Zend MVC pattern based Framework – Best for Enterprise web applications


Published on

Published in: Technology, Education
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Zend MVC pattern based Framework – Best for Enterprise web applications

  1. 1. Zend Framework
  2. 2. Introduction to FrameworkWhat does a Framework mean?• It’s a concrete platform where the common code to be executed in entire application can be kept which targets the maintainable, Reusable and scalable application.• A framework is an abstraction of the software code which can be selectively overridden.• Framework takes the form of libraries, where a well- defined application program interface (API) is reusable anywhere within the software under development.
  3. 3. Principles of a Framework• Control over the flow: Instead of user’s (programmer’s) custom execution of flow, Framework must have the control over the flow.• Default behavior: Application has to work even without any customization of code with default configuration.• Extendable: Programmer should have the ability to extend the framework code• Non-changeable: User can extend the framework code but not allowed to change the core framework code• Compatible: Framework should be in such a way that Application should not be crashed even we upgrade framework version. (Latest framework has to work even with the older programming language versions)• Portable: Application developed on framework has to support multiple environments (Ex: Different databases and servers like IIS, Apache)
  4. 4. Advantages over traditional programming• As frameworks are designed to target reusable code for quick development, lot of development efforts and time are reduced.• Using frameworks, the developers can spend more time on functionality development of the application than preparing the environment. This helps them to build defect free software applications.• Application Code is clean and neat as we follow standard of the software framework• Frameworks help you to develop the project rapidly, if you know one framework well then you’ll never worry about the project deadline.
  5. 5. Disadvantages:• Learning curve is involved in understanding the different frameworks.• Preferable to use for large scale application because for small application, core programming language is faster than the framework.
  6. 6. Frameworks available in the market:• Zend• Cake PHP• Code Igniter• Symfony• Yii
  7. 7. Zend framework:• Open-source software framework for PHP 5.• Its strength is in its highly-modular MVC design, making your code more reusable and easier to maintain.
  8. 8. History of Zend• Zend framework is started by Andi Gutmans and Zeev Suraski, one of the most influential persons that started PHP 3.• Launched in year 2006 with the preview release of 0.1.3 .• Latest version - 2.0 beta release
  9. 9. Popular products developed on Zend Framework• Magento, which is one of popular open source shopping cart• McAffee company website• IBM company website
  10. 10. Advantages over other frameworks• Highly flexible: We can extend all most all the framework classes• Loosely coupled: We can delete the components or modules which we don’t want in our application. It is highly modular.• Scalable: Can be developed high performance application as entire library won’t be loaded for each request.• Easy to test: PHPUnit is integrated with Zend framework.• Compatible with different databases (Db2, Mysql, Oracle and MSSql)
  11. 11. Structure of Zend framework
  12. 12. Security in Zend framework• Sql security: Zend framework has the Database abstraction layer which contains many escaping functions so no need to bother about sql injection attacks.• It’s having different APIs to handle queries • Zend_Db • Zend_Db_Statement • Zend_Db_Select • Zend_Db_Table
  13. 13. Cross Site Request Forgery (CSRF) Protection:• Protections against CSRF attacks are usually based on secret, session depended form tokens<?phpClass My_Form extends Zend_Form{ function __construct() { parent::__construct(); $this->addElement(hash, csrf_token, array(salt => get_class($this) . s3cr3t%Ek@on9!)); }}?>
  14. 14. Session Management Configuration:• Configuration has big influence on security.• Zend_Session providing different options to configure session parameters’ .• It supports SSL to avoid session hijacking.<?phpZend_Session::setOptions(array( /* SSL server */ cookie_secure => true, /* own name */ name => mySSL, /* own storage */ save_path => /sessions/mySSL, /* XSS hardening */ cookie_httponly => true, /* short lifetime */ gc_maxlifetime => 15 * 60 ));Zend_Session::start();?>
  15. 15. Security from XSS :A number of classes, primarily within theZend_Form, Zend_Filter, Zend_Form, Zend_Log and Zend_Viewcomponents, contained character encoding inconsistencies wherebycalls to the htmlspecialchars() and htmlentities() functions usedundefined or hard coded charset parameters.
  16. 16. Different Design patterns used in Zend framework• Zend_Controller_Front – Singleton• Zend_Db_Adapter – Abstarct factory pattern• Zend_Db_Table – Table Data Gateway• Zend_Db_Table_Row• Row Data gateway• Zend_Log – Factory Method – Adapter – Composite• Zend_Form – Composite – Decorators• Zend_Filter and Zend_Validator – Strategy
  17. 17. Referenceshttp://www.techopedia.com/definition/14384/software-frameworkhttp://en.wikipedia.org/wiki/Software_frameworkhttp://www.net-security.org/secworld.php?id=8697http://www.php-developer.org/most-used-php-framework-the-popular-top-7-list-in-year-2011/http://net.tutsplus.com/tutorials/php/10-compelling-reasons-to-use-zend-framework/