Running an complete Laravel development environment requires multiple services: web server, database server, queue worker etc. Laravel Sail helps you install and use all these using docker containers. Here is how to use it…
ReadSetting up a Laravel environment requires to install and configure multiple components: the correct PHP version, of course, but also a database, node server, probably queue worker and scheduler. To get you quickly started, here is how to deploy a dev environment for Laravel with docker compose.
ReadSo you are developing some PHP code? Beter make sure it works as expected! In this blog post we will show how to quickly get started with phpunit to automatically test your code…
ReadWith the release of Laravel 9, the Swift Mailer (that is no longer maintained) has been replaced by the Symfony Mailer. You can already find some useful information about this change along all the other ones in the Upgrade Guide from Laravel 8.x to 9.0. However this guide does not contain enough information if you want to send fully customized emails. This blog post proposes you a solution coming directly from the Symfony documentation!
ReadOffensive Security Cylab Play PHP
Code injection is one of the most critical web application vulnerabilities. Indeed, the consequences of code injection can be dramatic (impact). Moreover, still today a lot of web applications are vulnerable to code injection (frequency). Finally, some tools like SQLMap allow to automatically detect and use these vulnerabilities (exploitation). For this reason, the vulnerability is listed in the top 10 published by the Open Web Application Security Project (OWASP) [1]. In this blog post, we will present one type of code injection, called SQL injection, and we will show how to perform a SQL injection attack with SQLMap.
ReadUSB devices can be a liability : they can be used to exfiltrate data from a computer or server, to plug a hardware keylogger, or to plant a malware. Hence on a managed computer, USB devices should be filtered and whitelisted. In this blog post we show how this can be achieved thanks to udev, and some PHP code.
ReadWhen working on different projects, you may have to switch between different versions of PHP. In this blog post we show how to install and use different versions PHP on Ubuntu.
ReadWhen developing a web application with Laravel, you will usually have to deal with different users, that have different permissions. If the application is quite simple, with only 2 types of users (administrators that are almighty and regular users that have no permission) you can use a middleware to protect your administrator’s area. In this blog post we look at Laravel policies, that allow fine-grain control of user actions.
ReadSecure Software Development Laravel PHP
No. Setting HTTPS is not enough to ensure that your cookies are encrypted. But Laravel proposes some very simple ways to achieve that.
ReadSecure Software Development GitLab PHP Cyber-Wise
Learn how to secure any project with the GitLab SAST analyzers and easily separate the false positives from the real threats that should be addressed before deploying the project.
ReadDid you know that mysqldump can create inconsistent backups if you do not use database transactions in Laravel? Let’s discover that issue and address it in order to avoid it. After setting up and running locally a Laravel project that will serve as a demo for that specific issue, we will observe the necessity of using transactions and how to implement them. We’ll also discover many more tips while trying to understand what happens under the MySQL hood.
ReadPHP Secure Software Development
PHP Code Sniffer is a great tool to make sure your code is nicely written. Next to the default rules, you can also install and use additional rules (sniffs) to further enhance your code. Is here how to use PHPCS to detect (and remove) all unnecessary ‘use’ statements in your code.
Read