11221 views · 4 years ago

It took me quite some time to settle on my first blog post in this series and I found myself thinking about the most requested functionality in my career – The good ‘ol Custom CMS – typically geared towards clients that want a straight forward, secure solution that can be expanded upon in a modular format and that’s their IP.

This will be our starting point. A blank slate to build something epic with clean code and even cleaner design. And in the spirit of building from scratch, I will refrain from using classes or a framework. The main reasoning behind this is to truly get everyone acquainted with and excited about PHP development.

Join me as I transform rudimentary code into something extraordinary that can be morphed into just about any Content, PHP, and MySQL driven project. So without further ado, let’s jump into it!

The bare necessities

If you’re just getting started with development, there’s a nifty bite sized server called UniformServer that will be your best friend throughout your coding career. PHPMyAdmin (an awesome visual db management tool) comes built in so if you’re looking for a work right out of the box solution, this is it.

Alternatively, you can opt for XAMPP or use an alternative server of your choice.

Now here’s where the exciting stuff begins, mapping things out.

I don’t see this done/encouraged often enough. Feel free to grab a piece of paper to logically map out your steps or produce a rough draft of where you’d like this project to go.

In this tutorial, I would like to achieve the following:

DB, DB, Set up your DB.

This requires a bit of planning but let’s start of with the basic structure we need to see this through.

We are going to need a user table and a content table and are a few ways to tackle this.

If you’re using the PHPMyAdmin tool you can create your database, add user permissions (Click on Permissions after creating your database), and create a table with ease.

If you’re like me and prefer to look at good ‘ol SQL then writing an SQL statement is the preferred approach.

CREATE TABLE <code>mydbname</code>.<code>content</code> ( <code>ID</code> INT(11) NOT NULL AUTO_INCREMENT , <code>title</code> VARCHAR(100) NOT NULL , <code>content</code> LONGTEXT NOT NULL , <code>author</code> VARCHAR(50) NOT NULL , PRIMARY KEY (<code>ID</code>)) ENGINE = MyISAM COMMENT = 'content table';

Understanding the SQL statement

In a nutshell we are creating a table with important fields. Namely:


ID | Title | Content | Author


The ID field is our unique identifier.Now we can move on to the file structure.

Everything has a place in the file structure game

You can use a structure that speaks to your coding style / memory.

I tend to use the following:

Choose a name for your CMS, which should be placed at the webroot of your localhost/server.

Replicate the folder structure as per the above example.

Next, we’re going to create a basic connection file.

You can create a conn.php file in your root/includes folder.

The connection file will provide crucial information to connect to the database.

Type the following into your conn.php file, remember to include your own database credentials.


$letsconnect = new mysqli("localhost","dbuser","dbpass","dbname");


Let’s go to the homepage (index.php)

Create a file called index.php at the root of your CMS folder.

I will be adding comments in my code to help you understand what each line does.

Comments are a useful tool for developers to add important notes private to their code.

We need to pull information from the database so it’s imperative that we include our connection file.



if ($letsconnect -> connect_errno) { echo "Error " . $letsconnect -> connect_error;


$getmydata=$letsconnect -> query("SELECT * FROM content");

foreach($getmydata as $mydata){ echo "Title: "; echo $mydata['title']; echo "<br/>"; echo "Content: "; echo $mydata['content']; echo "<br/>"; echo "Author: "; echo $mydata['author']; echo "<br/>"; echo "<br/>";



$letsconnect -> close();


Let’s get a (very) basic backend up and running

Create a file called index.php in your backend folder.

We need to create a basic form to capture our data.

Let’s code some HTML!


<head><title>Backend - Capture Content</title></head>


<form action="<?php $_SERVER[‘PHP_SELF’];?>" method="post">

<input type="text" name="title" placeholder="Content Title here" required/>

<textarea name="content">Content Here</textarea>

<input type="text" name="author" placeholder="Author" required/>

<input type="submit" value="Save My Data" name="savedata"/>




Next, we need to process the form data.

