You are currently browsing the Zend Framework category.
ZIDS (the Zend Framework Intruder Detection System) is a ZF plugin I released a few weeks ago which uses PHP-IDS and enables you to detect attacks against your website and to deal with such attacks, e.g. by logging the attack, by sending an email to the admin, etc.
Today, ZIDS has been mentioned on the official PHP-IDS blog:
ZIDS: an easy to install and use PHPIDS implementation by Christian Koncilia. It ships with a very good manual and clearly is one of the best and most well done PHPIDS ports ever written. If you use the Zend Framework make sure you check out the ZIDS
So, if you are using Zend Framework and if you want to make your web applications more secure, I would be happy if you download and use ZIDS.
Posted November 2nd, 2010. Add a comment
So, you got your web application up and running? Everything works? Congratulations! You did a great job. But do you know how your web app will behave if the number of users or requests increases dramatically? Are you sure that there are no memory leaks in your application? Continue Reading
Posted October 21st, 2010. Add a comment
Matthew Weier O’Phinney has just announced the first Beta Release of Zend Framework 1.11! Although it is a beta version, the features listed by Matthew really look great: Zend_Http_UserAgent is a new class that allows you to detect which kind of agent (browser) the user of your web app is using. Thus, ZF 1.11 makes it very easy to integrate support for mobile devices. I’ll try to include this feature into the article on mobile devices I’ve posted a few months ago.
Beside that Zend_Service_Ebay and Zend_Service_ShortUrl provide two brand new services for your ZF web apps!
Find more information about ZF 1.11 here in the Zend Developer Zone…
Posted October 15th, 2010. Add a comment - 2 pingbacks / trackbacks
The new version of ZIDS (Zend Framework Intruder Detection System) has been released. ZIDS Version 0.6.0 has many new features. Here are some of them:
- define any number of impact levels
- actions (log, email, redirect, etc.) are now plugins
- enables you to implement your own action plugins
- all parameters for all action plugins may be specified for each impact level or globally
- new option ‘loglevel’ which defines the level (e.g. ‘ALERT’, ‘EMERG’, …) used when logging a message
- define which module/controller/action to ignore. If you specify only a module, all requests to this module will be ignored. If you specify a module + controller, all actions in this controller will be ignored
Download Source code
You may download the source code here (Google Code).
If you would like to use SVN to check out the latest version, use the following code: svn checkout http://zids.googlecode.com/svn/trunk/ zids-read-only
What is ZIDS / How-To / Etc.
Please, have a look at the manual to see what ZIDS can do for you. There is also a technical documentation available.
“Never ever trust user input!” – ZIDS helps you follow this golden rule of programming web applications.
Posted September 13th, 2010. Add a comment - 2 pingbacks / trackbacks
<offtopic>I’m sorry, but this post will be in german as the corresponding website is in german…</offtopic> Continue Reading
Posted September 10th, 2010. Add a comment
In one of my last posts I shared some information about PHP-IDS (the PHP Intruder Detection System project) with you. In this article, I would like to share a few lines of code that will enable you to easily integrate PHP-IDS into your Zend Framework project. Furthermore, this little plugin allows you to easily define how to deal with possible attacks (e.g., send an email to the admin, make a log entry, or redirect the attacker to a special side).
Continue Reading
Posted September 4th, 2010. 3 comments - 1 pingback / trackback
One thing I always missed in ZF was a scaffolding component, i.e. a component that allows you to easily create, read, update and delete (CRUD) records in a database.
Continue Reading
Posted August 28th, 2010. 1 comment - 2 pingbacks / trackbacks
I finally found some time to adopt one of my older web applications from Zend Framework 1.6 to Zend Framework > 1.8 (actually, I shifted to ZF 1.10.6). Actually, the only negative point I found was the confusing terminology (up to ZF 1.8 a plugin was a plugin, now a plugin is either a Zend_Controller_Plugin or a resource plugin used in the bootstrap).
However, the positive aspects are enormous. Your bootstrap is no longer the black sheep of spaghetti code in your familiy of perfectly designed object-oriented code. This (and the fact that you may write your own bootstrap resources) enables you to easily re-use your bootstrap in different applications!
Continue Reading
Posted July 31st, 2010. Add a comment - 1 pingback / trackback
Just in case you don’t know ZFDebug yet: ZFDebug is a precious litte helper that will help you when developing Zend Framework applications. It takes only minutes to install it and it will provide a lot of information like memory usage, loaded files, database queries used, etc.
Continue Reading
Posted July 23rd, 2010. 3 comments - 1 pingback / trackback
Let’s make a bet: if you don’t have to maintain your (professional) web application within a few weeks after release, I owe you a pint of beer. Maintaining websites can be a complex tast: you may have to adopt your database schema, batch jobs, PHP files, and so on. As your web site will be down during these tasks, you should inform your users that your application is under maintenance and when it will be online again. This simple Zend Framework plugin might help you.
Continue Reading
Posted July 12th, 2010. 3 comments - 3 pingbacks / trackbacks
CSS Zend Garden
KingCrunchs kleine Welt