Home

Feed aggregator

Community News: Packagist Latest Releases for 05.15.2013

PHPDeveloper.org - Wed, 15/05/2013 - 15:07
Recent releases from the Packagist:
Categories: Open Source, PHP Community, PHP.net

Community News: Latest Releases from PHPClasses.org

PHPDeveloper.org - Wed, 15/05/2013 - 14:03
Categories: Open Source, PHP Community, PHP.net

Dealing with duplicated code

Planet-PHP - Wed, 15/05/2013 - 13:00
We’ve all seen it: we’re working along, and we come across code that just has a feel to it. It’s like déjà vu. You’ve seen this code before. You open another file – sure enough, there it is. The same code. Almost line for line. In large code bases, it’s likely that there are dozens [...]
Categories: Open Source, PHP Community

PostgresDAC supports Delphi XE4 and C++ Builder XE4

Postgresql.org - Wed, 15/05/2013 - 02:00
This important release introduces support for the RAD Studio XE4 (Delphi and C++ Builder personalities). Download

You're welcome to download the PostgresDAC v2.9.6 right now at: http://microolap.com/products/connectivity/postgresdac/download/ or login to your private area on our site at http://microolap.com/my/downloads/

Feedback

Please don't hesitate to ask any questions or report bugs with our Support Ticketing system available at http://www.microolap.com/support/

Categories: PHP Community

Simon Holywell: Improve PHP session cookie security

PHPDeveloper.org - Tue, 14/05/2013 - 21:55

Simon Holywell has a new post talking about cookie security in PHP, focusing on some of the PHP configuration settings that can help.

The security of session handling in PHP can easily be enhanced through the use of a few configuration settings and the addition of an SSL certificate. Whilst this topic has been covered numerous times before it still bears mentioning with a large number of PHP sites and servers having not implemented these features.

He talks about the httponly flag when setting the cookie/in the configuration, the "use only cookies" for sessions and forcing them to be "secure only".

Link: http://simonholywell.com/post/2013/05/improve-php-session-cookie-security.html
Categories: Open Source, PHP Community, PHP.net

Getting Started with PHP Zend Framework 2 for Oracle DB

Planet-PHP - Tue, 14/05/2013 - 20:56

This post shows the changes to the ZF2 tutorial application to allow it to run with Oracle Database 11gR2.

Oracle Database SQL identifiers are case insensitive by default so "select Abc from Xyz" is the same as "select abc from xyz". However the identifier metadata returned to programs like PHP is standardized to uppercase by default. After executing either query PHP knows that column "ABC" was selected from table "XYZ".

In PHP code, array indices and object attributes need to match the schema identifier case that is returned by the database. This is either done by using uppercase indices and attributes in the PHP code, or by forcing the SQL schema to case-sensitively use lower-case names.

The former approach is more common, and is shown here.

The instructions for creating the sample ZF2 application are here. Follow those steps as written, making the substitutions shown below.

Schema

In Oracle 11gR2, the schema can be created like:

DROP USER ZF2 CASCADE;

CREATE USER ZF2 IDENTIFIED BY WELCOME
    DEFAULT TABLESPACE USERS QUOTA UNLIMITED ON USERS
    TEMPORARY TABLESPACE TEMP;

GRANT CREATE SESSION
    , CREATE TABLE
    , CREATE PROCEDURE
    , CREATE SEQUENCE
    , CREATE TRIGGER
    , CREATE VIEW
    , CREATE SYNONYM
    , ALTER SESSION
TO ZF2;

CONNECT ZF2/WELCOME

CREATE TABLE ALBUM (
  ID NUMBER NOT NULL,
  ARTIST VARCHAR2(100) NOT NULL,
  TITLE VARCHAR2(100) NOT NULL,
  PRIMARY KEY (ID)
);

CREATE SEQUENCE ALBUMSEQ;

CREATE TRIGGER ALBUMTRIGGER BEFORE INSERT ON ALBUM FOR EACH ROW
BEGIN
  :NEW.ID := ALBUMSEQ.NEXTVAL;
END;
/

INSERT INTO ALBUM (ARTIST, TITLE)
    VALUES ('The  Military  Wives', 'In  My  Dreams');
INSERT INTO ALBUM (ARTIST, TITLE)
    VALUES ('Adele', '21');
INSERT INTO ALBUM (ARTIST, TITLE)
    VALUES ('Bruce  Springsteen', 'Wrecking Ball (Deluxe)');
INSERT INTO ALBUM (ARTIST, TITLE)
    VALUES ('Lana  Del  Rey', 'Born  To  Die');
INSERT INTO ALBUM (ARTIST, TITLE)
    VALUES ('Gotye', 'Making  Mirrors');

