Archive for the 'Software' category

Quick Netbeans tip - task filters

published on April 27, 2010.
Heads-up! You're reading an old post and the information in it is quite probably outdated.

I’m using Netbeans as my main IDE for PHP and Python projects for over a year now, yet only now I have stumbled upon this feature - creating filters for tasks that show up in the “Tasks” window (Ctrl+6 shortcut to show/hide the window).

To be honest, I wasn’t even using it (until now), cause, by default it shows all the todo-s and issues from all the files from the current project. This can produce a pretty big list if (like me) you have Zend Framework, Pear and other frameworks and libraries set on the include path for the project you’re working in, as the little @todo-s will show up from those files, too.

Filters to the rescue. On the “Tasks” window there’s that little icon of that whatever-it’s-called showed on the first image, where you can create and edit filters. I’ve created a simple one, which excludes todo-s from files that have “Zend” in their location and includes only from PHP files (second image).

Me likes this feature.

Tags: filters, ide, netbeans, tasks, tip.
Categories: Development, Software.

Bad Firebug!

published on December 21, 2009.
Heads-up! You're reading an old post and the information in it is quite probably outdated.

We all know about Firebug, probably the best developer add-on out there, and how awesome it is and how many times it helped us debug some nasty Javascript code, mess around with CSS and HTML on-the-fly, to track the time load of every external page element our app loads… It’s so cool that it even has it’s own add-ons! (FirePHP, YSlow and FireCookie). Really, it helps our developer lives to suck a bit less.

Note: the following text is not about bashing other developers and their works, but to highlight the importance of proper input filtering. I myself have failed on this, several times.

Let’s go back to the part where we mess with the HTML by the means of this, may I say, application. You can add, hide, remove HTML elements, add, alter, remove, attributes from HTML elements… Adding, hiding, deleting - boring; altering - fun! I have this urge to try to break every form on every website I find. Not to do any harm, just to take a look how my fellow developer did his job and if I see anything that’s not right, I try to contact him to fix that, cause, y’know, I’m a nice person… Anyhow, I recently found some sites where all the textfields and textareas were filtered properly and no harm could be done - all my “hack” attempts were caught by their application. Nice. Oh, look, a select box! Right-click, inspect element, value=“xyz”, change that to value=“abc”, submit the form… and poof! A sexy SQL error. All that with the help of our li’l friend, Firebug. The elements where the user is required to provide some information “by hand” were processed correctly, but the select box was not.

OK, let’s take this one step further. On a site where the user can register an account and afterwards can edit his or hers profile. I register, go to the user panel, the usual stuff - change email, password, location, DoB (Date of Birth)… A quick inspection of the source - a hidden field “id” with a number in it. Hmm… Quickly, I register another account, note the “id” on that second account, go back to the first account, change the “id” of the first account to the “id” of the second account, change the DoB (just to see any actual information changing), click submit… “Your profile has been updated successfully.” Mine? Not really, the DoB is like it was in the first place… Go to the second account… Oh boy. I successfully changed the DoB of the second account, with my first account. Now, I haven’t seen their source code, but I can imagine what was going on. Something like this:

<?php
$id = (int)$_POST['id'];
$dob = $_POST['dob'];

$sql = "UPDATE users SET dob = '" . $dob . "' WHERE id = " . $id;

On the positive side, when I entered letters in that hidden field, I was told by the app that I haven’t filled all the fields correctly, which means they filtered even the hidden field, but skipped to check if that “id” is actually me.

OK, I know, the title is “Bad Firebug!” and the problems are actually about filtering user input, but I needed a catchy title to have your attention on Twitter :P

Even tho a field seems “unchangeable”, with a help of an awesome little app, it becomes changeable. And dangerous.

Filter input, escape output :)

P.S.: On the image above you can see my profile on a bulletin board, where I changed my year of birth from 1986 to 986 with Firebug. The years are in a select box; the lowest value is 1910. You can see my actual profile here.

Moblin, Linux for netbooks

published on May 21, 2009.
Heads-up! You're reading an old post and the information in it is quite probably outdated.

Moblin got me curios and I wanted to test it out:

Moblin is an open source project focused on building a Linux-based platform optimized for the next generation of mobile devices including Netbooks, Mobile Internet Devices, and In-vehicle infotainment systems.

Cause I don’t own (yet!) a netbook, I installed it under VirtualBox (VB from now on). The image is 666 MB big and it comes not in an .iso, but in a .img format. But, VB, a really awesome software, had no troubles booting from it. As with the majority of Linux distros nowadays, Moblin image is also a Live CD, which means you can run it, without installing it.

