8 Dec 2013

Principles Of MVC for PHP Developers

Model View Controller

Javascript , HTML5 , css3 ,php , sql , Web , design , development

Being somebody terribly curious about the principles of MVC (Model-View-Controller), i was pleased to check that there's little written out here on the web that truly is sensible. Most articles or tutorials use terms like "business logic" while not shaping process what it means that, means makes understanding MVC all the tougher. Others merely gloss over what an architectural pattern is while not very explaining why you'd care regarding it. it's my hope that I will conceive to justify everything you would like to understand regarding MVC within the simplest attainable approach.
My perspective on MVC is through PHP - my scripting language of alternative - and that i have spent slightly quite three years developing climbable, R.A.D. PHP Frameworks. What I even have learned regarding MVC therein time is that it's terribly powerful, scalable, clean, and if well-coded, robust. the explanation that such revered frameworks like Ruby On Rails and Zend Framework use the principles of MVC alone ought to be a touch that there's something special concerned here.
For those of you WHO aren't aware, MVC was originally represented in terms of a style pattern to be used with Smalltalk by Trygve Reenskaug in 1979. His paper was printed below the title "Applications Programming in Smalltalk-80: a way to use Model-View-Controller", and made-up the groundwork for many future MVC implementations.

What is MVC?

follow: Javascript , HTML5 , css3 ,php , sql , Web , design , development

MVC, or Model-View-Controller is a software system design, or style pattern, that's utilized in software system engineering, whose fundamentals is predicated on the concept that the logic of an application should be separated from its presentation. Put simply, the idea say that MVC relies a stronger approach of separating the logic of your application from the show.

The MVC principle is to separate the application into three main elements, called the Model, the View, and also the Controller. Apparent from the diagram ar the direct associations (solid lines) and therefore the inferred associations (dashed lines). The inferred associations ar associations that may appear apparent from the purpose of read of the user, and not from the particular software system design.
A simple way to think about think of be to contemplate the following:
  1. A user interacts with the view - by clicking on a link or submitting a form.
  2. The Controller handles the user input, and transfers the data to the model
  3. The Model receives the knowledge} and updates it's state (adds data to a database, for instance, or calculates todays date)
  4. The view checks the state of the Model and responds consequently (listing the freshly entered information, maybe)
  5. The view waits for an additional interaction from the user.
But what will this mean to you and why do you have to think about using it?

Well, for starters, MVC has a really expert philosophy. the concept that you just ar separating the logic from the display isn't new, however MVC presents the concept nicely. Code presentation and layout ar easier, creating your application additional rectifiable. The view is within the view files, the logic in the templet, and also the controller handles all of them.

Business Logic :

This term amuses me, as a result of it implies something is going on that does not really have a definition which will be outlined properly. However, it's a straightforward concept: Business Logic is that the method of scheming the logical processes of an application. an easy calendar's business logic would be to calculate what todays date is, what day it's, and on what day all of the times during this month fall, for instance.
Don't let yourself get afraid by flashy terms. Business logic is that the process a part of the application.

Templates :

Many MVC frameworks use some kind of templet system to enforce the principle of DRY (See Below), creating it very easy to re0use code while not having to rewrite it.
I have seen MVC frameworks that run on Smarty, or their own templet engine, or none at all. an easy warning is that some templet engines have rather difficult syntax - check them out before you begin developing, you do not ant to find out an entire new language simply to induce a page to render.

DRY :

Another excellent implementation of MVC is that the DRY (Don't Repeat Yourself) philosophy. basically, DRY is used by Ruby on Rails and a couple of different implementations, and therefore the plan is that you just write one thing once and once solely, re-using the code. The DRY principle is explicit  as "Every piece of information must have one, unambiguous, authoritative illustration among a system."
Correct implementation of DRY would imply that changing one component of the system doesn't amendment unrelated components, that is very logical. Personally, i believe Ruby on Rails pulls this off within the best means, and does it most easily.

Convention Over Configuration :

Convention over Configuration is a design paradigm that primarily tries to get rid of the number of selections you, as a developer, ought to create. this is often achieved by fitting the framework with the conventions that all parts typically need. The developer solely has to modification the items that basically ought to amendment.

It's quite easy, if you're thinking that about it. contemplate a form: it's parts that ar continuously needed, and those parts have states that ar typically a similar. A form has a  tag, that defines an action, method, name, id and enctype, for instance. Unless you wish to vary one thing, it's pretty simple to induce the form name, id and action from the URL (usually). we can additionally set all form strategies to POST unless otherwise explicit . Applying this plan to all parts makes building this sort of application very quick, simple and easy.

Conclusion

As touched on above, MVC is a very excellent  path to begin producing pure, scalable,very powerful, quick code in the least amount of time with the least amount of effort. Some MVC frameworks doesn't contain all of these features, most contain one or two. My advice is experiment with a few MVC frameworks and find one that works for youself.

19 Nov 2013

PHP Security: Default Vulnerabilities, Security Omissions and Framing Programmers?


php security

Secure by design is a easy conception within the security world wherever software system is designed from the ground up to be as secure as potential despite whether or not it imposes a drawback to the end user. the aim of this principle is to confirm that users WHO don't seem to be security specialists can use the software while not essentially being duty-bound to jump through hoops to learn how to secure their usage or, much worse, being tempted into ignoring security considerations that expose unaddressed security vulnerabilities as a result of ignorance, inexperience or laziness. The crux of the principle thus is to market trust within the software whereas, somewhat paradoxically, avoiding an excessive amount of complexness for the end user.

Odd although  it may seem,  this principle explains a number of PHP’s greatest security weaknesses. PHP doesn't expressly use Secure advisedly as a guideline once execution features. I’m positive its within the back of developers’ minds even as I’m certain it's influenced several if their design selections, but there ar problems after you think about how PHP has influenced the protection practices of PHP programmers.

The results of not following Secure by design is that every one applications and libraries written in PHP will inherit variety of security vulnerabilities, hereafter remarked as “By-Default Vulnerabilities”. It conjointly means defensive against key sorts of attacks is undermined by PHP not providing decent native functionality and I’ll talk over with these as “Flawed Assumptions”. Combining the 2 sets of shortcomings, we will establish PHP as existing in an environment wherever security is being compromised by relegating an excessive amount of security responsibility to end programmers.

This is the main focus of the argument I create during this article: Responsibility. once an application is intended and designed solely to fall victim to a by-default vulnerability inheritable  from PHP or because of user-land defenses supported imperfect assumptions regarding what PHP offers in terms of security defenses, WHO bears the responsibility? pointing the finger at the computer programmer isn’t wrong however it conjointly doesn’t tell the full story, and neither can it improve the protection setting for alternative programmers. At some purpose, PHP has to be control in charge of security problems that it's an on the spot influence on although its settings, its default function parameters, its documentation and its lack thereof. questions need to be asked on once the indistinct line between PHP’s default behaviour and a security vulnerability sharpens into focus.

11 Nov 2013

The Future of PHP


Javascript , HTML5 , css3 ,php , sql , Web , design , development
php-future

There has been an issue over the future of PHP. whereas some feel that its time that PHP makes means for additional advanced languages and development interfaces, there also are hardcore PHP loyalists who suppose that the simplicity of PHP can not be replicated by the other language. So, wherever do we see PHP, a number of years from now? Or rather, however can PHP develop itself keep itself updated with the dynamical needs of the planet Wide internet (WWW)? browse on and that we will discover some valid arguments on the future of PHP.

PHP Facts and the Future

1.  One of the good points of the PHP language is its large on-line community. There are around twenty million internet applications that use PHP. Developers everywhere use the language to form scripts. several helpful software system applications like video-streaming applications and content management systems area unit known  to be supported PHP, the foremost fashionable example being Drupal. Although, developers within the community will add PHP scripts and recommend changes or add new options within the core PHP package, solely regarding 450 programmers will approve such changes. The organization Zend takes care of the packaging problems with PHP. So, in terms of development, there are enough developers, and additionally directors who can defend the first package from obtaining dilute with sub-standard codes.

2.  The actual fact that PHP has stayed at the highest, and managed to obviate challenges from a lot of hyped-up languages like Java and ColdFusion, it's safe to recommend that it'll still do therefore within the future likewise. As we recently saw, PHP came up with the Model-View-Container framework of its own so as to counter the threat from Ruby-on-Rails, it once more goes to point out however easy the language is, and the way simple is it to duplicate any new “technologically” advanced interfaces and frameworks that return up currently and so.

3.  Alternative languages like Java are thought of to be superior due to its extended scope. PHP is mostly viewed to be restricted with internet applications solely. However, one can produce standalone desktop applications with the assistance of PHP and GTK. Even some open supply programming frameworks currently support PHP projects in their tool. Thus, PHP is slowly and steady starting its internet application boundary, to overcome the standalone application area.

Thus, it's pretty safe to mention that, PHP, that is understood to resist the check of your time, is sweet enough for the future likewise. Simplicity, as they are saying, is extremely advanced to realize. And, PHP happens to realize that very strongly!

6 Nov 2013

5 PHP Security Measures

Javascript , HTML5 , css3 ,php , sql , Web , design , development

For many years, PHP has been a stable, cheap platform on that to control web-based applications. Like most web-based platforms, PHP is liable to external attacks. Developers, database architects and system administrators ought to take precautions before deploying PHP applications to a live server. Most of those techniques will be accomplished with a couple of lines of code or a small adjustment to the applying settings.

#1: Manage Setup Scripts :


If the developer has put in a collection of PHP scripts from a third-party application, the scripts the application uses to put in the operating parts can even offer an access point to unscrupulous users. Most suppliers of third-party packages suggest removing the directory containing the setup scripts shortly when installation. For developers who want to retain the setup scripts, they will produce an .htaccess file that controls access to the administrative directories.

AuthType Basic
AuthName “Administrators Only”
AuthUserFile /usr/local/apache/passwd/passwords

Require valid-user

1 Nov 2013

HTML5 vs. Flash - What You Need to Know

php , javascript , html5 , css3 , web design development1

It’s been 5 years since the announcement of HTML5 and however the HTML5 vs. Flash dialogue continues to rage on among developers. all over you look, from newspapers to magazines to the net, you’re swamped with articles concerning these technologies, usually giving conflicting recommendation concerning that is that the higher resolution. So, with all the noise on this subject circling within the technology layer, however does one create a choice on that one is best for you?

Background :
Released in 1996, Flash is a multimedia system platform originally developed by Macromedia and later noninheritable  by Adobe. By 2000, it had become the actual commonplace for video playback, animated banners, and interactive multimedia websites. Flash basically became the quality tool in an exceedingly non-standard net of multi-platform browsers.

HTML was developed by the world Wide net consortium (W3C), a bunch whose main purpose is “to guide the world Wide net to its full potential by making protocols and pointers that make sure the growth of the net in [the] future”. The last hypertext markup language specifications targeted on future developments were XHTML two.0 and HTML four.01, however neither had been updated since 2000. With developers longing for one terminology that enclosed elaborate process models to encourage additional practical implementations, HTML5 was born.