Feed aggregator

Phancap: Your own website screenshot service

Planet-PHP - Fri, 18/04/2014 - 23:02
Website screenshot

Full page screenshot

My bookmark manager SemanticScuttle is able to show screenshots for bookmarked websites, but always relied on an external service to generate them. The service shut down now - time to look for an alternative.

There are several dozen screenshot services on the internet; some have free plans that would allow you to re-enable screenshots on your self-hosted SemanticScuttle instance for free. But unfortunately this means registering at yet another service and being again dependent. Time for something new!

phancap

Over the last three weeks, I built phancap - a self-hosted website screenshot service. With it, your bookmark manager will never have to depend on an external service again.

It's easy to setup: Simply drop the .phar in your webserver's document root, install xvfb-run, cutycapt and imagemagick, and you're done.

It supports JPG, PNG and PDF output formats. PNG is ideal for screenshots, while full-text PDF is nice for long-time archiving of web pages.

You may configure the browser and thumbnail size, and can choose between a fixed height and full-page screenshots. Authentication may be enabled to prevent others using your server resources.

Download it or grab the source code (github mirror).

Catégories: Open Source, PHP Community

The Usual Suspects…now with XSS!

Planet-PHP - Fri, 18/04/2014 - 18:23

I’ve just pushed the latest update of the most recent book in the Securing PHP ebook series – The Usual Suspects – and included an entire chapter covering cross-site scripting:

Next we come to something that’s probably a bit more widely known but often misunderstood, especially when it comes to the power that it offers to the attacker. Part of the confusion comes from the name of the attack. When you think about the attack method an XSS vulnerabilities allows, the only thing “cross site” about it is that it can possibly come in as a link from another site. Other than that, a cross-site scripting vulnerability can be more closely associated with injection. In fact, the main reason a site might have a cross-site scripting issue is because of improper output escaping.

This new chapter has loads of information about the different types of XSS issues, the different contexts it can happen in and plenty of code and configuration examples of how to prevent them. If you haven’t picked up a copy of it yet, there’s no time like the present!

Don’t forget about the first book in the Securing PHP series too! Core Concepts is a great introduction to security terminology, methods and principles that can help you lay a good foundation for more secure applications.

Catégories: Open Source, PHP Community

A Look at Valentina

Planet-PHP - Fri, 18/04/2014 - 18:00

Valentina is a set of tools including: Valentina DB (a new SQL database server), Valentina Studio (a database management tool), Valentina Report (a GUI to create reports to be used in an application like PHP) and a related development toolkit (called ADK).

In this article, we will take a look at:

  • How to use Valentina Studio to manage our MySQL database;
  • How to use Valentina Report to create a presentable report.

We will not, however, discuss the the Valentina Database as it is impossible to grasp a new database server and cover its underlying mechanisms in such a short article.

Valentina Studio

Valentina Studio, the database management tool, has two versions. One is free and can be downloaded here. Another is the Pro version, with more features, priced at $200 per unit. Both versions support Windows, Mac and Linux platforms, making it a cross-platform tool.

In this article, I will use Valentina Studio Pro. Thanks to Valentina for providing me with a key for my installation and evaluation.

The startup speed of Valentina Studio is fast, faster than another tool that I am using. Its main interface has 3 panes:

Fig. 1 The welcoming window

  • Servers: Provides CS based database management. It supports four types of “servers”: MySQL, PostgreSQL, Valentina and ODBC. It supports both local server and remote server connections. In my case, we can see there are two remote MySQL connections and one local connection. A red dot before the connection (or “Bookmark” in Valentina’s term) means the server is currently down. A green dot means it is up and running.
  • Database: Supports files based database management. Currently it supports Valentina DB and SQLite.
  • Projects: This is mainly used in report generation. A “report” generated by Valentina can reside locally and remotely. But it must have Valentina Report Server support (bundled with Valentina Server) to be called from an application. The report project manages the source, query and design of a report. We will cover this later.

After selecting a server, the databases in that server will be displayed in the following cascading column view:

This is my favorite view in Valentina Studio. In this view, different levels of entities (database, table, fields, links, indexes, etc) are displayed in columns in a cascading style. Selecting a database in column one, we can choose to display tables, links, views in column two; and for tables, view its fields, indexes, etc in column three. And the final level of details will be displayed in the right most pane. We can also create and modify an entity accordingly.

Another view, less used in my case, is the tree view:

When a table is selected, it displays the table data in a grid view; when a field is selected, only the column data is displayed. In the grid, we can right click on a record to export that record into CSV or SQL.

Continue reading %A Look at Valentina%

Catégories: Open Source, PHP Community

Short CMF workshop at phpDay in Italy

Planet-PHP - Fri, 18/04/2014 - 06:00

David Buchmann will do a CMF workshop at the phpDay in Verona, Italy. phpDay takes place on May 16th and 17th. Details will be published by the organizers on the programme page.

If you can make it to the conference, its a good opportunity to get introduced to the CMF and listen to many other interesting talks.

Catégories: Open Source, PHP Community

July 2014

Planet-PHP - Fri, 18/04/2014 - 02:01
Beyond Design Patterns
Presented By
Anthony Ferrara

July 24, 2014 20:00 CDT

The post July 2014 appeared first on Nomad PHP.

Catégories: Open Source, PHP Community

SitePoint PHP Blog: Getting Started with PHP Underscore

PHPDeveloper.org - Thu, 17/04/2014 - 20:50

The SitePoint PHP blog has a new article posted showing you how to get started with Underscore, a PHP library ported over from Javascript's popular Underscore.js library with many of the same methods intact.

If you've ever used the Backbone framework for JavaScript, you'll already be familiar with Underscore. Indeed, it's become incredibly useful for JavaScript developers in general. But did you know that it's been ported to PHP? [...] Underscore describes itself as a "utility belt library for JavaScript that provides a lot of the functional programming support that you would expect in Prototype.js (or Ruby), but without extending any of the built-in JavaScript objects. It's the tie to go along with jQuery's tux, and Backbone.js's suspenders."

He starts by showing you how to get it installed and some of the basic syntax of the methods it defines (basically replace the period with the double-colon) for both the procedural and OOP handling. He shows examples of a few of the more handy methods it provides including:

  • Each
  • Pluck
  • Minimum and Maximum
  • Filter and Reject
  • sortBy
  • groupBy

...and many more. There's also a bit of talk about templating and extending the library via "mixins".

Link: http://www.sitepoint.com/getting-started-php-underscore/

NetTuts.com: Routing Overview & Basics in Symfony 2

PHPDeveloper.org - Thu, 17/04/2014 - 19:10

If you're relatively new to using the Symfony2 framework, you might be wondering about some of the things happening during requests to your application. One of these things is the routing and handling of each request. In this new post from NetTuts.com they introduce you to the foundations of Symfony2 routing in a screencast.

In the last video, I said we'd take a look at controllers next, but I actually feel it may be easier to learn the framework in a slightly different order. Instead, we're going to learn about the basics of Symfony 2 routing, to give our applications clean and pretty URLs and make it easy to manage our applications URLs and links. We're not going to get too detailed, as Symfony's routing can do quite a bit, but we'll at least cover what we need to know by keeping it straight and to the point.

The screencast is a bit less than 10 minutes long and provides an overview of the routing, how it interacts with bundles and controllers. There's also a bit about using annotations to help define routing information directly in the controller.

Link: http://code.tutsplus.com/tutorials/routing-overview-basics-in-symfony-2--cms-20754

Edd Mann: Storing PHP Sessions/File Caches in Memory using TMPFS

PHPDeveloper.org - Thu, 17/04/2014 - 18:19

Edd Mann (of the Three Devs & A Maybe podcast) has shared a method of session storage he worked up to help increase performance in his application. He shows how to store sessions in memory with the help of TMPFS.

Yesterday I was looking through some application logs and noticed a significant bottleneck with I/O reads in the implemented file cache. [...] This was when I found 'tmpfs', saving me from all sorts of issues relating to adding yet another application to the production stack. 'tmpfs' appears as a mounted partition on your system, however, under the hood it allocates and uses a section of physical memory (non-persistent through reboots). [...] his results in the desired speed boosts, without tampering with the application logic itself. Even better, if the mount is unsuccessful for some reason, it will safety fall-back to using the persistent hard-disk solution.

Since PHP sessions make it easy to change the "save_path" location for the data in an ini value, setup is easy. He includes the needed configuration change and the commands you'll need to mount the tmpfs partition on your local file system.

Link: http://eddmann.com/posts/storing-php-sessions-file-caches-in-memory-using-tmpfs

Interview: Tom Oram and Rob Allen

Planet-PHP - Thu, 17/04/2014 - 18:00

In our second interview, we talk to Tom Oram, who works for a small development firm in Wales and Rob Allen, from Nineteen Feet.

These two developers have a solid wealth of PHP experience and knowledge and have helped me refine my ideas and approaches on many occasions. With that, we’ll start with Tom.

Tom Oram
What lead you to PHP?

A job. I was offered a job using a language I knew nothing about called PHP. It was PHP version 3 at the time, so much less advanced than it is now. Since then, I’ve been using PHP almost every day of my working life.

What have been the things about PHP that bit you?

In previous versions I’ve had various things which have caused confusion and frustration, most notably references and object copying in PHP 4.

However in PHP 5 I don’t really have anything that really catches me out. There are, however, things which I think could be improved or added to make the language easier and more consistent to use.

What have been the highlights or redeeming features

I guess the best thing about PHP is the speed in which you can get going. You can have an idea and very quickly try it out while at the same time it’s very well suited to larger and more complex projects as well.

What are the compelling PHP features for you?

For me I love interfaces and the fact that static typing is becoming more and more possible while still allowing dynamic typing.

What do you want to see added to the language?
  • Type hinting for scalar parameter types
  • Type hinting of return values
  • Nested classes
Why PHP over Ruby, Python, Go, etc?

Honestly I think they all have their own pros and cons. In many ways I think the other languages are designed better and are more consistent.

However if you’re used to programming in a statically typed language (especially Java) then PHP might seem easier to relate to than Python or Ruby.

Do you see yourself moving to another language in the future?

I use other languages all the time, and if a job is better suited to another language I will use that. However for web-based projects I always reach for PHP first, I currently have no intention of changing that.

Do you have a custom framework/setup?

Continue reading %Interview: Tom Oram and Rob Allen%

Catégories: Open Source, PHP Community

Sameer Borate: PHP applications on Google App Engine

PHPDeveloper.org - Thu, 17/04/2014 - 17:40

Sameer Borate has posted a guide to his site today showing you how to get started with PHP applications on the Google App Engine now that it natively supports it (well, mostly).

A couple of years back if you needed to run PHP on Google App Engine you were required to use a open source tool like Quercus, a 100% Java implementation of PHP, to run your PHP applications on the App Engine. However, as you would have guessed, it was not easy to work as with using a native PHP implementation. Now that App Engine natively supports PHP and MySQL, you can easily write PHP applications.

He walks you through the setup and configuration of the App Engine SDK to interact with the service and shows how to create a simple "Hello World" PHP application and deploy it. He talks some about the overall advantages of using the Google App Engine for your application including the scalability it offers and the secured infrastructure it runs on. He finishes the post looking at the different options for data storage and how sessions should be handled (hint: memcache).

Link: http://www.codediesel.com/php/php-applications-on-google-app-engine/

First Aura v2 Beta Releases of Web_Project, Cli_Project, and Framework_Project

Planet-PHP - Thu, 17/04/2014 - 17:27

Earlier this week, we put the final touches on the “micro/macro” frameworks for v2 web projects and v2 command line projects. Although these had been delayed a bit while working out the Aura.Di v2 beta release, they both now have their first “Google beta” releases!

… The idea is that [Aura.Web_Project] starts as a very minimal system, with only router, dispatcher, request, and response functionality. But thanks to the Composer-assisted configuration system, it’s very easy to add whatever functionality you want, making the project as large or as small as you need. …

Aura.Cli_Project takes exactly the same approach, but for command-line applications. It consists of a “context” and standard I/O system (the equivalents of a request and response), along with a console and dispatcher. It uses the same configuration system as Web_Project, so you start with a very minimal system that grows only as you need it.

Each project is little more than a skeleton around a core “kernel” package. The Aura.Web_Kernel is what actually provides the glue to connect the underlying library packages together, as does the Aura.Cli_Kernel.

Keeping the kernel separate from the project means we can update the kernel without having to re-install a project.

via First v2 Beta Releases of Web_Project, Cli_Project, and Framework_Project.

Catégories: Open Source, PHP Community

Three Devs & A Maybe Podcast: Delving into Laravel

PHPDeveloper.org - Thu, 17/04/2014 - 16:46

The Three Devs and a Maybe podcast has release their latest episode hosted by Michael Budd, Fraser Hart, Lewis Cains and Edd Mann. In this new edition, Episode #20, Delving into Laravel, they talk about the Laravel framework in their continuing series covering web application frameworks.

In this weeks show we follow up the discussion on CodeIgniter with an introduction to Laravel. Introduced only a few years ago, the framework has been a 'breath of fresh air' in the PHP framework landscape. Starting with a brief history of the project and how it has evolved, we move on to highlight key features of the framework that set it apart. One such inclusion is the extensive use of an IoC container, and how Facades cater for an expressive code-base.

Other topics include PHP2Python, virtPHP and the history and philosophy of Laravel. You can listen to this latest episode either though the in-page player, grabbing the mp3 or by subscribing to their feed.

Link: http://threedevsandamaybe.com/posts/delving-into-laravel/

Community News: Packagist Latest Releases for 04.17.2014

PHPDeveloper.org - Thu, 17/04/2014 - 15:05
Recent releases from the Packagist:

Walking the London LOOP - part 7 and 8

Derick Rethans - Thu, 17/04/2014 - 10:29
Walking the London LOOP - part 7 and 8
Section 8

After lunch we came through Bourne Hall Park where section 7 ends and section 8 starts. With 7 being so short, there was plenty of time to also finish section 8.

loop8-d36_5140.jpg

The start of section 8 is also the source of the Hogsmill river. And the whole route of section 8 tries to follow the river as closely as possible. In some places that was not really possible so we had some diversions through residential areas, and slightly smellier, through the Hogsmill Valley Sewage Treatment Works. But most of it, was pleasent walking past the river.

loop8-d36_5151.jpg

Near the end we came to Kingston-Upon-Thames were it was again a bit trickier to follow the river.

loop8-d36_5157.jpg

With the weather being so nice, we had to stop for a few pints at the end of the walk, at two of Kingston's river side pubs, the Bishop and the Gazebo next door!

The weather was again very good, with 16-18°C and no clouds to be seen. We took just over four hours for the two sections that together were 20.3km long.

The photos that I took on this section, as well as the photos of the other sections of the LOOP, are available as a Flickr set.

Catégories: Open Source, PHP Community

Loosely Coupled Podcast: Episode 2: My Code Is Perfect

PHPDeveloper.org - Wed, 16/04/2014 - 20:59

The Loosely Coupled podcast (with PHP community member hosts Jeff Carouth and Matt Frost) has released their latest episode, Episode #2: My Code is Perfect.

Writing clean code isn't something you pick up overnight, nor is it a brand new topic. In this episode Jeff and Matt discuss the characteristics and mechanics of creating clean code and how to approach your project from a clean code perspective. [...] In this episode, Jeff and Matt talk about code quality and beautiful code. Beautiful code follows a standard. If you don't have one, find one and adopt it.

There's some great notes in the post to accompany the recording with other suggestions, resources and links to other sources that can help you write cleaner, better code. You can listen to this latest episode either through the in-page player or by downloading the mp3 directly. You can also subscribe to their feed to get the latest episodes as they're released.

Link: http://looselycoupled.info/blog/2014/04/14/episode-2-my-code-is-perfect/

SitePoint PHP Blog: Implementing Multi-Language Support

PHPDeveloper.org - Wed, 16/04/2014 - 19:18

The SitePoint PHP blog has a new post from Jacek Barecki talking about a few ways you can include multi-language support in your PHP applications. There's not much in the way of actual code here, but there are links to some other tools that can help get the job done.

Setting up a multilingual site may be a good way to attract new customers to your business or gain more participants in your project. Translating a simple site with a few static pages probably won't probably be complicated, but more complex PHP web applications may require a lot of work when launching multiple language support. In this article I'll present different types of content that need to be taken under consideration when internationalizing a site.

He breaks it down into five different types of content that you might want to translate:

  • Multi-language Static Content
  • Database content
  • User submitted content
  • Resources (images, videos, etc)
  • Other types of content

He wraps it up with a few recommendations including making a checklist of the things you want to translate to figure out what tools you need to use.

Link: http://www.sitepoint.com/implementing-multi-language-support/

Getting Started with PHP Underscore

Planet-PHP - Wed, 16/04/2014 - 19:00

If you’ve ever used the Backbone framework for JavaScript, you’ll already be familiar with Underscore. Indeed, it’s become incredibly useful for JavaScript developers in general. But did you know that it’s been ported to PHP?

In this article I’ll take a look at Underscore, what it can do, and provide some examples of where it might be useful.

What is Underscore?

Underscore describes itself as a “utility belt library for JavaScript that provides a lot of the functional programming support that you would expect in Prototype.js (or Ruby), but without extending any of the built-in JavaScript objects. It’s the tie to go along with jQuery’s tux, and Backbone.js’s suspenders.”

Most notably, Underscore provides a bunch of utilities for working with collections and arrays, some for working with objects, basic templating functionality and a number of other useful functions.

The functions which operate on collections and arrays can be particularly useful when dealing with JSON, which makes it great for handling responses from web services.

Continue reading %Getting Started with PHP Underscore%

Catégories: Open Source, PHP Community

PHPBuilder.com: Using PHP Configuration Patterns Properly

PHPDeveloper.org - Wed, 16/04/2014 - 18:52

On PHPBuilder.com today they have a new post showing different configuration patterns for getting localized settings into your applications. They show the use of INI files, PHP scripts, text files, XML data and a database call.

PHP is a cross platform language. It is a server based application so we must think about the configuration settings of the PHP software. There are various ways of creating configurable PHP applications. The configuration flexibility comes as a built in feature in PHP. But we must understand the requirement clearly before making an application configurable. This article explores different PHP configuration patterns and their implementation.

For each of the options mentioned, there's a brief description of what the method is, some of the common uses and a code example showing a basic implementation. The database pattern is the only one without a code example as the database interface varies widely from application to application.

Link: http://www.phpbuilder.com/articles/application-architecture/using-php-configuration-patterns-properly.html
Syndiquer le contenu