic function to send emailinclude_once(), require_once(): load in acommon set of functions
Superglobals ($_GET, $_POST, $_REQUEST)
8/12/2019 Advanced Php Final
48/97
8/12/2019 Advanced Php Final
49/97
contact php
8/12/2019 Advanced Php Final
50/97
contact.php
i t /t l t / / t t t l ht l
8/12/2019 Advanced Php Final
51/97
private/templates/pages/contact.tpl.html
8/12/2019 Advanced Php Final
52/97
8/12/2019 Advanced Php Final
53/97
private/lib/form_functions.inc.php
8/12/2019 Advanced Php Final
54/97
8/12/2019 Advanced Php Final
55/97
Lets take a look
8/12/2019 Advanced Php Final
56/97
8/12/2019 Advanced Php Final
57/97
Concepts covered
8/12/2019 Advanced Php Final
58/97
Concepts covered
Extending the centralized form processing
script to handle a new function
8/12/2019 Advanced Php Final
59/97
Concepts covered
Extending the centralized form processing
script to handle a new function
Checking database error statuses
8/12/2019 Advanced Php Final
60/97
Concepts covered
Extending the centralized form processing
script to handle a new function
Checking database error statuses
Centralized, separate config file for DBsettings
8/12/2019 Advanced Php Final
61/97
Tools used
8/12/2019 Advanced Php Final
62/97
Tools used
PEAR::MDB2 for unified, abstracteddatabase access
8/12/2019 Advanced Php Final
63/97
Tools used
PEAR::MDB2 for unified, abstracteddatabase access
Superior to mysql_* and mysqli_* calls!
8/12/2019 Advanced Php Final
64/97
8/12/2019 Advanced Php Final
65/97
private/templates/pages/event/add tpl html
8/12/2019 Advanced Php Final
66/97
private/templates/pages/event/add.tpl.html
bin/form_processor.php
8/12/2019 Advanced Php Final
67/97
p p p
bin/form_processor.php
8/12/2019 Advanced Php Final
68/97
p p p
private/lib/form_functions.inc.php
8/12/2019 Advanced Php Final
69/97
p p p
8/12/2019 Advanced Php Final
70/97
private/lib/db.inc.php
8/12/2019 Advanced Php Final
71/97
8/12/2019 Advanced Php Final
72/97
Lets take a look
private/templates/pages/event/add tpl html
8/12/2019 Advanced Php Final
73/97
private/templates/pages/event/add.tpl.html
Step 3: Sanitizing input
8/12/2019 Advanced Php Final
74/97
p g p
8/12/2019 Advanced Php Final
75/97
Concepts covered
8/12/2019 Advanced Php Final
76/97
Concepts covered
Implementing data sanitation
8/12/2019 Advanced Php Final
77/97
Tools used
8/12/2019 Advanced Php Final
78/97
Tools used
library: PHP::Compat: using futurefunctions now (e.g., array_walk_recursive())
8/12/2019 Advanced Php Final
79/97
Tools used
library: PHP::Compat: using futurefunctions now (e.g., array_walk_recursive())
library: PEAR::Mail: send email without
worrying about spammers
8/12/2019 Advanced Php Final
80/97
PHP used
8/12/2019 Advanced Php Final
81/97
PHP used
get_magic_quotes_gpc()
8/12/2019 Advanced Php Final
82/97
PHP used
get_magic_quotes_gpc()
create_function()
8/12/2019 Advanced Php Final
83/97
PHP used
get_magic_quotes_gpc()
create_function()
stripslashes()
8/12/2019 Advanced Php Final
84/97
private/lib/auto_prepend.php
8/12/2019 Advanced Php Final
85/97
(excerpt)
private/lib/common_functions.inc.php
8/12/2019 Advanced Php Final
86/97
(old & busted)
private/lib/common_functions.inc.php
8/12/2019 Advanced Php Final
87/97
(new hotness)
private/lib/form_functions.inc.php
8/12/2019 Advanced Php Final
88/97
old & busted:
private/lib/form_functions.inc.php
8/12/2019 Advanced Php Final
89/97
old & busted:
new hotness:
private/lib/form_functions.inc.php
8/12/2019 Advanced Php Final
90/97
(old & busted)
private/lib/form_functions.inc.php
8/12/2019 Advanced Php Final
91/97
(new hotness)
Next steps
8/12/2019 Advanced Php Final
92/97
8/12/2019 Advanced Php Final
93/97
Concepts (not) covered
8/12/2019 Advanced Php Final
94/97
Concepts (not) covered
MVC, REST, and other useful acronyms
8/12/2019 Advanced Php Final
95/97
Concepts (not) covered
MVC, REST, and other useful acronyms
Dynamically loading based onREQUEST_URI and/or PATH_INFO
8/12/2019 Advanced Php Final
96/97
Concepts (not) covered
MVC, REST, and other useful acronyms
Dynamically loading based onREQUEST_URI and/or PATH_INFO
Live and development sites: one codebase
8/12/2019 Advanced Php Final
97/97
Advanced PHP
Peter Green and Joel Boonstra
Agathon Group
Originally presented at Gospelcon 2006