Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Exercise submission #4

Open
wants to merge 16 commits into
base: master
Choose a base branch
from
Open

Exercise submission #4

wants to merge 16 commits into from

Conversation

falexandrou
Copy link

@falexandrou falexandrou commented Nov 28, 2022
edited
Loading

What I've done

  • Added Dockerfile and docker-compose files to help with development (The schema is auto-imported when the database container gets created)
  • Sanitize and validate the users data on the model
  • Added the ability to render JSON in the app
  • Installed the latest Bootstrap & jQuery versions
  • Added Server Side Validation
  • Prevent users from having duplicate email addresses
  • Validates and stores users
  • Edits and updates users
  • Deletes users

Trade-offs

  • The forms contain a novalidate attribute to showcase the server-side validation.
  • I tried to stay within the 2-4 hour timeframe so I refrained from installing React / Webpack etc that would eat up time. I kept it really simple with jQuery

What I would do differently in real-life

  • I would use a JS framework
  • I would provide a test suite
  • I would also focus on security with SSL on the server, authentication, csrf tokens etc
  • Finally, I would build some kind of automation around CI/CD which I avoided this time

Demo URL

http://178.62.230.167/ running on DigitalOcean

@falexandrou
chore: install docker & development tools
26b0cb9
@falexandrou
chore: improve docker-compose, switch to port 3000
bfc3fb3
@falexandrou
chore: update editorconfig to remove trailing whitespace
40898e4
@falexandrou
chore: update to latest bootstrap version & jquery, use cdn
092a726
@falexandrou
wip: style the page & add form client-side validation
906d694
@falexandrou
fix: use full jquery instead of jquery slim
3573d86
@falexandrou
enhancement: use JsonSerializable interface for errors & users
b565db4
@falexandrou
feat: render user creation and errors as json
02bee5e
@falexandrou
fix: use 400 http status instead of 422 for errors
7a18c61
@falexandrou
feat: validate form & display error messages
eb886fb
@falexandrou
cleanup: add id to the user response, code cleanup
e6f82f6
@falexandrou
feat: add update and delete functionality
0de2b44
@falexandrou
feat: remove unused icons, load bootstrap icons from cdn
d322e25
@falexandrou
fix: icon usage in template
a0698fc
@falexandrou
fix: prevent users from having duplicate emails
4747dd5
@falexandrou
fix: allow more space to the icons & main table columns
83273f1
@falexandrou falexandrou marked this pull request as ready for review November 28, 2022 14:59
jurajmasar
jurajmasar reviewed Nov 30, 2022
View reviewed changes
create.php
Comment on lines 3 to 6
if (
!isset($_SERVER['HTTP_X_REQUESTED_WITH'])
|| strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) !== 'xmlhttprequest'
) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add validation of a CSRF token?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As mentioned in the PR comment, I didn't do anything security related (that I would normally do in real life). Happy to add it at a later stage if you like

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jurajmasar jurajmasar jurajmasar left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@falexandrou @jurajmasar