DOCSLIB.ORG

Yiibook2.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Yiibook2.Pdf The Yii Book (2nd ed.) by Larry Ullman Self-published Find this book on the web at larry.pub. Revision: 1.7 Copyright © 2017 by Larry Ullman Technical Reviewer: Qiang Xue Technical Reviewer: Alexander Makarov Cover design very kindly provided by Paul Wilcox. Notice of Rights All rights reserved. No part of this book may be reproduced or transmitted in any form by any means, electronic, mechanical, photocopying, recording, or otherwise, without the prior written permission of the author. Notice of Liability The information in this book is distributed on an “As Is” basis, without warranty. While every precaution has been taken in the preparation of the book, the author shall not have any liability to any person or entity with respect to any loss or damage caused or alleged to be caused directly or indirectly by the instructions contained in this book or by the computer software and hardware products described in it. Trademarks MySQL is a registered trademark of Oracle in the United States and in other coun- tries. Macintosh and Mac OS X are registered trademarks of Apple, Inc. Microsoft and Windows are registered trademarks of Microsoft Corp. Other product names used in this book may be trademarks of their own respective owners. Images of Web sites in this book are copyrighted by the original holders and are used with their kind permission. This book is not officially endorsed by nor affiliated with anyof the above companies. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the author was aware of a trademark claim, the designations appear as requested by the owner of the trademark. All other product names and services identified throughout this book are used in editorial fashion only and for the benefit of such companies with no intention of infringement of the trademark. No such use, or the use of any trade name, is intended to convey endorsement or other affiliation with this book. ISBN-13: ISBN-10: ii This book is dedicated to: Qiang Xue, creator of the Yii framework; Alexander Makarov, and the whole Yii development team; and to the entire Yii community. Thanks to you all for making, embracing, and supporting such an excellent Web development tool. iii Contents Introduction 1 Why Frameworks? ............................... 1 Why Yii? .................................... 3 What You’ll Need ............................... 7 About This Book ................................ 9 Getting Help .................................. 11 I Getting Started 13 1 FUNDAMENTAL CONCEPTS 14 Object-Oriented Programming ........................ 14 The MVC Approach .............................. 21 Using a Web Server .............................. 26 Command Line Tools ............................. 28 2 STARTING A NEW APPLICATION 32 Working with Composer ............................ 32 Creating a Yii Application ........................... 35 Testing the Site Shell .............................. 36 Testing the Requirements ........................... 39 3 A MANUAL FOR YOUR YII SITE 43 The Site’s Folders ............................... 43 Referencing Files and Directories ....................... 45 Yii Conventions ................................. 46 i CONTENTS How Yii Handles a Page Request ....................... 47 Using the Debugger .............................. 52 4 INITIAL CUSTOMIZATIONS AND CODE GENERATIONS 55 Configuring Your Web Server ......................... 55 Enabling Debug Mode ............................. 56 Basic Configurations .............................. 58 Developing Your Site .............................. 68 Generating Code with Gii ........................... 77 II Core Concepts 85 5 WORKING WITH MODELS 86 The Model Classes ............................... 86 Establishing Rules ............................... 88 Changing Labels ................................ 108 Watching for Model Events .......................... 110 Relating Models ................................ 113 The Object Class ................................ 116 6 WORKING WITH VIEWS 118 The View Structure .............................. 118 Where Views are Referenced ......................... 119 Layouts and Views ............................... 120 Editing View Files ............................... 122 Working with Layouts ............................. 132 Alternative Content Presentation ....................... 138 7 WORKING WITH CONTROLLERS 142 Controller Basics ................................ 142 Revisiting Views ................................ 147 Making Use of Models ............................. 148 Handling Forms ................................. 151 ii CONTENTS Understanding Routes ............................. 153 Tapping Into Filters .............................. 159 Showing Static Pages .............................. 160 Handling Exceptions .............................. 162 8 WORKING WITH DATABASES 165 Debugging Database Operations ....................... 165 Database Options ................................ 166 Using Active Record .............................. 168 Using Database Access Objects ........................ 177 Using Query Builder .............................. 180 Choosing an Interface Option ......................... 186 Common Challenges .............................. 188 9 WORKING WITH FORMS 191 Understanding Forms and MVC ....................... 191 Creating Forms without Models ........................ 192 Creating Forms with Models ......................... 195 Common Form Needs ............................. 