Feeds

Put some MVC in your PHP

Trial by separation

3 Big data security analytics techniques

Create a "controllers" directory and a "views" directory in the Apache web server document root htdocs by default. We shall create the view scripts in the "views" directory and controllers in the "controllers" directory. Create action controller, "database", for the business logic of the MVC application. Create a DatabaseController class that extends the Zend_Controller_Action class and add action functions insertAction, selectAction, updateAction, and deleteAction to the class.

The controller actions will be invoked from view scripts, which provide a user interface to specify the table row to be added, selected, updated and deleted. Create the view scripts insertView.php, selectView.php, updateView.php, and deleteView.php in the "views" directory. The view scripts and other resource files are available in a zipped resources file here.

Add a row

First, we shall add a row to the Catalog table. In the insertView.php add a form with input fields for the table row to be added. The "action" attribute of the <form> element specifies "database/insert", which corresponds to the "insert" action of the "database" controller. In the DatabaseController insertAction function create a Zend_Db adapter, which represents a connection with Oracle database, using the Zend_Db factory.

$params = array ('host'=>'localhost','username'=>'OE','password'=>'pw','dbname'=>'orcl');
$db=Zend_Db::factory('Oracle', $params); 

The first argument specifies the base name for the adapter class - "Oracle" for the Oracle database. The second argument specifies the adapter parameters. Retrieve the input fields specified in the insertView.php using $_POST['field'] and create an associative array, $row, for the columns that constitute a row in the database table. Specify the database table to be updated and insert the new row using the insert() method of the Zend_Db adapter class.

$table = 'Catalog';
$rowsAffected = $db->insert($table, $row); 

The first argument of the insert() method is the database table and the second argument is the associative array that maps column names to values. Invoke the insertView.php with URL http://localhost/views/insertView.php. To add a row specify the column values and click on create.

adding a row

Adding a row

Retrieve a row

Next, retrieve a row from the catalog table using the Zend Framework. Create a Zend_Db_Select object from the Zend_Db adapter object using the select() method.

$select = $db->select();

The Zend_Db_Select object is used to construct a SQL SELECT statement. Specify the FROM clause using the from() method and the WHERE clause using the where() method.

$select->from('Catalog', '*');
$select->where('ID = ?', $_POST['id']); 

Create the SQL query string from the Zend_Db_Select object using the _toString() method. Run the SQL query using the fetchAll() method and query results will be returned as a row set.

$sql = $select->__toString();
$rowset = $db->fetchAll($sql); 

Create a Zend_View object to render a view script and specify the directory containing the view scripts. The Zend_View class represents the "view" component of the model-view-controller pattern.

$view = new Zend_View();
$view->setScriptPath('views'); 

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.