Category: tips

Display errors on screen even with display errors = off with PHP

~ Gonzalo Ayuso ~ 12 Comments

Last month I was in a coding kata session playing with StingCalculator, and between iteration and iteration we were taking about the problems of shared hostings. Shared hosting are cheap, but normally they don’t allow us the use some kind of features. For example we cannot see the error log. That’s a problem when we need to see what happens within our application. Normally I work with my own servers, and I have got full access to error logs. But if we cannot see the error log and the server is configured with display errors = off in php.ini (typical configuration in shared hosting), we have a problem.

One of my post came to my mind “Real time monitoring PHP applications with websockets and node.js”. Basically we can solve the problem using this technique, but if we are speaking about shared hosting without error log access, it’s very probably that we cannot install a node.js server or even use sockets functions. So it’s not “Real” solution to our problem.

The idea is create a variation of the original script (one kind of script’s Spin-off ;)). In this scprit we will capture errors and exceptions and show them in script at the end of the script. We don’t have access to the error log but we will show it in the browser.

Imagine the following script:

$a = 1/0;
throw new Exception("myException");
echo "hi";

It will show one warning (1/0) and one exception (myException)

  • Warning: Division by zero
  • Fatal error: Uncaught exception ‘Exception’ with message ‘myException’

If we change php.ini show errors = off we will see a nice white screen.

The idea is add to the script:

include('ErrorSniffer.php');
ErrorSniffer::factory('127.0.0.1');

$a = 1/0;
throw new Exception("myException");
echo "hi";

Now with with ErrorSniffer library we will see a nice output, even with display errors = off.
I also add a IP in the class constructor to restrict the output message to one IP. The idea is to place this script at production, so we don’t want to expose error messages to whole users.

If we see the source code of ErrorSniffer class we a constructor like this:

    public function __construct($restingToIp)
    {
        if ($this->getip() == $restingToIp) {
            self::register_exceptionHandler($this);
            self::set_error_handler($this);
            self::register_shutdown_function($this);
        }
    }

    private static function set_error_handler(ErrorSniffer &$that)
    {
        set_error_handler(function ($errno, $errstr, $errfile, $errline) use (&$that) {
                $type = ErrorSniffer::getErrorName($errno);
                $that->registerError(array('type' => $type, 'message' => $errstr, 'file' => $errfile, 'line' => $errline));
                return false;
        });
    }

    private static function register_exceptionHandler(ErrorSniffer &$that)
    {
        set_exception_handler(function($exception) use (&$that) {
                $exceptionName = get_class($exception);
                $message = $exception->getMessage();
                $file  = $exception->getFile();
                $line  = $exception->getLine();
                $trace = $exception->getTrace();
    
                $that->registerError(array('type' => 'EXCEPTION', 'exception' => $exceptionName, 'message' => $message, 'file' => $file, 'line' => $line, 'trace' => $trace));
                return false;
        });
    }

    private static function register_shutdown_function(ErrorSniffer &$that)
    {
        register_shutdown_function(function() use (&$that) {
                $error = error_get_last();

                if ($error['type'] == E_ERROR) {
                    $type = ErrorSniffer::getErrorName($error['type']);
                    $that->registerError(array('type' => $type, 'message' => $error['message'], 'file' => $error['file'], 'line' => $error['line']));
                }

                $that->printErrors();
        });
    }

As we can see we will catch errors and exceptions, we populate the member variable $errors and we also use register_shutdown_function to show information on shutdown.

You can see the full script at github here.

What do you think?

Advertisement

Populating datagrid techniques with PHP

~ Gonzalo Ayuso ~ 7 Comments

Today I want to speak about populating datagrid techniques with PHP. At least in my daily work datagrids and tabular data are very common, because of that I want to show two different techniques when populating datagrids with data from our database. Maybe it’s obvious, but I want to show the differences. Let’s start.

Imagine we need to fetch data from our database and show it in a datagrid. Let’s do the traditional way. I haven’t use any framework for this example. Just old school spaghetti code. 

