News Feed
Jobs Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Sameer Borate:
Simple user authentication in Laravel 4
June 17, 2013 @ 14:22:01

Sameer Borate has a new post today showing how you can do simple user authentication in a Laravel 4-based application using the built-in Auth functionality.

With the recent release of Laravel 4, PHP developers have at their disposal one of the finest frameworks for application development. As with all new frameworks, it is always good to write some quick code to get a feel for the underlying architecture. The following post shows a simple authentication application using Laravel.

He walks you through the creation of the simple "users" table, the configuration the Auth class will need to connect and authenticate and the form for the login. He also shows the steps for the actual authentication process as well as the code for the routes to make it all work. Additionally, he shows how to restrict pages to only those with the "admin" level access via an auth filter. You can download the example code here.

0 comments voice your opinion now!
user authentication laravel4 tutorial database auth admin

Link: http://www.codediesel.com/frameworks/simple-user-authentication-in-laravel-4

Sebastian Göttschkes:
symfony2 Testing secure pages
October 08, 2012 @ 13:13:19

Sebastian Göttschkes has a new post to his site showing you how to test secure pages within your Symfony2 applications using a simple "requestWithAuth" method.

If you develop a web application, more often than not you have some kind of user section or admin panel where some kind of login identifies the user and protects your actions against usage from unauthorized people. It can be difficult to do functional tests with this kind of pages as you need to simulate some session or cookie context. In this tutorial, I want to show you how to test your functional pages with symfony2 and phpunit.

He includes a "bad way" to do it, cheating by making a client and feeding it the HTTP auth credentials, and a more correct way involving the "requestWithAuth" method that's called whenever the "request" is called to push those credentials along with every request. Code for this basic function is included.

0 comments voice your opinion now!
symfony2 testing unittest authentication http auth tutorial


Chris Hartjes' Blog:
Simple User Registration in CakePHP 1.2
January 10, 2008 @ 12:09:00

Chris Hartjes has posted a tutorial about the creation of a simple user registration system in an application developed in the CakePHP framework. In response to the popularity of his other article on using CakePHP's Auth component, he's created a bit of code to answer some questions.

People have been having some questions about how the password is hashed and questions about a user registration system. Of course, the snarky response is "go and read the source for Security::Hash() and create some of your own code", but it is easier to just give people some code so they stop asking.

His example code extends the User object for the model, makes a controller with a register() method call and creates the username/password form for the user the enter in their information.

2 comments voice your opinion now!
user registration cakephp framework example auth component user registration cakephp framework example auth component


SaniSoft Blog:
Bugs & enhancements for Auth component in CakePHP v1.2 - Part 1
August 03, 2007 @ 10:27:00

On the SaniSoft blog, there's a post pointing out a bugfix and a new enhancement to the Auth component for the CakePHP framework in version 1.2 (part 1):

The auth component is supposed to handle the user login in your app but I was just not able to get that done and there have been similar complaints in the CakePHP mailing list. Since I wanted it *NOW* I had no option but to once again dig into the source - but - hey it is not so bad, they give you the code so that you can change it! right?

His patch involves changing code in two places in the AuthComponent::startup() method to handle the login correctly.

0 comments voice your opinion now!
cakephp framework auth component handle login cakephp framework auth component handle login


WebReference.com:
Security Techniques Part 2
May 29, 2007 @ 12:02:00

WebReference.com has posted part two in their series looking at security techniques in PHP. This time they focus on the use of a few things - the PECL filter, the PEAR Auth module and mcrypt.

For each of the three topics covered, they include a few code examples on their use - an HTML form with the filter extension, user authentication with the PEAR Auth, and encrypting data to be used in a more secure cookie.

The article is excerpted from PHP 5 Advanced: Visual QuickPro Guide by Larry Ullman.

0 comments voice your opinion now!
security technique tutorial filter pecl pear auth mcrypt security technique tutorial filter pecl pear auth mcrypt


Norbet Mocsnik's Blog:
Setting Up DokuWiki with Simple Authentication
December 19, 2006 @ 09:02:00

Norbet Mocsnik, having just set it up himself, is sharing the steps needed to get DokuWiki set up and working with a simple authentication system.

I promised to investigate the steps needed to set up DokuWiki with the simplest authentication scheme for a friend and I thought others might benefit from it too, so here it is.

