Post on 10-May-2015
Managing Applications in CodeIgniter
Jamshid HashimiTrainer, Cresco Solution
http://www.jamshidhashimi.com jamshid@netlinks.af @jamshidhashimi ajamshidhashimi
Afghanistan Workforce Development Program
Agenda
• Managing Applications• Handling Multiple Environments• Security• PHP Style Guide
Managing Applications
• By default it is assumed that you only intend to use CodeIgniter to manage one application, which you will build in your application/ directory. It is possible, however, to have multiple sets of applications that share a single CodeIgniter installation.
Managing Applications
• Renaming application folder – index.php
• Relocating your Application Folder
$application_folder = "application";
$application_folder = "/Path/to/your/application";
DEMO
Handling Multiple Environments
• Developers often desire different system behavior depending on whether an application is running in a development or production environment. – Development– Testing– Production
Security
• URIs may only contain the following:– Alpha-numeric text– Tilde: ~– Period: .– Colon: :– Underscore: _– Dash: -
• Register Globals– During system initialization all global variables are unset, except
those found in the $_GET, $_POST, and $_COOKIE arrays. – register_globals = off.
Security• error_reporting• magic_quotes_runtime• Best Practices
– Filter the data as if it were tainted.• XSS Filter - CodeIgniter comes with a Cross Site Scripting filter.
– Validate the data to ensure it conforms to the correct type, length, size, etc. • CodeIgniter has a Form Validation Class that assists you in validating, filtering,
and prepping your data.
– Escape the data before submitting it into your database.• Escape all data before database insertion• $this->db->escape()• $this->db->escape_str()• $this->db->escape_like_str()
PHP Style Guide
• File Format– UTF8
• PHP Closing Tag• Class and Method Naming• Variable Names• Commenting• Constants• TRUE, FALSE, and NULL• Logical Operators• Comparing Return Values and Typecasting
PHP Style Guide
• Debugging Code• Whitespace in Files• Compatibility• Class and File Names using Common Words• Database Table Names• One File per Class• Whitespace• Line Breaks– Unix– Windows
PHP Style Guide
• Code Indenting• Bracket and Parenthetic Spacing• Localized Text• Private Methods and Variables• PHP Errors• Short Open Tags• One Statement Per Line• Strings• SQL Queries• Default Function Arguments
DEMO
QUESTIONS?