ZendCon 2015 - Modern and Secure PHP

22f21d5c22b930fd35dd98f25dedf6a4?s=47 Ben Edmunds
October 22, 2015

ZendCon 2015 - Modern and Secure PHP

This is not the PHP of old. Learn what's changed in the PHP world over the last few years. Classes, objects, statics, traits, unit testing, composer, password hashing; it's a whole new ballgame.

Learn what has changed in the PHP world over the last several years. We'll cover
The newest PHP language features.
Community efforts such as the PHP Framework Interoperability Group, Composer, and PHP the Right Way.
How to secure your application using up to date techniques.

22f21d5c22b930fd35dd98f25dedf6a4?s=128

Ben Edmunds

October 22, 2015
Tweet

Transcript

  1. 3.

    Who is this guy? Ben Edmunds Open Source Author PHP

    Town Hall Podcast CTO at Mindfulware
  2. 12.
  3. 15.
  4. 16.
  5. 20.
  6. 24.
  7. 25.
  8. 31.
  9. 35.
  10. 36.

    Traits // grouping without // strict inheritance trait baseUser {

    function getName() { return ‘Jon Snow’; } }
  11. 39.

    PDO

  12. 40.
  13. 44.

    PDO $stmt = $db->prepare(‘ SELECT * FROM users WHERE id=:id

    ’); $stmt->bindParam(‘:id’, $id); $stmt->execute();
  14. 45.
  15. 48.
  16. 51.

    Security HTTPS / SSL Encrypts traffic across the wire Trusted

    sender and receiver Required by OAUTH 2
  17. 56.

    Security //safe defaults class Your Controller { protected $var1 =

    ‘default value’; function __construct() { … } }
  18. 57.

    Security //safe defaults $something = false; foreach ($array as $k

    => $v) { $something = $v->foo; if ($something == ‘bar’) { … } }
  19. 59.
  20. 62.

    Security //CSRF Protection POST / PUT / UPDATE / DELETE

    behind forms with one-time use tokens
  21. 63.

    Security //CSRF Protection function generateCsrf() { $token = mcrypt_create_iv( 16,

    MCRYPT_DEV_URANDOM); Session::flash('csrfToken', $token); return $token; }
  22. 66.
  23. 68.

    Built-in Server $ php -S localhost:8000 PHP 5.4.0 Development Server

    started… Listening on localhost:8000 Document root is /home/ben/htdocs Press Ctrl-C to quit
  24. 69.
  25. 78.
  26. 80.
  27. 81.
  28. 82.

    Unit Testing $ phpunit tests PHPUnit 3.3.17 by Sebastian Bergmann.

    Time: 0.01 seconds OK (1 tests, 1 assertions)
  29. 83.
  30. 84.
  31. 88.

    Resources BuildSecurePHPapps.com Coupon Code: zendcon 20% off / 5$ off

    http://buildsecurephpapps.com/?coupon=zendcon