CAKE PHP 3

Published on Nov 18, 2015

CAKE PHP 3 By Debasish Mishra

PRESENTATION OUTLINE

CAKE PHP 3

Step By Step Tutorial By Debasish Mishra

Photo by iogi

Why Cake PHP

  • Rapidly build web apps
  • Code generation
  • Scaffolding
  • Clean MVC Conventions
  • Inbuilt functionalities like;
  • 1. DB Access, 2. Caching
  • 3. Validation
  • 4. Authentication, e.t.c.
Photo by 13desetembro

Securities

  • Input validation
  • CSRF Protection
  • Form Tampering
  • SQL Injection
  • XSS Prevention
Photo by RDECOM

CSRF

CROSS SITE REQUEST FORGERIES
Photo by HckySo

CSRF OR XSRF

  • Method of attacking a website
  • Conduct fraudulent financial transactions
Photo by kjetikor

Form Tampering

  • Manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control.
Photo by Mr_Stein

SQL Injection

  • SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via web page input. Injected SQL commands can alter SQL statement and compromise the security of a web application.
Photo by vissago

XSS Prevention

  • Stands for "Cross Site Scripting"
  • It is a Hacking hacking technique
  • it allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page to fool the user, executing the script on his machine in order to gather data. The use of XSS might compromise private information, manipulate or steal cookies
Photo by Ken_Lord

Scaffolding

  • Scaffolding generally refers to a quickly set up skeleton for an app
  • Some type of code generation where you point it at a database, and the technology creates basic CRUD (create, read, update, delete) screens
Photo by Pondspider

Download

Download latest .zip file from cakephp.org
Photo by GotCredit

Requirement

  • PHP Version must be 5.4.16 or higher
  • "mbstring" extension to be enabled
  • "openssl" extension to be enabled
  • "intl" extension to be enabled
  • "tmp" and "logs" directory is writable

logs and tmp folder

must be writable

Lets Start

  • Download the zip file and extract it
  • Place in a folder lets say "cake3"
  • Run it in browser http://localhost/cake3
  • host name and port may vary as by your server setting
  • In my case it is: http://localhost:81/cake3
Photo by Rob Swatski

Database Configuration

  • Open config/app.php in any code editor
  • Find 'Datasources' => [ 'default' => [
  • Some where at line no. 207
  • Change values of 'username' => 'root', 'password' => '', 'database' => 'proposal', as by your setting, lets database name is "proposal"
Photo by Tom Raftery

Controller

Creating & Using CakePHP Controller

Controller

  • Handles Request Data
  • Ensures proper Model and View are called
  • Commonly used to manage logic around a single Model or more than 1 Models
  • Application’s controllers extend the AppController class
Photo by jelloneck

Controllers-Actions

  • CONTROLLERS provide methods to handle requests
  • These are called ACTIONS
  • Each public method in a controller is an action, and is accessible from a URL

Controller Convention

  • To be stores at src/Controller/
  • Controller class names are plural, Camel Cased, and end with "Controller"
  • Application’s controllers extend the "AppController" class, which in turn extends the core "Controller" class
  • Ex: UsersController, LatestArticlesController, BooksController
Photo by photosteve101

Syntax

Create a File: src/Controller/UsersController.php
Photo by katerha

Basic Syntax

  • <? php namespace App\Controller; use App\Controller\AppController; class UsersController extends AppController{ public function index(){ echo "Hello"; exit(); } } ?>

Run it

  • http://localhost/cake3/Users
  • It will run UsersController
  • We used exit() intentionally, other wise it will search for the view "index.ctp"
  • The out put will be "Hello" on the screen
Photo by pamhule

Lets Understand

  • "index()" is action of controller "Users"
  • Can be accessed by http://hostname/project-name/Users/index
  • or simply /Users
  • You can create actions like "add()" or "search()" and can access by /Users/add and /Users/search respectively