We all get to a point in the coding process where there needs to be "non-code" code. This does not have the same type of structure or verbiage as the construct of PHP, C# or anything else. This is our own little distinct code. It may seem like I am…
Just a quick post, as this is now December and I have not posted for almost a month. But this is another simple, and easy, and sometimes forgotten idea among the web programming world. Never pass up the opportunity to learn something new. I know this sounds really easy, and…
In some applications on the web, you are required to log in to view content, post content, or any other sort of thing. With this, there will be times when a member of the site/application/whatever will forget the password they used, and it will have to be reset for them. So there are different methods of doing this, and different ideas behind what should make this work. I am going to give you one that I use, which will use a close to random method for resetting the passwords.
It is finally October and I have not posted one thing yet. I was in California last week though. However that should not be an excuse for the lack of posting I have made. I really wanted to be able to post at least once a week, trying for twice a week. However, that has not happened.
So a quick post about security in a site. I will not claim that I know everything about security, but I have always been about the common sense stuff of a site. Some of the things to keep in mind:
In preparation for the Zend Certification Exam (ZCE), Zend provides a great (sarcasm) online practice test that consists of 8 questions. That is right, 8 questions. A certification exam that consists of 70 questions and Zend offers 8 questions. And the other thing with the practice test, is that if you get 5 out of 8 correct, then you are “ready” to take the exam. Which I would not suggest, unless of course you have at least 1 year of real PHP experience coding, testing, even hacking. Plus, there is a good amount of DB stuff on the test, as well as security, streams, XML/Web Services and other stuff. I also suggest you pay (that is right, pay) for a set of practice exams. But I digress. Back to the Zend practice test. They give you 8 questions, then just tell you how many you got right/wrong. There is no feedback (like a real exam) on the practice test, which I think there ought to be. So I decided I would not only give you the answer, but why it is the answer. Following is the exam questions and the answers and why they are the answers.
(more…)
CakePHP now has deprecated some queries. The findALL, findCount, etc etc etc. This now uses the find() method for all of these, and has a basic syntax for this. If it is basic, why blog about it then? Good question. The documentation is there in the API, and is there in the Cookbook, it took me some time to really get a good idea on an applicable example and took many times of “trial and error” to help me get along. Because finding is good, and will give you all the information you need, if it is a simple, 1 table find. If you need to query two or three tables, how does this work. So this will go into those as well.
The basic idea of find, as listed by the API is this:
find( array $conditions, array $fields, string $order, int $recursive );
This will find one record based on conditions, return the desired fields (or all of them if nothing is specified), order the results, and go so many levels deep (-1 for just the current table).
(more…)
To continue on last weeks thought of a “lite” forum, I needed 2 tables (Forums, Posts). Since this is a “lite” forum, I did not want to create a mid-table labeled topics, so I incorporated that in the Posts table. The other reasoning behind this, is that to create a hybrid forum/blog, the topic is really just a beginning post in the thread, so keep those in the Posts table, just mark it as a topic to differentiate this from the other posts.
I created two controllers, forums_controller.php and posts_controller.php. All of the links on the application will point to the forums_controller.php file. The models need to be created, forum.php and post.php, with the relationships.
The file user.php (User model) needs to have a “hasMany” relationship with Posts.
var $hasMany = array(
'Post' => array('className' => 'Post',
'foreignKey' => 'post_id',
'dependent' => false,
)
);
The Forum model needs a “hasMany” relationship with the Post model
var $hasMany = array(
'Post' => array('className' => 'Post',
'foreignKey' => 'forum_id',
'dependent' => false,
)
);
The Post model needs a “belongsTo relationship with both the Forum and User models.
var $belongsTo = array(
'Forum' => array('className' => 'Forum',
'foreignKey' => 'forum_id',
'conditions' => '',
'fields' => '',
'order' => ''
),
'User' => array('className' => 'User',
'foreignKey' => 'user_id',
'conditions' => '',
'fields' => '',
'order' => ''
)
);
There was something I was asked to troubleshoot between two different environments. Most reputable places will give at least 2 different environments for application development, the best is to have at least three, development, stage, and production areas. I was asked resolve and fix an issue in the stage area,…
After last weeks Auth component, it is now time to go into the full Authentication of a user. In order to use the full power of the Auth component, the table should be named “users”. In the table I created, there were a few different things put in, but for the sake of this, I will limit those.
CREATE TABLE IF NOT EXISTS `users` ( `user_id` int(11) NOT NULL auto_increment, `username` varchar(25) NOT NULL, `password` varchar(250) NOT NULL, `full_name` varchar(250) NOT NULL, `email` varchar(250) NOT NULL, `remote_address` varchar(16) NOT NULL, `last_login` datetime default NULL, `last_login_ip` varchar(16) default NULL, `created` datetime NOT NULL, `modified` datetime default NULL, PRIMARY KEY (`user_id`), UNIQUE KEY `username` (`username`) ) ENGINE=MyISAM DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ;
In this table, there is a lot you really do not need, but here is the breakdown: ‘user_id’ is needed for my purposes, ‘username’ and ‘password’ are named as such to be able to use the Auth component methods. The other fields are for personalization (full_name and email). The next three are just for simplistic CYA that should always be good practice, grap the registered IP address, date the user last logged in and the IP they logged in from. Is this a foolproof way of CYA? No. But it starts you out on the right track. The last two I always put in all of my tables, as CakePHP updates those automatically, so this also helps to track when created and when changed.
Now that the table is done, we need to provide some quick validation for registration and such. In the model, the code should look similar to this:
var $name = 'User';
var $primaryKey = 'user_id';
var $validate = array(
'username' => array(
'alphaNumeric' => array(
'rule' => 'alphaNumeric',
'required' => true,
'on' => 'create',
'message' => 'Username must be only letters and numbers, no special characters'
),
'between' => array(
'rule' => array('between', 5, 20),
'on' => 'create',
'message' => 'Username must be between 5 and 20 characters',
),
'isUnique' => array(
'rule' => 'isUnique',
'on' => 'create',
'message' => 'This username is already taken. Please choose a different one.'
)
),
'email' => array(
'rule' => array('email', true),
'required' => true,
'message' => 'Please provide a valid email address'
),
);
After a few years of deliberating and going thru different iterations of site code, I have returned to the WordPress world and will write at the very least, the weekly entry in the blog. This will definitely have some issues as I see, as I am still deciding on the…