1 of 22

Slide Notes

DownloadGo Live


Published on Nov 18, 2015

CAKE PHP 3 By Debasish Mishra



Step By Step Tutorial By Debasish Mishra

Photo by iogi

Why Cake PHP

  • Rapidly build web apps
  • Code generation
  • Scaffolding
  • Clean MVC Conventions
  • Inbuilt functionalities like;
  • 1. DB Access, 2. Caching
  • 3. Validation
  • 4. Authentication, e.t.c.
Photo by 13desetembro


  • Input validation
  • CSRF Protection
  • Form Tampering
  • SQL Injection
  • XSS Prevention
Photo by RDECOM


Photo by HckySo


  • Method of attacking a website
  • Conduct fraudulent financial transactions
Photo by kjetikor

Form Tampering

  • Manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control.
Photo by Mr_Stein

SQL Injection

  • SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via web page input. Injected SQL commands can alter SQL statement and compromise the security of a web application.
Photo by vissago

XSS Prevention

  • Stands for "Cross Site Scripting"
  • It is a Hacking hacking technique
  • it allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page to fool the user, executing the script on his machine in order to gather data. The use of XSS might compromise private information, manipulate or steal cookies
Photo by Ken_Lord


  • Scaffolding generally refers to a quickly set up skeleton for an app
  • Some type of code generation where you point it at a database, and the technology creates basic CRUD (create, read, update, delete) screens
Photo by Pondspider


Download latest .zip file from cakephp.org
Photo by GotCredit


  • PHP Version must be 5.4.16 or higher
  • "mbstring" extension to be enabled
  • "openssl" extension to be enabled
  • "intl" extension to be enabled
  • "tmp" and "logs" directory is writable

logs and tmp folder

must be writable

Lets Start

Photo by Rob Swatski

Database Configuration

  • Open config/app.php in any code editor
  • Find 'Datasources' => [ 'default' => [
  • Some where at line no. 207
  • Change values of 'username' => 'root', 'password' => '', 'database' => 'proposal', as by your setting, lets database name is "proposal"
Photo by Tom Raftery


Creating & Using CakePHP Controller


  • Handles Request Data
  • Ensures proper Model and View are called
  • Commonly used to manage logic around a single Model or more than 1 Models
  • Application’s controllers extend the AppController class
Photo by jelloneck


  • CONTROLLERS provide methods to handle requests
  • These are called ACTIONS
  • Each public method in a controller is an action, and is accessible from a URL

Controller Convention

  • To be stores at src/Controller/
  • Controller class names are plural, Camel Cased, and end with "Controller"
  • Application’s controllers extend the "AppController" class, which in turn extends the core "Controller" class
  • Ex: UsersController, LatestArticlesController, BooksController
Photo by photosteve101


Create a File: src/Controller/UsersController.php
Photo by katerha

Basic Syntax

Run it

  • http://localhost/cake3/Users
  • It will run UsersController
  • We used exit() intentionally, other wise it will search for the view "index.ctp"
  • The out put will be "Hello" on the screen
Photo by pamhule

Lets Understand

  • "index()" is action of controller "Users"
  • Can be accessed by http://hostname/project-name/Users/index
  • or simply /Users
  • You can create actions like "add()" or "search()" and can access by /Users/add and /Users/search respectively