background preloader

Php

Facebook Twitter

Role Based Access Control in PHP. There are several different approaches when it comes to managing user permissions, and each have their own positives and negatives.

Role Based Access Control in PHP

For example, using bit masking is extremely efficient but also limits you to 32 or 64 permissions (the number of bits in a 32- or 64-bit integer). Another approach is to use an access control list (ACL), however you can only assign permissions to objects rather than to specific or meaningful operations. In this article I will discuss my personal favorite approach: role based access control (RBAC). RBAC is a model in which roles are created for various job functions, and permissions to perform certain operations are then tied to roles. A user can be assigned one or multiple roles which restricts their system access to the permissions for which they have been authorized. The downside to using RBAC is that if not properly managed, your roles and permissions can easily become a chaotic mess. Database These are the CREATE TABLE statements for the database: Summary. How to write secure Yii applications. Warning: While this security guide tries to be quite complete, is not exhaustive.

If security matters for you, you ought to check several other references. General principles ¶ Validate the user input (see below for details).Protect (escape) your application output according to context (see below for a few output types, mostly HTML and SQL).Test your application in debug mode. Set the constant YII_DEBUG to true (by default, it is defined in index.php) and put alongside error_reporting(E_ALL);. Then errors and warnings will stop the execution and Yii will display the message, the source code and the call stack. Validating the user input ¶ How it works ¶ If a user can add its birth date to its profile, you have to make sure he gives a valid date. Client-side validation ¶ Validating a form with JavaScript has absolutely no impact on the security! The HTML restriction are the same. The data received in the PHP application can contain anything. Error Handling in PHP » phpmaster. Errors are the most common event a developer faces when programming.

Error Handling in PHP » phpmaster

Errors can be categorized as syntactical, run-time, or logical: missing the semicolon at the end of a statement is an example of a syntax error; trying to connect to a database when the server is down is an example of a run-time error; providing incorrect data to a variable is an example of a logic error. To help reduce the number of errors in your code, and to mitigate their effects, proper error handling is essential in your web application.

This article is a crash course in PHP error handling. You’ll learn about PHP’s built-in error reporting levels, and how to handle errors with custom error handlers and exception handling. PHP Error Reporting Levels All errors and warnings should be logged. The levels can be masked together with bit-operators to include or subtract them from PHP’s configuration. How to Create a PHP Website Template from Scratch. This is a tutorial on creating a PHP website template starting with HTML and CSS.

How to Create a PHP Website Template from Scratch

We will start with the basics and you can also download the final product. Please remember that I am using very basic CSS styling in this example just for you to get the idea, and not so much to make it look pretty. The download will contain both the styled example as well as a complete blank template that you can use for your own starting point for any project personal or commercial.

The demo files are released under GPL V2. This tutorial assumes you have basic understanding of html and css. The actual template will be created in 10 easy steps. Step One Let’s start by creating a new folder. Inside of this folder we are now going to create two new files. Step Two Now we are going to create two more folders inside of our main folder.

We should now have a setup that looks like the following: Step Three Now, using your favorite html editor open the index.html file. Step Four Step Five.

Login modules

Manual. Formatting PHP Strings with printf and sprintf. Home : Articles : Formatting PHP Strings with printf and sprintf Tutorial by Matt Doyle | Level: Advanced | Published on 19 November 2009 Categories: Learn how to use PHP's printf(), sprintf() and related functions to format strings.

Formatting PHP Strings with printf and sprintf

Looks at type specifiers, padding, number precision, and more. Like many other languages, PHP features the versatile printf() and sprintf() functions that you can use to format strings in many different ways. PHP features many other functions to format strings in specific ways — for example, the date() function is ideal for formatting date strings. In this tutorial you look at how to work with printf() and sprintf() to format strings. A simple printf() example The easiest way to understand printf() is to look at an example. // Displays "Australia comprises 6 states and 10 territories" printf( "Australia comprises %d states and %d territories", 6, 10 ); The first argument is always a string, and is called the format string.

Type specifiers type specifier b c d e f o s u x .