Blog

Convert objects to arrays and back with zend-hydrator

APIs are all the rage these days, and a tremendous number of them are being written in PHP. When APIs were first gaining popularity, this seemed like a match made in heaven: query the database, pass the results to json_encode(), and voilĂ ! API payload! In ... (continue)

Validate data using zend-inputfilter

In our previous two posts, we covered zend-filter and zend-validator. With these two components, you now have the tools necessary to ensure any given user input is valid, fulfilling the first half of the "filter input, escape output" mantra. Howe ... (continue)

Validate input using zend-validator

In our previous post, we covered zend-filter, The filters in zend-filter are generally used to pre-filter or normalize incoming data. This is all well and good, but we still don't know if the data is valid. That's where zend-validator comes in. Installatio ... (continue)

Filter input using zend-filter

When securing your website, the mantra is "Filter input, escape output." We previously covered escaping output with our post on zend-escaper. We're now going to turn to filtering input. Filtering input is rather complex, and spans a number of pra ... (continue)

Zend Framework and PHP 7.1

When we announced Zend Framework 3 last year, one of the changes was setting the minimum supported PHP version to 5.6. Our initial plan was to support 5.6 until it reaches end-of-life, which occurs 31 December 2018. PHP 5.6, however, stopped receiving acti ... (continue)

Leverage Zend Component Plugin Managers in Expressive

With the release of Expressive 2, one of the key stories was the ability to require ZF components within Expressive, and have their dependencies auto-wired into your application courtesy of the component installer. However, we recently had a user in our Sl ... (continue)

Context-specific escaping with zend-escaper

Security of your website is not just about mitigating and preventing things like SQL injection; it's also about protecting your users as they browse the site from things like cross-site scripting (XSS) attacks, cross-site request forgery (CSRF), and more. ... (continue)

Manage permissions with zend-permissions-acl

The last couple posts have been around authorization, the act of determining if a given identity has access to a resource. We covered usage of role based access controls, as well as middleware that uses an RBAC. In this post, we'll explore another option p ... (continue)

Authorize users using Middleware

In a previous post, we demonstrated how to authenticate a middleware application in PHP. In this post we will continue the discussion, showing how to manage authorizations. We will start from an authenticated user and demonstrate how to allow or disable ac ... (continue)

Community Corner: Discourse Forums!

For many years, we've had requests for dedicated Zend Framework forums. We've resisted doing so, and instead deferred to using mailing lists and Stack Overflow tags. However, these are imperfect: searching for questions and answers is often difficult if no ... (continue)

Share

Subscribe

Subscribe to this blog via RSS.

Copyright

© 2006-2017 by Zend, a Rogue Wave Company. Made with by awesome contributors.

This website is built using zend-expressive and it runs on PHP 7.

Contacts