7
Oct
0

Network Merchants API Script

by jestep

Have just completed a Network Merchants API class. This class utilizes the Network Merchants credit card and electronic check processing API. It also includes the customer vault API which allows merchants to securely store their customer’s credit card and bank account information in Network Merchant’s secure customer vault.

Go to the Network Merchants API PHP Class »

28
Sep
2

Google chart over HTTPS/SSL

by jestep

The google charts API does not support the https protocol. If your website is being delivered through a secure connection, the chart will cause a SSL error. Here's a quick way to deliver google chart images over ssl.

To start off with, the chart image must be delivered from a secure connection. Google doesn't allow this plain and simple, so we need to figure out how to host it from our own site. We accomplish this by fetching the image from google using the standard API, writing it to a file, and then calling it on our own script. We basically make a image handling proxy.

Let's take a simple google chart to experiment with.

PLAIN TEXT
PHP:
  1. $chart_image = 'http://chart.apis.google.com/chart?chs=500x50&chf=bg,s,ffffff&cht=ls&chd=t:23.52,20.58,26.47,23.52,23.52,23.52,100.00,0.00,23.52,23.52,27.94,20.58,23.52&chco=0066ff';

Next we need to make a function to fetch and save the google chart locally. It will check the chart against the local copy and save it if the chart doesn't exist, or the image has changed. This way we aren't re-writing the same chart on every request, but if the chart changes, it will be updated appropriately.

PLAIN TEXT
PHP:
  1. public static function saveImage($chart_url,$path,$file_name){
  2.             if(!file_exists($path.$file_name) || (md5_file($path.$file_name) != md5_file($chart_url)))
  3.             {
  4.                 file_put_contents($path.$file_name,file_get_contents($chart_url));
  5.             }
  6.  
  7.             return $file_name;
  8.     }

Lastly we tie it all together so that it is usable in our application. Im using this within a class, but this could just be used as a function as well. Your image directory will need to be writable for this to work.

PLAIN TEXT
PHP:
  1. public function doSomething()
  2. {
  3.  
  4. $local_image_path = '/path/to/images/charts/';
  5. $image_name = 'some_chart_image.png';
  6. $chart_url = 'http://chart.apis.google.com/chart?chs=500x50&chf=bg,s,ffffff&cht=ls&chd=t:23.52,20.58,26.47,23.52,23.52,23.52,100.00,0.00,23.52,23.52,27.94,20.58,23.52&chco=0066ff';
  7.  
  8. $image = self::saveImage($chart_url ,$local_image_path,$image_name);
  9.  
  10. }

You'll need to implement your own error handling, and adjust this to meet the paths and specifics of your server, but the image can now be called from:
<img src="/images/charts/some_chart_image.png" alt="" />

If you need help creating your base chart image, this tool is a great place to start.

18
Sep
1

Firefox 3 broken images breaking SSL

by jestep

After battling a SSL error: "Warning contains unauthenticated content" in Firefox 3.5 for the past few days, I finally figured out what the problem was.

Unlike Internet Explorer and older Firefox versions, Firefox 3.5 gives this error if there are any missing images on a webpage. Meaning, that if an image link or css reference is to a non-existent image, Firefox warns that the page is not secure. To my knowledge, Firefox versions previous to 3.something, did not behave like this. Internet explorer, Google Chrome, Safari, and every other non-Firefox browser that I tested don't care about broken images. Not to say that Firefox is wrong, but this made the problem more difficult to diagnose because it couldn't be reproduced in another program.

The difficulty in diagnosing this, is that background images that don't load also don't show up in the page info section on Firefox. Firebug didn't provide any immediately useful information, and there was no documentation that I could find regarding this situation.

ssl-debug

After several hours of searching, I realized that there was a small broken background image. Deleting or correcting the image path immediately corrected the certificate error.

Anyway, if anyone has been pulling out their hair trying to diagnose a mystery ssl error, and this is a possibility, definitely look into your image paths.

10
Aug
5

Symfony 1.2 redirect specific modules and actions to HTTPS (SSL)

by jestep

Post Symfony 1.1, the sfSslRequirementPlugin will no longer work.

