Categories
Uncategorized

Learning Laravel

A lot has happened since the last post on here. Mainly that the senior capstone project team that I am a part of to create a Vulnerable Web Application has decided that the best way to move forward with creating the application is through using a web framework called Laravel. This decision came off of the fact that a vulnerable web application we were going to use as a base was in PHP, and found that to make the development experience better we could switch to Laravel to do our web application in. I’m really excited to develop the web application but one of the blockers that I am having with the project is learning Laravel itself, so I wanted to take this blog post to try and teach what I’ve learned about Laravel so far to you so that I may reinforce the learning that I’ve done and teach you all something’s that might be interesting to you! Do note, this won’t be a full coverage of everything Laravel has to offer, you can find that here, but this will cover certain aspects of the framework that I learned about and how it pertains to my portion of work for the project.

First, one of the main things that you learn with Laravel is how it operates on a Model-View-Controller (MVC) architecture. Simply speaking, there are three logical components being the:

  • Model: Responsible for representing database data and interacting with the database
  • View: Responsible for presenting data to the user. Laravel does this through Blade templates that let you compile HTML with dynamic elements.
  • Controller: Responsible for processing requests, retrieving data from Models, and passing the data to Views

Once you understand how the architecture that Laravel operates on, next is how a new project is structured, as defined below. Note that these are not all the directories that Laravel generates for your project, but I feel that they are the most important ones:

  • App
    • Http/Controllers
      • PHP code files that represent the main logic for a webpage and interacts with your views and models.
    • Models
      • Representations of your database table and serves as a layer of abstraction for interacting with that data.
  • Database
    • Contains database migrations, model factories, and seeds.
      • Can also house SQLite databases
  • Public
    • Contains the `index.php` file as the entry point to the application.
    • Also houses assets like CSS or JavaScript.
  • Resources
    • Where you will store your views (aka Blade template files).
  • Routes
    • Contains all routing definitions within `web.php`.
      • `web.php` contains the routes themselves.

For me, after we set up the initial parts of the website I was tasked to making one of my webpages, being the Patient Feedback page that will house both Stored and Reflective XSS vulnerabilities. You need to create your database, models and controllers separately with a PHP tool called artisan, a command line tool that installs with Laravel once you created the project. Using the commands php artisan make:migration create_names_table, php artisan make:model Name, and php artisan make:controller NameController will create the database, model, and controllers respectively. For the view, you can create a file within the resources/views directory with the extension .blade.php where you can write HTML with some special Blade formatting. Next, within routes/web.php you can define the routes needed to access your webpage like this Route::get('/name', 'NameController@index')→name(‘name.index');, however, because we already have an authentication plugin installed almost all routes to our team’s web application will look like Route::get('/name', 'NameController@index')→middleware(['auth', 'verified'])→ name(‘name.index'); where middleware is just a mechanism for filtering incoming HTTP requests where this authentication middleware needs the user to be verified to access this page. Lastly is the database, located in database/migrations as there you define what the table you just created in the database will look like through the premade `up` function like this:

Moving forward with the controller and model, however, is something that is very dependent on the implementation of the web page you are trying to create and not something I fully understand right now. The commands that were talked about earlier will create outlines for you for both a Model and Controller, but it is up to you on how to implement the logic of the web page and how it interacts with the database.

Thank you for reading through, and I hope you learned something new today about how Laravel works and how to get started with developing in it!

Categories
Uncategorized

Hello world!

Hello to everyone that found their way here! My name is Sean and I would like to introduce myself to you all and what my blog will be about.

First, a little bit about me. I’m currently a student at Oregon State University, going through their Computer Science degree program with a focus in Cybersecurity. Before I started this degree, I’ve been interested in programming since high school when I started with web programming with HTML, CSS, and JavaScript. Though, my interest in programming changed later to more system languages like python, where in my pursuit of knowledge I was also introduced to ethical hacking. Using my programming knowledge and this new passion for ethical hacking, I competed in multiple CTFs (Capture the Flag) tournaments to hone my skills until I got to college, where I could learn more things formally. Though moving away from my journey as a techy, I’ve recently been on more of a discovery of myself and have found new hobbies like rock climbing and hiking, though I have a big journey ahead to get good at rock climbing. Most of the social activities that I like though are DnD, video games (especially Guild Wars 2 and Minecraft), and just hanging out with my cat Kai.

Kai chilling on his new couch.

Now let’s talk about what this blog is going to be about. I mainly want this blog to be two things, being:

  1. How my senior capstone project is going through the nine months I have to do it.
  2. Any interesting things I learned in my own research or other classes.

Breaking it down a bit more, I want my coverage of my project to be about any successes, failures, struggles, why’s and how’s, plans and detours that come along with any programming project. On the other hand, I want to talk about my learning journey and other cool tech news, as there is so much that I have to learn about in the tech industry. With having much to learn, I feel that being able to teach others about topics I am interested in will help with gaining a better understanding of the material at hand so that I can look at myself every day and say that I’m better at my career than who I was yesterday.

With all of that being said, I want to thank you all for reading this post about me and my journey, and I hope to see your guy’s comments to my learning journey!