DEV Community: Al-Amin Islam

Software engineering

Al-Amin Islam — Thu, 23 Jan 2025 17:42:12 +0000

সফটওয়্যার ডেভেলপমেন্টে নতুন নতুন টেকনোলজি (React, Django, Flutter) আসবে-যাবে, কিন্তু কিছু মৌলিক বিষয় কখনও পুরোনো হবে না। সেগুলো ঠিকঠাক জানা থাকলে, আপনি একজন প্রকৃত সফটওয়্যার ইঞ্জিনিয়ার হিসেবে সবসময় সঠিকভাবে নিজেকে প্রস্তুত রাখতে পারবেন।

👉 এই বিষয়গুলো সব ডেভেলপারেরই জানা উচিত:

1️⃣ Data Structures and Algorithms
কেন?
সমস্যার সমাধানে কার্যকরী ও দক্ষ পদ্ধতি খুঁজে বের করতে DSA অপরিহার্য।
টপিকস:
Arrays, Linked Lists, Stacks, Queues
Trees (Binary Tree, BST), Graphs
Hashing, Heaps, Tries
Sorting এবং Searching Algorithms (Quick Sort, Merge Sort, Binary Search)
Dynamic Programming, Greedy Algorithms
কার্যকরী ক্ষেত্র:
Performance optimization, code efficiency, এবং scalability

2️⃣ Object-Oriented Programming (OOP)
কেন?
OOP-এর ধারণাগুলো বেশিরভাগ প্রোগ্রামিং ল্যাঙ্গুয়েজে ব্যবহার হয় (Java, Python, C++, etc.) এবং বড় বড় সফটওয়্যার তৈরির সময় OOP অপরিহার্য।
টপিকস:
Abstraction, Encapsulation, Inheritance, Polymorphism
SOLID Principles
Design Patterns (Factory, Singleton, Observer, etc.)

3️⃣ Design Patterns
কেন?
কোডের পুনর্ব্যবহারযোগ্যতা, মডুলারিটি, এবং maintainability বাড়াতে।
টপিকস:
Creational Patterns (Factory, Builder)
Structural Patterns (Adapter, Composite)
Behavioral Patterns (Observer, Strategy)

4️⃣ Software Architecture
কেন?
বড় সফটওয়্যার সিস্টেম তৈরির সময় সঠিক আর্কিটেকচার ডিজাইন না করলে স্কেলিং এবং পারফরম্যান্স সমস্যা হয়।
টপিকস:
Monolithic vs Microservices
Client-Server Architecture
MVC, MVVM, Clean Architecture
Distributed Systems এবং Scalability

5️⃣ Databases
কেন?
ডেটা ম্যানেজমেন্ট প্রতিটি সফটওয়্যার সিস্টেমের মেরুদণ্ড।
টপিকস:
SQL এবং NoSQL Databases
Normalization এবং Indexing
Transactions এবং ACID Properties
Query Optimization
Caching Mechanisms (Redis, Memcached)

6️⃣ Networking Basics
কেন?
ইন্টারনেটে বা ক্লাউডে কাজ করার সময় নেটওয়ার্কের ধারণা অপরিহার্য।
টপিকস:
HTTP/HTTPS, FTP, WebSockets
REST এবং GraphQL APIs
DNS, IP, TCP/UDP
Load Balancing এবং CDN
Authentication Protocols (OAuth, JWT)

7️⃣ Version Control (Git)
কেন?
টিমের সাথে কাজ করার সময় কোড ম্যানেজমেন্ট এবং ট্র্যাকিং করার জন্য অপরিহার্য।
টপিকস:
Git Basics (Clone, Commit, Push, Pull)
Branching এবং Merging
Conflict Resolution
GitHub/GitLab

8️⃣ Testing & Debugging
কেন?
বাগমুক্ত এবং reliable সফটওয়্যার নিশ্চিত করতে।
টপিকস:
Unit Testing, Integration Testing
Debugging Techniques
Automation Testing Frameworks (Selenium, Cypress, etc.)