$dbh = new PDO('pgsql:dbname=mydb;host=localhost', 'gonzalo', 'password');
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

$stmt = $dbh->prepare('SELECT * FROM test.tbl1 limit 10');
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$stmt->execute();

$data = $stmt->fetchAll();

$table = "";
$table.= "<table>";
foreach ($data as $ow) {
    $table.= "<tr>";
        foreach ($ow as $item) {
            $table.= "<td>{$item}</td>";
        }
    $table.= "</tr>";
}
$table.= "</table>";
?>
<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8" />
        <title>inline grid</title>
    </head>
    <h1>inline grid</h1>
    <body>
        <?php echo $table; ?>
        <script type="text/javascript" src=" https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script>
    </body>
</html>

And that’s all. The code works, and we’ve got or ugly datagrid with the data from our DB. Where’s the problem? If our “SELECT” statement is fast enougth and our connection to the database is good too, the page load will be good, indeed. But what happens if or query is slow (or we even have more than one)? The whole page load will be penalized due to our slow query. The user won’t see anything until our server finish with all the work. That means bad user experience. The alternative is load the page first (without populated datagrid, of course) and when it’s ready, we load with ajax the data from the server (JSON) and we populate the datagrid with javaScript.

Page without the populated datagrid:

<!DOCTYPE html>
<html>
    <head>
        <meta charset="utf-8" />
        <title>grid ajax</title>
    </head>
    <h1>grid ajax</h1>
    <body>
        <table id='grid'></table>

        <script type="text/javascript" src=" https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js"></script>
        <script type="text/javascript">
        $(function(){
            $.getJSON("json.php", function(json){
                        for (var i=0;i<json.length;i++) {
                            $('#grid').append("<tr><td>" + json[i].id + "</td><td>" + json[i].field1 + "</td></tr>")
                        }
                    });
        });
        </script>
    </body>
</html>

JSON data fron the server:

$dbh = new PDO('pgsql:dbname=mydb;host=localhost', 'gonzalo', 'password');
$dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

$stmt = $dbh->prepare('SELECT * FROM test.tbl1 limit 10');
$stmt->setFetchMode(PDO::FETCH_ASSOC);
$stmt->execute();

$data = $stmt->fetchAll();

header('Cache-Control: no-cache, must-revalidate');
header('Expires: Mon, 26 Jul 1997 05:00:00 GMT');
header('Content-type: application/json');

echo json_encode($data);

The outcome of this second technique is the same than the first one, but now user will see the page faster than the first technique and data will load later. Probably the total time to finish all the work is better in the classical approach, but the UX will be better with the second one. Here you can see the times taken from Chorme’s network window:

Even though the total time is better in the inline grid example: 156ms vs 248ms, 1 http request vs 3 HTTP request. The user will see the page (without data) faster with the grid data example.

What’s better. As always it depends on our needs. We need to balance and choose the one that fits with your requirements.

Probably the JavaScript code that I use to populate the datagrid in the second technique could be written in a more efficient way (there’s also plugins to do it). I only want to show the indirect way to create HTML to improve the user experience of our applications.

Reflection over PHPDoc with PHP

~ Gonzalo Ayuso ~ 4 Comments

I want to parse PHPDoc code. Let me explain a little bit what I want to do. Imagine a dummy function documented with PHPDoc:

class Foo
{
    /**
     * @param String $param1
     * @param String $param2
     * @return String
     */
    public function dummy($param1, $param2)
    {
        return "Hello World";
    }
}

PHP has a great reflection API, but as at least in the current PHP version (as far as I know) we only can get the PHPDoc as a string, without parse it. I need to get the parameters and the type of them with reflection. Parameters are the easy part:

$class = new ReflectionClass($obj);
$reflect = $class->getMethod($function);
foreach ($reflect->getParameters() as $i => $param) {
}

But the type is different. PHP is a loosely/weak typed, dynamic language, because of that we need to parse the PHPDoc string to get the “real” type of the variables. I put “real” quoted because if we set a variable as a String within PHPDoc, we can use an Integer at runtime. We can cast variables but only with complex types (classes), and not with primary types as String or Integer. I’ve read it will be available on PHP’s next releases, but now we need to use exotic tricks (as the trick I will show now).