COMMIT;
Driver and Credentials

The driver and credentials are Oracle-specific. Always use the OCI8 adapter in ZF, since it is more stable and has better scalability. Specifying a character set will make connection faster.

zf2-tutorial/config/autoload/global.php: 
 return array(
     'db' => array(
-        'driver'         => 'Pdo',
-        'dsn'            => 'mysql:dbname=zf2tutorial;host=localhost',
-        'driver_options' => array(
-            PDO::MYSQL_ATTR_INIT_COMMAND => 'SET NAMES \'UTF8\''
-        ),
+        'driver'         => 'OCI8',
+        'connection_string' => 'localhost/orcl',
+        'character_set' => 'AL32UTF8',
     ),
     'service_manager' => array(
         'factories' => array(
zf2-tutorial/config/autoload/local.php: 
 return array(
     'db' => array(
-        'username' => 'YOUR USERNAME HERE',
-        'password' => 'YOUR USERNAME HERE',
+        'username' => 'ZF2',
+        'password' => 'WELCOME',
     ),
     // Whether or not to enable a configuration cache.
     // If enabled, the merged configuration will be cached and used in
Attribute & Index Changes

The rest of the application changes are just to handle the case of the Oracle identifiers correctly.

zf2-tutorial/module/Album/Module.php 
                     $dbAdapter = $sm->get('Zend\Db\Adapter\Adapter');
                     $resultSetPrototype = new ResultSet();
                     $resultSetPrototype->setArrayObjectPrototype(new Album());
-                    return new TableGateway('album', $dbAdapter, null, $resultSetPrototype);
+                    return new TableGateway('ALBUM', $dbAdapter, null, $resultSetPrototype);
                 },
             ),
         );
zf2-tutorial/module/Album/view/album/album/add.phtml 
 $form->prepare();
 
 echo $this->form()->openTag($form);
-echo $this->formHidden($form->get('id'));
-echo $this->formRow($form->get('title'));
-echo $this->formRow($form->get('artist'));
+echo $this->formHidden($form->get('ID'));
+echo $this->formRow($form->get('TITLE'));
+echo $this->formRow($form->get('ARTIST'));
 echo $this->formSubmit($form->get('submit'));
 echo $this->form()->closeTag();
zf2-tutorial/module/Album/view/album/album/delete.phtml 
 <h1><?php echo $this->escapeHtml($title); ?></h1>
 
 <p>Are you sure that you want to delete
-'<?php echo $this->escapeHtml($album->title); ?>' by
-'<?php echo $this->escapeHtml($album->artist); ?>'?
+'<?php echo $this->escapeHtml($album->TITLE); ?>' by
+'<?php echo $this->esc

Truncated by Planet PHP, read more at the original (another 7231 bytes)

Categories: Open Source, PHP Community

PHPMaster.com: Safely Deprecating APIs

PHPDeveloper.org - Tue, 14/05/2013 - 20:09

On PHPMaster.com today there's an article with some good suggestions about ways to deprecate parts of an API safely.

Deprecation can happen for various reasons - perhaps an API is no longer useful and has reached its end-of-life, or the refactoring of code to improve its reusability and testability obsoletes particular methods. In this article I'll share with you some key points that you should follow when deprecating APIs so you can continue to grow your code and provide fair warning to those who depend on it.

They break it up into a few different steps:

  • Prepare for Refactoring
  • Employ the Single Responsibility Principle
  • Communicate with your Users
  • Remove the Old Code
Link: http://phpmaster.com/safely-deprecating-apis
Categories: Open Source, PHP Community, PHP.net

Juan Treminio: Introduction to Vagrant/Puppet and introducing PuPHPet

PHPDeveloper.org - Tue, 14/05/2013 - 19:11

Juan Treminio has written up a post about a new tool he's created that makes generating Vagrant/Puppet configs easy - PuPHPet.