Type the following just above the




if ($letsconnect->connect_error) {

die("Your Connection failed: " . $letsconnect->connect_error);


$sql = "INSERT INTO content(title,content,author)VALUES ('".$_POST["title"]."', '".$_POST["content"]."', '".$_POST["author"]."')";

if (mysqli_query($letsconnect, $sql)) {

echo "Your data was saved successfully!";

} else { echo "Error: " . $sql . "" . mysqli_error($letsconnect);

} $letsconnect->close();




Note, this is a basic MySQL query to insert data. However, before using this in production it's important to add proper escaping and security to prevent SQL injections. This will be covered in the next article.

Congrats you made it to the end of tutorial 1!

Test out your creation, modify your content, and play around.

Go to your sitename/index.php to see your frontend after capturing data via sitename/backend/index.php

Next Up:

codewithme Now With Security, Functionality, and Aesthetics in mind.


Coding doesn’t have to be daunting and it’s my aim to divide a complex system into bitesized tutorials so you can truly use the knowledge you’ve acquired in your own projects.
4915 views · 4 years ago
Why I joined Nomad PHP
I've been using PHP since 1996. I've been paid to use PHP for the last 12 years.

I am a big fan of the language and it's amazing to see just how much it's changed in the last 24 years.

I finally joined NomadPHP because in the current climate, I feel like I need to give back to the community, and share some of the things that I've learned over the years.

In my current role, I’m working with a large pool of developers from many different backgrounds and skill levels to maintain a large pool of php based tools for a web hosting company.

These tools range from in house tools for support and sales, to customer facing tools for automation and quality of life applications.

I’m a big fan of frameworks, specifically Laravel. I discovered Laravel 4.0, decided to give it a try and immediately realized how valuable it could be as a way to prototype quickly. It has since grown to a tool in my toolbox I use regularly for medium and small applications simply as a time saver.

Please feel free to reach out to me if you have any questions, or what to pick my brain. I can’t promise I know it all, but over the years I’ve learned how to solve problems and find answers.

Thank you, and I look forward to what may come.

7666 views · 5 years ago
Midwest PHP and Nomad PHP Join Forces!

Interested in sponsoring? Check out the prospectus

A little history

Several years ago I had the distinct privilege of founding Midwest PHP with Jonathan Sundquist. The goal was simple, to bring an affordable PHP conference to Minnesota and the midwest region.

Midwest PHP was created for one simple reason - there weren't a lot of alternatives, especially affordable ones. At the time, your choices were ZendCon in Silicon Valley, php[tek] in Chicago, or Northeast PHP in Boston. While Northeast PHP formed the blueprint of a community conference - it still required a flight and a costly hotel in Boston. I wanted something where local attendees, college students, and those just beginning in their PHP careers could go to learn, network, and become part of the PHP community.

Shortly after Midwest PHP was formed (originally we were using the name PHPFreeze - until Sundquist told me what a horrible idea it was), Adam Culp launched Sunshine PHP which has become one of the top community focused PHP conferences (but still requires that flight and hotel in Miami). Sundquist and I knew that any reasonable developer would still prefer to attend a conference in a blizzard than enjoy the beautiful Floridian weather (ok, that might not be it, but we still understood the need that existed).

After moving to California for my new job, Jonathan Sundquist continued to run Midwest PHP as more community conferences appeared. With his efforts, and the torch being passed to Mike Willbanks, Midwest PHP celebrated it's seventh consecutive year, becoming the longest continuously running PHP conference (if you go by formed date, if you go by actual conference date Sunshine PHP beats us out by a month).

A renewed focus

Developers at Midwest PHP

Because of the incredible work Jonathan and Mike have done, Midwest PHP has stood the test of time - and the peaks and valleys that come with any conference. With the shifts in the PHP community and the sad loss of several community conferences - we realized the need for Midwest PHP is more now than ever, and to meet that need we needed to reimagine the way the conference operated.

We also realized that the best way to make Midwest PHP accessible was to combine forces, creating a seamless partnership between Nomad PHP and Midwest PHP. Through this partnership we're not only able to stream the event to make it more accessible ($19.95/mo), but also expand the conference.

This year, taking place onApril 2-4, 2020 - Midwest PHP will bring together over 800 developers both in-person and virtually! Making this year truly unique, however, and staying with our purpose of helping new developers be part of the PHP community is abrand new, FREE, beginner track. I'm excited to say we will be giving away 200 tickets to those wishing to attend our Beginner or Learn PHP track!!!

We will also work to keep prices as low as possible as we offer our standard PHP tracks (Everyday PHP and PHP Performance & Security) starting at $250/ person, anda brand new enterprise track geared at developers facing challenges at unprecedented scale starting at $450/ person.

Last but not least, it is our goal with the help of our sponsors to include the workshop day as part of your ticket price - allowing you to get one day of in-depth training, and two more full days of sessions. On top of this, we're also excited to make the Nomad PHP and Nomad JS video libraries available for Standard and Enterprise attendees, providing over 220 additional virtual sessions on demand!

For sponsors

Sponsoring a conference is hard. We understand the challenge of gauging ROI, planning travel, and coordinating outreach. With the combined forces of Midwest PHP and Nomad PHP, we're able to offer sponsors unique plans that maximize their investment - while ensuring the funds go back into the event to create an amazing experience for our attendees.

Beyond Midwest PHP's goal to be the largest PHP conference this year - the included Nomad PHP advertising will help you reach a much larger and broader audience, allowing for follow up advertisements and consistent engagement with the PHP community.

Next steps

For more information, please visit the Midwest PHP website. The venue, call for papers, and additional information will all be posted there soon.
37893 views · 5 years ago
Securing PHP RESTful APIs using Firebase JWT Library

Hello Guys,

In our Last Blog Post, we have created restful apis,But not worked on its security and authentication. Login api can be public but after login apis should be authenticate using any secure token. one of them is JWT, So i am providing the Steps for Create and use JWT Token in our already created API.

Now its time To Implement JWT Authentication IN our Api, So these are the steps to implement it in our already created Apis

Step 1:Install and include Firebase JWT(JSON WEB TOKEN) in our project with following composer command        

 composer require firebase/php-jwt 

include the composer installed packages

use namespace using following:
 use \Firebase\JWT\JWT; 

Step 2: Create a JWT server side using Firebase Jwt Library's encode method in Login action , and return it to Client

Define a private variable named Secret_Key in Class like following:

 private {
$payload = array(
'iss' => $_SERVER['HOST_NAME'],
'exp' => time()+600, 'uId' => $UiD
$jwt = JWT::encode($payload, $this->Secret_Key,'HS256'); $res=array("status"=>true,"Token"=>$jwt);
}catch (UnexpectedValueException $e) {
return $res;

In our login action , if the user has been logged in successfully then with the status,_data_ and message just replace the login success code with following code:

$return['message']='User Logged in Successfully.';


Step 3: Now with every request after login should have the JWT token in its Post(even we can receive it in get or authentication header also but here we are receiving it in post)

No afetr successfully login you will get the JWt Token in your response,Just add that Token with every post request of after login api calls. So we will do it using postman, Find the screenshot 1 for checking the JWT Token is coming in login api response


Step 4:After reciving the JWt in every after login api call, we need to check whether the token is fine using JWT decode method in After login Apis like
is a After login Api, So for verify that we are creating Authencate method in class like following:

 public function Authenticate($JWT,$Curret_User_id)
try {
$decoded = JWT::decode($JWT,$this->Secret_Key, array('HS256'));
$payload = json_decode(json_encode($decoded),true);

if($payload['uId'] == $Curret_User_id) {
$res=array("status"=>false,"Error"=>"Invalid Token or Token Exipred, So Please login Again!");
}catch (UnexpectedValueException $e) {
return $res;


Step 5: Cross check the response returned by Authenticate method in
Action of api , replace the
Action inner content with following code:


$return['message']='Error:Invalid UserId!';
$return['message']='Error:User Id not provided!';

Ah great its time to check out the UserBlogs Api, please find the screenshoot for that, Remember we need to put the JWt Token in POST Parameter as we have already recived that Value in Login Api call.

