ebook img

PHP 5 CMS Framework Development PDF

343 Pages·2008·5.32 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview PHP 5 CMS Framework Development

PHP5 CMS Framework Development Expert insight and practical guidance to creating an efficient, flexible, and robust framework for a PHP5-based content management system Martin Brampton BIRMINGHAM - MUMBAI PHP5 CMS Framework Development Copyright © 2008 Packt Publishing All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, without the prior written permission of the publisher, except in the case of brief quotations embedded in critical articles or reviews. Every effort has been made in the preparation of this book to ensure the accuracy of the information presented. However, the information contained in this book is sold without warranty, either express or implied. Neither the author, Packt Publishing, nor its dealers or distributors will be held liable for any damages caused or alleged to be caused directly or indirectly by this book. Packt Publishing has endeavored to provide trademark information about all the companies and products mentioned in this book by the appropriate use of capitals. However, Packt Publishing cannot guarantee the accuracy of this information. First published: June 2008 Production Reference: 1020608 Published by Packt Publishing Ltd. 32 Lincoln Road Olton Birmingham, B27 6PA, UK. ISBN 978-1-847193-57-5 www.packtpub.com Cover Image by Vinayak Chittar ([email protected]) Credits Author Project Manager Martin Brampton Abhijeet Deobhakta Reviewer Project Coordinator Theodore Boomer Abhijeet Deobhakta Stefan Koopmanschap Indexer Senior Acquisition Editor Hemangini Bari Douglas Paterson Monica Ajmera Development Editor Proofreader Swapna V. Verlekar Nina Hasso Technical Editor Production Coordinator Dhiraj Chandiramani Shantanu Zagade Editorial Team Leader Cover Work Akshara Aware Shantanu Zagade About the Author Martin Brampton, an internationally known IT Industry Analyst, has an unrivalled grasp of the complexities of modern day system architectures built on both research and practical experiences. Martin's knowledge of the importance of scalable frameworks is founded on the early days of his career. After studying mathematics at Cambridge University, he built major software systems in both financial and technical application areas. Several of his systems were acclaimed as "legendary" in their reliability—some of which are still in use today. After a decade of heading IT for an accountancy firm, a few years as a director of a leading analyst firm, and an MA degree in Modern European Philosophy, Martin finally returned to his interest in software, but this time transformed into web applications. He found PHP5, which fits well with his prejudice in favor of programming languages that are interpreted and strongly object oriented. Utilizing PHP, Martin took on development of useful extensions for the Mambo (and now also Joomla!) systems, then became a team leader for developing Mambo itself. More recently, he has written a complete new generation CMS named Aliro, many aspects of which are described in this book. He has also created a common API to enable extensions to be written with a single code base for Aliro, Joomla (1.0 and 1.5) and Mambo (http://www.acmsapi.org). All in all, Martin is now interested in too many things and consequently has little spare time. But his focus is on object oriented software with a web slant, much of which is open-source. He runs Black Sheep Research, which provides software, speaking and writing services, including "The Brampton Factor", a monthly column for silicon.com (http://silicon.com/comment/martinbrampton) where he is politely described as a veteran analyst. Acknowledgement It is difficult for me to know who should be given credit for valuable work that made this book possible. It is one of the strengths of the open-source movement that good designs and good code take on a life of their own. Aliro, the CMS framework from which all the examples are taken, has benefited from the work done by the many skilled developers who built the feature rich Mambo system. Some ideas have been inspired by other contemporary open-source systems. And, of course, Aliro includes in their entirety the fruits of some open-source projects, as is generally encouraged by the open-source principle. My work would not have been possible had it not been able to build on the creations of others. Apart from remarking on those important antecedents, I would also like to thank my wife and family for their forbearance, even if they do sometimes ask whether I will ever get away from a computer screen. About the Reviewer Theodore (Tad) Boomer has been working with personal computers and writing code since 1977 when he started working with a Commodore, and taught himself BASIC so that he could write and play video games. Over the years, Tad has worked for various US government agencies where he gained knowledge of other programming languages such as C, MUMPS, Assembly, COBOL, and Pascal. After leaving the federal government in 1991, he started Connetek Business Technologies (Connetek.com) offering small business consulting, programming, and web hosting services. He has been a beta tester on software projects such as Microsoft FrontPage and Intuit Quickbooks, Quicken, and Turbo Tax. Tad has authored a Packt Publishing book called, "Building Websites with e107" and has been a technical reviewer for other Packt Publishing titles to include Learning Mambo, cPanel, osCommece Beginners Edition, osCommerce Professional Edition, and OpenVPN. Table of Contents Preface 1 Chapter 1: CMS Architecture 7 The Idea of a CMS 7 Critical CMS Features 9 Desirable CMS Features 11 System Management 12 Technology for CMS Building 14 Leveraging PHP5 14 Some PHP Policies 15 Classes and Objects 17 Objects, Patterns, and Refactoring 18 The Object-Relational Compromise 19 Basics of Combining PHP and XHTML 20 Model, View, and Controller 21 The CMS Environment 23 Hosting the CMS 23 Basic Browser Matters 24 Security of a CMS 25 Some CMS Terminology 27 Summary 28 Chapter 2: Administrators, Users, and Guests 29 The Problem 29 Discussion and Considerations 30 Who Needs Users? 30 Secure Authentication 31 Secure Storage of Passwords 32 Blocking SQL Injection 33 Login 34 Table of Contents Managing User Data 34 User Self Service 35 Customizing for Users 36 Extended User Information 37 Framework Solution 38 The User Database Table 38 Indexes on Users 40 Keeping User Tables in Step 41 Achieving Login 42 Administering Users 46 Generating Passwords 49 Replacing a User View 51 Extending a User View 54 Summary 56 Chapter 3: Organizing Code 57 The Problem 57 Discussion and Considerations 58 Security 58 Methods of Code Inclusion 59 Practicality in Coding 60 Framework Solution 60 Autoloading 60 The Smart Class Mapper 62 Digression on the Singleton Pattern 64 Finding a Path to the Class 65 Populating the Dynamic Class Map 67 Saving Map Elements 68 Summary 68 Chapter 4: Sessions and Users 69 The Problem 69 Discussion and Considerations 70 Why Sessions? 70 How Sessions Work 70 Avoiding Session Vulnerabilities 72 Search Engine Bots 74 Session Data and Scalability 74 Framework Solution 75 Building a Session Handler 75 Creating a Session 78 Finding the IP Address 79 Validating a Session 80 [ ii ] Table of Contents Remembering Users 82 Completing Session Handling 83 Session Data 84 Session Data and Bots 85 Retrieving Session Data 86 Keeping Session Data Tidy 87 Summary 88 Chapter 5: Database and Data Objects 89 The Problem 89 Discussion and Considerations 89 Database Dependency 91 Ease of Development 92 Keeping up with Change 93 Database Security 94 Pragmatic Error Handling 96 Framework Solution 97 Class Structure 98 Connecting to a Database 99 Handling Databases Easily 100 Prefixing Table Names in SQL 101 Making the Database Work 101 Getting Hold of Data 102 Higher Level Data Access 105 Assisted Update and Insert 106 What Happened? 107 Database Extended Services 107 Getting Data about Data 107 Easier Data about Data 109 Aiding Maintenance 110 Data Objects 111 Rudimentary Data Object Methods 112 Data Object Input and Output 113 Setting Data in Data Objects 114 Sequencing Database Rows 116 Database Maintenance Utility 117 Summary 118 Chapter 6: Access Control 119 The Problem 119 Discussion and Considerations 119 Adding Hierarchy 121 Adding Constraints 121 Avoiding Unnecessary Restrictions 121 Some Special Roles 122 Implementation Efficiency 123 [ iii ]

See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.