Thông tin tài liệu
Crunching
Data
PHP
with
CrunchingCr unching
DataData
PHPPHP
withwith
From TAR to RAR in a ZIP From TAR to RAR in a ZIP
INTERVIEW
PRIMING PHP FOR THE ENTERPRISE
PRIMING PHP FOR THE ENTERPRISE
Idealabs Preps LAMP Up for the Big Time
TURNING A CLASS INTO TURNING A CLASS INTO
AN APPLICATION WITHAN APPLICATION WITH
PHP-GTKPHP-GTK
Automate your tasks with a GUI app
STRENGTHENING THE STRENGTHENING THE
AUTHENTICATION PROCESSAUTHENTICATION PROCESS
Make that login more secure without
HTTPS
An XML APPROACH TO TEMPLATING An XML APPROACH TO TEMPLATING
USING PHPTALUSING PHPTAL
Making the peace between designers and developers
MARCH 2005
VOLUME IV - ISSUE 3
MARCH 2005
VOLUME IV - ISSUE 3
www.phparch.com
Get Ready For:
Plus: Security Corner, Product Review, and much more
LEARNING PHP WAS NEVER THIS MUCH FUN
Come learn PHP in Paradise with us
(and spend less than many other conferences)
Ilia Alshanetsky - Accelerating PHP Applications, Marcus Boerger - Implementing PHP 5 OOP Extensions,
John Coggeshall - Programming Smarty, Wez Furlong - PDO: PHP Data Objects, Daniel Kushner - Introduction to
OOP in PHP 5
, Derick Rethans - Playing Safe: PHP and Encryption, George Schlossnagle - Web Services in PHP 5,
Dan Scott - DB2 Universal Database, Chris Shiflett - PHP Security: Coding for Safety, Lukas Smith - How About
Some PEAR For You?
, Jason Sweat - Test-driven Development with PHP, Andrei Zmievski PHP-GTK2
The Magazine For PHP Professionals
php|
Tropics
Moon Palace Resort, Cancun, Mexico.
May 11-15 2005
At php|tropics, take the exam and
Get Zend Certified
and we'll pay your fees!
For more information and to sign up: http://www.phparch.com/tropics
Early-bird discount in effect for a limited time!
II NN DD EE XX
March 2005
●
PHP Architect
●
www.phparch.com
4
6 Editorial
It’s All in a Day’s Work
7 What’s New!
42 Test Pattern
The Three Inch High Design Tool
by Marcus Baker
48 Product Review
Vertrigo: The Utopia of All-in-One’s ?
by Peter B. MacIntyre
62 Security Corner
Magic Quotes
by Chris Shiflett
65 exit(0);
HELP! I’m a PHP beauty stuck in the
body of this Java programmer!
by Marco Tabini
10 Crunching Data with PHP
by Christian Wenz
19 Turning a Class Into an
Application With PHP-GTK
by Scott Mattocks
28 Interview
Priming PHP for the Enterprise
by Marco Tabini
33 Strengthening the
Authentication Process
by Graeme Foster
52 An XML approach to Templating
using PHPTAL
by José Pablo Ezequiel Fernández Silva
TABLE OF CONTENTS
php|architect
TM
Departments
Features
EEDDIITTOORRIIAALL
I
t’s no wonder that we are getting paranoid about the security of
air travel—airports and airplanes seem to be a breeding ground
for odd and bizarre behaviour. For some unknown reason, the
normal laws of civilized society don’t seem to apply over interna-
tional waters, or as soon as you’ve passed the first (of many) secu-
rity checkpoints.
On a flight, you’re forced to be in closer contact than you would
ever allow under any circumstances with people you have never
met in your life—and, most likely, would never want to have any-
thing to do with if you knew them in the first place. Some of your
fellow passengers are just plain inconsiderate—like the guy sitting
next to you who takes off his shoes and the other one who drinks
enough Martinis to kill a small horse.
