albertrosa

I wouldn't go as far as the documentation is best, with the recent rapid updates that Zend Framework has done there has been not a full cycle in the development of the documentation. I have found myself going to deep into the core code just to find the way to get things done right. Now here's a key to developers Frameworks are not the end all to development, Just a tool to solve the answer. Now if the tool doesn't help you solve the answer then help it solve the answer. There are always better ways to do things and very well more ways to do so but if you can help solve the problem it doesn't hurt to feed it back to the community so everyone has it

hey hey, Not sure if you can validate if the file is an actual image unless you create custom validators for zend_form. if you are going complete Zend. if not the good news is that Zend_Validators can be used stand alone so yay!! now here are a few things you can do: for each so called mallicious data string you got you use: $handle = fopen($file, 'r') and $content = fread($handle); then search the $content as a string for the codes that are of the language. javascript, lua, .net, php look for the word function, or even the ' = ' with the spaces. it's highly unlikely that an image read would have ' = ' but the proof is in the code. Beyond that there aren't truly and other validation for images rather than the ones already set for Zend_Form_Element_Image types.

True you can do just that but it's the duplicate code that we want to limit. Now I tend to create a controller with all the trimings needed especially if it's going to be the normal "C.R.U.D" structure. So Check it I would make a controller with like this. Now this is just a shell for it. but the $_model will be called and initialized as the model. Depending on you Model Structure. I tend to not follow Conventional structures but to keep code simple and easy to read for my projects I abstract and refactor repetative code into functions in the controller. I function 1 code 1 fix. class baseController extends Zend_Controller_Action{ private $_model; public function init(){} public function createAction(){} public function editAction(){} public function deleteAction(){} public function indexAction(){} }