9️⃣ Command Line & Shell Scripting
কেন?
ডেভেলপমেন্ট এবং ডিপ্লয়মেন্টের সময় কাজ দ্রুত করার জন্য।
টপিকস:
Unix/Linux Commands
Bash Scripting
Automating Tasks

🔟 Cloud এবং Deployment Basics
কেন?
সফটওয়্যার তৈরি করে সেটি প্রোডাকশনে তোলা এখনকার সময়ে অত্যন্ত গুরুত্বপূর্ণ।
টপিকস:
Cloud Platforms (AWS, Azure, GCP)
Docker এবং Kubernetes
CI/CD Pipelines

1️⃣1️⃣ Security Basics
কেন?
ব্যবহারকারীর ডেটা সুরক্ষিত রাখা এবং সিস্টেম হ্যাকিং থেকে রক্ষা করা।
টপিকস:
Authentication এবং Authorization
OWASP Top 10
Encryption এবং Hashing
XSS, CSRF, SQL Injection প্রতিরোধ

1️⃣2️⃣ Problem-Solving Skills
কেন?
সফটওয়্যার ডেভেলপমেন্ট মানে সমস্যা সমাধান করা। লজিক্যাল চিন্তাভাবনা এবং সমস্যাকে টুকরো টুকরো করে সমাধান করার ক্ষমতা থাকা দরকার।
টপিকস:
Logical Thinking
Breaking down complex problems

1️⃣3️⃣ Soft Skills
কেন?
সফটওয়্যার ডেভেলপমেন্টে টিমওয়ার্ক এবং কমিউনিকেশন খুবই গুরুত্বপূর্ণ।
টপিকস:
Team Collaboration
Effective Communication
Time Management

শেষ কথা:
প্রকৃত সফটওয়্যার ইঞ্জিনিয়ার হওয়া মানে শুধুমাত্র একটি টুল বা ফ্রেমওয়ার্ক জানা নয়। বরং সমস্যার সমাধানের দক্ষতা এবং নতুন টেকনোলজি শেখার মানসিকতাই আপনাকে সফল করবে। 🌟

Example of using Late Static Binding in PHP.

Al-Amin Islam — Wed, 15 Jan 2025 17:31:34 +0000

Introduction:

Late Static Binding (LSB) is a feature in PHP that allows a child class to reference its parent class's static properties or methods using the static keyword. This feature opens the door to dynamic behavior within your classes. It's especially useful when dealing with inheritance and customization of functionality in subclasses.
The late static binding concept is used by writing static keyword before using the property. Whenever a PHP interpreter gets the request to compile a function. If it sees any static property, then it leaves the property pending for run time and the property gets its value during runtime from the function it is being called. This is called late static binding.

The Scenario:

**
Consider a scenario where you are developing a web application with a database. You have a base Database class that contains common functionality for interacting with the database, such as DBquerying and data retrieval. Additionally, you have two subclasses, User and Product, each representing a different entity in your application. These subclasses need to perform database queries specific to their respective tables.

Implementing Late Static Binding:

Let's dive into the code to see how Late Static Binding can help us achieve dynamic database queries:

<?php 
class Database {
    static public $tableName;
    static function getTableName()
    {
       return  static::$tableName;
    }

    static function dbQuery()
    {
        $tableName = static::$tableName;
        return "SELECT * FROM $tableName";
    }

}

class User extends Database {
    static public $tableName = "users";
}
class Products extends Database{
    static public $tableName = "products";
}

var_dump(User::dbQuery());  //SELECT * FROM users;
var_dump(Products::dbQuery());  //SELECT * FROM products;

Explanation:

In the Database class, we define a static property $tableName, which represents the name of the database table.

The getTableName() method returns the table name using Late Static Binding with static::$tableName.

The dbQuery() method constructs and returns a query string that includes the specific table name obtained using static::getTableName()

Conclusion:

Late Static Binding in PHP is a powerful tool that allows developers to create flexible and dynamic systems. In the example provided, we demonstrated how to use Late Static Binding to implement dynamic database queries in a web application. This feature empowers subclasses to access their own static properties and methods while maintaining a clear and organized class hierarchy. Incorporating Late Static Binding in your PHP applications can greatly enhance their flexibility and maintainability, ultimately leading to more robust and adaptable codebases.

