News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Brandon Savage:
The Cardinal Sin Of Object Inheritance
September 09, 2013 @ 12:38:04

Brandon Savage talks about the "cardinal sin" of working with object inheritance in PHP applications - adding public methods to a class that extends/implements another.

I know I've committed this sin, and you probably have too. The sin of which I speak is a grave one, and it violates several well known and established principles of object oriented application development. What is this sin of which I speak? It is none other than the addition of new public methods to an object that extends or implements abstract class or application interface, in violation of both the Liskov Substitution Principle and the Dependency Inversion Principle.

He talks some about the Liskov Substitution Principle first, pointing out that adding those new methods makes the new object non-replaceable as the Liskov principle requires. As far as the Dependency Inversion Principle, the practice breaks it because you'd be depending on those new methods as concrete, not abstracted from the parent. He makes a few recommendations as far as ways to prevent violating these principles including using multiple interfaces or creating multiple abstract classes for different public APIs.

0 comments voice your opinion now!
object inheritance sin solid principle public method violation

Link: http://www.brandonsavage.net/the-cardinal-sin-of-object-inheritance/

DashExamples.com:
Capture Content Security Policy (CSP) Violations in PHP
August 22, 2011 @ 09:02:05

From DashExamples.com there's a quick post on how you can set up your application to notify you on content security policy violations and store them back on he server side for later review.

When somebody violates your CSP rules, there is a great feature that can setup for supporting browsers to send back the violations to your server to be saved, processed or whatever. This is a great feature because you can stop a possibly malicious piece of code from executing and learn which scripts may have vulnerabilities in your code.

The reports as delivered by the browser back to your server according to your site's policy setup. They're sent back as a JSON string that is easily parsed and stored. The post shows you a sample database table structure (storing things like request, headers, blocked location and IP address) and the PHP to handle the incoming post. For more about the CSP reports, see Mozilla's example on their Developer section.

0 comments voice your opinion now!
content security violation csp json tutorial mozilla



Community Events





Don't see your event here?
Let us know!


api series library list release voicesoftheelephpant install interview symfony community deployment language opinion bugfix tips framework package introduction laravel podcast

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework