aspose file tools*
The moose likes PHP and the fly likes Web Developer's Cookbook - Questions Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Languages » PHP
Bookmark "Web Developer Watch "Web Developer New topic
Author

Web Developer's Cookbook - Questions

Raghavan Muthu
Ranch Hand

Joined: Apr 20, 2006
Posts: 3344

Hello Robin Nixon,

Congratulations on your new book. It seems to be a catchy one as it deals with scenarios and solutions rather than concepts being explained theoretically.

I have a few questions.

1. Have you covered the security aspects of a PHP based web application?
2. How about SQL Injection, XSS etc.,?
3. Is it only based on HTML5 or prior versions also being covered?
4. Does it address the batch upload of MySQL in PHP?
5. Does it explain the file attachment aspect of PHP?

These are the areas mostly developers feel left untouched in the books and google around for solutions.

Congratulations once again and thanks for attending the Book Promo

I am sure you would have a nice time ranching

Cheers,
Raghavan alias Saravanan M


Everything has got its own deadline including one's EGO!
[CodeBarn] [Java Concepts-easily] [Corey's articles] [SCJP-SUN] [Servlet Examples] [Java Beginners FAQ] [Sun-Java Tutorials] [Java Coding Guidelines]
Robin Nixon
Author
Ranch Hand

Joined: Sep 20, 2011
Posts: 48

Hi Raghavan,

In answer to your questions:

1. Yes, security is incorporated wherever necessary. For exanple, salting is used to obfuscate any passwords saved in MySQL (which are then stored as unencryptable MD5s).
2. Two recipes provided are SanitizeString() and MySQLSanitizeString(), which will prevent SQL injection/XSS. Recipes in both JavaScript and PHP are also provided to thoroughly process any user input, and which can strip out anything malicious.
3. There is not much HTML5 in these recipes, since most of the tasks are easily accomplished in standard HTML.
4. A PHP recipe is provided to handle file uploads to a web server.

- Robin.

My latest book, The Web Developer's Cookbook, is now out: http://webdeveloperscookbook.com
Raghavan Muthu
Ranch Hand

Joined: Apr 20, 2006
Posts: 3344

Thats a good thing Robin. Thank you

As per your reply to the welcome thread, MySQLSanitizeString() is of your own codework/toolkit. Is it?
Aamir Sayid
Greenhorn

Joined: Feb 11, 2012
Posts: 10

Robin Nixon wrote:Hi Aamir,

You need a basic understanding of each of the technologies. But only enough to understand basic syntax, how to incorporate the external functions or classes and how to call them.

As long as you can create a PHP file, for example, and include the WDC.php recipe file, you can then simply call the recipes you need.

- Robin.


Thank you for the answer, Robin!!! I seriously appreciate the effort you put into writing such a useful book.

PS - The question and the answer were in the Welcome thread.


A life spent making mistakes is not only more honorable, but more useful than a life spent doing nothing.
-George Bernard Shaw
Robin Nixon
Author
Ranch Hand

Joined: Sep 20, 2011
Posts: 48

Raghavan Muthu wrote:Thats a good thing Robin. Thank you

As per your reply to the welcome thread, MySQLSanitizeString() is of your own codework/toolkit. Is it?


Yes, it strings together built-in PHP functions (and deals with magic quotes if they are being used) to result in a single function for sanitizing with MySQL.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Web Developer's Cookbook - Questions