Airport security—not to be outdone by the very same people it
is meant to server—is reaching new heights of stupidity. At one
end of the line, an officer asks you to take off your shoes. “It’s
optional, but if you don’t take them off they’ll search you at the
other end of the line.” Well, duh… let’s see, should I take off my
shoes now or everything else in the presence of that seven-feet-tall
guard named “Bob” in thirty seconds? Um, let me think about it.
On my way back from a recent trip to California, I sat right
behind the security checkpoint and listened in on a screener who
was performing a search on a fellow passenger-in-waiting who had
actually refused to take off his shoes. The best part was the intro-
duction, which went something like “Sir, could you step to the
side please. Now, I will have to perform a search of your person
because you ‘fit the profile.’ Of course, we can’t tell you what the
profile is, but this will only take a moment.”
So, on one side of the line someone tells you exactly “what the
profile is,” and, on the other, someone else tells you that the pro-
file is a secret. I hate to be stating the obvious, but that strikes me
as slightly odd—then again, there is no limit to government silli-
ness.
Meanwhile, back in Canada our government is training more
search dogs and pigs (yes, I said pigs) to sniff out smugglers.
“Drugs,” you may be thinking? No. Illegally-imported food. It’s
not the guy with the three-pound package of cocaine in his back-
pack that we should be worried about—the real criminal is the
eighty-year-old Italian lady with the salami in her purse.
Until next month, happy readings!
March 2005
●
PHP Architect
●
www.phparch.com
6
php|architect
Volume IV - Issue 3
March, 2005
Publisher
Marco Tabini
Editorial Team
Arbi Arzoumani
Peter MacIntyre
Eddie Peloke
Graphics & Layout
Arbi Arzoumani
Managing Editor
Emanuela Corso
News Editor
Leslie Hill
news@phparch.com
Authors
Marcus Baker, Graeme Foster, Peter B.
MacIntyre, Scott Mattocks, Chris Shiflett,
José Pablo Ezequiel Fernández Silva,
Christian Wenz
php|architect (ISSN 1709-7169) is published twelve times a year by
Marco Tabini & Associates, Inc., P.O. Box 54526, 1771 Avenue Road,
Toronto, ON M5M 4N5, Canada.
Although all possible care has been placed in assuring the accuracy of
the contents of this magazine, including all associated source code, list-
ings and figures, the publisher assumes no responsibilities with regards
of use of the information contained herein or in all associated material.
Contact Information:
General mailbox:
info@phparch.com
Editorial: editors@phparch.com
Subscriptions: subs@phparch.com
Sales & advertising: sales@phparch.com
Technical support: support@phparch.com
Copyright © 2003-2004 Marco Tabini &
Associates, Inc. — All Rights Reserved
IItt’’ss AAllll iinn aa
DDaayy’’ss WWoorrkk
EE DD II TT OO RR II AA LL RR AA NN TT SS
TM
NNEEWW SSTTUUFFFF
March 2005
●
PHP Architect
●
www.phparch.com
7
What’s New!
php|architect launches php|
tropics
2005
Ever wonder what it's like to learn PHP in paradise? Well, this year we've decided to give
you a chance to find out!
We're proud to announce php|tropics 2005, a new conference that will take place between
May 11-15 at the Moon Palace Resort in Cancun, Mexico. The Moon Palace is an all-
inclusive (yes, we said all inclusive!) resort with over 100 acres of ground and 3,000 ft. of
private beach, as well as excellent state-of-the-art meeting facilities.
As always, we've planned an in-depth set of tracks for you, combined with a generous
amount of downtime for your enjoyment (and your family's, if you can take them along
with you).
We even have a very special early-bird fee in effect for a limited time only.
For more information, go to
http://www.phparch.com/tropics
.
NN EE WW SS TT UU FF FF
ZEND Core for IBM
Zend Core for IBM is a complete, certified and fully supported distribution of PHP 5 that
tightly integrates with IBM's DB2 and CloudScape products, in addition to bundling all
required third-party libraries for interaction with the outside world.