199 10 MAINTAINING STATE 220 Cookies ..................................... 220 Sessions ..................................... 224 Working with Flash Messages ......................... 227 11 USER AUTHENTICATION AND AUTHORIZATION 230 Fundamentals of Authentication ....................... 230 Authentication Options ............................ 241 Referencing the User .............................. 249 Basic Access Control .............................. 250 Role-Based Access Control ........................... 255 iii CONTENTS 12 WORKING WITH WIDGETS 267 Using Widgets ................................. 267 Basic Yii Widgets ............................... 270 Presenting Data ................................ 274 The Bootstrap Widgets ............................ 295 The jQuery UI Widgets ............................ 296 13 USING EXTENSIONS 302 The Basics of Extensions ........................... 302 The Krajee Extensions ............................. 305 The 2amigos Extensions ............................ 310 A User Extension ................................ 314 Using Swift Mailer ............................... 315 Using Elasticsearch ............................... 318 14 JAVASCRIPT AND JQUERY 338 What You Must Know ............................. 338 Adding JavaScript to a Page ......................... 339 Using JavaScript with ActiveForm ...................... 343 Implementing Ajax ............................... 346 Common Needs ................................. 354 III Advanced Topics 359 15 INTERNATIONALIZATION 360 What is i18n? .................................. 360 Setting the Locale ............................... 362 Detecting the User’s Locale .......................... 363 Providing Language-Appropriate Text .................... 365 Using Placeholders and Parameters ...................... 368 Using Formatters ................................ 374 Other Concepts ................................. 379 i18n and Your Models ............................. 380 iv CONTENTS 16 LEAVING THE BROWSER 382 Writing a Proxy Script ............................. 382 RESTful Services ................................ 385 Creating a Console Application ........................ 391 v Introduction This is the 26th book that I’ve written, and of the many things I’ve learned in that time, a reliable fact is readers rarely read the introduction. Still, I put some thought into the introduction and recommend you spend the five minutes required to read it. In this particular introduction, I provide the arguments for (and against) frameworks, and the Yii framework specifically. I also explain what knowledge and technical requirements are expected of you, dear reader. And if that was not enough, the introduction concludes by providing you with resources to seek help when you need it. So: five minutes of your time for all that! Okay, maybe 8 minutes. How aboutyou give it a go? Why Frameworks? Simply put, a framework is an established library of code meant to expedite software development. Writing everything from scratch on every project is impractical; code reuse is faster, more reliable, and possibly more secure. Many developers eventually create a lightweight framework of their own, even if that’s just a handful of commonly used functions. True frameworks such as Yii are just the release of a complete set of tools that a smart and hardworking person–or more commonly, team–has been kind enough to make public. Even if you don’t buy the arguments for using a framework in its own right, it’s safe to say that the ability to use a framework is an expectation of any professional programmer today. Why You Should Use a Framework The most obvious argument for using a framework is being able to develop projects much, much faster than if you don’t use a framework. But there are other, more critical, arguments, too. As already stated, framework-based projects should also be both more reliable and secure than those coded by hand. Both qualities
Load more

Recommended publications
  • The Yii Framework – Larry Ullman
    The Yii Framework – Larry Ullman This is a copy of the Larry Ullman series ‘Learning the Yii Framework’. See http://www.larryullman.com/2009/06/18/introduction-to-the-yii-framework/. 1. Introduction to the Yii Framework In 2009, I had three decent-size Web sites to develop, so I thought I might try using a PHP framework for the first time, instead of coding everything from scratch. I’ve used Ruby on Rails for Web development before, so I’m comfortable with frameworks and the MVC architecture, but I wanted to educate myself on PHP frameworks. After researching a handful of frameworks, and after an unsatisfying attempt to use Zend Framework, I finally settled on, and really came to appreciate the Yii Framework. At the time, the Yii Framework was still quite new, and there are still bugs to be worked out (for the more advanced stuff), but Yii works so well that it’s very easy to use. In this first of several posts on the Yii Framework, I just discuss setting up and testing Yii. (Note: In October 2010, I’ve updated this entire series to reflect changes in Yii since this series was written, and to take into account feedback provided through the comments. Some outdated material will be crossed out, but left in to reflect how things have changed since the series was begun in June 2009.) The first thing you need in order to use the Yii Framework is access to a Web server with PHP installed, of course. But if you’re reading this, I’m going to assume you have access to a PHP-enabled server.
