Laravel: Code Bright
When your function gets passed an iterable, you should add a docblock to specify the type of key and value. This will greatly help static analysis tools understand the code, and IDEs to provide autocompletion.
I am learning Laravel using "Laravel Code Bright". In the "Form Security" section of this book, it talks about how Laravel generates secret hidden code to prevent "CSRF - Cross Site Request Forgery" when using the Form::Open() method to generate form inputs.
For my third test, I copied the hidden-token of the original form (by viewing the browser's source code page) and added it to the external form and tried it again and by clicking the submit button this external form gave me the same results as the first test, that is it showed the results meaning that it was able to access the route through the hidden token I added from the original form.
The whole point of CSRF is to prevent a hacker from creating a form on their page that works on your page for another user. They can always copy a form that works for themselves - because they know their own CSRF code - but they can never know another users CSRF code.
The attacker copies the form from your website - but they dont know the CSRF code for User A. They only know the code for themself. They can basically* never get that code. So when User A submits the 'fake' "transfer money" form on the hacker page - it will fail - since the hacker cannot include the CSRF token since they dont know it.
Laravel is one of the most widespread frameworks having a powerful set of functionalities on a wide scale and is provided with a well-defined toolbox that allows the developers to write less code leading to fewer possibility of errors.
Authentication: authentication is the most important factor in a web application, a lot of time is spent on writing the authentication code. Laravel contains an inbuilt authentication system which makes implementing features such as user logins much simpler.
MVC Architecture Support: Laravel has MVC (Model-View-Controller) architecture which provides faster development process; one programmer can work on the view while another is working on the controller to create the business logic for the web application. It offers multiple views for a model, and code duplication is avoided because business logic is separated from presentation.
Unique Unit testing Laravel offers an exceptional unit-testing where the framework can run various test cases to check whether new changes harm the web app or not. Developers can also write the test cases in their own code.
Secure Migration System: The Laravel frameworkcan make changes to the database automatically without requiring the developers to put extensive effort every time to make changes, and the migration process of Laravel is very secure and fool-proof. In the entire process, PHP code is used rather than SQL code.
Artisan: Artisan is a command line tool that is built into the Laravel framework, and it helps preform repetitive programming tasks that developer would normally be required to do manually. These artisans can be used to create the skeleton code, database structure, and their migration, so it makes it simple to manage the database of the system. It can also be used to generate MVC files through the command line. Artisan also permits the developers to create their own commands.
At Brightbulb Design, we have years of knowledge in web applications and programming. Our web designers and developers are skilled in these aspects. Brightbulb Design help brands and companies to grow beyond expectations. If you require help with your project please contact us on 01983 506505 or email us on hello@brightbulbdesign.co.uk and check out our previous projects:
In this first episode Matt Jeffery, CEO of Brightbulb Design gets together with Sandra Knowles of Hillbans Pest Control and Mark Lee of Lifeline Alarms and Security to chat about business, family and life. Growth, Grace and garlic includes anecdotes of why Matt run