International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Open Access Journal

ISSN : 2394-2320 (Online)

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

Open Access Journal

International Journal of Engineering Research in Computer Science and Engineering (IJERCSE)

Monthly Journal for Computer Science and Engineering

ISSN : 2394-2320 (Online)

Call For Paper : Vol 11, Issue 03, March 2024

“A review study on secure web application development using PHP with Laravel Framework”

Author : Ram Kumar Paliwal ¹ Upasana Paliwal ²

Date of Publication :7th April 2016

Abstract: In this era of Internet everyone is free to access the data. Security is the main issue when we are developing any web application. Now a day’s PHP is very well known name for web application development. There are so many open source PHP frameworks available for web application development. In this paper we are talking about security features available in Laravel framework for web application development using PHP language. Security is one of the core features which make Laravel as a first preference to the developer. In Laravel Hashcode, Eloquent ORM model, CSRF (cross-site request forgery) and CSS (Cross-Site Scripting) are the main key features which are used to secure web application. By using these key features, we can make our web application safe from SQL Injection and different cross site request to update the data by using unauthorized users. In addition to that Laravel is having very rich set of library to develop fast and secure web application in less time. This review paper will examine the various security features available in Laravel framework.

Reference :

1. Barry vd. Heuvel, "CSRF Protection in Laravel," September 2015. [Online]. Available: https://medium.com/@barryvdh/csrf-protection-inlaravel-explained-146d89ff1357#.4n1c4dl8m. [Accessed 2 April 2016].
2. C.Supaartagorn, “PHP Framework for database management based on MVC pattern”, Department of Mathematics Statistics and Computer, Ubon Ratchathani University, Thailand, 2011.
3. Easy Laravel, "Key Security Features," July 2015. [Online]. Available: http://www.easylaravelbook.com/blog/2015/07/22/larave l-key-security-features/. [Accessed 26 March 2016].
4. Easylara, "Laravel Application Structure," September 2015. [Online]. Available: http://www.easylara.com/lesson-4-laravel-applicationstructure/. [Accessed 14 March 2016].
5. Laravel Book, "Architecture of Laravel Applications," 2015. [Online]. Available: http://laravelbook.com/laravel-architecture/. [Accessed 23 February 2016].
6. Laravel, "Application Structure - Laravel - The PHP Framework For Web Artisans," 2015. [Online]. Available: https://laravel.com/docs/master/structure. [Accessed 09 March 2016].
7. Laravel, "Authentication Throttling," December 2015. [Online]. Available: https://laravel.com/docs/5.2/authentication#authenti cation-throttling. [Accessed 12 April 2016].
8. Laravel, "Authentication," December 2015. [Online]. Available: https://laravel.com/docs/5.2/authentication. [Accessed 12 April 2016].
9. Laravel, "Hashing," December 2015. [Online]. Available: https://laravel.com/docs/5.2/hashing. [Accessed 16 April 2016]
10. Laravel, "HTTP Routing - Laravel - The PHP Framework For Web Artisans," 2015. [Online]. Available: https://laravel.com/docs/5.2/routing. [Accessed 12 February 2016].
11. Matt Stauffer, "API rate limiting in Laravel," December 2015. [Online]. Available: https://mattstauffer.co/blog/api-rate-limiting-inlaravel-5-2. [Accessed 14 April 2016].
12. P.R.Morpeth, J.Ellman, “Some Security Issues for web based frameworks”, School of Computing, Engineering and Information Sciences, Northumbria University, UK, IEEE, 2010.
13. Scotch, "Eloquent ORM in Laravel," March 2014. [Online]. Available: https://scotch.io/tutorials/aguide-to-using-eloquent-orm-in-laravel. [Accessed 20 March 2016].
14. Tinfoil Security, "Cross-Site Request Forgery," August 2014. [Online]. Available: https://www.tinfoilsecurity.com/blog/what-is-crosssite-request-forgery-csrf. [Accessed 6 April 2016].
15. TIS India, "7 Best PHP Framework For Enterprise Application," 2014. [Online]. Available: https://www.tisindia.com/blog/7-best-phpframeworks-2014/. [Accessed 19 February 2016].
16. W.Cui, L.Huang, L.J.Liang, J.Li, “The Research of PHP Development Framework Based on MVC Pattern”, Conference on Computer Sciences and Convergence Information Technology, IEEE Computer Society, 2009.
17. Wikipedia, "Cross-Site Request Forgery," April 2016. [Online]. Available: https://en.wikipedia.org/wiki/Crosssite_request_forgery. [Accessed 10 April 2016].
18. (www.phpframeworks.com, diakses tanggal 19 November 2013)