    [Show full text]
  • Resin 3.2 Reference
    Contents 1 Overview 3 1.1 Features - Resin and Resin Professional . .3 2 Installation 11 2.1 Resin Installation Quick Start . 11 2.2 Resin Installation . 16 2.3 Resin Web Server . 16 2.4 Resin with Apache . 22 2.5 Resin with IIS . 34 2.6 How the Plugins Dispatch to Resin . 44 3 Command-Line 47 3.1 Command-Line Configuration . 47 4 Admin Guide 51 4.1 User Guide: Administration . 51 5 Watchdog 63 5.1 Resin Watchdog . 63 6 Virtual Hosts 73 6.1 Virtual Hosting . 73 7 Clustering 89 7.1 Resin Clustering . 89 8 Web Applications 109 8.1 An Overview of Web Applications . 109 9 Logging 137 9.1 Log . 137 10 Administration 163 10.1 Resin Administration . 163 1 CONTENTS 11 Deployment 177 11.1 Packaging/Deployment . 177 12 Proxy Caching 181 12.1 Server Caching . 181 13 Quercus 193 13.1 Quercus: PHP in Java . 193 14 Security 217 14.1 Resin Security . 217 15 Inversion of Control 271 15.1 Resin IoC . 271 15.2 Scheduled Task . 308 16 Amber 327 16.1 Amber . 327 17 Embedding Resin 355 17.1 Embedding Resin . 355 18 Filters 367 18.1 Filters . 367 19 BAM 379 19.1 BAM . 379 20 Comet 405 20.1 Comet/Server-Push Servlet . 405 21 Remoting 411 21.1 Resin Remoting . 411 21.2 Hessian . 417 22 Messaging 423 22.1 Resin Messaging . 423 23 JSF - Java Server Faces 435 23.1 JSF - Java Server Faces . 435 24 Configuration Tags 445 24.1 cluster: Cluster tag configuration .
    [Show full text]
  • Bakalářská Práce
    TECHNICKÁ UNIVERZITA V LIBERCI Fakulta mechatroniky, informatiky a mezioborových studií BAKALÁŘSKÁ PRÁCE Liberec 2013 Jaroslav Jakoubě Příloha A TECHNICKÁ UNIVERZITA V LIBERCI Fakulta mechatroniky, informatiky a mezioborových studií Studijní program: B2646 – Informační technologie Studijní obor: 1802R007 – Informační technologie Srovnání databázových knihoven v PHP Benchmark of database libraries for PHP Bakalářská práce Autor: Jaroslav Jakoubě Vedoucí práce: Mgr. Jiří Vraný, Ph.D. V Liberci 15. 5. 2013 Prohlášení Byl(a) jsem seznámen(a) s tím, že na mou bakalářskou práci se plně vztahuje zákon č. 121/2000 Sb., o právu autorském, zejména § 60 – školní dílo. Beru na vědomí, že Technická univerzita v Liberci (TUL) nezasahuje do mých autorských práv užitím mé bakalářské práce pro vnitřní potřebu TUL. Užiji-li bakalářskou práci nebo poskytnu-li licenci k jejímu využití, jsem si vědom povinnosti informovat o této skutečnosti TUL; v tomto případě má TUL právo ode mne požadovat úhradu nákladů, které vynaložila na vytvoření díla, až do jejich skutečné výše. Bakalářskou práci jsem vypracoval(a) samostatně s použitím uvedené literatury a na základě konzultací s vedoucím bakalářské práce a konzultantem. Datum Podpis 3 Abstrakt Česká verze: Tato bakalářská práce se zabývá srovnávacím testem webových aplikací psaných v programovacím skriptovacím jazyce PHP, které využívají různé knihovny pro komunikaci s databází. Hlavní důraz při hodnocení výsledků byl kladen na rychlost odezvy při zasílání jednotlivých požadavků. V rámci řešení byly zjišťovány dostupné metodiky určené na porovnávání těchto projektů. Byl také proveden průzkum zjišťující, které frameworky jsou nejvíce používané. Klíčová slova: Testování, PHP, webové aplikace, framework, knihovny English version: This bachelor’s thesis is focused on benchmarking of the PHP frameworks and their database libraries used for creating web applications.
