Navin Kumar Micheal Jayraj

Uh, Yeah. Hi, team. So myself, uh, Devin Michael, uh, completed, uh, Beacon Electronics and Telecommunication branch, and I joined, uh, WNS Global Services as my first company, uh, wherein I worked as a software test analyst in that company for 2 years. So after that, uh, I joined the Q Telstra Software Private Limited, wherein wherein I worked as a PHP developer. So from there, within that organization, I was being promoted to different positions like senior PHP developer and as well as, uh, leading a team of 2 to 3 people. So during my tenure in that company, so I was working as a a senior PHP developer and, uh, handling all the API connections made between different applications. So I used different frameworks like Laravel Code in Netter. Uh, so this is basically a a domain, uh, which is a travel, sir, domain, wherein, like, we post online reservations for flights, hotels, tools, sightseeing, and different, uh, services. So in that, uh, team, like, I was working as a senior developer in connecting the 3rd party APIs, integrating different APIs, and, uh, fetching the information and displaying it in our projects. So, uh, in the in my in the tenure, uh, during the tenure, like, we were part of different teams where, like, we support, uh, in house clients and also, uh, like, uh, the clients which are, uh, from abroad, basically from Gulf countries, Dubai, Abu Dhabi, and different countries. So these clients, uh, give us, uh, projects to work on. Like, uh, they, uh, give us a project like, uh, online travel reservation management system. So so we integrate different third party application like payment gateways as well and, uh, handling all the bookings, uh, reservations, and cancellations and reconciliations, all the things. So I worked in that company throughout for 5 years. So yeah. So I had overall, uh, 6 years in that time. After that, I joined, uh, Rakan Bureau Justice Private Limited. That's basically a shopping cart application, uh, which is fully based into coding net or framework. So I worked as a senior PHP developer, integrating again, integrating the payment gateways and integrating the third party resources within the applications and, uh, getting, uh, data transformations and showing the presenting that product in the web application so that the user who is having the online services will book those, uh, products from there. So those those are basically online, uh, juice marketing company wherein, like, your user can buy health health drinks and, uh, many health products from that, uh, applications. So currently, I'm working in a loyalty rewards program. So wherein, like, I have, again, like, integrating a third party integration, like Workday, SAP, and, uh, many other, uh, major applications and switching, uh, working on huge data. Yeah. So that's all with my from my background. Thanks.

Yeah. So SQL injection is a very critical, uh, thing in web application, and, uh, it has caused a major impact in accessing the, uh, data of an user, like admin especially. So the preventing, uh, uh, for preventing SQL injections, there are we have various steps taken, uh, from the form itself, uh, in the JavaScript query itself, validating all the HTML scripts, whichever which is, uh, uh, getting added in the fields required fields. And, also, on the server side, like, uh, there are, uh, different ways of escaping those input fields and, uh, accordingly, uh, validating the data from the server side as well as the client said. And, yeah. So, overall, like, for, uh, preventing SQL injections, we have validated, uh, the data from the client side as well as the server side. And, uh, and while inserting the database as well, so all the data which is going to be inserted or, like, uh, getting selected. So these all datas will be thoroughly checked from the script point of view and, uh, validated before being used in any of the uh, purposes, like displaying it to the top applications or, uh, sending it to the 3rd party. So so handling the data has been a critical, uh, part of our projects, and we have, uh, done that throughout my career in the web application development. Yep. That's all.

Yeah. So find that internal server error is basically a syntactical error in any of the applications. So so for, uh, resolving, uh, those kind of syntax application, so we prefer, uh, looking into that error reporting, uh, mechanism, the PHP. So so that that actually, uh, displays all the errors in the UI itself, and we can, uh, use that. It displays the line number and all the informations required for the same. So we actually look into that and, uh, accordingly, switch that file and look for that error in that particular line number.

Uh, it's back then. You're working on recording division of user facing elements. That will have to die. How old are you, please? Yeah. So integrating the front end, uh, UI developed by the front end developers, uh, that's, uh, not a great deal. So that's that's that happens using a different, uh, like, uh, template files, like Blade or, like, Smarty and encoding it also we use a different file, HTML file. So those files, like, uh, the UI developers who integrate it, so we use that files and apply the required data, how that needs to be done. And, uh, so we process those, uh, your data, process those files which is received from the UI developers, and we verify that and integrate it in our, uh, big back end application by sending the correct data in the fields they have applied for us. So as a PHP developer, so we're fully focused on the data that's getting displayed over there. So we work on, like, providing the data in a curate and, uh, to the point, like, if you provide more data and which is not required, printing in the whole area and passing it to the data field, uh, to the, uh, templates will not be give a better performance. So we restrict the data that is required in a particular format, like, for example, a JSON or JSON string or any uh, lightweight, uh, text, uh, format file. So we will be passing those data to the UI, uh, UI template files. And, accordingly, we use that, uh, to get the better performance out of that. Thank you.