Recent Article

● Efficient Cluster based Communication with Plausibility Checks in VANET

● Survey of various Query Mapping Techniques from SQL to No SQL

● A Secure and Authentication Based Mechanism in Zone Routing Protocol

● Preparation of Plan and Analysis of a Multistoried Medical College

● Detecting Malicious Apps on OSN Face-book Wall

● A Design of Approximation Algorithm for Efficient DNA Mapping using Hadoop with GPU Acceleration

● “Context-Based Diversification for Keyword Queries over XML Data”

● Automatic Parking Reservation Application for Smartphone Using IR Sensors

● “A review study on secure web application development using PHP with Laravel Framework”

● Confidential Image Sharing Using Visual Secret Sharing Scheme

● Quadruped-Walker

● Recommenders System for Effective ICT Based Learning

● Resolve the Classification Problem over Encrypted data Using K-Nearest Neighbour

● Disease Inference System based on Health-Related Question Answer system

● Implementation Of Efficient Privacy Preserving Classification Techniques With Outsource Data

● Privacy Preserving Association Rules Mining In Horizontally Distributed Databases

● Crop Field Analyzer

● A Secure Parallel Network File System using Protocols

● New Approach for Parallel Graph Computation Using Partition Aware Engine

● Web Crawler: A Crawler for Efficiently Retrieving Relevant Data

● User Authentication using Digital Signature and Biometric Factor

● Security in Searching Shared and Encrypted Data in Multi Party Environment

● Enhancing Scalable Reverse Dictionary Using Text Rank

● Strengthening Authentication System Using Mindmetrics

● Stock Market Prediction and Analysis using Hadoop

● Fuzzy Authorization on Cloud Computing By Using Merging Technique

● Dual Cryptography Based Data Security in Cloud Computing

● A New Differential Evolutionary Algorithm

● An Alternative Approach to Resolve Load Balancing Problems in Cloud Computing

● Time to Change the World around You “Intellectual Controller

● Table Complexity Measurement of Database Systems

● Augmentation of Apriori Algorithm

● 3D Brain Tumor Detection

● Automatic Detection of Leukemia Using Blood Smear Sample

● Active Feature Description in Animals Footprint Identification

● Effective Interoperability between IPV6 Networks through Tunneling and Dual Stack Mechanism

● Iot – Based Information System for Emergency Medical Services

● Information Security by Embedding Of QR Code into Color Image

● Data Hiding in Encrypted H.264/AVC Video Streams by Code word Substitution

● Improved Performance Of Web Based Database Management For Telemedicine By Using Three Fold Approach Of Data Fragmentation,Websites Data Clustering And Data Allocation

● Collaborative Data Publishing Using Privacy Preserving Technique

● Cloud Gaming: A Green Future

● Optimizing SDN Performance for Small Networks by Enhancing Open Flow

● Secure Query Processing Over Encrypted Data via Location Based Service Provider

● An Efficient Cost-A ware Secure Routing (CASER) Protocol for Wireless Sensor Network

● Trustworthy URI: Enhancing the Data’s On the Web Reliable and Immutable

● Machine Learning Methods for Medical Diagnosis VIA Web Application

● Social Recommendation with Cross-Domain Transferable Knowledge

● Improving Security and QOS in Device-To-Device Communication Using Elliptic Curve DIFFIE Hellman Algorithm

● Cost-Effective Authentic and Anonymous Data Sharing with Forward Security

● Analysis of Request over Possible Clouds without Merged Duplicates

● Reservation Based Smart Parking System

● Webcam Based Remote Authentication via Biometrics over Insecure Channels Using Steganography

● Effect of Looping On the Lifetime Of A Multi-Sink Wireless Sensor Network Deployed For Healthcare Monitoring System

● Flow Mobility Modeling In VANETS