    [Show full text]
  • Environmental Assessment DOI-BLM-ORWA-B050-2018-0016-EA
    United States Department of the Interior Bureau of Land Management Burns District Office 28910 Highway 20 West Hines, Oregon 97738 541-589-4400 Phone 541-573-4411 Fax Spay Feasibility and On-Range Behavioral Outcomes Assessment and Warm Springs HMA Population Management Plan Environmental Assessment DOI-BLM-ORWA-B050-2018-0016-EA June 29, 2018 This Page is Intentionally Left Blank Spay Feasibility and On-Range Behavioral Outcomes Assessment and Warm Springs HMA Population Management Plan Environmental Assessment DOI-BLM-ORWA-B050-2018-0016-EA Table of Contents I. INTRODUCTION .........................................................................................................1 A. Background................................................................................................................ 1 B. Purpose and Need for Proposed Action..................................................................... 4 C. Decision to be Made .................................................................................................. 5 D. Conformance with BLM Resource Management Plan(s) .......................................... 6 E. Consistency with Laws, Regulations and Policies..................................................... 7 F. Scoping and Identification of Issues ........................................................................ 12 1. Issues for Analysis .......................................................................................... 13 2. Issues Considered but Eliminated from Detailed Analysis ............................
    [Show full text]
  • Design Patterns in PHP and Laravel — Kelt Dockins Design Patterns in PHP and Laravel
    Design Patterns in PHP and Laravel — Kelt Dockins Design Patterns in PHP and Laravel Kelt Dockins [email protected] Design Patterns in PHP and Laravel Kelt Dockins Dolph, Arkansas USA ISBN-13 (pbk): 978-1-4842-2450-2 ISBN-13 (electronic): 978-1-4842-2451-9 DOI 10.1007/978-1-4842-2451-9 Library of Congress Control Number: 2016961807 Copyright © 2017 by Kelt Dockins This work is subject to copyright. All rights are reserved by the Publisher, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission or information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed. Trademarked names, logos, and images may appear in this book. Rather than use a trademark symbol with every occurrence of a trademarked name, logo, or image we use the names, logos, and images only in an editorial fashion and to the benefit of the trademark owner, with no intention of infringement of the trademark. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. While the advice and information in this book are believed to be true and accurate at the date of publication, neither the authors nor the editors nor the publisher can accept any legal responsibility for any errors or omissions that may be made.
    [Show full text]
  • Vulnerable Web Application Framework
    University of Rhode Island DigitalCommons@URI Open Access Master's Theses 2015 Vulnerable Web Application Framework Nicholas J. Giannini University of Rhode Island, [email protected] Follow this and additional works at: https://digitalcommons.uri.edu/theses Recommended Citation Giannini, Nicholas J., "Vulnerable Web Application Framework" (2015). Open Access Master's Theses. Paper 629. https://digitalcommons.uri.edu/theses/629 This Thesis is brought to you for free and open access by DigitalCommons@URI. It has been accepted for inclusion in Open Access Master's Theses by an authorized administrator of DigitalCommons@URI. For more information, please contact [email protected]. VULNERABLE WEB APPLICATION FRAMEWORK BY NICHOLAS J. GIANNINI A THESIS SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF MASTER OF SCIENCE IN COMPUTER SCIENCE AND STATISTICS UNIVERSITY OF RHODE ISLAND 2015 MASTER OF SCIENCE THESIS OF NICHOLAS GIANNINI APPROVED: Thesis Committee: Major Professor Victor Fay-Wolfe Lisa DiPippo Haibo He Nasser H. Zawia DEAN OF THE GRADUATE SCHOOL UNIVERSITY OF RHODE ISLAND 2015 ABSTRACT Utilizing intentionally vulnerable web applications to teach and practice cyber security principles and techniques provides a unique hands-on experience that is otherwise unobtainable without working in the real world. Creating such applications that emulate those of actual businesses and organizations without exposing actual businesses to inadvertent security risks can be a daunting task. To address these issues, this project has created Porous, an open source framework specifically for creating intentionally vulnerable web applications. The implementation of Porous offers a simplified approach to building realistic vulnerable web applications that may be tailored to the needs of specific cyber challenges or classroom exercises.
    [Show full text]
  • 1 Introducing Symfony, Cakephp, and Zend Framework
    1 Introducing Symfony, CakePHP, and Zend Framework An invasion of armies can be resisted, but not an idea whose time has come. — Victor Hugo WHAT’S IN THIS CHAPTER? ‰ General discussion on frameworks. ‰ Introducing popular PHP frameworks. ‰ Design patterns. Everyone knows that all web applications have some things in common. They have users who can register, log in, and interact. Interaction is carried out mostly through validated and secured forms, and results are stored in various databases. The databases are then searched, data is processed, and data is presented back to the user, often according to his locale. If only you could extract these patterns as some kind of abstractions and transport them into further applications, the developmentCOPYRIGHTED process would be much MATERIAL faster. This task obviously can be done. Moreover, it can be done in many different ways and in almost any programming language. That’s why there are so many brilliant solutions that make web development faster and easier. In this book, we present three of them: Symfony, CakePHP, and Zend Framework. They do not only push the development process to the extremes in terms of rapidity but also provide massive amounts of advanced features that have become a must in the world of Web 2.0 applications. cc01.indd01.indd 1 11/24/2011/24/2011 55:45:10:45:10 PPMM 2 x CHAPTER 1 INTRODUCING SYMFONY, CAKEPHP, AND ZEND FRAMEWORK WHAT ARE WEB APPLICATION FRAMEWORKS AND HOW ARE THEY USED? A web application framework is a bunch of source code organized into a certain architecture that can be used for rapid development of web applications.
    [Show full text]
  • "Yii 2.0 Cookbook"
    Contents 0.1 Preface...............................1 1 Unnoticed basics3 2 Logging and error handling5 2.1 Logging: problems and solutions................5 3 Web essentials 11 3.1 URLs with variable number of parameters........... 11 3.2 Working with different response types............. 12 3.3 Managing cookies......................... 17 3.4 Handling incoming third party POST requests......... 19 4 SEO essentials 23 4.1 Enable pretty URLs....................... 23 4.2 Pagination pretty URLs..................... 24 4.3 Adding SEO tags......................... 25 4.4 Canonical URLs......................... 26 4.5 Using redirects.......................... 27 4.6 Using slugs............................ 28 4.7 Handling trailing slash in URLs................. 30 5 Forms 33 5.1 Using and customizing CAPTCHA............... 33 5.2 Working with ActiveForm via JavaScript............ 36 5.3 Uploading files.......................... 38 5.4 Custom validator for multiple attributes............ 41 6 Security 47 6.1 SQL injection........................... 47 6.2 XSS................................ 48 6.3 RBAC............................... 49 6.4 CSRF............................... 56 iii iv CONTENTS 7 Structuring and organizing code 59 7.1 Structure: backend and frontend via modules......... 59 7.2 Asset processing with Grunt................... 60 7.3 Using global functions...................... 64 7.4 Processing text.......................... 65 7.5 Implementing typed collections................. 66 7.6 MVC................................ 68 7.7 SOLID............................... 69 7.8 Dependencies........................... 70 8 View 73 8.1 Reusing views via partials.................... 73 8.2 Switching themes dynamically.................. 75 8.3 Post-processing response..................... 76 9 Models 77 10 Active Record 79 10.1 Single table inheritance..................... 79 11 i18n 83 11.1 Selecting application language.................. 83 11.2 Using IDs as translation source................. 87 12 Performance 89 12.1 Implementing backgroud tasks (cronjobs)..........
    [Show full text]
  • Implementación De Framework De Desarrollo Web Durante Un Proyecto”
    UNIVERSIDAD POLITÉCNICA DE SINALOA PROGRAMA ACADÉMICO DE INGENIERÍA EN INFORMÁTICA Tesina “Implementación de Framework de desarrollo web durante un proyecto” Para obtener la acreditación de las estadías profesionales y contar con los créditos para el grado de Ingeniero en Informática. Autor: Bernal Corral Daniel Asesor: M. C. Alejandro Pérez Pasten Borja Asesor OR: Ing. Omar Vidaña Peraza Mazatlán, Sinaloa 13 de Diciembre del 2019 Agradecimientos Agradezco a mis padres por brindarme todo su apoyo durante mis estudios, por darme las clases más importantes, por haber hecho posible que llegara a este momento, por enseñarme que no siempre todo sale perfecto y que debo esforzarme para obtener lo que quiero, por darme ánimos para seguir, por preocuparse por mí y esforzarse para que mi vida fuera mejor. A mi asesor por aconsejarme y corregir los errores que cometí durante el desarrollo de la tesina, por tomarse el tiempo para ver cada detalle y hacer recomendaciones, sugerir opciones, etc. A mi hermano por ayudarme a no rendirme, por asumir su rol de hermano mayor y tratar de guiar, por preocuparse por mí y ayudarme siempre que lo he necesitado. A los profesores que he tenido a lo largo de mis estudios y que me aportaron un poco de su conocimiento para enriquecer el mío. A todos mis compañeros que me ayudaron a hacer más amenas las clases. 6 ÍNDICE TEMÁTICO Índice de imágenes. 9 Resumen. ….. .11 Abstract. …. .11 Introducción. 11 Capítulo I. .. ... …12 1. Antecedentes. .. 13 1.1. Localización. .. ….. 13 1.2. Objetivos de la institución. …………….. 13 1.3. Visión. .14 1.4.
