This video shows how to wire up the middleware that will implement file security features.
- [Teacher] Alright, so we've proven that…basic file uploads work exactly as we expected.…Unfortunately, we may have given ourselves…some security vulnerabilities.…This is bad, so let's clean it up right now.…Luckily, middleware should make this pretty easy.…We've already established we want to filter by file type,…remove potentially sensitive EXIF data,…and move the file off our server.…In this case, we'll try moving it to Amazon's S3.…So let's get moving by building some simple placeholders.…
In this case, we'll go back to our Middleware folder,…and we'll create three files.…The first one will be FileFilter.php,…the second one will be FileMove.php,…and the third and final one will be ImageRemoveExif.php.…So this is the core of our new middleware.…Now luckily, we've already built middleware before,…so we know what it takes.…So we'll go over to the logging middleware, we'll start…by copying this into FileFilter and changing the name,…and removing the actual steps.…
Because remember, middleware…only has to have a couple things.…
This course begins with a simple application specification and builds it one step at a time. Each chapter includes a key concept, with examples from other public APIs, and then shows how to build it yourself with Slim. Learn about URL routing, validating input, and generating response codes and hypermedia payloads. Like any project, the first implementation may be a little messy but don't worry. The last chapter covers refactoring and what it takes to scale and support the API going forward.
- Understanding the project goals
- Setting up the database
- Adding authentication in Slim
- Using cross-framework and authentication middleware
- Creating a read-write API in Slim
- Uploading files via the API
- Adding file security
- Creating payloads and response codes in Slim
- Scaling your API
Skill Level Beginner
PHP Date and Time Essential Trainingwith David Powers4h 31m Intermediate
PHP: Managing Persistent Sessionswith David Powers2h 41m Intermediate
1. Project Explanation and Goals
2. Authentication Options and Tradeoffs
Cross framework middleware1m 32s
3. Create a Read-Write API
4. File Uploads via API
5. Scale Your API
Next steps1m 46s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.