This paper discusses how a PHP development toolbox can be implemented. One toolbox has been implemented, and the implementation is described and documented in the text. The toolbox is primarily meant to help students who are taking a System Development course (INF1050) at the University of Oslo with the implementation phase of a software engineering project, but other PHP programmers may also benefit from using the toolbox.
It has been emphasized that the programming interface should be intuitive and easy to use, as opposed to very flexible, and that it should be easy to write secure code - that is code which cannot easily be exploited by hackers. With insecure code hackers may, for instance, be able to manipulate database tables or steal one user's session ID in order to get access to and perhaps alter this user's private information. The INF1050 students generally have little prior experience with programming, and this is one reason why it is so important that using the toolbox is easy.
The toolbox was implemented in order to make database access, HTML programming, validation and error-handling easier than if only built-in PHP functions were used. One part of the toolbox is dedicated to making session-handling more secure than what is normally achieved with PHP's native session handling mechanism. The parts on validation and error-handling are also included mainly for security reasons.