is CodeIgniter version 3.0 secure - codeigniter

I am reviewing the code of an application created with CodeIgniter version 3.0 (I think it's version 3.0 because I found the line "#version 1.0, 2015-10-10" in the code). In the code, I noticed that the input validation uses the xss_clean and valid_email rules. Are these two rules secure in this old version of CodeIgniter or do they need renforcement?
i want to be sure if CodeIgniter version 3 rules are still a secure way to validate user input

Related

Laravel Route::controller completion in PhpStorm

I'm looking for a solution for better code navigation within routes definition in PhpStorm.
Using "array convention":
Route::get('endpoint', [Controller::class, 'get']);
Route::put('endpoint', [Controller::class, 'put']);
I can quickly jump to get or put methods from an editor. However, I want to use Route::controller more often:
Route::controller(Controller::class)->group(function() {
Route::get('endpoint', 'get');
Route::put('endpoint', 'put');
});
But this solution allows me to jump to controller class only, not to methods directly.
I have enabled Laravel support in settings. PhpStorm 2022.2.
[Controller::class, 'put'] -- this is generic PHP stuff, not linked to any framework and therefore such navigation is provided by PhpStorm core.
However using Route::controller(Controller::class) grouping is specific to Laravel. PhpStorm does not provide any Laravel-specific support (excluding Blade files). Therefore such navigation should be coming from a Laravel specific plugin.
The original Laravel plugin is no longer compatible with the 2022.2 version: the latest version was released like 3 years ago (back in 2019) and its GitHub repo is in archived/read-only state now ("This repository has been archived by the owner. It is now read-only.").
I suggest you check Laravel Idea plugin instead. It supports such navigation. Please note: it's a PAID plugin, but it is in active development, has many features (much more than the original Laravel plugin) and well worth the money for devs using Laravel framework.

Is HTML5 validation possible with the Web Plugin for SonarQube?

Does the Web Plugin for SonarQube allow HTML5 validation? Has anyone tried that?
I've read the plugin's documentation, and it mentions JSPs and HTMLs, but I need to know if it supports the new HTML5 tags.
I've just tested html5 validation with sonarqube 3.7 and the last web Plugin, and it works fine. There are a few specific rules for html5 tags. It's a good base to start working, and you can add more rules with regular expressions.

mechanism of url parameter passing

I have a simple question.
What is the mechanism of URL parameter passing?
Is it the same with GET method?
I am using
JRequest::getVar()
It could get the parameters from the URL, I am wondering how it works.
Thank you.
JRequest::getVar() and the rest of the JRequest ilk was the Joomla 1.5 (and earlier) way of getting GET and POST values, in Joomla! 2.5 and newer, JRequest has been superseded by JInput.
If you're working on a Joomla 1.5 or earlier site you can read about JRequest on the Joomla Doc's website. Basically JRequest provides combined and consistent access to the superglobal arrays $_GET, $_POST and $_REQUEST while providing you with tools to filter the user provided values.
If you're working on Joomla 2.5 or later you should use JInput which supersedes it.

using magentos server-side validation

I am using Magento version 1.7.0.2 and have created a custom module, in which there is a form that allows user to pass information in to the database.
I need to validate user input and looking around Google all i can see is front-end validation tutorials, I assume magento has server side validation tools? Based on this assumption I had a look in mage/core/customer/block/form/register.php and mage/core/customer/helper/data.php but have been unable to find anything of help, am i looking in the wrong place?
I am aware Zend has some validation, and will use that if Magento has not got it's own/extended zend validation.
In short, does Magento have it's own validation apart from the javascript validation tools?
Magento uses Zend for validation, you can take a look inside Mage/Customer/Model/Customer.php at the method validate()

php framework with plugins for spreadsheet generation, login/user system,twitter bootstrap integration?

I am considering php framework Codeigniter & Cakephp for small site I would be developing but I am open to using pretty much any framework does fullfill the following requirements. requirements are:
A simple pre-build user authentication system or login system as a plugin, something long
the lines of php-login-script.
Allows Easy integration with third-part excel/spreadsheet generation library or
has some plugin.
Should support PHP 5.2, hence symfony2 can't be considered
Bonus points if the framework
has integration with twitter
bootstrap
Looking for framework which can fullfill all of the above points, so I can save some time. Else, I would prefer framework which does most of the requirements & would write rest myself.
So, based on above requirements; which php framework/script would you suggest?
CakePHP2
User plugin https://github.com/cakedc/users
Twitter Bootstrap https://github.com/slywalker/TwitterBootstrap
There are plenty of different xls export helpers. Just google it and review them I can not recommend any of them because I have not used them. We have our own but we did not open source it.
Overall I would recommend to use CakePHP2 in any case over Codeigniter. I've recently had to convert a project from CI to Cake and now I know why... ;)
I don't know codeIgniter very well, but for Cakephp I can tell you that:
Authentifiaction is easy to implement.
It's easy to generate xml (which Excel can open), for .xls you'll have to do all by yourself.
supports 5.2
there is a helper for twitter bootstrap, but I've never used it.
For me the deal breaker concerning CodeIgniter is the lack of built-in ORM. You should consider if you need one or not.

Resources