I’m not a master in regular expressions (in fact I hate them), so it looks like a hard work for me, but I realized that Zend Framework does something similar when it builds a XMLRPC server. I don’t use ZF in this project, and I don’t want to include the whole library only for parsing the PHPDoc. But there’s a great thing. ZF is an open source library, really well coded and documented. Because of that I dive into the ZF code, looking for the functionality that I need and adapt it.

function processPHPDoc(ReflectionMethod $reflect)
{
    $phpDoc = array('params' => array(), 'return' => null);
    $docComment = $reflect->getDocComment();
    if (trim($docComment) == '') {
        return null;
    }
    $docComment = preg_replace('#[ \t]*(?:\/\*\*|\*\/|\*)?[ ]{0,1}(.*)?#', '$1', $docComment);
    $docComment = ltrim($docComment, "\r\n");
    $parsedDocComment = $docComment;
    $lineNumber = $firstBlandLineEncountered = 0;
    while (($newlinePos = strpos($parsedDocComment, "\n")) !== false) {
        $lineNumber++;
        $line = substr($parsedDocComment, 0, $newlinePos);

        $matches = array();
        if ((strpos($line, '@') === 0) && (preg_match('#^(@\w+.*?)(\n)(?:@|\r?\n|$)#s', $parsedDocComment, $matches))) {
            $tagDocblockLine = $matches[1];
            $matches2 = array();

            if (!preg_match('#^@(\w+)(\s|$)#', $tagDocblockLine, $matches2)) {
                break;
            }
            $matches3 = array();
            if (!preg_match('#^@(\w+)\s+([\w|\\\]+)(?:\s+(\$\S+))?(?:\s+(.*))?#s', $tagDocblockLine, $matches3)) {
                break;
            }
            if ($matches3[1] != 'param') {
                if (strtolower($matches3[1]) == 'return') {
                    $phpDoc['return'] = array('type' => $matches3[2]);
                }
            } else {
                $phpDoc['params'][] = array('name' => $matches3[3], 'type' => $matches3[2]);
            }

            $parsedDocComment = str_replace($matches[1] . $matches[2], '', $parsedDocComment);
        }
    }
    return $phpDoc;
}

Our processPHPDoc function takes as argument $reflect (ReflectionMethod) and returns an array

Array
(
    [params] => Array
        (
            [0] => Array
                (
                    [name] => $param1
                    [type] => String
                )

            [1] => Array
                (
                    [name] => $param2
                    [type] => String
                )
        )

    [return] => Array
        (
            [type] => String
        )
)

And that was exactly what I needed. Open Source is great.

Speed up page page load combining javascript files with PHP

~ Gonzalo Ayuso ~ 21 Comments

One of the golden rules when we want a high performance web site is minimize the HTTP requests. Normally we have several JavaScript files within our projects. It’s a very good practice to combine all our JavaScript files into an only one file. We can do it manually. Not a hard work. We only need to copy and paste the source files into our single js file. There’s even tools to do it. You can have look to Yslow (if you don’t know it yet). That’s a good solution if your project is finished. But if your project is alive and you are changing it, it’s helpful to spare your JavaScript files between several files. It’s good to organize them (at least for me). So we need to choose between high performance and development comfort. Because of that I like to use the simple script I’m going to show now. Let’s start.

The idea is the following one. Normally I have all js files into a folder called js (original isn’t?). I also have a development server and a production one (really original again, isn’t it?). When I’m developing my application I like to have my js files separated and in a human readable way (I’m human), but in production I want to combine them and even minimized and gziped to improve the performance.

The script I have is a simple script that combines all the JavaScript files, minimizes and gzips.

//js.php
require 'jsmin.php';

function checkCanGzip(){
    if (array_key_exists('HTTP_ACCEPT_ENCODING', $_SERVER)) {
        if (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip') !== false) return "gzip";
        if (strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'x-gzip') !== false) return "x-gzip";
    }
    return false;
}

function gzDocOut($contents, $level=6){
    $return = array();
    $return[] = "\x1f\x8b\x08\x00\x00\x00\x00\x00";
    $size = strlen($contents);
    $crc = crc32($contents);
    $contents = gzcompress($contents,$level);
    $contents = substr($contents, 0, strlen($contents) - 4);
    $return[] = $contents;
    $return[] = pack('V',$crc);
    $return[] = pack('V',$size);
    return implode(null, $return);
}