    [Show full text]
  • Cakephp Cookbook Documentation Release 4.X
    CakePHP Cookbook Documentation Release 4.x Cake Software Foundation Sep 25, 2021 Contents 1 CakePHP at a Glance 1 Conventions Over Configuration........................................1 The Model Layer................................................1 The View Layer.................................................2 The Controller Layer..............................................2 CakePHP Request Cycle............................................3 Just the Start...................................................4 Additional Reading...............................................4 2 Quick Start Guide 13 Content Management Tutorial......................................... 13 CMS Tutorial - Creating the Database..................................... 15 CMS Tutorial - Creating the Articles Controller................................ 19 3 4.0 Migration Guide 29 Deprecated Features Removed......................................... 29 Deprecations.................................................. 29 Breaking Changes................................................ 31 New Features.................................................. 37 4 Tutorials & Examples 41 Content Management Tutorial......................................... 41 CMS Tutorial - Creating the Database..................................... 43 CMS Tutorial - Creating the Articles Controller................................ 47 CMS Tutorial - Tags and Users......................................... 56 CMS Tutorial - Authentication......................................... 64 CMS Tutorial - Authorization.........................................
    [Show full text]
  • Web Development Frameworks Ruby on Rails VS Google Web Toolkit
    Bachelor thesis Web Development Frameworks Ruby on Rails VS Google Web Toolkit Author: Carlos Gallardo Adrián Extremera Supervisor: Welf Löwe Semester: Spring 2011 Course code: 2DV00E SE-391 82 Kalmar / SE-351 95 Växjö Tel +46 (0)772-28 80 00 [email protected] Lnu.se/dfm Abstract Web programming is getting more and more important every day and as a consequence, many new tools are created in order to help developers design and construct applications quicker, easier and better structured. Apart from different IDEs and Technologies, nowadays Web Frameworks are gaining popularity amongst users since they offer a large range of methods, classes, etc. that allow programmers to create and maintain solid Web systems. This research focuses on two different Web Frameworks: Ruby on Rails and Google Web Toolkit and within this document we will examine some of the most important differences between them during a Web development. Keywords web frameworks, Ruby, Rails, Model-View-Controller, web programming, Java, Google Web Toolkit, web development, code lines i List of Figures Figure 2.1. mraible - History of Web Frameworks....................................................4 Figure 2.2. Java BluePrints - MVC Pattern..............................................................6 Figure 2.3. Libros Web - MVC Architecture.............................................................7 Figure 2.4. Ruby on Rails - Logo.............................................................................8 Figure 2.5. Windaroo Consulting Inc - Ruby on Rails Structure.............................10
    [Show full text]
  • Snuffleupagus Documentation
    Snuffleupagus Documentation Release stable Sebastien Blot & Julien Voisin Aug 29, 2021 Contents 1 Documentation 3 1.1 Features..................................................3 1.2 Installation................................................ 11 1.3 Configuration............................................... 14 1.4 Download................................................. 22 1.5 Changelog................................................ 23 1.6 FAQ.................................................... 29 1.7 Propaganda................................................ 33 1.8 Cookies.................................................. 35 2 Greetings 39 i ii Snuffleupagus Documentation, Release stable Snuffleupagus is a PHP7+ and PHP8+ module designed to drastically raise the cost of attacks against websites. This is achieved by killing entire bug classes and providing a powerful virtual-patching system, allowing the administrator to fix specific vulnerabilities without having to touch the PHP code. Contents 1 Snuffleupagus Documentation, Release stable 2 Contents CHAPTER 1 Documentation 1.1 Features Snuffleupagus has a lot of features that can be divided in two main categories: bug-classes killers and virtual-patching. The first category provides primitives to kill various bug families (like arbitrary code execution via unserialize for example) or raise the cost of exploitation. The second category is a highly configurable system to patch functions in php itself. 1.1.1 Bug classes killed or mitigated system injections The system function executes an external
    [Show full text]