Web 6: php semantic site with a php router
Goal
The student uses their php website to secure their code by introducing a php router architecture [fyi: technically a front-controller pattern].
The student replaces the sample pages - described below, with the logic from their php website. The result is that the student’s website now works with a router that is accessed from the public folder. This helps prevent hackers from accessing the php logic.
After reading the tutorial, if you have questions about how the router works, contact me. It is essential to converting your previous site.
Details
Naming conventions:
-
all lowercase with underscores separating words
-
this works well in sql too
The folder structure is: * app_folder, the root which contains the main php code:
-
404.php or use Session error handling:
-
handles not found page requests
-
-
app_logic.php/app_setup.php/bootstrap.php:
-
the application bootstrap or setup logic
-
-
authorization.php:
-
logic to verify users can access a page
-
-
first_page.php:
-
has sample content
-
-
index.php:
-
redirects to public/index.php in case someone manages to get directly to the application folder
-
uses calc-base-url.php as a utility to prevent recursive url calls under the php built-in and apache webservers
-
-
layout.php:
-
the site template
-
-
login.php:
-
logic to authenticate the user - i.e. check that the user can use the app
-
-
logout.php
-
public/
-
holds other web resources that can’t be hacked, i.e. css, images, javascript etc.
-
-
public/index.php:
-
determines the type of request and redirects appropriately
-
-
public/main.css:
-
the site’s css file
-
-
router.php:
-
routing logic
-
-
second_page.php:
-
has sample content
-
-
welcome.php:
-
has sample content
-
Routing logic:
-
public/index.php intercepts all requests:
-
if they are for resources, then redirects to the appropriate resource file, i.e. an image or css or javascript file
-
if they are for php, then pulls in the router.php file
-
router.php parses the url and pulls in the appropriate code file for the url, i.e. welcome.php
-
welcome.php performs its logic and pulls in the template, layout.php, to display the results to the user. See the zip file for a simplified routing code example.
-
Tutorials
'The Simplest PHP Router,' https://www.taniarascia.com/the-simplest-php-router/, wrt an Apache webserver setup:
-
provides an intro and explanation
-
the Apache .htaccess file is doing what public/index.php is doing in this setup.
The tutorial references are in the zip file code sample. Note: ignore any mac specific files. Not sure why they were archived.
Additional tutorial to help your understanding (not necessary; only if you want):
-
'Basic page routing in Php,' https://joshtronic.com/2015/05/24/basic-page-routing-in-php/.
General References
-
Tania Rascia has a gem of a site with easy to understand introductory to intermediate tutorials - https://www.taniarascia.com/blog/ - on css, mysql, php, and jquery
-
-
Excellent php best practices, https://phpdelusions.net/
-
-
https://php.net/ is php’s definitive reference
-
'Mozilla Developer Network,' https://developer.mozilla.org/en-US/.