JWT DEMO Authentication in userBlogs API Call

Now if you want to verify that token is expiring in given time(10 minutes after generation time/login time), i am just clicking the same api with same token after 10 minutes and you can see there will not return any data and it is returning status false with following message :

JWT DEMO Authentication in userBlogs API Call

Also if you want to eloborate it more then i suggest you to try with modify Uid value with same token , you will another authentication issue and also if you modify the JWT token also then also you will not get the desired result and get authentication Issue

Thanks for reading out if you want the complete code of this file then please find following:
header("Content-Type: application/json; charset=UTF-8");
use \Firebase\JWT\JWT;

class DBClass {

private $host = "localhost";
private $username = "root";
private $password = ""; private $database = "news";

public $connection;

private $Secret_Key="*$%43MVKJTKMN$#";
public function connect(){

$this->connection = null;

$this->connection = new PDO("mysql:host=" . $this->host . ";dbname=" . $this->database, $this->username, $this->password);
$this->connection->exec("set names utf8");
}catch(PDOException $exception){
echo "Error: " . $exception->getMessage();

return $this->connection;

public function login($email,$password){


$query = "SELECT id,name,email,createdAt,updatedAt from users where email= ? and password= ?";
$stmt = $this->connection->prepare($query);
$ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
return $ret;

public function get_all_blogs($Uid){


$query = "SELECT b.*, as Uid, as Uemail, as Uname from blogs b join users u on where b.user_id= ?";
$stmt = $this->connection->prepare($query);
$ret= $stmt->fetchAll(PDO::FETCH_ASSOC);
return $ret;

public function response($array)
echo json_encode($array);

public function generateToken($UiD)
$payload = array(
'iss' => $_SERVER['HOST_NAME'],
'exp' => time()+600, 'uId' => $UiD
$jwt = JWT::encode($payload, $this->Secret_Key,'HS256'); $res=array("status"=>true,"Token"=>$jwt);
}catch (UnexpectedValueException $e) {
return $res;

public function Authenticate($JWT,$Current_User_id)
try {
$decoded = JWT::decode($JWT,$this->Secret_Key, array('HS256'));
$payload = json_decode(json_encode($decoded),true);

if($payload['uId'] == $Current_User_id) {
$res=array("status"=>false,"Error"=>"Invalid Token or Token Exipred, So Please login Again!");
}catch (UnexpectedValueException $e) {
return $res;


$obj = new DBClass();
if(isset($_GET['action']) && $_GET['action']!='')
if(isset($_POST['email']) && isset($_POST['password']))
$return['message']='User Logged in Successfully.';


$return['message']='Error:Invalid Email or Password!';
$return['message']='Error:Email or Password not provided!';

$return['message']='Error:Invalid UserId!';
$return['message']='Error:User Id not provided!';
$return['message']='Error:Action not provided!';

14118 views · 5 years ago
Laravel Eloquent Relationship Part 1

Laravel introduces eloquent relationships from laravel 5.0 onwards. We all know, while we creating an application we all have foreign keys. Each table will be connected to some other. Eloquent make easy to connect each tables easily. Here we will One to one, one to many and many to many relationships. Here we will see three types of relationships,
. One to one relationships
    . One to many relationships
    . Many to many relationships

Why Eloquent Relationships

Here we have 2 tables, students and marks, so for join each table,

$student = student::join(‘marks’,’marks.student_id,’=’,’)->where(‘’,’1’)->get();


the above query is to long, so when we connect more tables its too tough we will be having a big query and complicated.

Model Query using Relationships

$student_marks = student::find(1);


The above example is a simple example of eloquent relationships. We can reduce the first query into a simple one.


Here we are creating 2 tables:
* Users
* Phones

Now we can see one to one relationships using hasone() and belongsto().

We need to create table using migrations

Create migrations

users table will be created by using

Schema::create('users', function (Blueprint $table) {








Phones table will be created by

Schema::create('phones', function (Blueprint $table) {








After that we need to create model for each tables, as we all know if the table name is laravel table name will be ending with ‘s’ and model name will be without ‘s’ of the same table name.

User model


namespace App;

use Illuminate\Notifications\Notifiable;

use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable


use Notifiable;

protected $fillable = [

'name', 'email', 'password',


protected $hidden = [

'password', 'remember_token',


public function phone()


return $this->hasOne('App\Phone');



Phone Model


namespace App;

use Illuminate\Database\Eloquent\Model;

class Phone extends Model


public function user()


return $this->belongsTo('App\User');



For Creating records

$user = User::find(1);

$phone = new Phone;

$phone->phone = '9080054945';


$phone = Phone::find(1);

$user = User::find(10);


Now we can get our records by

$phone = User::find(1)->phone;


$user = Phone::find(1)->user;



Here we will use hasMany() and belongsTo() for relationships

Now we are creating two tables, posts and comments, we will be having a foreign key towards posts table.

Migrations for posts and comments table

Schema::create('posts', function (Blueprint $table) {





Schema::create('comments', function (Blueprint $table) {








Now we will create Post Model and Comment Model

Post Model


namespace App;

use Illuminate\Database\Eloquent\Model;

class Post extends Model


public function comments()


return $this->hasMany(Comment::class);



Comment Model


namespace App;

use Illuminate\Database\Eloquent\Model;

class Comment extends Model


public function post()


return $this->belongsTo(Post::class);



Now we can create records

$post = Post::find(1);

$comment = new Comment;

$comment->comment = "Hi Harikrishnan";

$post = $post->comments()->save($comment);

$post = Post::find(1);

$comment1 = new Comment;

$comment1->comment = "How are You?";

$comment2 = new Comment;

$comment2->comment = "Where are you?";

$post = $post->comments()->saveMany([$comment1, $comment2]);

$comment = Comment::find(1);

$post = Post::find(2);


Now we can get records

$post = Post::find(1);

$comments = $post->comments;


$comment = Comment::find(1);

$post = $comment->post;



Many to many is little bit different and complicated than the above two.

In this example, I will create users, roles, and role, users_tables, here each table will be connected each other using the foreign keys.

Using belongsToMany() we will use see a demo of Many to many relationship

Create Migrations

Schema::create('users', function (Blueprint $table) {








Schema::create('roles', function (Blueprint $table) {





Schema::create('role_user', function (Blueprint $table) {








Create Models

User Model


namespace App;

use Illuminate\Notifications\Notifiable;

use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable


use Notifiable;

protected $fillable = [

'name', 'email', 'password',


protected $hidden = [

'password', 'remember_token',


public function roles()


return $this->belongsToMany(Role::class, 'role_user');



Role Model


namespace App;

use Illuminate\Database\Eloquent\Model;

class Role extends Model


public function users()


return $this->belongsToMany(User::class, 'role_user');



UserRole Model


namespace App;

use Illuminate\Database\Eloquent\Model;

class UserRole extends Model



Now we can create records

$user = User::find(2); 

$roleIds = [1, 2];


$user = User::find(3);

$roleIds = [1, 2];


$role = Role::find(1);

$userIds = [10, 11];


$role = Role::find(2);

$userIds = [10, 11];


Now we can retrieve records

$user = User::find(1); 


$role = Role::find(1);


Hence laravel Eloquent is more powerful and we do relationships easily compared to native query. We will be having three more relationships in laravel. Ie.., has many, one to many polymorphic and many to many polymorphic. With eloquent relationship we can easily connect the tables each other. One to one relationships we can connect two tables with their basic functionalities. In one to many we will connect with single table with multiple options. In Many to many we will be having more tables.