Understanding authentication and authorization in simple words

Al-Amin Islam — Thu, 28 Nov 2024 04:18:14 +0000

Suppose you want to enter a restricted area. You can't just enter there, you will definitely need a pass card to enter. Suppose it is an ID card, with this ID card you can enter all parts of that area except some VIP areas. This card has a validity period, which I will discuss later some day. Now the point is that as long as you have this valid ID card, you can access inside, whenever you lose the ID card or the validity period expires, you will be kicked out of that area . This is authentication

Now let's tell you what authorization means. Above I was talking about VIP areas, which you cannot enter even if you have a pass. You will need special permission to enter. This is what authorization is

Now let's see an example in programming:
Suppose you want to enter an admin panel. You will need your credentials to enter there, login with them and create a post on this panel, this is authentication. Now you have created the post but you do not have permission to delete it, this is authorization.

What is the process to Sign In with Apple with laravel?

Al-Amin Islam — Wed, 11 Sep 2024 00:33:03 +0000

The Sign In with Apple Flow . How Sign In with Apple Works (Hint: it uses OAuth and OIDC) .
Today I will try to show how to login with apple.

No.1

Mandatory Check this url If you click on this URL, you can see how to create Apple's service.
Create Apple Service on Apple developer Account

No.2
You need to install laravel socialite package on your project

composer require laravel/socialite

Then you will need to install apple socialiteproviders . Check this url Apple SocialiteProviders.

You need some configuration on your laravel projects

config/services.php
thats have provide . Apple SocialiteProviders.

Note
If it doesn't work you just need to add some others field which will get you from apple service developer account.

'apple' => [
    'client_id' => env('APPLE_CLIENT_ID'),
    'client_secret' => env('APPLE_CLIENT_SECRET'),
    'team_id' => env('APPLE_TEAM_ID'),
    'key_id' => env('APPLE_KEY_ID'),
    'private_key' => str_replace('\\n', "\n", env('APPLE_PRIVATE_KEY')),
    'redirect' => env('APPLE_REDIRECT_URL'),
],

your laravel .env file looks like

APPLE_CLIENT_ID='xxxxxxxxx'
APPLE_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\n token \n-----END PRIVATE KEY-----"

APPLE_TEAM_ID="xxxxxx"
APPLE_KEY_ID="xxxxxxxx"
APPLE_CLIENT_SECRET="xxxxxxxxxx"

APPLE_REDIRECT_URL="http://127.0.0.1:8000/auth/login/apple/callback"
APPLE_REDIRECT_URI="http://127.0.0.1:8000/auth/login/apple/callback"

..........

No. 3
Now you need to create a Apple secret which is very important for Apple login. For creating Apple secret you can following this website . Generate Apple token . For generate JWT token you will need to install this package .
composer require lcobucci/jwt

Now you are ready for creating route in socialite login.

Route::get('login/apple',[SocialController::class,'redirectToProvider'])->name('redirectToProvider');
Route::post('login/apple/callback',[SocialController::class,'handleProviderCallback'])->name('handleProviderCallback');

Inside the controller

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Laravel\Socialite\Facades\Socialite;
use App\Models\User;
use Illuminate\Support\Facades\Log;


class SocialController extends Controller
{
  public function redirectToProvider()
  {
    Log::info("apple");
    return Socialite::driver('apple')->redirect();
  }

public function handleProviderCallback()
{
    try {
        $user = Socialite::driver('apple')->stateless()->user();
    } catch (\Exception $e) {
        return redirect()->route('login')->with('error', 'Failed to log in with Apple.');
    }

    $provider_id = $user->getId();
    $email = $user->getEmail() ?? 'no-email-provided';

    $existingUser = User::where('provider_id', $provider_id)->orWhere('email', $email)->first();

    if ($existingUser) {
        auth()->login($existingUser);
    } else {
        $newUser = User::create([
            'name' => $user->getName() ?? 'Apple User',
            'email' => $email,
            'provider_id' => $provider_id,
            'provider_name' => 'apple'
        ]);

        auth()->login($newUser);
    }

    // If it's a mobile app, generate and redirect with a token
    $token = auth()->user()->createToken('authToken')->accessToken;

    return $token;
 }

}

I hope this will works . If you can face any problem on it feel free to knock me Email

alamincsetpi@gmail.com

or you can comment in this below.

