CakePHP web app development Archives - Page 4 of 4 - Web and Mobile App Development

New Secure Password Hashing API In PHP 5.5

Posted on December 12, 2012 by Jay

The fifth release of PHP, also known as PHP 5.5, was released in this year with great new features and updated standards. One of the most exciting aspects of the update is the Password Hashing API, which aims to provide a universal standard for password hashing functions.

Hashing is a way to store user passwords so that they are not stored in clear text but can still be verified when users log in again. With this new standard, you can use one function (password_hash) to create an account verification token for your user login system. You use another function (password_verify) to validate a hashed password when users sign up or reset their password again.

From the analysis reports, it is now believed that work has officially begun on PHP 5.5. It will be the first major update since the release of the version earlier this year.

Never miss an update from us. Join 10,000+ marketers and leaders.

Join for free

In recent years major update releases for PHP were very slow, so it will be interesting to see how fast or slow PHP 5.5 will come into the development process.

Among all the updates in PHP 5.5 the most impressive feature is the new Password Hashing API.

According to some recent security attacks, it is now revealed that a vast majority of PHP developers either don’t understand the password hashing or don’t think it’s worth an effort.

The current implementation of password hashing using crypt() is difficult to implement and work with, but by providing a simple API for password hashing, it will become easier for the developers to simply call the API which will take care of all the issues of the PHP development. Eventually, more projects and developers will be able to use secure password hashing.

It makes sense to include this feature, but let’s just hope for an early official release of this version, so that the PHP developers can take advantage of this security innovation.

Conclusion

The Password Hashing API is a great addition to PHP. It simplifies the process of creating and verifying password hashes. The API is compatible with existing methods and can be used for many different systems, which makes it a useful tool for developers. The Password Hashing API is available in PHP 5.5 and newer versions. This new standard aims to unify the password hashing process and create a universal method to create and verify password hashes.

How To Migrate CakePHP 1.x To 2.x

Posted on November 26, 2012 by Jay

Today, we will focus on what we need to do to get CakePHP 1.3 application upgraded to CakePHP 2.2.3-the latest official stable release

Installation

This is pretty straight forward, same as CakePHP 1.3 version.
Download and unzip the CakePHP 2.2.3 and follow these below-mentioned instructions.

Configuration

core.php
Make sure to copy the security.salt and Security.cipher_seed from your old core.php
Take notice of how errors, sessions and caching have changed.
database.php
There is a minor change on this file,
CakePHP 1.3: ‘driver’ => ‘mysqli’
CakePHP 2.2.3: ‘datasource’ => ‘Database/Mysql’
routes.php
Don’t overwrite this file with your older one.
You can place your custom routes before or after CakePlugin::routes()
bootstrap.php
Copy all functions, constants and other code from your old bootstrap into the new one.

Folder Structure

The cake folder is now inside lib folder. There is nothing to do with this.
Files and folders are now CamelCased instead of lower_underscored
Example: The “users” folder inside the View becomes “Users”
The controller files are now UsersController.php instead of users_controller.php
project_user_controller.php becomes “ProjectUsersController.php”
The model files are now User.php instead of user.php
project_user.php model becomes “ProjectUser.php”
The components files are now FormatComponent.php instead of format.php
The helpers files are now DatetimeHelper.php instead of datetime.php

Moved APP files

The parent app_classes have been moved and renamed as well.

Instead of app_controller.php, app_model.php, and app_helper.php now become Controller/AppController.php, Model/AppModel.php, and View/Helper/AppHelper.php.

Auth Component and Login

Auth now supports multiple authorization adapters that can all be used together

Cake 1.3.x was automatically checking if user has correctly entered username/password inside your login () method of users_controller but in cake 2.x we need to manually call $this->Auth->login () this returns Boolean value based on successful login or failure.

If you are using “email” as your login field name
CakePHP 1.3: (inside AppController beforeFilter)

$this->Auth->fields = array('username' => 'email', 'password' => 'passw

CakePHP 2.2.3: (inside AppController beforeFilter)

$this->Auth->authenticate = array('Form' => array('fields' => array('username' => 'email', 'password' => 'password')));

Auth Login

CakePHP 2.2.3: (inside UsersController login function)

if (!empty($this->request->data)) {
if ($this->Auth->login()) {
$this->redirect($this->Auth->redirect());
} else {
//$this->Session->setFlash('Your Email or Password was incorrect.');
}
}

CakePHP 2.x auth automatically hashes the password on login but not on save.

We can add a beforeSave() method on the User model to hash the password.

public function beforeSave($options = array())
{
$this->data['User']['password'] = AuthComponent::password($this->data['User']['password']); return true;
}

Request Data

CakePHP 2.0 has done some request related changes.
The Request Object does not have “form” element any longer.
You will need to replace $this->params[‘form’] with $this->request[‘data’] or $this->request->data.
$this->data needs to be replaced with $this->request->data
So, now we can use $this->request->data on both form submit and AJAX post.
Now, we need to check !empty($this->request->data) instead of “!empty($this->data)” while saving a form.

Views Changes

Use $this->Html->link() instead of $html->link()
Use $this->Form-> instead of $form->
Use $this->Session-> instead of $session->
Use $this->Paginator-> intead of $paginator ->
For JavaScript inclusion use $this->Html->script(“”) instead of $javascript->link()

Moved Email Elements

Email elements have been moved from views/elements to View/Emails.