$ite = new RecursiveDirectoryIterator(dirname(__FILE__));
foreach(new RecursiveIteratorIterator($ite) as $file => $fileInfo) {
    $extension = strtolower(pathinfo($file, PATHINFO_EXTENSION));
    if ($extension == 'js') {
        $f = $fileInfo->openFile('r');
        $fdata = "";
        while ( ! $f->eof()) {
            $fdata .= $f->fgets();
        }
        $buffer[] = $fdata;
    }
}

$output = JSMin::minify(implode(";\n", $buffer));

header("Content-type: application/x-javascript; charset: UTF-8");
$forceGz    = filter_input(INPUT_GET, 'gz', FILTER_SANITIZE_STRING);
$forcePlain = filter_input(INPUT_GET, 'plain', FILTER_SANITIZE_STRING);

$encoding = checkCanGzip();
if ($forceGz) {
    header("Content-Encoding: {$encoding}");
    echo gzDocOut($output);
} elseif ($forcePlain) {
    echo $output;
} else {
    if ($encoding){
        header("Content-Encoding: {$encoding}");
        echo GzDocOut($output);
    } else {
        echo $output;
    }
}

As you can see the script checks recursively all the js files inside one folder, combine them and also use jsmin library for PHP to improve the download time in the browser.

It’s very easy now when we’re building our HTML file switch from one js file to another. Here you can see an example with Smarty template engine:

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
        <title></title>
    </head>
    <body>
        Hello World
{if $dev}
        <script src="js1.js" type="text/javascript"></script>
        <script src="js2.js" type="text/javascript"></script>
        <script src="xxx/js1.js" type="text/javascript"></script>
{else}
        <script src="js.php" type="text/javascript"></script>
{/if}
    </body>
</html>

Yes. I know. There’s a problem with this solution. Maybe we’ve improved the client side performance reducing the number of HTTP requests but, what about our server side performance? We’ve changed from serving static js files to dinamic PHP file. Now our server’s CPU will work more. Another great hight performance golden rule is to place static files into a server dedicated to serve static files (without PHP support). Whit this golden rule we help to the browser to perform multiple downloads and also we reduce the use of CPU (static server will not instance any PHP session).

So a better solution is the offline generation of the static js file when we deploy the application. I do it with a simple curl at command line.

curl http://nov/js/js.php -o jsfull.minified.js

So the smarty template will change to

<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
        <title></title>
    </head>
    <body>
        Hello World
{if $dev}
        <script src="js1.js" type="text/javascript"></script>
        <script src="js2.js" type="text/javascript"></script>
        <script src="xxx/js1.js" type="text/javascript"></script>
{else}
        <script src="jsfull.minified.js" type="text/javascript"></script>
{/if}
    </body>
</html>

It’s also a good solution put a prefix in our JavaScript file and change it each time we build it (easy to automate) to ensure the cache renew.

<script src="jsfull.minified.20110216.js" type="text/javascript"></script>

And yes we can use the same trick with our css files.

Function decorators in PHP with PHPDoc and Annotations

~ Gonzalo Ayuso ~ 1 Comment

This days I’m playing with annotations in PHP. PHP, at least just now, doesn’t support annotations natively like Java. I hope it will be available in next versions but if we want to use them already, we need to create “fake” annotations within PHPDoc. We also have another problem. The PHP’s built-in’s reflection functions cannot parse properly PHPDoc’s annotations but hopefully we have a great library called addendum to do this.

Last year I posted an article called “Things I miss in PHP: Function decorators”. I wanted to solve something that I miss in PHP. Function decorators. A great feature we’ve got in python world. Now I will try to simulate function decorators in PHP with annotations. Let’s start:

The idea is to solve the same problem I had when I wrote the previous article. I want to protect the execution of certain functions in a class to only being executed if the user is logged on. The functions are public. In the previous solution I my classes implement one interface or another if I wanted to ensure that the functions are really public for everyone or if user need to be logged on. The solution with interfaces is clean and simple (no extra libraries need and no reflection need too). The problem is that I can use it only for all the functions of the class. If I want to mark only one function as “only for logged users” I need to divide the class into two classes, one implementing one interface and the second one another interface. With function decorators I can mark only one function within a class. Let’s show the code:

Imagine we have the following class. We are going to play with decorators in the function hello:

class Dummy
{
    public function gonzalo()
    {
        echo "decorator\n";
        return true;
    }

    public function gonzalo2()
    {
        echo "decorator2\n";
        return true;
    }

    public function gonzalo3()
    {
        echo "post2\n";
        return true;
    }

    /** 
     * @PreDispatch("gonzalo") 
     * @PreDispatch("gonzalo2") 
     * @PostDispatch("gonzalo3") 
     * */
    public function hello($name)
    {
        echo "Hello {$name}";
    }
}

And if we include the following library (I called NewNew)

include "addendum/annotations.php";

class PreDispatch extends Annotation {}
class PostDispatch extends Annotation {} 

class NewNew
{
    private $_instance;

    function __construct($instance)
    {
        $this->_instance = $instance;
    }

    static function factory($instance)
    {
        return new self($instance);
    }

    function __call($method, $args)
    {
        $reflectionMethod = new ReflectionAnnotatedMethod(get_class($this->_instance), $method);
        $continue = true;
        $out = null;
        foreach ($reflectionMethod->getAllAnnotations('PreDispatch') as $decorator) {
            $continue = call_user_func_array(array($this->_instance, $decorator->value), $args);
            if ($continue !== true) break;
        }
        
        if ($continue === true) {
            $out = call_user_func_array(array($this->_instance, $method), $args);
        
            foreach ($reflectionMethod->getAllAnnotations('PostDispatch') as $decorator) {
                $continue = call_user_func_array(array($this->_instance, $decorator->value), $args);
                if ($continue === false) break;
            }
        }

        return $out;
    }
}

As you can see the idea is to call functions annotated as PreDispatch before calling the real function and annotated as PostDispatch before. Those decorator function must return true. If the return value in not true the execution flow will break and next calls will be disabled

And now if we execute the following code:

/** @var Dummy */
$dummy = new NewNew(new Dummy);
echo $dummy->hello("Gonzalo");

we will get:

decorator
decorator2
Hello Gonzalo
post2

OK my decorators are not exactly the same than Phython’s ones, but they meet my requirements.

Now we are going to implement another example.

abstract class Decorators
{
    public function check($user)
    {
        if ($user == 'gonzalo') {
            return true;
        } else {
            return false;
        }
    }
}
class Dummy2 extends Decorators
{
    /** 
     * @PreDispatch("check") 
     * */
    public function hello($name)
    {
        return "Hello {$name}\n";
    }
}

And now if we execute the following script:

/** @var Dummy */
$dummy2 = new NewNew(new Dummy2);
echo $dummy2->hello("gonzalo");
echo $dummy2->hello("gonzalo1");

we will get

$ php decorators.php
Hello gonzalo

instead of

$ php decorators.php 
Hello gonzalo
Hello gonzalo1

Yes. I know. There is a problem with my implementation. The decorators indeed are public functions too and users can call them. They must be protected functions instead of public ones. I need to play a little bit with reflection in my NewNew class and allow to use protected functions instead of public. I’m working on it but i prefer to show the code “as is” now because is more clear to show the idea, What do you think?

Using PHP classes to store configuration data

~ Gonzalo Ayuso ~ 14 Comments

In my last projects I’m using something I think is useful and it’s not a common practice in our PHP projects. That’s is the usage of a plain PHP’s class for the application’s configuration. Let me explain it. Normally we use ini file for configuration. PHP has a built-in function for parse ini file. It converts the ini file into a PHP array

; our conf.ini file
DEF_APP = home
DEF_BCK = main
DEF_FCT = index
AUTH_ADAPTER = Nov\Auth\Def

[PG1]
driver = pgsql
dsn = "pgsql:dbname=pg1;host=localhost"
username = nov
password = nov

And now we use our ini file:

$conf = parse_ini_file("conf.ini", true);
print_r($conf);

Another typical configuration file is xml. We also can use built-in functions within PHP when we want to parse xml files. There are also projects that use plain php files, and even yaml files (especially Symfony users)

There are many standard options. Why I prefer a different one then? I like plain PHP classes because the IDE helps me with autocompletion. The usage is quite simple. Instead of using parse_ini_file function we only need to include our configuration class within our project.

class Conf
{
 const DEF_APP = 'index';
 const DEF_BCK = 'Index\Bck\Main\Page';
 const DEF_FCT = 'init';
 const AUTH_ADAPTER = "Nov\Auth\Def";

 const DB_PG1 = 'PG1';
 const DB_PG1_DRIVER   = 'pgsql';
 const DB_PG1_DSN      = 'pgsql:dbname=pg1;host=localhost';
 const DB_PG1_USERNAME = 'nov';
 const DB_PG1_PASSWORD = 'nov';
}

Sometimes I want to use a variable stored into the application’s configuration but I don’t remember exactly the name of the variable. If I’ve got the configuration stored into a PHP array from a ini file (or xml, yaml, … ). I need to open the configuration file and find the name of the variable to use in my code. With a PHP class IDEs like Netbeans of VIM will pop up an autocompletion hint with the name of the variable

An example of coding autocompletion with Netbeans
The same with VIM

And that’s all. Maybe the worse part of this technique is if our application writes the configuration file (a typical installer.php). In this case we need to build the PHP’s class file and it’s slightly more complicated than writing a simple ini file.

What do you think about it? Do you use another different way?

My VIM configuration for PHP development.

~ Gonzalo Ayuso ~ 6 Comments

Keeping on with my continuous search for the perfect IDE I’ve resumed my fight against VIM. As someone told me the learning of vim is a road of pain. It’s something like going to the gym. We known that going to the gym is good and healthy but it’s hard and painfully especially at the beginning. The learning curve of vim is hard. Vim is rare, or at least it’s different than all other IDEs. In this post I don’t want to create a vim tutorial (there are a lot of on the web). I want to share my actual vim configuration and the plugins I normally use. The configuration is not very original. It’s based on Matthew Weier O’Phinney configuration. You can find here a great post about vim in Matthew Weier’s blog. VIM is not my default IDE yet. I hope to swap to VIM soon but I feel myself slower when I code comparing with Netbeans or ZendStudio, and slow means less productive but I also feel if invest more time vim can be really productive. Here we are my vim plug-ins:

NerdTree

Great plug-in. Allows to explore filesystem. It’s easy and fast. I use F5 to toogle the NerdTree We move across the filesystem (jk) and open files with “o”. It’s really intuitive. Another great feature of NerdTree are the bookmarks. We select a folder and we type :Bookmark and we easily create a bookmark. Really cool when we work with different projects.

BufferExplorer

We can manage vim’s buffers with standard vim commands(:ls) but I like to use this extension. I’ve mapped BufferExplorer with ç key. I use a spanish keyboard and ç key is a letter I never use and is easily accessible, even for my small hands. When I type ç I can switch between my buffers.

Zen Coding

Really useful when writing HTML
pre#myid>span <Conrol-y>
and we get:

<pre id="myid"></pre>

You can see more examples here

Debugger

We need xdebug plugin installed on our server. I’ve changed the original keys for this plugin because it uses NerdTree ones. I use control + the original keys. For example control + F5 starts the debuger and waits for the debug session from the browser. Xdebug helper for google chrome works fine.

Debuger session

snipMate

Mac developers love Textmate. I’ve never use textmate (I’m a linux user) but this allow us create snippets features in Vim like Textmate’s snippets. It’s a good practice to create the snippets we normally use to increase our productivity. I’ve created several snippets for creating classes, function, for loops, and common pieces of code like that

Command-t

We can open files with :e but commnad-t plugin helps us to open files. I trigger command-t with . Leader is an especial key in vim. We can map this key to a letter. I’ve mapped to “,”

Omni completion

control x – control o. If you have previously created your exuberant tags files, helps you with the autocompletion. Ok it’s not as good a netbeans or eclipse but it works. To create ctags file there is a mkTags bash file under .vim/bin folder

Supertab

snipMate is trigger with tab key but tab key is used to for auto-completion with php plugin (ftp plugin). Supertab plugin magically triggers the plugin we need. I don’t really know how it works but it works (at least as I expect)

Another useful commands

çç: (insert mode) I use çç as esc key because escape key is too far for my small fingers
ç: (normal mode) Buffer explorer
control p: PHPDoc helper
zz: Open all forlds
F7: open close a fold
F6: show/hide line numbers

You can download my vim configuration from google code here

How to configure vim with my setings:

hg clone https://gonzalo123-vim.googlecode.com/hg/ gonzalo123-vim
ln -s gonzalo123-vim/ ~/.vim
ln -s gonzalo123-vim/vimrc ~/.vimrc
ln -s gonzalo123-vim/gvimrc ~/.gvimrc

Real-life example of Closure usage with PHP5.3

~ Gonzalo Ayuso ~ 11 Comments

One of the new improvements in new PHP5.3 version are the Closures. Here you are a real-life example where closures are really useful for me. Imagine the following scenario. A very common scenario at least in my daily work. We have a recordset from a SQL:

$recordset = array(
    array('code' => 1, 'quantity' => 20, 'amount' => 2),
    array('code' => 2, 'quantity' => 30, 'amount' => 3),
    array('code' => 3, 'quantity' => 10, 'amount' => 1),
    array('code' => 4, 'quantity' => 20, 'amount' => 5),
);

Imagine we want to show the recordset into a datagrid but we also want to calculate the price (quality / amount) of each row and add a total. We can perform the operation within the SQL but I prefer to keep the SQLs as simple as I can and let the logic to PHP.

We can use array_walk to calculate the price but with PHP<5.3 we needed to pass the callback function as a string. A dirty trick. Maybe a simple foerach is a better solution, isn’t it?. Now with PHP5.3 we can create anonymous functions (aka Closures) in the finest JavaScript style. They are really cool. We even can use the ‘use’ statement to use variables outside Closuse’s scope. This attribute allows us in our example to calculate our totals.

Maybe is difficult to explain but the code is very clear:

$total = array('quantity' => 0, 'amount' => 0, 'price' => null);
array_walk($recordset, function (&$value) use(&$total){
    $value['price'] = ($value['amount'] == 0) ? null : $value['quantity'] / $value['amount'];
    $total['quantity'] += $value['quantity'];
    $total['amount'] += $value['amount'];
});
$total['price'] = ($total['amount'] == 0) ? null : $total['quantity'] / $total['amount'];

And now our $recordset array will have an extra item called register and we have created a new row for our recordset with total values.

recordset:

Array(
 [0]=>Array(=>1 [quantity]=>20 [amount]=>2 [price]=>10)
 [1]=>Array(=>2 [quantity]=>30 [amount]=>3 [price]=>10)
 [2]=>Array(=>3 [quantity]=>10 [amount]=>1 [price]=>10)
 [3]=>Array(=>4 [quantity]=>20 [amount]=>5 [price]=>4)
)

total:

Array(
 [quantity] => 80 [amount]=>11 [price] => 7.2727272727273
)

Protect files within public folders with mod_rewrite and PHP

~ Gonzalo Ayuso ~ Leave a comment

Here’s the problem. We have a legacy application (or a WordPress blog for the example) and we want to protect the access to the application according to our corporate single sign on. We can create a plug-in in WordPress to ensure only our single sign-on’s session cookie is activated.

With WordPress we can create a simple plug-in to perform our desired behaviour:

<?php
// wp-content/plugins/gamAuth.php
/**
 *  @package gamAuth
 *  @version 1.0.0
 */
/*
Plugin Name: gamAuth
Plugin URI: #
Description: Forces users to be authenticated
Author: Gonzalo Ayuso
Version: 1.0.0
Author URI: gonzalo122.wordpress.com
*/

function redirectExit() {;
 nocache_headers();
 header("HTTP/1.1 302 Moved Temporarily");
 header("Location: http://www.google.com");
 header("Status: 302 Moved Temporarily");
 exit();
}
function chechAuth() {
 // here we check our session
}

function ac_auth_redirect() {
 if (!chechAuth()) redirectExit();
}
if('wp-login.php' != $pagenow && 'wp-register.php' != $pagenow) {
 add_action('template_redirect', 'ac_auth_redirect');
}

This plug-in works, but what happen with the uploaded files? If we upload a PNG file and we show it in our post, our WordPress will create a direct link to the uploaded file in wp-content/uploads folder. That’s means if a non-authenticated user knows the url of the link, he will see the picture, because our simple plug-in does not affect to direct links. OK WordPress is open source. We can change the code and change the behaviour of link generation. Maybe there’s a plugin to do it (don’t hesitate on explain it to me, anyway) but if we don’t want to touch the WordPress code or maybe we cannot do it (because it’s a legacy application), here we are a simple trick to force authorization even over files within public folders, without change any line of the original application.

The trick is very simple. First we activate mod_rewrite in our server and create a .htaccess files in our wp-content/uploads folder:
An example with apache:

RewriteEngine on
RewriteBase /
RewriteRule !\.(php)$ /wordpress/wp-content/uploads/media.php

That’s means we are going to redirect every file request within or upload folder to a PHP script called media.php

And now our media.php will check the authorization.

<?php
$uri = $_SERVER['REQUEST_URI'];
$documentRoot = $_SERVER['DOCUMENT_ROOT'];
$filename = $documentRoot . $uri;
$pathParts = pathinfo($filename);
$mime = array(
 'jpe'  => 'image/jpeg',
 'jpeg' => 'image/jpeg',
 'jpg'  => 'image/jpeg',
 'png'  => 'image/png',
 'xls'  => 'application/vnd.ms-excel',
 'pdf'  => 'application/pdf',
 );
function chechAuth() {
 // here we check our session
}
$ext = strtolower($pathParts['extension']);
// there are built-in ways to check file mime type but
// they don't work fine, at least for me and I preffer to
// check it manually with the extension
if (is_file($filename) && array_key_exists($ext, $mime)) {
 if (chechAuth()) {
  header("Content-Type: " . $mime[$ext]);
  readfile($filename);
  exit();
 }
}
echo "HTTP/1.1 503 Service Unavailable";
header('HTTP/1.1 503 Service Unavailable', true, 503);

If you want to show big files such as video files, maybe you need to have a look to one of my older posts.

Now when our user tries to get wp-content/uploads/2010/11/img1.jpg from our server, the mod rewrite will forward the job internally to media.php and we will check the authorizations before showing the file,  and the user will see in the browser ‘s URL wp-content/uploads/2010/11/img1.jpg instead of media.php.
And that’s all. We can use this technique not only to protect our files. We also can dynamically add a watermark to our images without changing the original URL, show different image quality depends on the user or block a IP range to our media files.
Of course If we start an application from scratch there are better solutions but the good point of this trick is that it’s fully compliant with our legacy application and we don’t need to change anything inside.

Quality assurance ideas in agile developement

~ Gonzalo Ayuso ~ 2 Comments
Nowadays being agile is cool. All people is speaking about Scrum and agile development. There’s even people going far away and speak about Kanban. Agile development isn’t a new idea. Maybe it’s only setting up a name to an old one.Quality assurance activities should be designed to identify missing, ineffective or inefficient policies, processes and procedures used in the project. According to the PMBOK guide there’s a tool to perform quality audits called root analysis. Basically root analysis aims to find the source and the solution of the problem and helps to determine inefficiencies. Performed it regularly you can fine tune processes. The steps to perform root analysis technique: 

  • Define the problem
  • Gather data to describe the problem
  • Determine possible causes
  • Select the root cause
  • Develop a solution strategy
  • Test and evaluate the solution

Clients must bear in mind agile development means they must take actively part within the development process. Maybe some clients don’t like this way of work. Maybe they prefer to pay for the service or deliverable and let the work for us. But really it worth the effort. Work close to the client is one of the principles of agile development. One important action to obtain the commitment between both parts is give access to the customer to the Bug Tracker. With this simple step our customer can track our work. But there’s a problem. Our bug tracker is not only an internal development tool now. It has become also into a communication tool. That’s means developers maybe decide don’t report internal technical things because they don’t want to be read by the clients.

Bug trackers can help us in our agile developement. There’s a lot of bug tracking software over there. Open source software you can install in your host, such as Mantis or Track. You can find also hosted solutions, free or paid ones. Probably Jira is the most famous and widely used software(not a free software).

Currently I’m thinking about the bug life cycle. I’m trying to standardize the way we use to face the bugs. I’ve created the following flowchart:

 

What do you think about this flow chart? Do You think is it is up to your requirements?