Push 3 Sorry. I haven't worked on post creation. But, yes, like, we worked on data migrations and how that we can generate a script, uh, from the using the PHP back end for in case, like, we implement a new project and the client wants to have that new project with the required data. So we worked on migration scripts and everything.

Uh, for from the lateral methods, like, we basically use factory design format wherein, like, we generate different objects and, uh, use that in the required required workflow.

We're designed to create a full API as one point out any issues with this function and how it might violate these solid principles. Yep. So this is a create API response which checks up the data parameter and the status parameter. And, uh, header set to content tab application JSON. Response code status echo JSON encode and data. Yeah. So, basically, while, uh, then creating the API response, the API will be of a particular format. And, it cannot echo directly the JSON code data, which will print the direct, uh, which will print that in the, uh, web application itself instead of manipulating that data and using it in the required, uh, format. So this so we cannot, uh, directly echo the data which is received from the API response before validating if it is a correct response or not. If there is any error received, then we cannot, uh, print that directly in the the the response. This will, uh, stop the users from execution is executing other, uh, uh, if there is any other functionalities that, uh, depends on this API. And if the API is failed, then all other, uh, code functionality will stop because we have an exit after the echo statement.

Yeah. So this, uh, call this query simply is susceptible to SQL injection by, like, email can be equal to 1 or anybody who calls this function get user by email. Uh, if they pass a a different value, they can have access to that entire database, and they can even print that in the web web application page itself, that will be a big, uh, major issue. Like, here we need to use any prepared statement for handling such kind of, uh, queries. Uh, prepared statement are, like, escaping the email variable that is getting, uh, switched from the gate user by email function parameter.

Complex migration, we won't using Laravel to transform a single table and then design the table in a tense design. In Laravel, we do have a different, uh, transform technique for inheriting the designs.

Yeah. So for aggregating the data from multiple resources, uh, Laravel, so we, uh, to make it, uh, more robust, uh, for in case of particular failures, we continue executing the remaining set of code. So we create, uh, like, we create certain functions and we make it more object oriented so that, like, if particular function has some failures, uh, from particular resources, so we are driven while aggregating the data. So during that case, like, we ensure, like, uh, we call, uh, already, like, we handle handle those errors, uh, separately for each resources we are, uh, working on. So, like, based on the errors, like, uh, we can, uh, collaborate and, uh, we can, uh, add it in the log, which, uh, user who is investigating those kind of failures can, uh, easily have access to that to them.

Uh, best practices for using, uh, REST API in error handling is, like, uh, everything, uh, like API call and connecting to third parties and validating the username and pass word, all the credentials should be enclosed in their try catch, uh, format so that, like, if there is any exception that can be caught and, uh, which can be logged in the error logs, so which can be easily accessible and, uh, that can be reused, uh, in case of debugging purpose. So, you know, for, uh, risk full APIs, like, uh, we always depend on rely on the third party's server responses, how it's getting, uh, written written, how long it takes it takes to complete the successful query. So it all depends upon the connection and, uh, readability. So we have to maintain in such a way that, like like, we should have ample time for, uh, connecting to a particular application and, uh, switching the, uh, record out of it. And, uh, also for consistency, like, we always, uh, have a multiple call. Like, if there is any failure for a particular set of time, we we have a lot we have to have a separate logic implemented in our application such that, like, if there is any error happening and which are which is a familiar error, which, uh, used to happen from the 3rd party side. So we to handle that, we have to, uh, have a set of have a a retriggering, uh, logic wherein, like, it triggers after 1 or 2 hour automatically so that, like, the data that's supposed to be fixed for that particular days on that API should not be should not be left out and, like, it covers almost all the, um, records of yeah.

Want to start in a legacy PHP system? The consideration, would you have in mind to ensure back for compatibility and whatnot? Yeah. So while refracting any PHP system, like, we we are removing any particular application from the normal core PHP background to any framework or something. So we first need to make sure, like, the existing finds, uh, functionality that is working doesn't get hampered, and it will have the exact functionality that that the whole system used to do and with the less amount of code, uh, use using more and more of a function or enter application and, uh, following all the oops, can oops, concepts and principles and the different techniques to reduce, uh, the, reduce the logic to such a way that the user can be more, uh, readable. Like, whoever comes up as a new developer resources can read it and understand quickly and perform the, uh, successful workaround with that, uh, similar uh, tasks.