Trace: » php.html

[hemmerling] PHP

Conferences and Workshops

Community Meetings

Conferences

Workshops

Runtime

PHP IDEs

Free PHP IDEs

  1. Code Lobster PHP Edition - “Free Portable PHP IDE (HTML, PHP, CSS, JavaScript code editor)”, “Free portable IDE for PHP/HTML/CSS/JavaScript development”, “PHP/HTML/CSS/JavaScript highlighting; advanced PHP/HTML/CSS/JavaScript autocomplete; a powerful PHP debugger; context and dynamic Help; a code validator; a SQL manager”.
  2. Eclipse - “Eclipse for PHP Developers”.
  3. phpIDE "PHP Coder" - “A free IDE developed for PHP programmers. Through tight integration of the PHP interpreter and the PHP documentation, PHP Coder gives you a time-saving Development Interface”.
  4. Sourceforge "Dev-PHP", Sourceforge "Dev-PHP" - “A well-featured integrated development environment (IDE)”.
  5. Padre - the Perl IDE”.
  6. PhpEd 2.96.1.2 - latest freeware edtion of the commercial PHP editor NuSphere PhpEd for Windows, which was shipped at that time with Apache and MySQL servers.
  7. “Software Studio” - discontinued free IDE for C#, Java, VB.Net, Aspx, C++, Html, Xml, Php, JavaScript, TeX.

Just-commercial PHP IDEs

Local PHP Development Environment Systems

Free PHP Debuggers

Free PHP Tools

  • PHP Cleaner - “This little script removes the PHP line brakes you find in a lot of PHP source codes”.

Packages

Composer - Dependency Manager for PHP

Packagist - The PHP Package Repository

Application Execution in Taint Mode

Testing

Free PHP Frameworks / PHP Extensions

Neos & Flow

The Frameworks

  • The OpenSource Neos, GitHub "neos".
    • “Content Application Platform based on its own PHP framework Flow. The content management features are resting within a larger context that allows you to build a perfectly customized experience”.
    • “An open source Content Application Platform based on Flow. A set of core Content Management features is resting within a larger context that allows you to build a perfectly customized experience for your users”.
    • “A PHP web application framework focussed on Domain-Driven Design and clean code. Based on strong conventions and best practices, it allows you to rapidly create powerful web applications”.
    • “Flow Application Framework, provides MVC, DI, AOP, Security, …”.

Resources

Kohana: The Swift PHP Framework

LampLighter

  • LampLighter - “OpenSource rapid application development framework for PHP based on a Model-View-Controller (MVC) architecture.
    • The predecessor FUSE - “A Model View Controller framework for PHP”.

PECL

  • George Schlossnagle "PECL" - “A repository for PHP Extensions, providing a directory of all known extensions and hosting facilities for downloading and development of PHP extensions”.

PEAR - PHP Extension and Application Repository

PHPforFB

  • The OpenSource PHP Web Framework PHPforFB - “welches das Entwickeln und Betreiben von Facebook Anwendungen und Page-Apps vereinfacht”.

Symfony

Yii Framework

Zend

Embedded Software Projects with PHP

Commercial Development Tools

Cronjob Services

Free Cronjob Services

Affordable Webspace & Webhosting with Cronjob Services

Resources

Design Tips for Secure Web Applications

    • Github " airbone42/nsa-anti-patterns" - “Talk about security at PHP Unconference 2013 in Hamburg”.
      1. ”';” - SQL injection → “prepare”.
      2. Broken authenification and session management
        1. Don‘t expose session IDs.
        2. Reduce session lifetime.
        3. Regenerate session IDs.
      3. ”<” - XSS → “htmlspecialchars”.
        1. Validate input.
        2. Escape output.
        3. X-content security policy.
        4. X-frame options.
        5. Template engine.
      4. Insecure direct object reference → “require”.
        1. Validate user input.
        2. Use indirect object references.
        3. Check access permissions.
      5. Security misconfiguration.
        1. Keep your system up-to-date.
        2. Remove setup/deployment routines.
        3. Disable exposure of sensitive data.
        4. Review server settings.
      6. Sensitive data exposure passwords.
        1. Add a salt.
        2. Use different salts.
        3. Use a strong algorithm (NOT md5).
        4. Store data and keys separated.
      7. Sensitive data exposure - PHP
        1. “expose_phpOff”.
        2. Remove “phpinfo();”.
      8. Sensitive data exposure - Secure URLs.
        1. Use TLS for all pages.
        2. Use secure cookie flag.
        3. Keep sensitive data out of the URL.
      9. Missing function level access control.
        1. Standard should disallow all access.
        2. Use roles to keep ACL simple.
        3. ACL model should be very flexible.
        4. Check privileges on each step.
      10. Cross-site request forgery.
        1. Use one-time-token and secure it.
        2. Authenticate user.
          1. Credentials.
          2. Captcha.
      11. Unvalidated redirects and forwards.
      12. Using components with known vulnerabilities.
        1. Keep libraries up-to-date ( versioneye.com ).
        2. Review third party libraries.
        3. Check mailing lists, boards, news- and vendor-sites.
      13. Mail header injection.
      14. Security by obscurity “The neighbours have better stuff”.

Literature

Paper Magazines

Books

Tips&Tricks

API

Code Style

Data Structures

Debugging, Errors, Exceptions

Dependency Injection

Execute Code in other PHP Files

Files

HTML & Web Server Interface

Migration PHP4/PHP5 ( MySQL ) to PHP 7 ( MySQLi )

PHP & SQL

Tables

Insert Data

Retrieve Data

Resources

VS.Code on my Development System

  • “Settings / Extensions/ PHP / Validate: Executable Path”.
"php.validate.executablePath": "C:\\int\\w64\\net\\xampp\\php\\php.exe"

Resources

Forums, Newsgroups

Appropriate OpenDirectory Directory Pages

 
en/php.html.txt · Last modified: 2025/01/25 21:04 (external edit) · []
Recent changes RSS feed Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki