最新消息:请大家多多支持

PHP PDO & MySQL: Secure Registration & Login System with MFA

教程/Tutorials dsgsd 204浏览 0评论

https://www.0daydown.com/wp-content/uploads/2021/11/4342732_a816_2.jpg

MP4 | Video: h264, 1280×720 | Audio: AAC, 44.1 KHz, 2 Ch
Genre: eLearning | Language: English | Duration: 141 lectures (16h 3m) | Size: 9.3 GB

Learn PDO with this Ultimate PHP PDO Crash Course and Build a Complete and Secure Login & Registration System with MFA


What you’ll learn:
1. Master the powerful and underutilize features of PDO, by using the jam-packed helper functions
2. Write secure queries with PDO – data validation, data sanitation, prepare statement and output escaping the right way.
3. Implement multi-factor authentication with OTP using Email and SMS
4. Build a real world project – A complete and secure registration & login system with MFA
5. Mobile number verification using textlocal API
6. Master CRUD in PDO with AJAX , JQuery and Bootstrap Modal

Requirements
1. Basic knowledge in PHP and MySQL (Basic Concept in PHP & MySQL are not covered in the course)
2. Comfortable working with any PHP development environment – XAMPP, MAMP, WampServer, EasyPHP etc
3. Comfortable working with any text editor – for example: notepad++, Visual Studio Code, Atom, Sublime
4. Knowledge in OOP & PDO will be a plus but not compulsory. Everything is explained from scratch

Description
Do you want to learn and understand PHP Database Objects (PDO)?

Do you want to know how to harness the power of PDO helper functions?

Do you want to know how to write DB Wrapper class and methods the proper way?

Do you want to be able to write slim, concise, reusable and secure code?

Do you want to know how to prevent the most common website vulnerabilities? Such as: SQL Injection, Broken Authentication and Session Management, Broken Access Control, Cross-site Scripting (XSS) and much more.

If your answer to all these is Yes, Then this course is for you.

This course begins by an in-depth study of PDO, with concreate examples to buttress the knowledge taught. At the end of this course, you will be well grounded in PDO- knowing when and how to use each helper function correctly.

In this course, I am going to walk you through the process of building a Complete and Secure User Registration | Login System in OOP using PHP & MySQL. We are going to accomplish this task using web technologies like: PDO, MySQL, JQuery, Ajax, Bootstrap 4 and PHPMailer libraries, TextLocal API(to send SMS), MailTrap API (to send email)

Taking cognizance of the so many tutorials/courses on PDO that failed to explain the real benefits of PDO, or even promote rather bad practices. As a result, half of PDO’S features remain in obscurity and almost never used by PHP developers, who as a result are constantly trying to reinvent the wheel which already exists in PDO.

The goal of this author is to highlight the common mistakes and bad practices, while showing the right way to do things. After a careful analysis of several YouTube videos, and other web tutorials, it’s a sad reality that most of these creators are limited in their knowledge of PDO. Don’t take my words for it, you will see with your own eyes. Part of this course include correcting/improving some random codes taken from the internet. So at the end of this course, you will have the knowledge and confidence to tell those YouTubers and other web tutorials creators that what they are doing is wrong.

This is course is jam-packed with a lot of examples, practical activities and hands-on exercises enough to take a PDO novice to a mastery level.

Considerable time and energy was spent on web security related issues. I have taken the best approach visa-visa web security- explaining and applying the concept of validation, sanitization, escaping, SQL Injection, and secure file upload, broken authentication and session management, sensitive data exposure and much more.

My promise to you is that, at the end of this course – you will find working with PDO a second nature that you wouldn’t like go back to MySQLi driver or any other driver. You will start writing slim, concise, reusable and secure code. You are going to discover that PDO is even the easier option to MySQLi.

This course is for newbies, intermediate and even experienced level PDO |PHP developers, because I have pointed out some bad practices (and there are a lot) among the PHP developer’s community. One of such is the indiscriminate use of the rowCount() function.

Main Features that stand out:

This course is jam-packed with a lot of features:

1. There are four different login modes:

Standard login with Secure Remember Me

MFA Login with Email OTP

MFA Login with Email OTP with JQuery & Ajax

MFA Login with SMS OTP with JQuery & Ajax

2. Two different Password Recovery modes:

Recover password with Email link

Recover password with Email OTP

3. Email verification & Resend Email verification link features

4. Identification and Authentication Failures Mitigation (featured in OWASP TOP 10 List of Web application Security Risks 2021, formerly known as Broken Authentication )

Limit login attempts

Automatic logout if inactive users

Strengthen password requirement –impose use of strong passwords

Implement Multi-factor Authentication in login & password recovery

5. An admin dashboard ONLY for master users. With the following features:

Show user online status –users can be either online or offline. If offline display the time in ago format e.g. 1 hour ago.

A Bootstrap modal to show user’s individual data using JQuery & Ajax

A big data section – show the statistics

6. A multi-role login feature

7. Mobile Number Verification feature

8. A secure file upload feature

9. This course is built on a Security First Philosophy – meaning thinking about security even before we write a single line of code. The course is built on the backdrop of the OWASP TOP 10 List of Web application Security Risks. As such the following security measures were put in place:

Content Security Policy (CSP) – To guard against XSS (Cross-Site Scripting), clickjacking, and cross-site leak vulnerabilities

Cross-Site Request Forgery Attacks Mitigation (CSRF) –Implement anti-CSRF token as a protection measure

Prepare Statement – To guard against SQL Injection

Data Sanitization & Validation – To make sure the proper kind of data is saved into the database

Output Escaping/Encode – To guard against XSS attacks

10. PDO Wrapper class, helper functions and CRUD methods

Who this course is for
1. PHP PDO enthusiasts
2. Newbie in PDO
3. Freelance web developers who want to get a better grasp in PDO
4. Intermediate PHP developers who want to write slimmer, concise, more secure codes
5. Experience PHP developers who are still struggling with PDO


Password/解压密码www.tbtos.com

资源下载此资源仅限VIP下载,请先

转载请注明:0daytown » PHP PDO & MySQL: Secure Registration & Login System with MFA

您必须 登录 才能发表评论!