O'Reilly logo

FuelPHP Application Development Blueprints by Sébastien Drouyer

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Possible improvements

First, you should protect all your forms from Cross-Site Request Forgery (CSRF) attacks as we did in Chapter 3, Building a Blog Application. As you are using Mustache templates, you will need to do things a little bit differently here (for instance, you will need to write your CSRF input in plain HTML). I recommend you read the official documentation at http://fuelphp.com/docs/general/security.html#csrf.

The documentation can be accessed on the FuelPHP website by navigating to DOCS | FuelPHP | General | Security.

Secondly, if you want to make your API easily available using JavaScript on an external website, you have to set the Access-Control-Allow-Origin header to *. This can be done in the before method inside the Base controller. ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required