[aerogear-dev] PHP SDK

Tommy McCarthy tomccart at redhat.com
Wed Aug 21 15:02:08 EDT 2013


For Matthias, I'm looking into the SSL issue now. Currently it only works over HTTP. I'm looking into my options with that now, and have found a few, but still need to work them into my code properly. I'll keep the list updated when I get something.

As for the register_globals concerns, they have been deprecated since PHP 5.3, and completely removed since 5.4.0. [1] Most servers have register_globals off nowadays. 

[1] http://php.net/manual/en/security.globals.php

----- Original Message -----
From: "Karel Piwko" <kpiwko at redhat.com>
To: aerogear-dev at lists.jboss.org, yeylon at redhat.com
Sent: Wednesday, August 21, 2013 4:55:06 AM
Subject: Re: [aerogear-dev] PHP SDK

First review of PHP code available, kudos to Yaniv (in CC).

Pasting response:

Karel, 
sorry for not replying in the github.com but those are more informal code
changes that you can use.

its been so few year since i've last touched PHP but while i was there i used
to work with global registers for session. at the top of each php page verify
that your session is still valid, it is also good for security so people will
not login to the page directly.

if($user_id==0 || $user_id==Null){
        die('Time out - please login again');
        Exit;
}




another thing you can use is the "$$" which will create a var at the same name.

 

foreach($_POST as $key=>$value){
        $$key=addslashes($value);
        $form_vars["$key"]=$value;
}
foreach($_GET as $key=>$value){
        $$key=addslashes($value);
        $form_vars["$key"]=$value;
}

On Tue, 20 Aug 2013 13:59:51 -0400 (EDT)
Tommy McCarthy <tomccart at redhat.com> wrote:

> Hey everyone,
> I'm at the point now where I believe my PHP SDK code is complete and ready to
> be reviewed and tested. Of course, if anyone has any feedback for it so far,
> that would be appreciated as well. The GitHub repo is available here [1].
> I've created a JIRA [2] for creating a GitHub repo for the PHP code under the
> AeroGear account.
> 
> If there's anything you'd like to see added, changed, or removed, please let
> me know! There is a webapp included as a part, which demonstrates a great way
> to send messages from a web form (or other request)
> 
> Thanks!
> Tommy
> 
> [1] https://github.com/tmccarthy9/aerogear-unified-push-php-client
> [2] https://issues.jboss.org/browse/AEROGEAR-1312
> _______________________________________________
> aerogear-dev mailing list
> aerogear-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/aerogear-dev

_______________________________________________
aerogear-dev mailing list
aerogear-dev at lists.jboss.org
https://lists.jboss.org/mailman/listinfo/aerogear-dev


More information about the aerogear-dev mailing list