First, list some PHP design patterns
- Singleton: guaranteed throughout the life of the application, any one time, the only example of a single embodiment there is a class, the class must also simultaneously provide access to a global class access point.
- Factory mode: Define a create an interface object, but let subclasses to instantiate concrete classes. The method allows the factory mode delay class is instantiated to subclasses.
- Mode observer: the observer is also sometimes referred to as publish / subscribe mode, which is used to achieve the object publish / subscribe functions: Once principal object state changes, the observer object is associated will be notified, and corresponding operation.
- Adapter Mode: converting a mode adapter interface class clients expect another interface, such as those based otherwise due to incompatible interfaces can not work together to work together.
- Dependency injection mode: Dependency injection (Dependency Injection) is the inversion of control (Inversion of Control) in one implementation. To achieve inversion of control, the usual solution is to create Callee Instances work performed by the IoC container to complete, and then injected into the caller in the caller (achieved by injecting a constructor / method), so that we achieve a decoupling the caller and callee, the process is referred to as a dependency injection.
- Facade Mode: Facade mode (the Facade) mode, also known as the appearance, for providing a consistent interface subsystem is a set of interfaces.
Second, the single exemplary embodiment mode code
Third, the difference PHP7 and PHP5, and more specifically what's new?
- Performance twice
- Increased binding comparison operator (<=>), and so on ??.
- An increase of scalar type declaration, return type declaration
try...catchIncrease the number of conditional, may be more error Error exception handling Exception Error and different means of capture- An increase of anonymous classes, is now supported by a new class to instantiate an anonymous class, which can be used to replace some of the complete class definition of "burn after use," the.
Why 2-fold performance increase?
- Reduced byte variable storage, reduce the memory footprint, the variable operation speed to enhance
- Improve the structure of the array, the array elements and hash mapping table is allocated in the same piece of memory, reduced memory footprint, improved cpu cache hit rate
- Improved function call mechanism, by optimizing the link parameter passing, reducing the number of instructions to improve the efficiency
Four, web common means of attack
1. CSRF cross-site request forgery
User identity theft, deception server to complete the request attacks.
Prevention methods: using an authentication code, add validation token for each request.
2. XSS attack cross-site scripting attacks.
Attacker to embed malicious pages js code attacks the user.
Preventive measures: core lies, never trust user input data, always filtered user-entered data.
3. SQL injection attacks and other scenes are submitting data submitted some illegal sql, cause the database to be injected into a lot of junk data, run slow. Or exposure of private data system.
Means of prevention: Never believe that is still the core of the data entered by the user, do not use dynamic sql assembled, and data encryption for privacy, prohibit stored in clear text.
Secondly, it can make use of a configuration in php.ini magic_quotes_gpc = on open character escape when a user submits a query, such as the 'escaped as \. Or other custom functions to filter.
V. framework of service-related -Laravel container
DI DI dependent classes are required in the form of parameters passed.
IOC-dependent control of the inversion control class pay out, by the active becomes passive.
Reference Gangster article https://learnku.com/articles/19195