I just released the initial version of PuPHPet, my GUI-based gnerator for Vagrant/Puppet environments! [...] Enter PuPHPet, my GUI configurator. I have created a simple, easy to use web app that targets PHP developers and the classic LAMP stack. You will not need to learn the ins and outs of Vagrant or Puppet to build your own working VM to your specific needs. As of now you can define things like custom virtual hosts, what version of PHP to install, set up some MySQL databases, etc, all without having to touch a manifest file.

His tool (hosted version is here) lets you define things like machine name, IP address, memory and target folder. You can pick from various server, PHP, MySQL and Apache packages you want installed as well. A custom archive (zip) file will be created that can be dropped into your system ready for use.

Link: http://jtreminio.com/2013/05/introduction_to_vagrant_puppet_and_introducing_puphpet_a_simple_to_use_vagrant_puppet_gui_configurator
Categories: Open Source, PHP Community, PHP.net

Community News: Packagist Latest Releases for 05.14.2013

PHPDeveloper.org - Tue, 14/05/2013 - 15:07
Recent releases from the Packagist:
Categories: Open Source, PHP Community, PHP.net

Community News: Latest PECL Releases for 05.14.2013

PHPDeveloper.org - Tue, 14/05/2013 - 14:01
Latest PECL Releases:
  • APM 1.1.0RC2 Changed: - upgraded UI by using tweeter boostrap and upgrading jqGrid

  • mongo 1.4.0RC1 ** Bug * [PHP-776] - MongoCollection::batchInsert() with empty options array segfaults * [PHP-781] - MongoCollection::count() should not leak, and throw exception instead of returning GLE document * [PHP-792] - Memory leak while reading an INT64 on a 32bit platform with native_long enabled * [PHP-795] - MongoCode segfaults when internal 'code' property is modified * [PHP-800] - Error codes for some errors in bson.c are re-used. ** Improvement * [PHP-744] - Support the oplog_replay query flag * [PHP-775] - MongoCursor->hint() can't hint on a index by name ** Task * [PHP-475] - Create functional phpt tests for read preference exceptions * [PHP-780] - Deprecate slaveOkay & timeout URI options * [PHP-788] - Document journal/fsync MongoClient connection options * [PHP-793] - Add deprecation notice to non-array options for MongoDB::createCollection * [PHP-801] - Deprecate boolean options to MongoCollection::insert() * [PHP-802] - Deprecate boolean options to MongoCollection::ensureIndex() * [PHP-805] - Deprecate (for real) the "chunks" option in MongoGridFS::__construct

  • couchbase 1.1.5 Same release as 1.1.4, fixed pecl package: - Don't check for JSON. It's part of the php core - Adjust parameter names in reflection to match couchbase-api.php - Prototype trying to get the thing working for PECL - Reset the error code between each request of a persistent connection - Report libcouchbase version in phpinfo - Remove gettimeofday implementation for win32 - PCBC-206: Prototype for configuration caching - Fixup memory allocation for URL path - PCBC-186: Add method to list all design docs - PCBC-178: Add support for connection_timeout - Update GetReplica test - PCBC-218: Detect invalid characters in CAS - Add bucket manipulation example - PCBC-172: Add design document examples - PCBC-191 Don't coredump for invalid argument - Update the list of supported PHP versions

Categories: Open Source, PHP Community, PHP.net

Improve PHP session cookie security

Planet-PHP - Tue, 14/05/2013 - 12:42
Categories: Open Source, PHP Community

PHPMaster.com: MongoDB Indexing, Part 2

PHPDeveloper.org - Mon, 13/05/2013 - 17:36

PHPMaster.com has posted part two of their series looking at indexing in MongoDB databases (part one here) with some more advanced concepts Mongo makes available.

In part 1 of this series we had an introduction to indexing in MongoDB. we saw how to create, use, and analyze queries with indexes giving us a good foundation to build on. In this part, we'll take a look at a few more small but important concepts, like indexing on sub-documents and embedded fields, covered queries, and index direction.

They use the same "posts" collection from the previous article, showing you how to index it based on a "location" sub document and "embedded fields" inside of it. They also touch on complex sorting with a multi-field index and the idea of "covered queries." These are queries that all fields queried are part of an index as well as all returned. They finish up the article by showing you how to remove indexes too.

Link: http://phpmaster.com/mongodb-indexing-2
Categories: Open Source, PHP Community, PHP.net

7PHP.com: A Chat With Adminer - A Simple, Yet Effective, Database Management tool written in PHP

PHPDeveloper.org - Mon, 13/05/2013 - 16:12

On 7PHP.com today there's a new interview with Jakub Vrana about his tool Adminser, a lightweight alternative to things like phpMyAdmin for database management.

Adminer, formerly known as phpMinAdmin, is a full-featured database management tool to be used as a more simple, effective and fast alternative to the famous PHPmyAdmin. Being curious about it, I had a chat with the creator of Adminer, Jakub Vrana.

They talk about the problem the tool tries to solve and where the idea to make it came from. There's also a bit about why to use it over something like phpMyAdmin and what the current status/future plans for it are. If you want to read an interview with Jakub about his work and experiences, you can check out this post.

Link: http://7php.com/adminer-interview
Categories: Open Source, PHP Community, PHP.net

Community News: Packagist Latest Releases for 05.13.2013

PHPDeveloper.org - Mon, 13/05/2013 - 15:01
Recent releases from the Packagist:
Categories: Open Source, PHP Community, PHP.net

Compiling PHP 5.5 From Scratch

Planet-PHP - Mon, 13/05/2013 - 13:00
There’s always a lag behind new releases of PHP and releases of packages for operating systems such as Ubuntu. This lag time means that you could be kept from upgrading to the latest and greatest PHP for a year or more, unless you use an outside repository like Dotdeb. Of course, even when using one [...]
Categories: Open Source, PHP Community

PostgreSQL 9.3 Beta 1 Released

Postgresql.org - Mon, 13/05/2013 - 02:00

The first beta release of PostgreSQL 9.3, the latest version of the world's best open source database, is now available. This beta contains previews of all of the features which will be available in version 9.3, and is ready for testing by the worldwide PostgreSQL community. Please download, test, and report what you find.

Major Features

The major features available for testing in this beta include:

  • Writeable Foreign Tables, enabling pushing data to other databases
  • pgsql_fdw driver for federation of PostgreSQL databases
  • Automatically updatable VIEWs
  • MATERIALIZED VIEW declaration
  • LATERAL JOINs
  • Additional JSON constructor and extractor functions
  • Indexed regular expression search
  • Disk page checksums to detect filesystem failures

In 9.3, PostgreSQL has greatly reduced its requirement for SysV shared memory, changing to mmap(). This allows easier installation and configuration of PostgreSQL, but means that we need our users to rigorously test and ensure that no memory management issues have been introduced by the change. We also request that users spend extra time testing the improvements to Foreign Key locks.

Additional Features

Additional features included in this release are:

  • Fast failover to replicas for high availability
  • Streaming-only remastering of replicas
  • Performance and locking improvements for Foreign Key locks
  • Parallel pg_dump for faster backups
  • Directories for configuration files
  • pg_isready database connection checker
  • COPY FREEZE for reduced IO bulk loading
  • User-defined background workers for automating database tasks
  • Recursive view declaration
  • lock_timeout directive

For a full listing of the features in version 9.3 Beta, please see the release notes. Additional descriptions and notes on the new features are available on the 9.3 Features Wiki Page.

Test 9.3 Beta 1 Now

We depend on our community to help test the next version in order to guarantee that it is high-performance and bug-free. Please download PostgreSQL 9.3 Beta 1 and try it with your workloads and applications as soon as you can, and give feedback to the PostgreSQL developers. Features and APIs in Beta 1 will not change substantially before final release, so it is now safe to start building applications against the new features. More information on how to test and report issues

Get the PostgreSQL 9.3 Beta 1, including binaries and installers for Windows, Linux and Mac from our download page.

Full documentation of the new version is available online, and also installs with PostgreSQL.

Categories: PHP Community

Community News: Packagist Latest Releases for 05.12.2013

PHPDeveloper.org - Sun, 12/05/2013 - 15:03
Recent releases from the Packagist:
Categories: Open Source, PHP Community, PHP.net

Community News: Packagist Latest Releases for 05.11.2013

PHPDeveloper.org - Sat, 11/05/2013 - 15:05
Recent releases from the Packagist:
Categories: Open Source, PHP Community, PHP.net

Escaping in iCalendar and vCard

Planet-PHP - Fri, 10/05/2013 - 17:57

The #1 bug report in my vObject library (a library to parse and create iCalendar and vCard objects in PHP) is that it does a bad job escaping/un-escaping of values.

In particular, it double-escapes certain values, changing things like ; into \\; and in other cases it's a bit too liberal un-escaping.

It's gotten to a point where I got so frustrated about this bug, I've been working all week on a new version of the parser.

Determined to do things right this time, I wanted to make sure I complied with all the relevant standards, in particular:

When I first wrote the vObject I naively thought that these formats were more or less the same. On the surface it does indeed seem that way, everything does seem to follow this basic structure:

BEGIN:VCARD
VERSION:4.0
FN:Evert Pot
END:VCARD

The nuances and slight difference between the specifications are enough to drive a simple person to madness though.

Just on the topic of ecaping values (the part after the :) the specifications have the following to say:

vCard 2.1

vCard 2.1, as well as the other specs have a concept of 'compound' or multi-value properties. An example:

BEGIN:VCARD
VERSION:2.1
N:Pot;Evert;Middle;Dr.;M.D.
END:VCARD

As you can see, the N property has multiple values. Any of these values may also contain a ;, which must be escaped as \;. So we also cannot blindly encode a string and automatically add backslashes to any ; we see.

The semi-colons should only be escaped in the ADR, ORG and N fields, but we can assume that backslashed semi-colons may also appear in other values.

Any property may have a parameter, a parameter looks a bit like this:

BEGIN:VCARD
VERSION:2.1
NOTE;ENCODING=QUOTED-PRINTABLE:Handsome guy, for sure..
END:VCARD

A parameter in vCard starts with a ;, has a name and a value. Only the colon may be escaped in parameters, using \:.

If you somehow wanted to encode a real backslash though, there's no mention of escaping it as a double-backslash.

If you need newlines in any values, quoted-printable encoding must be used. Other specs all encode newlines as \n or \N.

vCard 3.0

rfc2425 says that backslashes (\\), newlines (\N or \n) and comma's (\,) must always be escaped, no exceptions.. Well except when the comma is used as a delimiter for multiple values.

rfc2426 add semi-colon (\;) to this list, except when it's used as a delimiter. Semi-colon is used as a delimiter in the N, ADR, GEO and ORG fields. NICKNAME and CATEGORIES use comma's.

vCard also says that individual parts of ADR, and N may also contain multiple values themselves, which are themselves split by a comma.

Quoted-printable is now deprecated, and should no longer be used.

Parameters have also changed. The new rule is that parameters must not contain ;, : or ", unless they are surrounded by double-quotes, in which case only " may not appear. Escaping of the colon character (\:) has disappeared.

vCard 4.0

vCard 4 changes the interpretation of 3.0 a bit, and now states that semi-colons may be escaped, depending on the property.

The implication is that we need to maintain lists of properties, if they support multiple- or compound-values and which delimiter they use (, or ;).

Semi-colons are now used by N, ADR, ORG and CLIENTPIDMAP. Comma's are used by NICKNAME, RELATED, CATEGORIES and PID.

Even though the spec does say that comma's must always be escaped, it does appear to violate this rule in it's own examples, specifically the example for GEO (which is no longer a compound float value, but a url).

iCalendar 2.0

iCalendar 2

Truncated by Planet PHP, read more at the original (another 1860 bytes)

Categories: Open Source, PHP Community

NetTuts.com: 10 Tips for Learning a New Technology

PHPDeveloper.org - Fri, 10/05/2013 - 17:54

On NetTuts.com today they've posted a list of tips they think will help you learn a new technology faster. They've broken it up into ten different steps, some which could be done at any time but some have a bit more of an order.

We live in a very exciting time. Never before has education been so cheaply available to the masses (if not free). The medium, itself, has made tectonic shifts from a classroom setting, to blogs, screencasts and complete university classes, as a set of videos and interactive forums. Given these resources, there's absolutely no excuse not to dive in and learn. However, with such a wealth of resources, filtering through the options can often become overwhelming. In this article, I will outline a simple process to kick-start your education.

Among the items in their list there's things like:

  • "Let the Information Flow Begin"
  • "Listen and Watch"
  • "Blogging"
  • "Feel the Pulse"
  • "Meetups and Conferences"

Each tip comes with a bit of description and some links to other resources and tools that can help you along your way.

Link: http://net.tutsplus.com/articles/general/10-tips-for-learning-a-new-technology
Categories: Open Source, PHP Community, PHP.net
Syndicate content