Week 6

Picking up where we left off

• Start with this code

This week

All the important stuff we haven't covered yet. Notably, security best practices and third-party libraries.

Debugging

• xdebug
  • Download link

PHP Security

• SQL injection recap
  • escape_string
  • prepared statements
• Cross-site scripting (XSS)
  • htmlspecialchars($string, ENT_QUOTES, 'UTF-8')
• Don't store credentials in version control
  • Why it's a bad idea
  • Twelve-factor app
  • SetEnv
    • example
  • dotenv
  • Create config.php
• How to safely store passwords
  • Password Hashing
  • Password Compat
• Create simple login page

JSON

• json_encode
• Create simple AJAX form with jQuery

Using Third-Party Libraries

• Simple includes
• Composer
  • USB-compatible installation
  • Packagist
  • geocoder
  • dotenv

PHP Frameworks

• Wordpress
  • Plugins
• MVC (Model-view-controller)
  • Example apps
• ORM (Object-relational mapping)
  • Propel
• List of frameworks
• Laravel
• Slim

Requests

• How to upload multiple files at once

Similar Languages

• Ruby
  • Rails
• Python
  • Django
• JavaScript
  • Express

Further Reading

• PHP Security Cheat Sheet
• Awesome PHP - "A curated list of amazingly awesome PHP libraries, resources and shiny things."
• Related Chapters in the Book: 14, 15, 21