Thanks🤪
Happy coding❤️🤪

Why you should never use $request->all() in Laravel

Al-Amin Islam — Wed, 04 Sep 2024 10:31:13 +0000

I know a lot of Laravel developer makes use of $request->all()when making a POST request in Laravel.

So I did this website for a client and it has been live for some time, then suddenly the website became popular and hackers came to attack it, for weeks I kept fighting all forms of attack, what baffled me most is that the hacker keeps giving himself an admin account! yes, you read that right, he keeps granting himself an admin account.

I didn't know how he kept doing this, not until I went to the basics and started reading on all function by Laravel, then I read about $request->all(). NOw here is why you should never use request all especially when it comes to user registration part.

Now imagine a User Model with this fillable protected $fillable = [‘username’,’first_name’, ‘last_name’, ‘password’, ‘email’, ‘team_id’, ‘country’, ‘status’, ‘IsAdmin’,’avatar’];

and probably in your controller, you have something like


public function register(Request $request)

{

$rules = [

‘username’ => [‘required’, ‘string’, ‘max:255’,’unique:users’],

‘first_name’ => [‘required’, ‘string’, ‘max:255’,],

‘last_name’ => [‘required’, ‘string’, ‘max:255’,],

‘email’ => [‘required’, ‘string’, ‘max:500’, ‘unique:users’],

‘password’ => [‘required’, ‘string’, ‘min:8’, ‘confirmed’],

‘country’ => [‘required’, ‘integer’],

];

$credentials = $request->all();

$validator = Validator::make($credentials, $rules);

if ($validator->fails()) {

return response()->json([‘errors’ => $validator->errors()], 422);

}

$data = $request->all(); // dont ever do this..NEVER!!!!

try {

DB::beginTransaction();

$user = User::create($data);

$token = JWTAuth::fromUser($user);

// Mail::to($user)->send(new NewUserEmail($user));

DB::commit();

return response()->json(array_merge([‘token’ => $token, ‘message’ => ‘Account created successfully’]), 201);

} catch (\Exception $e) {

DB::rollback();

return response()->json([‘code’ => 422,’message’ => ‘Sorry an Error occured’], 422);

}

}
`Now the issue here is that the hacker can just inspect elements in your browser and add another input field of IsAdmin and send it, of course, it will be accepted because you are accepting all requests.

Rather than accepting all, here is a better way to prevent hack of this kind on your website.

`$data = $reques->only([‘username’,’first_name’,’last_name’,’email’,’password’,’country’]);`

You can prevent it by using $request->only() than in an array declare the inputs you want your backend to accept.

you can alternatively also use the PHP inbuilt function in_array(), you will just place the data you don't want to be in your request, and when found you can tell it to throw an error!.

I hope this helps you if you have any questions you can ask in the comment section below.

Answer: Error "Your push would publish a private email address"

Al-Amin Islam — Wed, 21 Aug 2024 06:40:39 +0000

Jul 18 '17

122

Warning: This will expose your email address! Each commit includes the email address of the committer and for public repositories, this information is publicly available.

I experienced the same error: GH007 message as well and used the following to resolve the issue.

Go to Setting your commit email address…

Open Full Answer

Laravel logging

Al-Amin Islam — Fri, 05 Jul 2024 17:20:30 +0000

To help you learn more about what's happening within your application, Laravel provides robust logging services that allow you to log messages to files, the system error log, and even to Slack to notify your entire team.

