CAKE PHP 3

Why Cake PHP

• Rapidly build web apps
• Code generation
• Scaffolding
• Clean MVC Conventions
• Inbuilt functionalities like;
• 1. DB Access, 2. Caching
• 3. Validation
• 4. Authentication, e.t.c.

Securities

• Input validation
• CSRF Protection
• Form Tampering
• SQL Injection
• XSS Prevention

CSRF

CSRF OR XSRF

• Method of attacking a website
• Conduct fraudulent financial transactions

Form Tampering

• Manipulation of parameters exchanged between client and server in order to modify application data, such as user credentials and permissions, price and quantity of products, etc. Usually, this information is stored in cookies, hidden form fields, or URL Query Strings, and is used to increase application functionality and control.

SQL Injection

• SQL injection is a technique where malicious users can inject SQL commands into an SQL statement, via web page input. Injected SQL commands can alter SQL statement and compromise the security of a web application.

XSS Prevention

• Stands for "Cross Site Scripting"
• It is a Hacking hacking technique
• it allows an attacker to embed malicious JavaScript, VBScript, ActiveX, HTML, or Flash into a vulnerable dynamic page to fool the user, executing the script on his machine in order to gather data. The use of XSS might compromise private information, manipulate or steal cookies

Scaffolding

• Scaffolding generally refers to a quickly set up skeleton for an app
• Some type of code generation where you point it at a database, and the technology creates basic CRUD (create, read, update, delete) screens

Download

Requirement

• PHP Version must be 5.4.16 or higher
• "mbstring" extension to be enabled
• "openssl" extension to be enabled
• "intl" extension to be enabled
• "tmp" and "logs" directory is writable

logs and tmp folder

Lets Start

• Download the zip file and extract it
• Place in a folder lets say "cake3"
• Run it in browser http://localhost/cake3
• host name and port may vary as by your server setting
• In my case it is: http://localhost:81/cake3

Database Configuration

• Open config/app.php in any code editor
• Find 'Datasources' => [ 'default' => [
• Some where at line no. 207
• Change values of 'username' => 'root', 'password' => '', 'database' => 'proposal', as by your setting, lets database name is "proposal"

Controller

Controller

• Handles Request Data
• Ensures proper Model and View are called
• Commonly used to manage logic around a single Model or more than 1 Models
• Application’s controllers extend the AppController class

Controllers-Actions

• CONTROLLERS provide methods to handle requests
• These are called ACTIONS
• Each public method in a controller is an action, and is accessible from a URL

Controller Convention

• To be stores at src/Controller/
• Controller class names are plural, Camel Cased, and end with "Controller"
• Application’s controllers extend the "AppController" class, which in turn extends the core "Controller" class
• Ex: UsersController, LatestArticlesController, BooksController

Syntax

Basic Syntax

Run it

• http://localhost/cake3/Users
• It will run UsersController
• We used exit() intentionally, other wise it will search for the view "index.ctp"
• The out put will be "Hello" on the screen

Lets Understand

• "index()" is action of controller "Users"
• Can be accessed by http://hostname/project-name/Users/index
• or simply /Users
• You can create actions like "add()" or "search()" and can access by /Users/add and /Users/search respectively