Archives

Pádraic Brady has posted Automatic Output Escaping In PHP And The Real Future Of Preventing Cross-Site Scripting (XSS) In the game of mitigating against the risks of XSS, how you escape is not as important as knowing why you are escaping. That second point, understanding why you escape data on output, is unfortunately commonly misunderstood. Yet, without that basic understanding – your choice of how to escape is quite possibly incorrect and, worse, it allows… continue reading.

Posted on 18 June 2012 in Around the web

Kyle Spraggs has posted ZF Commons – A Zend Framework 2 organization Many web applications share features – user management, templating, ACL, blogs, etc. ZF-Commons’ goal is to to produce high-quality, reusable modules for many common tasks that web developers face. In a short post today, Kyle Spraggs encourages all ZF2 developers to help contribute to a set of modules that many applications have need off. If you're writing or planning to write ZF2 applications,… continue reading.

Posted on 1 June 2012 in Around the web

Enrico Zimuel has posted Cryptography made easy with Zend Framework In this post I would like to present some of the new capabilities of the ZendCrypt component. Let’s start with the main course: how to encrypt and decrypt data using strong cryptography standards. He then goes on to explain all the cool new features of ZendCrypt and ZendMath, including the use of block ciphers, bcrypt hashes and key derivation functions. Well worth a read.

Posted on 31 May 2012 in Around the web

Gary Hockin has posted Zend Framework 2 and a Restful Application After speaking to a prospective employer in a job interview, I was interested to try out the ZendMvcControllerRestfulController. With Zend_Json_Server in ZF1 having, shall we say, a less than sterling reputation, it was very interesting for me to see how the strategy has been implemented in ZF2. Gary then explains how to change the Zend Skeleton Application to work with HTTP verbs by changing… continue reading.

Posted on 29 May 2012 in Around the web

Evan Coury has posted Module-specific layouts in Zend Framework 2 First, I should point out that the title of this post is a bit of an intentional misnomer. There’s really no such thing as “module-specific” anything in ZF2, so what we’re really talking about is the topmost namespace of the controller being dispatched. So in the case of MyModuleControllerSomeController, the topmost namespace would be MyModle. In most cases, this will be the name of a… continue reading.

Posted on 11 May 2012 in Around the web

Evan Coury has posted Sharing a database connection across modules in Zend Framework 2 » Evan's Blog With the new modular infrastructure in Zend Framework 2, one of the most common questions will indoubitably be how to share a database connection across modules. Here’s a quick explanation of how to share your database connection across multiple modules in a way that can even allow you to use a single connection between ZendDb, Doctrine2, and possibly… continue reading.

Posted on 27 April 2012 in Around the web