There's about fifteen steps in all, including the download/install of the package and creating the basic functionality (like a simple Auth schema - he gives an example). Create the superuser and set up the desired restrictions and you're home free. If you want more information on authentication in DokuWiki, check out this page on the DokuWiki's wiki.

0 comments voice your opinion now!
dokuwiki simple authentication guide steps auth scheme restrictions dokuwiki simple authentication guide steps auth scheme restrictions


PHP Security Blog:
A Trio of Javascript Issues
December 01, 2006 @ 13:22:28

On the PHP Security Blog, there's three new posts that Stefan Esser has written up that demonstrate some of the more destructive uses of Javascript that he's found:

While the first two are interesting, it's the last of these that most directly applies to PHP. He gives a simple "proof of concept" that checks to see if the embedded image is the correct "size" to be related to a webserver running PHP with the expose_php setting set to "on".

0 comments voice your opinion now!
javascript security issue portscan http auth firefox exposephp scan javascript security issue portscan http auth firefox exposephp scan


Community News:
New Zend Framework Mailing Lists Announced
September 19, 2006 @ 15:10:10

Going along with the Roadmap update Zend has recently put out about it's Framework, Andi Gutmans has also announced the introduction of more mailing lists to help developers communicate more effectively.

In line with the roadmap email, I'd like to form 8 new mailing lists which will make it easier for people to discuss/participate in subject areas which are of interest to them (actually 7 new ones as docs already exists).

I did think of calling the lists fwdev-* to note them as dev lists but I think it makes more sense to keep them open to the users. I find it very valuable to get users asking questions and commeting on functionality on the dev lists as that's valuable input from the users.

The new mailing lists up and running. They are:

  • fw-webservices@
  • fw-mvc@
  • fw-auth@
  • fw-i18n@
  • fw-db@
  • fw-core@
  • fw-formats@

To check out the topics that fall under each category, check out the sections of the roadmap.

0 comments voice your opinion now!
mailing list zend framework raodmap webservices mvc auth db core mailing list zend framework raodmap webservices mvc auth db core


PHPied.com:
SAP container for PEARAuth
September 07, 2006 @ 07:04:09

If you've ever wanted to quickly and easily connect your PHP script over to a SAP server to authenticate a user but weren't sure quite how, you'll be happy to see that you can use the PEAR::Auth package to make the request - with a little help.

PEAR::Auth is a package that allows you to abstract the user authentication from the main part of your application and not worry about it. What is good about the package is that it comes with different "containers" that allows you to authenticate users against different storages.

So I played around with creating an SAP container that allows you to check users against your company's SAP system and for example build a section of your Internet (or Extranet) page that is only accessible for people and partners that exist as users in the SAP system.

There's an extension to PHP you'll need to get and install, but with that in place, it's as simple as setting the authentication type to "SAP" and giving it the hostname to connect to. He also includes some sample scripts to get you started, including the Auth_Container_SAP class that makes the magic happen.

0 comments voice your opinion now!
sap container pear package auth extension class saprfc sap container pear package auth extension class saprfc


MelbourneChapter.net:
PHP and Authentication Security
April 04, 2006 @ 07:29:22

From the MelbourneChapter.net site, there's an informative post looking at user validation methods, specifically the powerful PEAR::Auth package.

Once we have the user we need to authenticate the details they have submitted. To do this the usual approach is to query a 'user' table in your database to check the corresponding username and password.

This is fine in most situations, but as systems scale we often find that maintaining this user table with current user/passwords can be a lot of trouble. Often in larger systems and organisations usernames and passwords are controlled centrally. This can be in the form of a directory service, such as LDAP. Some situations you may even use a RADIUS, SAMBA, PASSWD style or POP3.

Instead of trying to create all of the above connections, they suggest using the well-established PEAR::Auth package. They even link to a method of getting it installed on a shared hosting platform. TO finish it off, they include a reminder to always asses the security of your application, and suggest keeping an eye on the PHP Security Consortium's SecurityFocus Newsletters for the latest PHP security-related issues.

0 comments voice your opinion now!
authenication security pear auth package authenication security pear auth package



Community Events











Don't see your event here?
Let us know!


application security install performance threedevsandamaybe introduction code component composer language symfony2 unittest release framework facebook hack database hhvm package podcast

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework