Archive for the ‘pear’ Category

« Older Entries

PEAR metapackage for Statusnet

Sunday, January 17th, 2010

A short while ago, someone popped into the PEAR irc channel on efnet and asked about installing Statusnet – which is a “open source micro messaging platform that helps you share and connect in real-time within your own domain.” It’s what powers identi.ca and similar micro-blogging services.

Specifically, this person wanted advice on installing the six or so PEAR packages on which this software depends; eight if you include the optional ones.

Foreseeing a number of people wanting similar help, I thought it would be best to create a metapackage to bundle these PEAR packages together – at the least it would mean only one “pear install” command would be required and it would reduce the number of potential mistakes that could be made.

Following my own instructions in the “Dependency Tracking (Meta Packages) with PEAR” section in the PEAR documentation, I quickly came up with Statusnet_Statusnet-0.1.1.tgz.

Install it via “$pear install http://short.ie/statusnettgz” for the moment – as the location of where it’s being hosted may change during the week.

Posted in pear, php | 3 Comments »

A response to “Better Postal/Zip Code Validation Method for CakePHP 1.2″

Tuesday, December 15th, 2009

Just a few minutes ago I read Jamie Nay’s A Better Postal/Zip Code Validation Method for CakePHP 1.2 blog post.

Jamie says that “The Validation::postal() method that comes with CakePHP 1.2 is good in that it can handle a number of different country formats, but the problem is you can only validate your data against one country. What if you want to accept, say, either Canadian or US postal/zip code formats? I ran into this problem earlier today, and decided to write my own postal() function that can take either a string as the country, just like Validation::postal(), or an array of countries.”

I’m probably going to have to wait for Jamie to wake up before my comment on that blog-post is approved, but the crux of it is “Don’t”. Don’t write your own code to validate user input, unless of course the input data is specific to a problem domain that others haven’t catered for yet.

I drew attention to two things. The first is that there are Validation packages in PEAR, including the main Validate class and all the Validate_xx subclasses such as Validate_US, Validate_CA and some 22 others).

The second item I drew Jamie’s attention to is that his validation code counts a zip code of “00000″ as valid, when the USPS zip code look up tool correctly (and they should know!) identifies that code as invalid.

Why spend time writing and debugging regular expressions, compiling lists of valid data and so on when other people have already done this work? Especially when it comes down to such things as validating data input which is crucial when you need to guard against cross site scripting vulnerabilities.

Focus on what you need to do rather than reimplementing what others have already done.

Honestly, this probably should be subtitled – “Stop the NIH craziness, please” – though to be fair Jamie might not have known of the solutions already out there.

Posted in pear, php | 6 Comments »

Book Review: jQuery 1.3 with PHP

Sunday, December 13th, 2009

jQuery 1.3 with PHP

jQuery 1.3 with PHP

Before I start this review proper, I need to disclose one nugget of information first: The author, Kae Verens, and I are both currently serving as members of the Irish PHP Users Group Committee and have known each other for quite a few years. If you believe I can remain impartial and objective (as I hope you do – because I am), read on:

This is the first book sent to me from Packt where I wasn’t left dizzy from trying to understand just what it is the author was trying to get across. It looks like their proof-reader was awake for this one – totally awesome.

jQuery, as the vast majority of us already know, is a JavaScript library that simplifies HTML document traversing, event handling, animating, and Ajax interactions for rapid web development. In other words it does all the heavy lifting and takes care of cross-browser compatibility issues so you don’t have to and thus allows you to focus on the work that you need to do without all those distractions.

“jQuery 1.3 with PHP” is aimed “for PHP application developers who want to improve their user interfaces through jQuery’s capabilities and responsiveness”. Over the course of ten chapters Verens starts the off with an introduction, then a series of ‘Quick Tricks’ that almost immediately help you add some measure of “Web 2.0″ functionality to what I’d term a “web 0.2 application” rather sharply.
The book ends with a chapter on Optimization – some of which you are bound to already know and some which are complete gems.

In the middle are chapters with mini-projects on tabs and accordians, forms and form validation, file management, calendars (and how to make your own google-calendar-like application), image manipulation, drag and drop and data tables.
In each case, projects are analysed and the required steps for each are outlined in the simplest terms – no extraneous buzzwords are used or are the projects over-analysed for the sake of pedantry.

I was a little surprised in some places where, for example, the json encoded output was not created via json_encode; but then thought not everyone is going to have PHP 5.2 or greater installed. Thumb forward a few pages and this is mentioned. So all’s o k.

It was good to see Kae suggesting use of the PEAR Validate package (or similar) in the Forms and Forms Validation chapter (chapter 4). I had to wonder if there was a PEAR package for creating and shunting down jQuery validation rules to the client – and found that there isn’t. That’s something to consider for later on, I guess.

The rest of the book is similarly both easy to read and easy to understand – my first port of call for learning how to do something that I’d almost term exotic with jQuery and with PHP in the background is usually Google but that is going to change (actually it already has).

Honestly, I wouldn’t be surprised if this books working title was “JQuery and PHP: The HowTo” – it is that good.
Now, this book is not for learning jQuery – that is not within its remit, but I would heartily recomend “jQuery 1.3 with PHP” by Kae Verens to anyone wanting to utilise jQuery from a PHP background.

Posted in JavaScript, OpenSource, Reference, Web Development, linux, pear, php, review | 6 Comments »

Two security fixes for PEAR’s Net_Ping and Net_Traceroute packages

Sunday, November 15th, 2009

As David mentioned in the PEAR Blog yesterday, in the PEAR Security Advisory PSA 200911-14-01, Net_Ping and Net_Traceroute had been found to have command injection venerabilities in them.

These were fixed and new versions released immediately – further details are available on the Official PEAR Blog.

Posted in pear, php | No Comments »

PHP Team Development by Samisa Abeysinghe

Sunday, November 15th, 2009

PHP Team Development by Samisa Abeysinghe

A few weeks ago I received a copy of “PHP Team Development” from Packt.
Split into seven chapters, all equally sprinkled with phrases that are disjointly written and that don’t get a point across, and some that make you think the book was written using some speech-to-text software (“Vendor locking” anybody?) , this book which “is for PHP developers who work in teams on complex projects” has given me an aversion to seeing three little words printed alongside each other (“the PHP code”).
If you have read this book you too will develop this aversion. I think Lorna Jane Mitchell and Brandon Savage who both bravely reviewed this book before me might be inclined to agree.

Published only in September of this year, I found it surprising that its section on coding standards and best practices does not suggest the use of phpCodeSniffer (for checking the adherence to coding standards, and which, incidentally, has been available in one form or the next for the last three years). Nor does Samisa suggest the use of phpUnit or SimpleTest for unit testing (Actually, nothing is mentioned for unit testing – the concept isn’t even described, nor is Test Driven Development). These tools have been around for a very long time and I was honestly startled by their ommission.

In a way that’s fine – these are only tools and the book is about team development – not about listing and reviewing each and every tool that could be used to help team members make more efficient use of their time.
But I’d rather use these tools during peer review to help highlight what a team member may be doing wrong in an efficient use of my time, than have to analyse the code myself.

So, moving on, there’s a section explaining that frameworks should also be assessed on the basis of the various open source licenses they are distributed under but the author doesn’t really explain why this is important – or discuss what the prevalent FLOSS licences are (MIT, BSD, GPL etc), or what issues they each attempt to address and what they are best suited for.

The NIH (Not Invented Here) Syndrome is mentioned and to be fair the author does give a long list of frameworks to be considered; probably the one detailed list in the book, to be honest.

PEAR had been mentioned in passing elsewhere in the book so I was expecting it to be listed in the frameworks section too, as I was expecting ezComponents to be referenced somewhere as well – but then, these are a component framework/libraries so perhaps he thought it did not belong in such a list.

To be honest, I think that is part of the problem. The book focuses on what the author thinks and his thoughts on the subject are written in such a manner, that once you put in the immense effort in trying to understand what he is attempting to communicate, that you are left with the impression that
there are no alternatives; that X & Y & Z are the true and tested ways of doing things in PHP and there are no two ways about it.

This is a complete shame.

Some other observances about this book;

  • Continuous Integration is mentioned; but CruiseControl and PHP-Under-Control are not.
  • Source Code Control is mentioned, and here Subversion and GIT are covered. CVS is mentioned elsewhere, under a section, and chapter, far-far-away. Mercurial, bazaar and others don’t even get a look-in.
  • There is no mention of how approaches to Team Development might vary depending on whether some team members might be working remotely, Pair Programming is barely mentioned let alone suggested as one way of ensuring that each team member is learning from the other and reviewing the code that his partner has written.
  • Under issue- or bug-tracking, jira and bugzilla are mentioned as two popular bug tracking tools, and although Abeysinghe states “there are numerous tools that are available, both opensource and commercial for bug tracking”, no others are listed. Fogbugz, Mantis, RT, Trac, and plenty others get left by the wayside.
    Actually, I’m wrong. Sorry. Trac is mentioned – at the other end of the book; though not in the glossary or index.

I honestly considered giving up on reading this book and not writing this review. The book truly is that bad. The thought of someone paying out close to thirty euro for a book that I’d call poorly researched, badly proof-read, woefully incomplete, badly structured at worst and self-opinionated at best did force me to reconsider.

Nobody should spend close to thirty euro on a book and get so little in return.

So my oneliner opinion of PHP Team Development by Samisa Abeysinghe?
I’d seriously suggest you give it a miss – do something more meaningful with the money and buy bread to bring your team on a duck-feeding-mission.

Posted in Web Development, pear, php, review | 2 Comments »

OSSBarCamp lightning talk on PEAR: slides now online

Wednesday, September 23rd, 2009

I was the the OSSBarCamp event in Dublin last Saturday and gave a lightning talk on PEAR. It went well (I think). The slides for it are now online at the talks.php.net website.
I’ll write up more thoughts on the event later if I find the time ;-)

Posted in OpenSource, pear, php | 2 Comments »

OpenStreetMapping Nenagh

Tuesday, June 16th, 2009

So yesterday I had a quick interview with a journalist from the Nenagh Guardian – my local paper – about this OpenStreetMap (OSM) mapping malarky.

As most of you will probably know OSM is to printed atlases from AA, Ordnance Survery etc, as wikipedia is to encyclopedias. People can contribute data to the project through a variety of activities: going out and actually mapping an area with a sat nav or gps unit [even a mobile phone with GPS in it such as an iphone, nokia n95 or whatever], tracing data off Yahoo [and other] aerial imagery, filing bugs on the openstreetbugs website or literally drawing in information via the walking papers map making website. And better again, this is about providing free geographic data such as street maps to anyone who wants them.

Anyway…I mentioned how the OpenStreetMap map of Nenagh is more complete than even the latest commercially available maps for Garmin and Google Maps and listed off a few ways how OSM could be used commercially: by real estate agents, courier companies, how being able to pin-point where all the amenities are would be useful for tourists, and so on.

Compare the Open Street Map of Nenagh with the Google Map of the area – as you can see, there’s still quite a bit of work to be done – Millers Brook needs to be marked as such along with the various groves, avenues etc that comprise that estate. Plus all the amenities, shops [perhaps even their opening hours] and the Shannon Development Industrial Centre still need to be added – as I’m sure are some other small portions of the town that I’ve unknowingly neglected.

It’s fair to say that this will never be finished – existing housing estates will be extended, there will always be urban development plans that when implemented would also need to be included on the map.

It would also be cool to have the new “Nenagh Cycling Hub” rendered on the opencyclemap.org website.

I discovered the OpenStreetBrowser site to be a great test of the data that myself and others have entered – it’s also a great way of demonstrating just what can be done with OSM data.

If you happen to spot something that I’ve missed please either drop me a comment or use the openstreetbugs website.

On a related note: it would be good to see a PEAR/PHP based client/component for interfacing with the OpenStreetMap server so that interesting apps utilising that data could be implemented on the LAMP stack – something to go alongside the Services_GeoNames package from pear ;-)

Posted in OpenSource, linux, openstreetmap, pear, php | 6 Comments »

Book Review: Learning jQuery 1.3

Tuesday, June 16th, 2009

A while ago I was sent a review copy of “Learning JQuery 1.3” by Jonathan Chaffer and Karl Swedberg, as published by Packt. I’ve now had a chance to read it objectively and compare it against the original “Learning JQuery” which Packt also sent me to review about a year ago. That earlier edition covered a much less mature version (version 1.1.3.1 to be precise) of this popular Javascript framework.

Aimed at web developers and designers with a basic understanding of HTML and CSS (and some level of comfort with Javascript), the later book is thicker than the original – it weights in at some 440 pages compared to the 360 pages that were required for the first. A new chapter, “Developing Plugins” covers how to write plugins for the framework and how to “share it with the world” – naming conventions, documentation style and other advice are included. There is also a new “Quick Reference” appendix which just begs to be reproduced in “Cheat-sheet” format for pinning up on your wall. Chapters already present in the earlier book are more detailed and read better.

The subject matter is expertly covered and unless you were aware of the changes in jQuery 1.3, compared to the older version that the original was focused it would be difficult to tell which portions of the book are new – the revision and updates to the original are seamless.

Quite rightly, Swedberg and Chaffer do not explain all differences between jQuery 1.3 and its predecessors – they rightly assume that if you’re reading “Learning JQuery 1.3″ then you don’t need to be informed of exactly how jQuery 1.3 differs from the version they previous covered. The book flows better because of this and remains very easy to understand because of this approach.

There is no hint of the selector engine in 1.3 being any different than what was already covered. The language used for explaining the different concepts to the reader is more precise, especially so in the Events chapter and this makes understanding the concepts being covered much more easy – for this reason alone buying the revised edition is well worth the money.

The book doesn’t focus on new additions that were freshly added to jQuery 1.3 but also ones that had been added to jQuery since the first edition was published; JSONP, which was introduced in jQuery 1.2 is covered in the chapter on AJAX, as is the more low-level $.ajax() method; it also mentions which features have been removed from jQuery since the first edition was published – XPath being one such example. The listing of development tools has also been reworked, as has the Online Resources section. These listings mention resources that are current and up-to-date.

I remember mentioning in my review of the first book (trying hard not to use the word ‘original’ again!) that until a later edition of it was released that you wouldn’t be able to find a better book on the subject. I stand by that assertion – the only book that covers jQuery better than the first edition of “Learning jQuery” is the second edition of the same.

Posted in JavaScript, Web Development, pear, php, review | No Comments »

Save Nenagh Hospital

Saturday, January 31st, 2009

I’m back home from a “Save Nenagh Hospital” rally earlier on today – I estimated the number of people there to be at least two thousand.

As you might infer, this is quite serious – the Health Service Executive in Ireland have already made the first steps in downgrading and then closing the General Hospital in Nenagh. Already there are plans for numerous cuts, including a proposal to remove 24-hour accident and emergency services at the hospital in favour of the introduction of advance paramedics to partly replace the present service.

The only numbers important to the HSE, it seems, are those balanced on their accounts sheets – not the number of lives that will be lost, the number of minutes late that ambulances will arrive to road accidents, the ill and those in need.

Representatives of the HSE were invited to attend but did not – most likely because they know no matter how they try they can not make sense of their own arguments. In short, they can not justify what they are proposing.

Google for phrases such as “save nenagh hospital” and “friends of nenagh hospital” to see just how serious and important this is – you’ll find links such as this article in the Irish Times (Doctors to fight cuts at Nenagh hospital).

Please add your voice by joining the Save Nenagh Hospital group on facebook, by writing to your political representatives and by writing to the papers.

Don’t let Nenagh become the next Monaghan.

Posted in General, linux, pear, php | No Comments »

7 things…

Wednesday, January 14th, 2009

I got tagged by Chuck for this “7 Things” meme. So here are 7 things you may not know about me:

  1. I first met my wife at her house warming party seven years ago – it took four years for anything to happen though! I’m so happy it finally did though!
  2. My first computer was a ZX Spectrum 48K that was bought when I was seven years old – I’ve since progressed through BBC computers, Apple Macs and then onto PCs. I also had a accounts on the WRTC vax – VMS and OSF/1.
  3. I’ve similarly gone through a number of differing computer languages: Basic in various incarnations (ZX Basic, BBC Basic, VB), Z80 Assembler, HyperCard (yes, really), C, C++, JavaScript, Perl, PHP, Python, ColdFusion, Java.
  4. I might be Irish but my surname isn’t.
  5. I read a lot of fantasy: Gemmell, Eddings, Tolkien, Pratchett; though I also enjoy Tom Clancy and Dale Brown novels.
  6. I’m long-sighted in one eye and short-sighted in the other: one good reason why I’ve never been that good at sports.
  7. I am an active PEAR developer.

Tagging Others

I’m supposed to tag 7 other people who then repeat the whole process:

  • Proinnsias Breathnach for being such a good friend all this time. And because he doesn’t blog enough.
  • Kae Verens for having a name that sounds the same as his first inital – and for helping out loads at the IPUG stand at last year’s Irish Opensource Technology Conference.
  • Donncha O Caoimh for his trojan work back in the day with the ILUG CMS and for Wordpress mu.
  • Jaime Hemmett for her exuberance and energy she’s brought to the Irish PHP scene.
  • AJ McKee for starting the Irish PHP Users Group in the first place!
  • Justin Mason for Spam Assassin, SiteScooper and being an all round nice guy.
  • Fuzzix for his levity and humour. That plus he’s a ZX head like myself.

Rules

  • Link your original tagger(s), and list these rules on your blog.

  • Share seven facts about yourself in the post – some random, some weird.

  • Tag seven people at the end of your post by leaving their names and the links to their blogs.

  • Let them know they’ve been tagged by leaving a comment on their blogs and/or Twitter

Posted in General, OpenSource, linux, pear, php | 2 Comments »

PHP for Enterprise/Business Whitepaper

Thursday, January 8th, 2009

I’m very proud to have been involved as an editor and help with the translation and update of the AFUP’s PHP en Enterprise livre blanc into the PHP for Enterprise/Business Whitepaper: as far as I know this is the first full English language translation and update of the work done by the Association Française des Utilisateurs de PHP (French PHP Users Group). Also there is a lot of new content in the Whitepaper that with regards to how PHP is now utilised in Enterprise. Figures have been updated and techniques available in later versions of PHP have been referenced.

We’ve had an interesting time translating and updating the content – especially as I don’t know French let alone their idioms. Many thanks to Stéphane Lambert for his boundless energy and devotion to getting us this far!

Thanks also to PEAR President and fellow IPUG member David Coallier who also helped with the translation work and not forgetting Derick Rethans and Peter Keung who also assisted in fine-tuning our work into something a bit more fluent and graceful ;-)

I would be remiss to not mention Blacknight who have sponsored the IPUG from the start – without them there truly would not be a php.ie!

If I’ve left anybody out – please remind me!

All in all, as Chairman of the Irish PHP Users Group, I can say this is an exciting moment for us to have achieved – we’ve given something tangible back to the PHP Community as a whole and to top things off we’ve published the Whitepaper under the Open Licence Content – you may
freely use it if you clearly acknowledge the Irish PHP Users Group and if you retain the Open Content Licence. This means you can localise the Whitepaper to your own language and national figures if you so desire.

Posted in linux, pear, php | 10 Comments »

Is PHP vulnerable software?

Tuesday, August 26th, 2008

Thanks to Ivo Jansch, I spotted Matt Assay mentioning in his article on cnet that PHP headlines in IBM’s list of most vulnerable software and I have to say this is complete balderdash on the part of IBM.

He quotes from the report:

Another commonality between these three vendors is that they are all written in PHP. If we look back over last year’s disclosures and apply the new CPE methodology to them, we would uncover another newcomer to the top five list, PHP itself, which would rank number four in the 2007 top five vendor list.

What are featuring in IBM’s top ten of vulnerable that makes the report insinuate that the PHP language is a security risk are Jooma, Wordpress and Drupal. How PHP would feature in a list of “vendors” is beside the point – if a construction company were to build a house where the windows don’t close fully, the security alarm doesn’t work and where bare wires are exposed you don’t “blame” the windows, alarm system and cabling. The responsibility rests with the construction company and/or the individual contractors hired by that company. Similarly, we can’t “blame” PHP for bad software architecture and security risks present in Joomla, Wordpress or Drupal – the onus is on the software developers and architects to design secure [web] applications.

They should, at the least, ensure input data is of the expected type, of certain values; handle uploaded files in a secure and cautious manner that they don’t overwrite files crucial to the health/security of the system running the application or the application itself; use an audit trail for checking against attacks, ensure security in depth against SQL injections, Cross Site Vulnerabilities, Command Injection and … I could go on but won’t – search for php security best practices, get the Zend PHP 5 Certification Study Guide, check out the library resource at the PHP Security Consortium.

Now where’s ruby, cobol, C, and z80A assembly language on that list? And why is Linux mentioned there as a vendor?

Tags:
Posted in Web Development, linux, linux.ie, pear, php | 1 Comment »

Irish PHP User Group: Committee Forming

Wednesday, August 20th, 2008

Yesterday. a few weeks after much discussion and evolution of the constitution of the Irish PHP Users’ Group I suggested that we should get our skates on and get to forming a committee.
Nominations were made today for all of the posts but there’s a week left before the results are ‘official’ – the cut off is to have a committee voted in by next wednesday so there is still plenty of time left if you think you are better suited for the tasks at hand.

Posted in Web Development, linux.ie, pear, php | No Comments »

PHP 4 – this parrot is deceased!

Friday, August 8th, 2008

I woke this morning with a grin. Nope, nothing to with the Olympics; PHP 4 is dead and by that I mean it is no longer supported – no more official security updates for PHP 4 – or backports from PHP 5 or PHP 6.
The last release of PHP 4.4 occurred yesterday.
Why is this important – and why am I grinning?

PHP 5 has improved support for Object Oriented Programming, PDO, numerous performance and security enhancements that make continuing to maintain or develop PHP4 specific code a mugs game.
The enhancements in PHP 5.3, which is scheduled to be released in October, and those in PHP6 make it all the more compelling to move from PHP4.
If you are a developer and are unaware of this or are clinging on to PHP4 for dear life, you’d do yourself a favour by evaluating all options open to you – including a change of career.

The hosting market may be slow to catch up but remember this: there will be no more security updates for PHP4 and there are security enhancements in PHP5. Compelling reasons to ask your hosting provider if they do PHP5 hosting. Web hosts who are dedicated to supporting PHP 5.2 or later are listed on the gophp5 website.
Blacknight are the only Irish hosting company listed there.

Ivo Jansch, CTO of iBuildings painted a fairly bleak picture a month ago regarding continued PHP4 usage; poising the question “what if there’s an exploit for PHP4 and the bad guys are waiting until after 8/8/8 to make malicious use of it”. This is just scare-mongering but he does make a valid point, after today it will take longer than usual, if at all, for a fix against such expoints to be made available. So if you’re in business it would be wise to consult with your hosting company ASAP.

Posted in OpenSource, Web Development, pear, php | 1 Comment »

pear tab completion

Monday, July 28th, 2008

Last Friday, Amir mentioned that he wrote a bash completion script for the pear cli. I’ve used it a bit since then and the tab completions that it provides makes using pear at the command line much easier. Thanks Amir!
Now – is there any chance to get it installed with pear by default? That would be good!

Posted in linux.ie, pear, php | 5 Comments »

Andrii Nikitin’s son Needs Help – ASAP

Monday, July 14th, 2008

(Reposted from Zack Urlocker’s blog, via Vidyut Luther and planet MySQL. I don’t usually repost such things but a 2.5 year old’s health is at stake so I’m making an exception. If you use mysql at all – and even if you don’t – please dig deep.)

Andrii and his son Ivan

Andrii and his son Ivan



Andrii Nikitin, one of the MySQL support engineers located in Ukraine, has asked for help from MySQLers and so I’m sharing this information to the community at large. Andrii’s son Ivan, who is 2 1/2, is in need of a bone marrow transplant operation. This will require going to a clinic in Europe that will not be covered by regular insurance. So Andrii has asked to see if we could help raise funds. The cost is expected to be €150,000 – €250,000. A huge amount for an engineer from Ukraine to cover. But a small amount by many people could make a big difference.

Many MySQLers have kicked in to help out, but more is needed. Ivan’s health has taken a turn for the worse recently and the issue is now quite pressing. Even a small donation could mean the difference between life and death for Ivan.

I hope some of you who use MySQL or have young kids will join me in making a donation today. You can do so by using Paypal, by sending a cheque to MySQL, or via wire transfer.

Paypal:
Paypal
Or
by check payable to:

MySQL, Inc.
Mail to: MySQL, Inc.
Attn: Linda Dong
20450 Stevens Creek Blvd #350
Cupertino, CA 95014

or
US wire transfer:

MySQL Inc: 7396643001
SWIFT: NDEAUS3N

or
International wire transfer in any currency:
Bank: Nordea Bank
Bank address: Stockholm, Sweden
Bank account: 3259 17 03868
IBAN: SE27 3000 0000 0325 9170 3868
SWIFT: NDEASESS

Thanks to those who have donated already. A child’s life is precious and I hope we can give Ivan a chance.

Posted in JavaScript, linux, linux.ie, pear, php | 7 Comments »

Book review: PHP Objects, Patterns and Practice (second edition)

Tuesday, June 3rd, 2008

Apress sent me a copy of “PHP Objects, Patterns and Practice (second edition)” by Matt Zandstra to review.

As hinted in the title, this near 500 page tome is split into three parts: objects, patterns and [best] practice.
The section on objects covers the basics and then the advanced features of object oriented facilities in PHP and tools such as namespaces, autoloading and the reflection classes along with design basics, class scope, encapsulation, polymorphism and some UML.
The patterns section is obviously inspired by “The Gang of Four” (Erich Gamma, Richard Helm, Ralph Johnson, and John Vlissides) and covers what design patterns are, enterprise patterns, database patterns and also the basic patterns such as the factory, fascade, decorator and composite patterns along with a few more. This section is far from comprehensive, but is a good start. (If Patterns do interest you, and they should, have a look at patternsforphp.com)
The last section, focuses on PEAR (including writing your own packages and setting up your own PEAR channel), phpDocumentor, unit testing with phpUnit, version control with CVS (which struck me as a bit odd – I had expected subversion to be covered either instead of or along with CVS) and setting up automated builds with phing.

While being an easy read, this is a well written, serious book and is aimed squarely at enterprise-level developers and software engineers who make their living through the development and architecture of solutions developed in PHP.
Any PHP developer wishing to improve his skills should get a copy.

Tags: , , , ,
Posted in pear, php, review | 2 Comments »

Book review; “UML 2.0 in Action: A project-based tutorial”

Monday, May 26th, 2008

A while ago I received, from packt, a copy of “UML 2.0 in Action: A project-based tutorial” by Patrick Grassle, Philippe Baumann, Henriette Baumann. This book certainly lives up to it’s byline of being “a detailed and practical walk-through showing how to apply UML to real world development projects”.

UML is a standardized visual specification language for object modeling and is short for “Unified Modeling Language” that includes a graphical notation used to create an abstract model of a system, referred to as a UML model. There are many software tools available which can be used for code generation and reverse engineering, such as the new PEAR package PHP_UML which generates a UML representation of existing PHP source code.

This book assumes no prior knowledge of UML and this works very well. It is by no means comprehensive but that it’s what the authors set out to write – this book is focused on being a practical tutorial for learning the essentials of modelling business systems, IT systems and systems integration – no more, no less. It does this admirably and I’ll recommend this book as a reference and introduction for developers performing system analysis and design activities.

Posted in Reference, pear, php, review | No Comments »

Validation in Depth – a retort to using just regular expressions

Monday, May 26th, 2008

I’ve noticed that Richard Heyes, who professes himself to be a php guru, deleted my comment on his “Some common regular expressions” posting which simply pointed out his expressions didn’t quite do the job and suggested a few PEAR packages that should be used instead of the expressions that he proffered for the following:

  • Email addresses
  • Usernames
  • Telephone numbers
  • Postal codes
  • IP addresses
  • An SQL date
  • A domain
  • A UK sort code

Why he deleted it is anybody’s guess – he deleted a few others too.

Anyway, for the record I thought I’d reproduce my comment from memory (I didn’t think to make a backup copy for obvious reasons but hey nobody expects the Spanish Inquisition).

The problem with just relying on a regular expression for validating data is there is no “defense in depth” to that solution. Sure the expression might catch the main bulk of data entered but there’s always going to be data that get’s through.

For example a simple regular expression for validating phone numbers won’t catch area codes or country that don’t actually exist and another that’s used for validating entered dates might not catch leap-year based exceptions.

  • Email addresses – use the PEAR Validate package for email address validation
  • Usernames
  • Telephone numbers – use Validate_UK; this package will also validate UK specific details such as:
    • SSN (National Insurance/IN)
    • Postal Code
    • Sort Code
    • Bank AC
    • Car registration numbers
    • Passports
    • Driver license
  • Postal codes – use Validate_UK or counterpart as appropriate.
  • IP addresses – use the Net_Check PHP5 port of Net_CheckIP or the original Net_CheckIP for php4 if you really have to.
  • An SQL date – what Richard provided validates the form of a date in yyyy-mm-dd format but not that the entered value is a date; one could enter 2008-13-42. Again, I’d suggest using the Validate package.
  • A domain – You could, in theory use the Validate package’s uri method, prefixing the domain with ‘http://’.
  • A UK sort code – Validate_UK.

    • If you follow these suggestions it should make your input validation more robust than simply relying on regular expressions and nothing more.

    Posted in pear, php | 12 Comments »

    The Date_Holidays package, a pack of splitters and a pear tree.

    Friday, May 9th, 2008

    Some of you may know that I am a lead developer of the pear Date_Holidays package.

    Date_Holidays helps you calculate the dates and titles of holidays and other special celebrations. This is all driver-based so it is easy to add new drivers that calculate a country’s holidays.
    Until recently all of these drivers for individual countries were grouped together into one package.

    We decided that this one package should be split into subpackages: one subpackage per region/country. Some advantages of this approach are that each driver / filter / subpackage gets it’s own stability and version number – we wouldn’t have to keep increasing the version number of Date_Holidays each time a new driver is added or when an existing driver gets a significant number of fixes.

    Therefore we now have subpackages such as Date_Holidays_Austria, Date_Holidays_Brazil etc etc.

    If you want to use the new set of [sub]packages, the simplest thing to do is uninstall the package that you have installed:

    $ sudo pear uninstall Date_Holidays

    and then install the new package, with a group directive which will install all subpackages:

    $ sudo pear install Date_Holidays#all

    Tags: ,
    Posted in pear, php | 1 Comment »

    « Older Entries