Helpers

The Ajax, Javascript, and XML helpers have been removed. You will need to replace these helper calls with appropriate alternatives

Helpers can no longer be called with “$helper->function()”. You need to update your helper calls to use $this->Helper->function()

If you are loading or importing your helpers inside another custom helper or component,

$myhelper = new DatetimeHelper() becomes $myhelper = new DatetimeHelper($this->_View) or $myhelper = new DatetimeHelper(new View(null))

Components

All component files should be extended by Component Class instead of Object

DB and Code Caution

There is no Enum Support in cakephp2.x as sql server doesnt have similar datatype.

You can change enum to tinyint(2)

In cake 1.3 used tinyint(1) for is_active database fields.

While retrieveing from database it returns 0/1

But, cakePHP2.x no longer returns as 0. This will return bool(true) /bool(false)

Boolean column values will be casted to php native boolean type automatically.

__() Function and Pagination

The __() function no longer has the option to echo. It always returns

Change the Pagination code,

CakePHP 1.3:

echo $this->Paginator->counter(array( 'format' => __('Page %page% of %pages%, showing %current% records out of %count% total, starting on record %start%, ending on %end%'', true)));

CakePHP 2.2.3:

echo $this->Paginator->counter(array( 'format' => __('Page %page% of %pages%, showing %current% records out of %count% total, starting on record %start%, ending on %end%'')));

How To Generate PDF File In CakePHP

Posted on June 23, 2011 by Netrananda M

TCPDF is a free and open source software one of the widely used PHP libraries in the world. This is because of the fact that it already included in the most popular PHP-based CMS and applications including CakePHP .

The installation is pretty straight forward and easy-to-use in CakePHP Framework. Many web applications use this as output documents like invoices, contracts or just web pages in the PDF format.

Following are the steps to integrate TCPDF in CakePHP MVC framework.

Step 1:

Go to http://www.tcpdf.org and download the latest version of TCPDF zip file.

Then unzip the zip file and save under the Vendor folder in cakephp framework(app\vendors)

This creates a directory tcpdf there with tcpdf.php and more in it (app\vendors\tcpdf)

You can configure the PDF file Like header Logo Image, Page Title, page Margin etc. in the TCPDF configure file (app->vendors->tcpdf-> tcpdf_config.php)

Step 2:

You can create your own header and footer page of your PDF file. Create a page “xtcpdf.php” under app/vendors with these contents as shown below.

App::import('Vendor','tcpdf/tcpdf');
class XTCPDF extends TCPDF
{
var $xheadertext = 'PDF created using CakePHP and TCPDF';
var $xheadercolor = array(0,0,200);
var $xfootertext = 'Copyright © %d XXXXXXXXXXX. All rights reserved.';
var $xfooterfont = PDF_FONT_NAME_MAIN ;
var $xfooterfontsize = 8 ;
/* Change header text and font size as per your requirement in the above variable*******/
function Header()
{
list($r, $b, $g) = $this->xheadercolor;
$this->setY(10); // shouldn't be needed due to page margin, but helas, otherwise it's at the page top
$this->SetFillColor($r, $b, $g);
$this->SetTextColor(0 , 0, 0);
$this->Cell(0,20, '', 0,1,'C', 1);
$this->Text(15,26,$this->xheadertext );
}
function Footer()
{
$year = date('Y');
$footertext = sprintf($this->xfootertext, $year);
$this->SetY(-20);
$this->SetTextColor(0, 0, 0);
$this->SetFont($this->xfooterfont,'',$this->xfooterfontsize);
$this->Cell(0,8, $footertext,'T',1,'C');
}
}
?>

Step 3:

Create your layout under app/views/layouts/pdf.ctp;

header("Content-type: application/pdf");
echo $content_for_layout;
?>

Step 4:

Here is the Controller code which will display output code of generating PDF file;

function view_pdf($id = null) {
if (!$id) {
$this->Session->setFlash('Sorry, there was no PDF selected.');
$this->redirect(array('action'=>'index'), null, true);
}
$this->layout = 'pdf'; //this will use the pdf.ctp layout
$this->render();
}

Step 5:

Create a page under your view directory (app/views/) named as “view_pdf.ctp” (this name can be change as per your controller method) and write your HTML code/PHP code.

The Horizons of CakePHP Application Development

Posted on September 30, 2010 by Jay

CakePHP is an open-source web development framework for PHP. It came into prominence around 2006 and it was inspired by the Ruby on Rails framework, which was introduced around a year prior to it.

CakePHP follows MVC pattern architecture. Like RoR, it also follows the two key design features, DRY or “Don’t Repeat Yourself” and CoC or “Convention over Configuration”.

CakePHP development is a rapid development framework with thoughtful, coherent design and is well aided by friendly community contributions. It relies on a ORM (Object-Relation Model) regarding database query interface.

Never miss an update from us. Join 10,000+ marketers and leaders.

Join for free

Using CakePHP’s ORM, we can create, retrieve, update and delete related data into and from different database tables with simplicity and in a better way. There is no need to write complex SQL queries anymore.

Some of the key features of CakePHP are:

Flexible Licensing

Compatibility with PHP4 and PHP5

Integrated CRUD for database interaction and simplified queries

Application Scaffolding

Request dispatcher with good looking, custom URLs

Built-in Validation

Fast and flexible templating (PHP syntax, with helpers)

View Helpers for AJAX, JavaScript, HTML Forms and more

Security, Session, and Request Handling Components

Flexible access control lists

Data Sanitization

Flexible View Caching

Andolasoft Inc. offers quick and cost effective CakePHP development to built robust and scalable web applications for start-up and established business houses, institutions etc.