The product includes such features as security updates, GUI-based management, granular control over configuration
parameters and compatibility with Zend's other products, including Zend Platform.
Zend Core will be available as a free download from both IBM's and Zend's websites in the second quarter of 2005.
Support programs and Sevice Level Agreements will also be available for commercial clients in a variety of different
configurations.
For more information, visit the Zend Core for IBM site (
hhttttpp::////wwwwww 330066 iibbmm ccoomm//ssooffttwwaarree//ddaattaa//iinnffoo//zzeennddccoorree//
).
phpBlog 2.0.1
Want to get into the world of
blogging? Are you currently run-
ning phpBB? If so, check out the
latest release of phpBlog 2.0.1.
The project’s hompage lists some
of its features as:
• Trackbacks
• Montly archives
• Miniblog
• Rss
• More…
For more information or to down-
load, visit
hhttttpp::////wwwwww oouuttsshhiinnee ccoomm//pphhppbb
bbbblloogg//
Zend Studio 4.0
Zend has announced the release of Zend Studio 4.0
(
hhttttpp::////wwwwww zzeenndd ccoomm//ssttoorree//pprroodduuccttss//zzeenndd ssttuu
ddiioo pphhpp
)
Zend Technologies Inc. introduced Zend Studio 4.0, a
new version of their PHP integrated development envi-
ronment (IDE). Zend Studio runs on multiple operating
systems including Mac OS X.
The new release includes integrated support for all major database servers,
according to the developer, including IBM DB2, Cloudscape, MySQL, Oracle,
MS SQL Server, PostgreSQL, Derby and SQLite. New syntax highlighting
works for XML and CSS previously PHP, HTML, XHTML and JavaScript
were supported. PHPDocs support has been added and PHPDocumentor now
lets users create documentation directly from the PHP project source code.
Zend Studio 4 comes in a Standard edition for US$99 and a Professional
edition for $299. Both prices include tech support and one year of updates
and upgrades.
For more information visit:
hhttttpp::////wwwwww zzeenndd ccoomm//
NNEEWW SSTTUUFFFF
March 2005
●
PHP Architect
●
www.phparch.com
8
Check out some of the hottest new releases from PEAR.
DB_DataObject_FormBuilder 0.11.4
DDBB__DDaattaaOObbjjeecctt__FFoorrmmBBuuiillddeerr
will aid you in rapid application development using the
DDBB__DDaattaaOObbjjeecctt
and
HHTTMMLL__QQuuiicckkFFoorrmm
packages. In
order to have a quick but working prototype of your application, simply model the database, run DataObject's createTable script over it
and write a script that passes one of the resulting objects to the
FFoorrmmBBuuiillddeerr
class. The
FFoorrmmBBuuiillddeerr
will automatically generate a sim-
ple but working
HHTTMMLL__QQuuiicckkFFoorrmm
object that you can use to test your application. It also provides a processing method that will auto-
matically detect if an
iinnsseerrtt(())
or
uuppddaattee(())
command has to be executed after the form has been submitted.
If you have set up DataObject's links.ini file correctly, it will also automatically detect if a table field is a foreign key and will populate a
selectbox with the linked table's entries. There are many optional parameters that you can place in your DataObjects.ini or in the
properties of your derived classes, that you can use to fine-tune the form-generation, gradually turning the prototypes into fully-fea-
tured forms, and you can take control at any stage of the process.
DB 1.7.1
DB is a database abstraction layer providing:
• An OO-style query API
• Portability features that make programs written for one DBMS work with other DBMS's
• A DSN (data source name) format for specifying database servers
• Prepare/execute (bind) emulation for databases that don't support it natively
• A result object for each query response
• Portable error codes
• Sequence emulation
• Sequential and non-sequential row fetching as well as bulk fetching
• Formats fetched rows as associative arrays, ordered arrays or objects
• Row limit support
• Transactions support
• Table information interface
• DocBook and phpDocumentor API documentation
Cache_Lite 1.4.1
This package is a little cache system optimized for file containers. It is fast and safe (because it uses file locking and/or anti-corruption
tests).