Having needed a way to force a SSL connection for certain pages, I modified a few scripts that I found online, and created a very simple filter to handle this. This was inspired by this script, and the unacceptably poor example in the Symfony 1.2 book.

To start off with, we need to modify our app.yml file to specify what modules and/or actions need to be secure. Leave the action completely blank if you want the entire module secure. Also change ignore_non_secure to true if you don't care if non specified pages are server over a ssl connection. Basically, from the app.yml below, setting this to false, will redirect any module/action to the non-secure version if it is not specifically defined under secure_actions. Setting it to true will allow a user to request any page over https, even if it is not listed in app.yml. Let me know if this is confusing in any way.

PLAIN TEXT
PHP:
  1. //app.yml
  2. all:
  3.   ssl:
  4.     ignore_non_secure: false
  5.     secure_actions:
  6.       - { module: shopping_cart}
  7.       - { module: services  action: apply}

Next we add this filter. Save this under MyProject/apps/MyApp/lib/sfSslFilter.php

PLAIN TEXT
PHP:
  1. <?php
  2.  
  3. class sslFilter extends sfFilter
  4. {
  5.     /**
  6.     * Execute filter
  7.     *
  8.     * @param FilterChain $filterChain The symfony filter chain
  9.     */
  10.     public function execute ($filterChain)
  11.     {
  12.  
  13.         $context = $this->getContext();
  14.         $request = $context->getRequest();
  15.  
  16.         $ssl_actions = sfConfig::get('app_ssl_secure_actions');
  17.         $allow_ssl = sfConfig::get('app_ssl_ignore_non_secure');
  18.  
  19.         /*
  20.          * Uncomment For Debugging
  21.          *
  22.          * echo '<pre>';
  23.          * print_r($ssl_actions);
  24.          * echo '</pre>';
  25.          * exit();
  26.          *
  27.          */
  28.  
  29.         if (!$request->isSecure())
  30.         {
  31.             //Redirect to the Secure Url
  32.             //If the module and/or action match $ssl_actions set in app.yml
  33.             foreach($ssl_actions as $action)
  34.             {
  35.  
  36.                if($action['module'] == $context->getModuleName() && !$action['action']){
  37.  
  38.                     //The entire module needs to be secure
  39.                     //Redired no matter what the action is.
  40.  
  41.                     $secure_url = str_replace('http', 'https', $request->getUri());
  42.                     return $context->getController()->redirect($secure_url, 0 , 301);
  43.  
  44.  
  45.                 } else if($action['module'] == $context->getModuleName() && $action['action'] == $context->getActionName())
  46.                 {
  47.  
  48.                     //Redirect if the module and action need to be secure
  49.  
  50.                     $secure_url = str_replace('http', 'https', $request->getUri());
  51.                     return $context->getController()->redirect($secure_url, 0 , 301);
  52.                 }
  53.              }
  54.  
  55.         } else if($request->isSecure() && !$allow_ssl)
  56.         {
  57.             $redirect = true;
  58.  
  59.             //Redirect to the Non-Secure Url
  60.             //If the module and/or action are not in $ssl_actions set in app.yml
  61.             foreach($ssl_actions as $action)
  62.             {
  63.                 if(($action['module'] == $context->getModuleName() && !$action['action']) || ($action['module'] == $context->getModuleName() && $action['action'] == $context->getActionName()))
  64.                 {
  65.                     $redirect = false;
  66.                 }
  67.             }
  68.  
  69.             if($redirect)
  70.             {
  71.                  $non_secure_url = str_replace('https', 'http', $request->getUri());
  72.                  return $context->getController()->redirect($non_secure_url, 0 , 301);
  73.             }
  74.         }
  75.  
  76.         $filterChain->execute();
  77.  
  78.     }
  79. }

Finally, add to the MyProject/apps/MyApp/config/filters.yml file:

PLAIN TEXT
PHP:
  1. sslFilter:
  2.   class:  sslFilter

Clear the cache (symfony cc), and there you have it. Let me know if you have a better or different way of dealing with this on a per-module or per-action basis. Hopefully sfSslRequirementPlugin will get ported to work with Symfony 1.2, as the method above will not alter routes on your application.

Additionally, I specifically used 301 redirects to make this more search engine friendly, in case Google or another bot gets on a ssl page. This will help prevent getting duplicate pages indexed due to http and https versions of the same page.

6
Aug
14

20 Great non-PHP Tools for PHP Developers

by jestep

By nature I always strive to find more efficient, and better ways to perform tasks. There are a number of development tools that I use that really help me develop better applications in a reduced amount of time. These are the tools I use every day for web development.
Continue reading...

28
Jul
0

PHP Magic __get, __set Methods, and Retaining Private and Protected Properties

by jestep

I have been making an integration with a complex API with hundreds of potential user provided variables, necessitating me use of PHP's Magic __get and __set methods.

Unfortunately, by using these methods, PHP's restriction on private and protected properties is bypassed, making all properties public. This is completely unacceptable from my coding perspective.

This class model overrides the magic __get and __set's ability to alter and access private and protected properties. Public properties are unaffected. This script also allows the class to set and access private and protected properties.

PLAIN TEXT
PHP:
  1. <?php
  2.  
  3. class setter_getter_respect
  4. {
  5.    
  6.     private $current_page;
  7.     private $private_properties = array();
  8.    
  9.     public function __construct()
  10.     {
  11.        
  12.         $class = new ReflectionClass(__CLASS__);
  13.         $this->current_page = $class->getFileName();
  14.        
  15.         $class_properties = get_class_vars(__CLASS__);
  16.        
  17.         foreach($class_properties as $class_property_name => $property_value)
  18.         {
  19.             $prop = new ReflectionProperty(__CLASS__, $class_property_name);
  20.            
  21.             if($prop->isPrivate() || $prop->isProtected())
  22.             {
  23.                 $this->private_properties[$prop->getName()] = ($prop->isPrivate()) ? 'private' : 'protected';
  24.             }
  25.         }
  26.     }
  27.    
  28.     public function __set($var, $val)
  29.     {
  30.         $requesting_page = debug_backtrace();
  31.        
  32.         if(($requesting_page[0]['file'] != $this->current_page) && (array_key_exists($var,$this->private_properties)))
  33.         {
  34.  
  35.             trigger_error("Cannot access ".$this->private_properties[$var]." property ".__CLASS__."::".$var." in ".$requesting_page[0]['file']."on line ". $requesting_page[0]['line'],E_USER_ERROR);
  36.  
  37.         }
  38.            
  39.         $this->$var = $val;
  40.     }
  41.    
  42.     public function __get($var)
  43.     {
  44.        
  45.         $requesting_page = debug_backtrace();
  46.        
  47.         if(isset($this->$var)){
  48.            
  49.             if(($requesting_page[0]['file'] != $this->current_page) && (array_key_exists($var,$this->private_properties)))
  50.             {
  51.  
  52.                 trigger_error("Cannot access ".$this->private_properties[$var]." property ".__CLASS__."::".$var." in ".$requesting_page[0]['file']."on line ". $requesting_page[0]['line'],E_USER_ERROR);
  53.  
  54.             }
  55.            
  56.             return $this->$var;
  57.            
  58.         } else {
  59.            
  60.             throw new Exception("Required property [" . $var . "] has not been set!");
  61.                
  62.         }
  63.     }
  64. }
  65.  
  66. ?>

Extended classes will not have access to __get or __set protected properties. I will alter this snippet when I find a suitable method of handling extended classes.

I'm hoping that php alters the way it handles private and protected properties through the magic methods but until then, this is a way to semi-preserve private and protected properties.

27
Jul
0

US States Snippet and SQL Dump

by jestep

Here's some US states snippets. Included are php arrays, and a MySQL states dump...

Continue reading...

25
Jul
0

PHP – Script benchmark / bottleneck debugging snippet

by jestep

Here's a really simple function that I use for finding bottlenecks in php scripts. You can add any number of steps to the the script using the microtime() function, and this function shows the execution time of each step.

PLAIN TEXT
PHP:
  1. /**
  2. * Benchmark a php script
  3. *
  4. * @param array $time_sample
  5. * @return string HTML
  6. */
  7. function quick_benchmark($time_sample = array())
  8. {
  9.     $steps = count($time_sample);
  10.     $output = '';
  11.    
  12.     for($i=0;$i<$steps;$i++)
  13.     {
  14.         if($i<($steps-1))
  15.         {
  16.             $output .= '<p>Time '. ($i+1) .': '. number_format(($time_sample[$i+1] - $time_sample[$i]),6,'.','') .' seconds.</p>';
  17.         }
  18.     }
  19.    
  20.     $output .= '<p>Total time: '. number_format(($time_sample[$steps-1] - $time_sample[0]),6,'.','') .' seconds.</p>';
  21.    
  22.     return $output;
  23. }

This is a simple example using sleep() to demonstrate the output.

PLAIN TEXT
PHP:
  1. $time_sample[] = microtime(true); //start
  2. sleep(1);
  3. $time_sample[] = microtime(true); //time 1
  4. sleep(2);
  5. $time_sample[] = microtime(true); //time 2
  6. sleep(3);
  7. $time_sample[] = microtime(true); //time 3
  8. sleep(1);
  9. $time_sample[] = microtime(true); //time 4
  10.  
  11. echo quick_benchmark($time_sample);

The script outputs:

Time 1: 1.001833 seconds.
Time 2: 2.001427 seconds.
Time 3: 3.001124 seconds.
Time 4: 1.001720 seconds.
Total time: 7.006104 seconds.

It's a good idea to comment each time you record a microtime so that you know which section of script took that amount of time.

24
Jul
3

PHP – Random string generator snippet

by jestep

This is a little function that I use all the time to generate random strings. There are 3 options for random strings with this: Alpha, Alpha-numeric, and Alpha-numeric with symbols. This is important because sometimes it's a good idea not to allow special characters in a php string. However, the special characters are great if you need to create a key or initialization vector for 2 way encryption.

This can be used to generate random passwords or keys or just about anything else that needs a random string. You can also throw this directly into a class and use it as a static method.

PLAIN TEXT
PHP:
  1. /**
  2. * Generate a random string
  3. *
  4. * @param int $length
  5. * @param int $mode 1 = Alpha, 2 = Alpha-numeric, 3 = Alpha-numeric with symbols
  6. * @param boolian $char_set Set true for Upper and Lower case letters
  7. * @return string
  8. */
  9. function random_string($length=16,$mode=1,$char_set=false)
  10. {
  11.     $string = '';
  12.     $possible = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
  13.    
  14.     if($char_set) {
  15.    
  16.         $possible .= strtolower($possible);
  17.    
  18.     }
  19.    
  20.     switch($mode) {
  21.        
  22.         case 3:
  23.            
  24.             $possible .= '`~!@#$%^&*()_-+=|}]{[":;<,>.?/';
  25.            
  26.         case 2:
  27.        
  28.             $possible .= '0123456789';
  29.             break;
  30.            
  31.     }
  32.    
  33.     for($i=1;$i<$length;$i++) {
  34.         $char = substr($possible, mt_rand(0, strlen($possible)-1), 1);
  35.         $string .= $char;
  36.     }
  37.    
  38.     return $string;
  39. }

Examples:

PLAIN TEXT
PHP:
  1. echo random_string(32);
  2. //WQTISVJVMWSEFXEIQISJPCBENFEHQAN

PLAIN TEXT
PHP:
  1. echo random_string(16,2,true);
  2. //cZhVGHJb0PqJIk3

PLAIN TEXT
PHP:
  1. echo random_string(16,3);
  2. //=,:UT__GN[ST>GH

21
Jul
4

25 Point Basic MySQL Setup/Optimization Checklist

by jestep

Daily I run into new web programmers that are using PHP and MySQL to create their blogs and websites. I created this checklist as a guide for new and experienced to make sure they are covering the basics of a MySQL server setup.

This guide is by no means all inclusive, but should help to cover some of the major gaps in knowledge and commonly overlooked fundamentals that I run into on a daily basis.

The checklist is separated into 5 equal sections: Server Setup, Schema Design, Table Design, Index Optimization, Query Optimization, and a 6th Bonus Tips section.

Continue reading...

Page 1 of 212
Copyright © 2010 SayNoToFlash, Jamie Estep, All Rights Reserved · Theme design by Themes Boutique