In this folder there have the log file.

storage/logs

We can create laravel custom log file. Go to the config\logging.php

//By default have 
  'single' => [
            'driver' => 'single',
            'path' => storage_path('logs/laravel.log'),
            'level' => env('LOG_LEVEL', 'debug'),
            'replace_placeholders' => true,
        ],

//here is the custom log example:

'custom' => [
            'driver' => 'single',
            'path' => storage_path('logs/custom.log'),
            'level' => env('LOG_LEVEL', 'debug'),
            'replace_placeholders' => true,
        ],

If we want to show the every log data show our custom log file . Edit the .env file
replace

LOG_CHANNEL=stack to LOG_CHANNEL=custom

Displaying Unescaped Data on laravel blade file

Al-Amin Islam — Mon, 27 May 2024 13:45:02 +0000

By default, Blade statements are automatically sent through PHP's htmlspecialchars function to prevent XSS attacks. If you do not want your data to be escaped, you may use the following syntax:

Hello, {!! $name !!}.

Redirecting to External Domains from Laravel

Al-Amin Islam — Mon, 27 May 2024 13:37:33 +0000

Sometimes you may need to redirect to a domain outside of your application. You may do so by calling the away method, which creates a RedirectResponse without any additional URL encoding, validation, or verification:

return redirect()->away('https://www.google.com');

Deep Linking for Android and Apple in React.js

Al-Amin Islam — Mon, 01 Apr 2024 16:53:10 +0000

Today I will discuss about how to create Android & Apple Deeplinking.

For Android

You have assetlinks.json file .
Create "assetlinks.json" file. Include the file inside public/.well-known folder .
The route is --> domainname/.well-known/assetlinks.json .

For Apple

Unable to host static file apple-app-site-association from the react project root in locally .

Solutions :

Need two file and paste this json on this file:

public/.well-known/apple-app-site-association.
public/.well-known/apple-app-site-association.json

{
  "applinks": {
    "apps": [

    ],
    "details": [
      {
        "appID": "xxxxxxxx-xxxxxxxx",
        "paths": [
          "*",
          "/"
        ]
      }
    ]
  }
}

Using
1 . AWS Amplify
I added the following to the top of my redirects on amplify

{
    "source": "/.well-known/apple-app-site-association",
    "target": "/.well-known/apple-app-site-association.json",
    "status": "200",
    "condition": null
},

Add a redirect

Finally, Apple expects this file to exist at the exact path yourdomain.com/.well-known/apple-app-site-association.

Test your app

First, you'll need to make sure you publish your website on the domain you used.

Thanks for reading

Deep Linking for Andriod and Apple in Next.js

Al-Amin Islam — Sat, 30 Mar 2024 16:48:53 +0000

Today I will discuss about how to create Android & Apple Deeplinking.

For Android

You have assetlinks.json file .
Create "assetlinks.json" file. Include the file inside public/.well-known folder .
The route is --> domainname/.well-known/assetlinks.json .

For Apple

Apple requires that your website has a file at the path /.well-known/apple-app-site-association on your URL.
Create an API route
Create a file at this in your project location:

pages/api/.well-known/apple-app-site-association.ts

import type { NextApiRequest, NextApiResponse } from 'next'

const BUNDLE_ID = 'YOUR-APPLE-APP-BUNDLE-ID' // replace with your bundle ID

const association = {
  applinks: {
    apps: [],
    details: [
      {
        appID: `${BUNDLE_ID}`,
        paths: ['*', "/"],
      },
    ],
  },
}

export default (_: NextApiRequest, response: NextApiResponse) => {
  return response.status(200).send(association)
}

Add a redirect

Finally, Apple expects this file to exist at the exact path yourdomain.com/.well-known/apple-app-site-association.

Since the file we created above is an API route, we need to create a redirect in next.config.js:

const nextConfig = {
  // ...
  async redirects() {
    return [
      {
        source: '/.well-known/:file',
        destination: '/api/.well-known/:file',
        permanent: false,
      },
    ]
  },
}

Test your app

First, you'll need to make sure you publish your website on the domain you used.

Thanks for reading

How to use deep linking and Apple App Site Association with React.js

Al-Amin Islam — Thu, 28 Mar 2024 08:23:04 +0000

I have been looking far and wide and I can't seem to find any information about how to properly use apple-app-site-association/deep linking with a react.js website. I have already solve andriod deep-linking . I am set up assetlink in my project (public/.well-known/assetlinks.json). But how to use apple-app-site-association.