XML_RPC 1.2.1
A PEAR-ified version of Useful Inc's XML-RPC for PHP. It has support for HTTP/HTTPS transport, proxies and authentication.
I18Nv2 0.11.3
This package provides basic support to localize your application, like locale based formatting of dates, numbers and currencies.
Beside that it attempts to provide an OS independent way to
sseettllooccaallee(())
and aims to provide language, country and currency names
translated into many languages.
Maguma OpenStudio
Maguma GmbH (Bolzano, Italy) will make the source code of Maguma Studio, Maguma's Windows-
exclusive IDE, open!
Beginning in March 2005 the full source code of Studio will be available for download and community
participation. Maguma OpenStudio, as Maguma has named the product, is a milestone in the pursuit to
the realization of Maguma's Open Source strategy. Maguma OpenStudio is a fast, easy and effective
PHP IDE for beginners and professional developers alike. The newest product, the modular cross-plat-
form IDE, Maguma Workbench, is Maguma’s second generation IDE and is also community focused
through its flexibility to allows users to create custom modules for it. Maguma’s goal is to allow pro-
grammers to "Have Fun Programming!" In March Maguma OpenStudio will be available for download
on the Community site
wwwwww pphhppwwiizzaarrdd nneett
and on the Maguma Community site community
hhttttpp::////ccoomm
mmuunniittyy mmaagguummaa oorrgg//
.
For more information visit:
hhttttpp::////mmaagguummaa oorrgg
NNEEWW SSTTUUFFFF
March 2005
●
PHP Architect
●
www.phparch.com
9
Looking for a new PHP Extension? Check out some of the lastest offerings from PECL.
big_int 1.0.0
Functions from this package are useful for number theory applications, or example in two-key cryptography. See
tteessttss//RRSSAA pphhpp
in the
package for example of implementation of RSA-like cryptoalgorithm.
The package has many bitset functions, which make it possible to work with arbitrary-length bitsets. This package is much faster than
the one bundled into PHP BCMath and covers almost entirely the functions implemented in the PHP GMP extension without requiring
any external libraries.
Net_Gopher 1.0.0
An
ffooppeenn(())
wrapper for retrieving documents via the gopher protocol. It includes additional function for parsing gopher directory
entries.
bz2_filter 1.1.0
A bzip2 compress/decompress stream filter implementation. It performs inline compression/decompression using the bzip2 algorithm
on any PHP I/O stream. The data produced by this filter, while compatible with the payload portion of a bz2 file, does not include
headers or trailers for full bz2 file compatibility. To achieve this format, use the
ccoommpprreessss bbzziipp22:://// ffooppeenn
wrapper built directly into
PHP.
intercept 0.2.0
Allows the user to request that a user-space function be called when a PHP function is executed. Support for class/object methods will
be added later.
mailparse 2.1.1
Mailparse is an extension for parsing and working with email messages.
It can deal with rfc822 and rfc2045 (MIME) compliant messages.
eZ publish 3.5.1
Ez.no announces the latest release of their content management system.
From the announcement:
”eZ publish is an open source content management system and development framework. As a
content management system (CMS) its most notable feature is its revolutionary, fully customiz-
able, and extendable content model. This is also what makes it suitable as a platform for gener-
al Web development. Its stand-alone libraries can be used for cross-platform, database independent PHP projects. eZ publish is also
well suited for news publishing, e-commerce (B2B and B2C), portals, and corporate Web sites, intranets, and extranets. eZ publish
is dual licenced between GPL and the eZ publish professional licence.”
Get all the details from
hhttttpp::////eezz nnoo//
The Zend PHP Certification Practice Test Book is now available!
We're happy to announce that, after many months of hard work, the Zend PHP
Certification Practice Test Book, written by John Coggeshall and Marco Tabini, is now
available for sale from our website and most book sellers worldwide!
The book provides 200 questions designed as a learning and practice tool for the
Zend PHP Certification exam. Each question has been written and edited by four
members of the Zend Education Board the very same group who prepared the
exam. The questions, which cover every topic in the exam, come with a detailed
answer that explains not only the correct choice, but also the question's intention,
pitfalls and the best strategy for tackling similar topics during the exam.
For more information, visit
hhttttpp::////wwwwww pphhppaarrcchh ccoomm//cceerrtt//mmoocckk__tteessttiinngg pphhpp
W
hen it comes to transferring data using the
Internet, trying to make your files as small as
possible is often a key element. It is rather lit-
tle known, however, that PHP supports a variety of
archive formats, in various ways: PHP extensions that
are compiled in (or loaded using
pphhpp iinnii
settings or
ddll(())
), PEAR packages and other external scripts. This
article surveys the most important and relevant possi-
bilities in this area, always with short examples that are
ready-to-use for your applications.
PHP Extensions
From a performance point of view, using a PHP exten-
sion is very often the best way to solve a problem. Since
you’re dealing with compiled code, performance is
usually much better than interpreted PHP code.
However, not all of these extensions are updated on a
frequent basis and some of them lack important fea-
tures. But before judging, let’s first have a closer look.
The file format that is probably most widely used over
the Internet is the ZIP format, because it has been
around for a long time and applications to manipulate
it are widely available on all platforms. Recent versions
of Windows come with an internal ZIP module, but do
not support other formats out of the box; Linux distri-
butions and Mac OS X offer much more in this respect.
Therefore, in order to avoid the hassle of additional
software installation, using the ZIP format is a good
idea. There is even a PHP module that supports ZIP—
you can find it in the online manual at
hhttttpp::////pphhpp nneett//mmaannuuaall//eenn//rreeff zziipp pphhpp
. The module is
a wrapper for the ZZIPlib library, a SourceForge project
available at
hhttttpp::////zzzziipplliibb ssff nneett//
. This library sup-
ports only extracting data from an archive, not creating
new ZIP files. Therefore, it can only be used with exist-
ing ZIP files. Doing so, however, is relatively easy: first,
you have to ensure that the PHP module is present. If
you are building PHP by yourself, you have to run
ccoonn
ffiigguurree
with the
——wwiitthh zziipp==//ppaatthh//ttoo//zzzziipplliibb
switch;
Windows users just need to add the following line to
their
pphhpp iinnii
file:
extension=php_zip.dll
REQUIREMENTS
PHP 4.x , 5.x
OS Any
Other Software
The modules and packages refer-
enced in the article.
Code Directory crunch
March 2005
●
PHP Architect
●
www.phparch.com
FFEEAATTUURREE
10
Crunching
Data with PHP
by Christian Wenz
There are various file formats to archive, pack, zip or
crunch data. PHP supports many of them, in different
ways: using external PHP scripts, PEAR packages or
PHP extensions.
FF EE AA TT UU RR EE
[...]... more on packing widgets in just a few paragraphs Next, let’s look at adding a maintainer This is where we get into really wrapping the PackageFileManager class into our GTK application A maintainer is someone who contributes to a PEAR package In the package.xml file, they are identified by four pieces of information: their handle, their name, their email address, and their role in the package As a result,... it using the add() method, again providing an array of files • Instead of using an array, you can also provide a space separated list of file names—if your file names do not contain spaces Here is a small example that creates a mini PHP distribution: We take three files from a PHP binary distribution package and compress them into a single tarball: . contains rather detailed infor-
mation about the package. Thankfully, the package can
be used in a straightforward manner. Again, it’s just a
matter of taking. files—the
PPEEAARR__PPaacckkaaggeeFFiilleeMMaannaaggeerr
class makes creating PEAR
ppaacckkaaggee xxmmll
files easy, but writing the scripts that load
the data drives
Ngày đăng: 17/01/2014, 18:20
Xem thêm: Tài liệu It’s All in a Day’s Work ppt, Tài liệu It’s All in a Day’s Work ppt