Win a copy of Five Lines of Code this week in the OO, Patterns, UML and Refactoring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

Web Developer's Cookbook - Questions

 
Ranch Hand
Posts: 3389
Mac MySQL Database Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Robin Nixon,

Congratulations on your new book. It seems to be a catchy one as it deals with scenarios and solutions rather than concepts being explained theoretically.

I have a few questions.

1. Have you covered the security aspects of a PHP based web application?
2. How about SQL Injection, XSS etc.,?
3. Is it only based on HTML5 or prior versions also being covered?
4. Does it address the batch upload of MySQL in PHP?
5. Does it explain the file attachment aspect of PHP?

These are the areas mostly developers feel left untouched in the books and google around for solutions.

Congratulations once again and thanks for attending the Book Promo

I am sure you would have a nice time ranching

Cheers,
Raghavan alias Saravanan M
 
Author
Posts: 48
Android Eclipse IDE PHP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Raghavan,

In answer to your questions:

1. Yes, security is incorporated wherever necessary. For exanple, salting is used to obfuscate any passwords saved in MySQL (which are then stored as unencryptable MD5s).
2. Two recipes provided are SanitizeString() and MySQLSanitizeString(), which will prevent SQL injection/XSS. Recipes in both JavaScript and PHP are also provided to thoroughly process any user input, and which can strip out anything malicious.
3. There is not much HTML5 in these recipes, since most of the tasks are easily accomplished in standard HTML.
4. A PHP recipe is provided to handle file uploads to a web server.

- Robin.
 
Raghavan Muthu
Ranch Hand
Posts: 3389
Mac MySQL Database Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thats a good thing Robin. Thank you

As per your reply to the welcome thread, MySQLSanitizeString() is of your own codework/toolkit. Is it?
 
Greenhorn
Posts: 10
Spring Java Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Robin Nixon wrote:Hi Aamir,

You need a basic understanding of each of the technologies. But only enough to understand basic syntax, how to incorporate the external functions or classes and how to call them.

As long as you can create a PHP file, for example, and include the WDC.php recipe file, you can then simply call the recipes you need.

- Robin.



Thank you for the answer, Robin!!! I seriously appreciate the effort you put into writing such a useful book.

PS - The question and the answer were in the Welcome thread.
 
Robin Nixon
Author
Posts: 48
Android Eclipse IDE PHP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator

Raghavan Muthu wrote:Thats a good thing Robin. Thank you

As per your reply to the welcome thread, MySQLSanitizeString() is of your own codework/toolkit. Is it?



Yes, it strings together built-in PHP functions (and deals with magic quotes if they are being used) to result in a single function for sanitizing with MySQL.
 
That which doesn't kill us makes us stronger. I think a piece of pie wouldn't kill me. Tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
    Bookmark Topic Watch Topic
  • New Topic