Blog

Protecting passwords with Argon2 in PHP 7.2

PHP 7.2 will be released later this year (2017). This version contains some interesting additions, including two new security features: support of the Argon2 password hash algorithm, and the ext/sodium extension wrapping the libsodium library. With these n ... (continue)

REST Representations for Expressive

We've been working towards our various Apigility on Expressive goals, and have recently published two new components: zend-problem-details zend-expressive-hal These components provide response representations for APIs built with PSR-7 middleware. Spe ... (continue)

Apigility on Expressive Update for 2017-07-13

We've been working on the Apigility on Expressive initiative for a couple months now, and have a bit of progress to report. First, if you're unfamiliar with the initiative, please head over and read the RFC. In this post, we'll discuss what's done and read ... (continue)

Convert objects to arrays and back with zend-hydrator

APIs are all the rage these days, and a tremendous number of them are being written in PHP. When APIs were first gaining popularity, this seemed like a match made in heaven: query the database, pass the results to json_encode(), and voilĂ ! API payload! In ... (continue)

Validate data using zend-inputfilter

In our previous two posts, we covered zend-filter and zend-validator. With these two components, you now have the tools necessary to ensure any given user input is valid, fulfilling the first half of the "filter input, escape output" mantra. Howe ... (continue)

Validate input using zend-validator

In our previous post, we covered zend-filter, The filters in zend-filter are generally used to pre-filter or normalize incoming data. This is all well and good, but we still don't know if the data is valid. That's where zend-validator comes in. Installatio ... (continue)

Filter input using zend-filter

When securing your website, the mantra is "Filter input, escape output." We previously covered escaping output with our post on zend-escaper. We're now going to turn to filtering input. Filtering input is rather complex, and spans a number of pra ... (continue)

Zend Framework and PHP 7.1

When we announced Zend Framework 3 last year, one of the changes was setting the minimum supported PHP version to 5.6. Our initial plan was to support 5.6 until it reaches end-of-life, which occurs 31 December 2018. PHP 5.6, however, stopped receiving acti ... (continue)

Leverage Zend Component Plugin Managers in Expressive

With the release of Expressive 2, one of the key stories was the ability to require ZF components within Expressive, and have their dependencies auto-wired into your application courtesy of the component installer. However, we recently had a user in our Sl ... (continue)

Context-specific escaping with zend-escaper

Security of your website is not just about mitigating and preventing things like SQL injection; it's also about protecting your users as they browse the site from things like cross-site scripting (XSS) attacks, cross-site request forgery (CSRF), and more. ... (continue)

Share

Subscribe

Subscribe to this blog via RSS.

Copyright

© 2006-2017 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts