News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

SitePoint PHP Blog:
PINQ - Querify Your Datasets - Faceted Search
August 26, 2014 @ 10:58:22

The SitePoint PHP blog has continued their series showing the use of the PINQ library for PHP (a PHP implementation of the LINQ tool). In part one they introduced the tool and showed how to it could be used to query and sort data. In this second part they move on and show how to perform a multi-faceted search on data from a MySQL database.

We are not going to cover the full aspect of faceted search in this series. Interested parties can refer to relevant articles published on Sitepoint and other Internet publications. [...] Unfortunately, faceted search is not a built-in feature provided by MySQL yet. What can we do if we are using MySQL but also want to provide our users with such a feature? With PINQ, we'll see there is an equally powerful and straightforward approach to achieving this as when we are using other DB engines - at least in a way.

Building from the code from the first part of the series, they create a few more simple routes that let you define the different facets to use for the searching/sorting. He creates a custom facet class that uses the "traversable" handling of the PINQ to do the data manipulation. He creates a few different facet objects, each creating a customized filter. finally, he ties it all back into the endpoint and includes the updated markup to show the results. He finishes up the post mentioning a few limitations and improvements that could be made on the example as well.

0 comments voice your opinion now!
pinq query dataset mysql faceted search tutorial series part2

Link: http://www.sitepoint.com/pinq-querify-datasets-faceted-search/

SitePoint PHP Blog:
How to Create a Unique 64bit Integer from String
August 14, 2014 @ 12:55:33

In the latest post to the SitePoint PHP blog Vova Feldman shows you how to create an integer from a hash string that's both 64 bit and unique each time it's generated.

PHP provides the popular md5() hash function out of the box, which returns 32 a hex character string. It's a great way to generate a fingerprint for any arbitrary length string. But what if you need to generate an integer fingerprint out of a URL?

He describes the real-world situation he was facing - a rating widget that needed a randomized integer based on the page using it - and the two "sub-challenges" that make it up: url canonization and the string to unique 64 bit problem. He tackles each problem and shares code snippets showing the process and how it can be put to use. He also includes some interesting metrics at the end of the post showing the level of hash collisions (hint, it's a very low number).

0 comments voice your opinion now!
unique integer string 64bit tutorial md5 hash

Link: http://www.sitepoint.com/create-unique-64bit-integer-string/

The Code of a Ninja:
Salt, Hash and Store Passwords Securely with Phpass
June 16, 2014 @ 11:15:37

In this post to the CodeOfANinjs.com site, they walk you through password hashing, salting and storage using the PHPAss tool from OpenWall. The post itself is a bit older, but the content still provides a good example to teach the basics.

I think the main reason why we have to hash passwords is to prevent passwords from being stolen or compromised. You see, even if someone steal your database, they will never read your actual or cleartext password. I know that some PHP frameworks or CMS already provide this functionality, but I believe that it is important for us to know how its implementation can be made.

The tutorial shows you how to use the library and how to store the result in a simple "users" table in a MySQL database. The examples hash the password given from a simple form and use prepared statements (via PDO) to save it to the database. All PHP, HTML and CSS code you'll need - including the login form that checks the username/password - is included. There's also a few screenshots showing what the resulting forms and data should look like.

0 comments voice your opinion now!
phpass tutorial hash salt password storage mysql user

Link: http://www.codeofaninja.com/2013/03/php-hash-password.html

SitePoint PHP Blog:
Dependency Injection with Laravel's IoC
June 05, 2014 @ 11:51:08

The SitePoint PHP blog has a new tutorial posted showing you how to use the Laravel dependency injection container to handle dependencies in you Laravel-based applications. Younes Rafie introduces some of the basic concepts behind dependency injection and the various types to get everyone started on the same level.

As developers, we are always trying to find new ways to write well designed and clean code by adopting new styles, using design patterns, and trying new robust frameworks. In this article we will explore the dependency injection design pattern through Laravel's IoC component and see how it can improve our design.

He includes examples of the three basic types of injection - controller, setter and interface - with brief code examples of their implementation. He goes on to talk about the "Inversion of Control" principle (part of the SOLID set of principles) and how the Laravel dependency injection container helps by binding objects and instances for later retrieval. Code examples for session storage handling (through a MySQL database) are included that are automatically resolved as the class requires them.

0 comments voice your opinion now!
laravel dependency injection container ioc tutorial introduction session mysql

Link: http://www.sitepoint.com/dependency-injection-laravels-ioc

Code Yellow Blog:
What Your Framework Never Told You About SQL Injection Protection
May 23, 2014 @ 13:51:20

The Code Yellow site has recently posted an article pointing out an issue that's all too common in PHP frameworks, more specifically those that bundle some kind of ORM into their functionality. They wonder if your framework is telling you everything about what they're doing to prevent SQL injection.

We've discovered that SQL injection is to this day not a fully solved problem, even in most popular frameworks. In this post, we'll explain how these frameworks fail at escaping parts of a query, culminating in the discovery of a critical vulnerability in the popular Laravel framework which affects a large percentage of applications.

He starts with an illustration using the FuelPHP framework and the protection it offers from garden variety SQL injection attempts. Unfortunately, things start to break down when it gets much past this typical case. They found this same issue to be a wide-spread problem in many PHP frameworks and tools including the Laravel, CodeIgniter and CakePHP frameworks, each with their own ORMs. He also talks about issues with blacklisting and whitelisting and how, sadly, most of the frameworks just don't support it for model data filtering. There's a mention of some of the work they've done to help try and fix the issue (including patches and contacting authors) and some recommendations of how to correctly quote identifiers in SQL statements.

0 comments voice your opinion now!
sqlinjection framework whitelist blacklist identifiers escape prepared statements

Link: http://www.codeyellow.nl/identifier-sqli.html

Edd Mann:
Reversing a Unicode String in PHP using UTF-16BE/LE
May 12, 2014 @ 10:55:00

Edd Mann looks at an issue in his latest post that caused him problems in a recent project, reversing a Unicode string with UTF-16BE/LE.

Last week I was bit by the Unicode encoding issue when trying to naively manipulate a user's input using PHP's built-in string functions. PHP simply assumes that all characters are a single byte (octet) and the provided functions use this assumption when processing a string. [...] You should be aware that in 'Western Europe' we commonly only use the basic ASCII character-set (consisting of 7 bytes). This makes the transition to the popular 'UTF-8' Unicode representation almost seamless, as the two map one-to-one. I wish to however, discuss how to reverse a Unicode string (UTF-8) using a combination of endianness magic and the 'strrev' function.

He provides two different approaches to the problem. The first he calls the "naive" approach because it corrupts characters needing more than the two-byte representation. His second solution, the "endianness" method, converts the string to big-endian first (UTF-16) and then back to UTF-8 for more correct handling.

0 comments voice your opinion now!
unicode string utf8 utf16 bigendian endian convert reverse string

Link: http://eddmann.com/posts/reversing-a-unicode-string-in-php-using-utf-16-be-le

Sameer Borate:
Calculating descriptive statistics in MySQL
April 08, 2014 @ 10:46:22

Sameer Borate has shared some examples of how to generate some meaningful statistics about the contents of your database in a new post to his site today.

Descriptive statistics can be quite useful for simple analysis of records in a database. For example, to calculate average numbers of sales or products for a particular duration, or the Variance of sales for a month etc. We can easily calculate standard descriptive statistic measures in MySQL such as MEAN, SUM, STANDARD DEVIATION, VARIANCE, MIN and MAX using built-in functions.

He includes both the SQL and a bit of PHP code showing how to get these statistics (based on a simple data set of student scores). The PHP is required to more correctly evaluate the median and mode values as it's easier to evaluate those in PHP.

0 comments voice your opinion now!
mysql database descriptive statistics mean sum mode median

Link: http://www.codediesel.com/data/calculating-descriptive-statistics-in-mysql

SitePoint PHP Blog:
Optimizing MySQL
April 04, 2014 @ 11:54:48

The SitePoint PHP blog has posted the first two parts of their "Optimizing MySQL" tutorial series by Peter Nijssen. The first looks at general tips around indexes and the second shows some configuration tips to get the most from your database systems.

MySQL is one of the most used databases in conjunction with PHP. Making sure that your MySQL databases are running at their best is one of the most important aspects you have to consider whenever your web application grows. In this series of 3 standalone articles, we will have a look at how we can optimize our MySQL installation. We will take a look at which optimizations we can perform on our database, on our MySQL configuration and how we can find potential problems when MySQL is not performing well.

The first tutorial walks you through a brief introduction to indexes, shows you how to find duplicates and unused indexes that might be hanging around. The second post deals with the configuration topics using the Percona pt-variable-advisor. They also make use of the MySQLTuner tool for even further enhancement. Finally, the article finishes with a look at cross-server configuration comparison and how to see the differences.

0 comments voice your opinion now!
mysql series performance percona configuration indexes

Link: http://www.sitepoint.com/series/optimizing-mysql/

NetTuts.com:
Refactoring Legacy Code Part 2 - Magic Strings & Constants
April 03, 2014 @ 12:47:46

NetTuts.com has posted the second part of their "Refactoring Legacy Code" series today continuing on from their beginning of the series. They continue the refactor of their "trivia" application.

Old code. Ugly code. Complicated code. Spaghetti code. Jibberish nonsense. In two words, Legacy Code. This is a series that will help you work and deal with it. We first met our legacy source code in our previous lesson. [...] The time for the first changes have come and what better way to understand a difficult code base than start to extract magic constants and strings into variables? These seemingly simple tasks will give us greater and sometimes unexpected insights into the inner workings of legacy code. We will need to figure out the intentions of the original code author and find the proper names for the pieces of code that we've never seen before.

They talk about refactoring out things like "magic strings" and other hard-coded return values and checks. They mention updating the tests to reflect these changes while keeping an eye out for "magic constants" as well.

0 comments voice your opinion now!
refactoring unittest magic string constant trivia

Link: http://code.tutsplus.com/tutorials/refactoring-legacy-code-part-2-magic-strings-constants--cms-20527

Ulf Wendel:
The performance penalty of the early MySQL Fabric support for PHP
March 13, 2014 @ 12:16:23

In his latest post Ulf Wendel looks at the performance issues around the recently introduced MySQL Fabric support included in the mysqlnd extension.

PECL/mysqlnd_ms 1.6 is currently being modified to support sharding and fully automatic server and client failover when using MySQL Fabric (slides) to manage a farm of MySQL servers. PECL/mysqlnd_ms is a mostly transparent load balancer that works with all PHP MySQL APIs (PDO_MySQL, mysqli, ...). The idea is, that if, for example, a MySQL server fails, the plugin talks to MySQL Fabric to learn about alternative servers that Fabric has provisioned automatically. This "talks to" gives implies a performance penalty for applications.

He takes a look at what's happening "behind the scenes" when it comes to using the Fabric functionality and sharding (based on the use of mysqlnd_ms_select_shard). He traces through the execution path and how much slower then end result is. He includes some results from the connection debugging and the number of queries a single request makes.

0 comments voice your opinion now!
mysqlnd performance penalty mysql fabric support

Link: http://blog.ulf-wendel.de/2014/the-performance-penalty-of-the-early-mysql-fabric-support-for-php/


Community Events





Don't see your event here?
Let us know!


community framework podcast interview series threedevsandamaybe introduction library application code laravel language list developer project wordpress configure api release bugfix

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework