In this video, Keith Casey wires up the middleware that will implement our file security features.
- [Narrator] Alright,…so we've proven that basic file uploads…work exactly as we expected.…Unfortunately, we may have given ourselves…some major security vulnerabilities.…This is bad.…So let's clean it up right now.…Luckily, Middleware should make it pretty easy.…We've already established…that we want to filter by file type,…remove potentially sensitive exif data,…and move the file off our server.…In this case, we'll move them to s 3.…So let's get moving by adding some simple place holders.…First we'll go to the Middleware folder,…and we'll create each of these individually.…
So we'll call it filefilter,…then we'll create a new one called filemove.php.…And we'll create a third one called imageremoveexif.php.…To wire these into our Middleware,…it's relatively simple.…Let's get the basics of this one going.…So we'll say name space is chatter Middleware.…Our class is imageremoveexif,…and right now we're going to leave that empty.…We'll come back and fill it in in just a little while.…
But, we can use this as a basis for others.…
This course begins with a simple application specification and builds it one step at a time. Each chapter includes a key concept, with examples from other public APIs, and then shows how to build it yourself with Silex. Learn about URL routing, validating input, and generating response codes and hypermedia payloads. Like any project, the first implementation may be a little messy, but don't worry. The last chapter covers refactoring and what it takes to scale and support the API going forward.
- Understanding the project goals
- Adding authentication with Silex
- Using cross-framework and authentication middleware
- Creating a read-write API in Silex
- Uploading files via an API
- Adding file security
- Creating payloads and response codes in Silex
- Scaling your API
Skill Level Beginner
PHP Date and Time Essential Trainingwith David Powers4h 31m Intermediate
PHP: Managing Persistent Sessionswith David Powers2h 41m Intermediate
1. Project Explanation and Goals
2. Authentication Options and Tradeoffs
Cross framework middleware1m 32s
3. Create a Read-Write API
4. File Uploads via API
5. Scale Your API
Next steps1m 46s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.