SlideShare a Scribd company logo

Codeigniter : the security and the magic of hook

Abdul Malik Ikhsan, profile picture
Abdul Malik Ikhsan

This document discusses security features and hooks in CodeIgniter. It covers CSRF protection, XSS filtering, security helpers like xss_clean(), and how hooks allow calling scripts before or after system processes to enable extensions of functionality. Examples are provided of adding a hook to the configuration to call a function after the controller is run.

TechnologyBusiness
1 of 17
Downloaded 103 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
CodeIgniter The Security & The Magic of Hook Abdul Malik Ikhsan
Security Class
Security Class ~ CSRF Protection (1)  Activate It
Security Class ~ CSRF Protection (2)
Security Class ~ CSRF Protection (3)
Security Class ~ CSRF Protection (4) First Request Second Request
Security Class ~ XSS Filtering (1)  Activate It
Security Class ~ XSS Filtering (2)  Testing…
Security Class ~ XSS Filtering (3)  Dan Hasilnya…
Security Helper  xss_clean()  sanitize_filename()  do_hash()  strip_image_tags()  encode_php_tags()
The Hook ( 1 )  Fitur Hook memungkinkan kita memanggil “script” pada saat sebelum sistem flow berjalan, sebelum action controller dipanggil, setelah action controller dipanggil, ataupun setelah sistem flow berjalan.
The Hook ( 2 )  Enable It
The Hook ~ The Example ( 1 )
The Hook ~ The Example ( 2 )  Tambahkan pada hooks config
The Hook ~ The Example ( 3 )
Terima Kasih
This presentation contained copyrighted material licensed under various creative commons licenses unless otherwise noted: Photos  http://images2.wikia.nocookie.net/__cb20070120193457/uncy  http://www.flagship-housing.co.uk/image/Help%20and%20su References  CodeIgniter User Guide  http://samsonasik.wordpress.com

More Related Content

DOC
Appsdba interview question
Deepti Singh
 
PDF
Ubuntu 9.10 Party Tainan - small talk
Irvin Chen
 
PDF
Codeigniter : Custom Routing - Manipulate Uri
Abdul Malik Ikhsan
 
PDF
Codeigniter : Using Third Party Components - Zend Framework Components
Abdul Malik Ikhsan
 
PPSX
CodeIgniter L3 model & active record & template
Mohammad Tahsin Alshalabi
 
PPTX
CodeIgniter & MVC
Jamshid Hashimi
 
PPTX
I Love codeigniter, You?
إسماعيل عاشور
 
PDF
Code igniter parameter passing techniques
Rakhitha Ratnayake
 
Appsdba interview question
Deepti Singh
 
Ubuntu 9.10 Party Tainan - small talk
Irvin Chen
 
Codeigniter : Custom Routing - Manipulate Uri
Abdul Malik Ikhsan
 
Codeigniter : Using Third Party Components - Zend Framework Components
Abdul Malik Ikhsan
 
CodeIgniter L3 model & active record & template
Mohammad Tahsin Alshalabi
 
CodeIgniter & MVC
Jamshid Hashimi
 
I Love codeigniter, You?
إسماعيل عاشور
 
Code igniter parameter passing techniques
Rakhitha Ratnayake
 

Viewers also liked (20)

PDF
[2007 CodeEngn Conference 01] dual5651 - Windows 커널단의 후킹
Code Engn
 
KEY
Theme API
rolfvandekrol
 
PPTX
Momchil Kyurkchiev Presentation
Start It Smart
 
PDF
Codeigniter : Two Step View - Concept Implementation
Abdul Malik Ikhsan
 
PPT
DB design
fikirabc
 
PDF
2014 database - course 3 - PHP and MySQL
Hung-yu Lin
 
PPT
Codeigniter
shadowk
 
PDF
CodeIgniter - PHP MVC Framework by silicongulf.com
Christopher Cubos
 
PPTX
REST API Best Practices & Implementing in Codeigniter
Sachin G Kulkarni
 
PPT
Week 3 database design
Fareez Borhanudin
 
PPTX
Modular PHP Development using CodeIgniter Bonfire
Jeff Fox
 
PPTX
CodeIgniter 101 Tutorial
Konstantinos Magarisiotis
 
PDF
Zend Framework 2 : Dependency Injection
Abdul Malik Ikhsan
 
PPT
Introduction To CodeIgniter
schwebbie
 
PDF
Introduce to Linux command line
Wen Liao
 
PDF
Dynamic Linker
Sanjiv Malik
 
PDF
Functions, Roles and Duties of Police in General
Phani Mohan K
 
PDF
Rootkit 101
hackstuff
 
ODP
CodeIgniter PHP MVC Framework
Bo-Yi Wu
 
PPTX
Database design process
Tayyab Hameed
 
[2007 CodeEngn Conference 01] dual5651 - Windows 커널단의 후킹
Code Engn
 
Theme API
rolfvandekrol
 
Momchil Kyurkchiev Presentation
Start It Smart
 
Codeigniter : Two Step View - Concept Implementation
Abdul Malik Ikhsan
 
DB design
fikirabc
 
2014 database - course 3 - PHP and MySQL
Hung-yu Lin
 
Codeigniter
shadowk
 
CodeIgniter - PHP MVC Framework by silicongulf.com
Christopher Cubos
 
REST API Best Practices & Implementing in Codeigniter
Sachin G Kulkarni
 
Week 3 database design
Fareez Borhanudin
 
Modular PHP Development using CodeIgniter Bonfire
Jeff Fox
 
CodeIgniter 101 Tutorial
Konstantinos Magarisiotis
 
Zend Framework 2 : Dependency Injection
Abdul Malik Ikhsan
 
Introduction To CodeIgniter
schwebbie
 
Introduce to Linux command line
Wen Liao
 
Dynamic Linker
Sanjiv Malik
 
Functions, Roles and Duties of Police in General
Phani Mohan K
 
Rootkit 101
hackstuff
 
CodeIgniter PHP MVC Framework
Bo-Yi Wu
 
Database design process
Tayyab Hameed
 
Ad

Recently uploaded (20)

PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
PPTX
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PPTX
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
PPTX
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Encapsulation theory and applications.pdf
gurumoop
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
Agricultural_Statistics_at_a_Glance_2022_0.pdf
SandeepSingh286037
 
Digital-Transformation-Roadmap-for-Companies.pptx
David Malick Dieng
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Cloud computing and distributed systems.
kkkkkhan
 
Programs and apps: productivity, graphics, security and other tools
4mqw9zch22
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
Architecting across the Boundaries of two Complex Domains - Healthcare & Tech...
Peter Tan
 
Effective Security Operations Center (SOC) A Modern, Strategic, and Threat-In...
ReZa AdineH
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Ad

Codeigniter : the security and the magic of hook

  • 1. CodeIgniter The Security & The Magic of Hook Abdul Malik Ikhsan
  • 3. Security Class ~ CSRF Protection (1)  Activate It
  • 4. Security Class ~ CSRF Protection (2)
  • 5. Security Class ~ CSRF Protection (3)
  • 6. Security Class ~ CSRF Protection (4) First Request Second Request
  • 7. Security Class ~ XSS Filtering (1)  Activate It
  • 8. Security Class ~ XSS Filtering (2)  Testing…
  • 9. Security Class ~ XSS Filtering (3)  Dan Hasilnya…
  • 10. Security Helper  xss_clean()  sanitize_filename()  do_hash()  strip_image_tags()  encode_php_tags()
  • 11. The Hook ( 1 )  Fitur Hook memungkinkan kita memanggil “script” pada saat sebelum sistem flow berjalan, sebelum action controller dipanggil, setelah action controller dipanggil, ataupun setelah sistem flow berjalan.
  • 12. The Hook ( 2 )  Enable It
  • 13. The Hook ~ The Example ( 1 )
  • 14. The Hook ~ The Example ( 2 )  Tambahkan pada hooks config
  • 15. The Hook ~ The Example ( 3 )
  • 17. This presentation contained copyrighted material licensed under various creative commons licenses unless otherwise noted: Photos  http://images2.wikia.nocookie.net/__cb20070120193457/uncy  http://www.flagship-housing.co.uk/image/Help%20and%20su References  CodeIgniter User Guide  http://samsonasik.wordpress.com