PHPackages shield/shield - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Framework](/categories/framework) 4. / 5. shield/shield AbandonedLibrary[Framework](/categories/framework) shield/shield ============= Shield : Microframework, Major Security 1393315PHP Since Nov 2Pushed 13y ago19 watchersCompare [ Source](https://github.com/enygma/shieldframework)[ Packagist](https://packagist.org/packages/shield/shield)[ RSS](/packages/shield-shield/feed)WikiDiscussions master Synced 3w ago READMEChangelogDependenciesVersions (1)Used By (0) Shield : A Security-Minded Microframework ========================================= [](#shield--a-security-minded-microframework) [![Build Status](https://camo.githubusercontent.com/0d6c3a11d972ddf544fcb835474e0aa06ce7c1a3a0b050d47080644746c0b1b3/68747470733a2f2f7365637572652e7472617669732d63692e6f72672f656e79676d612f736869656c646672616d65776f726b2e706e673f6272616e63683d6d6173746572)](http://travis-ci.org/enygma/shieldframework) In my efforts to learn more about security best practices in PHP, I noticed that most of the PHP frameworks out there left it up to the developer to correctly handle input/output/etc themselves. Unfortunately, this has been a sticking point in PHP apps, so I decided to work on a microframework that was designed with security in mind. This project is under a MIT license. [shieldframework.com](http://shieldframework.com) Disclaimer ---------- [](#disclaimer) *Please note:* This framework is a work in progress and is serving as a resource to learn more about PHP and web application security. Use of this framework will *not* provide the perfect security for your application, nor should it be considered an ultimate resource for security best practices. ### Features: [](#features) - Output filtering on all values (preventing XSS) - Logging on all actions - Input filtering functionality for accessing all superglobal information - Uses PHP's own filtering for data sanitization - Encrypted session handling (RIJNDAEL\_256/MCRYPT\_MODE\_CBC, uses IV) - Custom cookie handling (including httpOnly) - Customized error handling to avoid exposing filesystem information - Basic templating/view system - IP-based access control - Session fixation prevention Requires -------- [](#requires) - PHP 5.3.x - mcrypt extension (for sessions) The Code -------- [](#the-code) I'm a big fan of the Slim microframework, so anyone that's used that will feel at home with Shield. Here's some example code of it in use: ```