The preinstall process is made up from 6-7 steps: choosing the language, the keyboard layout, the timezone and, of course, the partitioning. Basically, it’s just another boring “Next-Next” process. The installation itself took around 6 minutes to finish. When it’s done, it asks for a username and a password.

The first boot went pretty quickly, considering that booting under VB takes longer than booting under regular installations. The thing about VB is that it needs, the so called “Guest Additions” installed on the guest machine, so that the guest machine can be used normally. In this case, I failed to install it: Moblin comes with one version of the Linux kernel and the additions are for another version of the kernel. This prevented me in my quest to test Moblin fully. Anyway, I’ve managed to take a few screenshots of it, all are uploaded to my Picasa profile.

There was one thing that was strange. It has a “Status panel”, from which you can update your profiles on social networks. A really useful stuff. I just opened it up and updated my Twitter profile. Almost. I wasn’t logged in to Twitter from it and Moblin didn’t say a word about it. It just happily said that my status is updated. Once I found the “Web services” panel I logged in and this time I was really updating my Twitter stream.

I really was hoping to test it normally and write a detailed review of it, but this guest additions thingy thought otherwise. Moblin is a great distro, even in this beta stage I believe it’s useful. What do you think? Did you test it already, saw it in action?

One thing’s for sure: when I’ll get myself a netbook, it’ll run on Moblin.

Cheers!

P.S.: Check out the Moblin intro, too!

Wordpress as CMS tutorial

published on March 14, 2009.
Heads-up! You're reading an old post and the information in it is quite probably outdated.

Wordpress is one of the best blogging platforms out there — if not the best. It’s very powerful, can be easily extended and modified. It’s documentation is very well written and, so far, had answer to all of my crazy questions :)

You know what’s the best part of Wordpress? With some knowledge of PHP and MySql, you can turn it into much more than just a blogging platform. After doing some HTML to WP work for Roger, I thought of one way how could Wordpress be transformed into a CMS. Note the “one way”. This is not the only way for doing this, and, most likely, not the best way.

I didn’t look much, but I think that there are some nice plugins out there that can do this. But, where’s the fun in the download, upload, activate process? Nowhere!

I will show you how to change your Wordpress into a CMS and it really doesn’t take much coding to achieve this! The example presented here is simple and will have a static page for it’s home page, another static page for the “Portfolio” page and the blog. The home and portfolio page will have some of own content and both will include some content from other static pages. You all most likely know the blog part ;)

Static pages

Things you should know: each static page has it’s title, it’s slug or name (the thing that shows up in your browsers address bar: http://example.com/portfolio/ - right there, the portfolio is the slug!), has the parent attribute and the template attribute. The parent attribute is used when it’s needed to make one page a child of another, i.e. to show Page2 as a subpage of Page1. The template attribute is used when we want to apply some different layout and styling to a static page. Read more about static pages and how to create your own page templates.

If you want to, you can download the theme I created for this tutorial from here (it’s not a designers masterpiece, what did you expect?), or you can use any theme you want.

I hope you read the part on creating page templates, I really don’t feel like explaining the next part.

Create 3 new files in your template directory (if you’re using my theme, these files are already there): home.php, portfolio.php and blog.php. Contents of these files are:

// home.php
<?php
/*
Template Name: Home
*/
?>

// portfolio.php
<?php
/*
Template Name: Portfolio
*/
?>

// blog.php
<?php
/*
Template Name: Blog
*/

// Which page of the blog are we on?
$paged = get_query_var('paged');
query_posts('cat=-0&paged='.$paged);

// make posts print only the first part with a link to rest of the post.
global $more;
$more = 0;

//load index to show blog
load_template(TEMPLATEPATH . '/index.php');
?>

To understand the contents of the blog.php file, please take a look at this.

Now, go to the dashboard, the Pages section and write 3 new static pages:

  • Home, with the slug home, for the template choose Home from the drop-down list (it's on the right side) and the parent leave as is (Main Page)
  • Portfolio, with the slug portfolio, for the template choose Portfolio
  • Blog, with the slug blog, for the template choose Blog

You can add some content to the Home and Portfolio pages, but don’t add any to the Blog page.

Organizing links

Now, let’s make that when we are on http://example.com/ it shows us the Home page, instead of the Blog, and when on the http://example.com/blog/ to show us the blog!

Go to Settings->Reading and where it says “First page displays” choose “A static page”, and under the “Front page” drop-down choose “Home”.

Now, go to Settings->Permalinks and change the “Custom structure” to /blog/%postname%/ or whatever is your preferred permalinks structure, but it must start with /blog/! If Wordpress can’t write to your .htaccess file (I hope it can’t!), open it up in your editor and type the following (or similar, depends on your setup):

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /blog/
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

The point is in the RewriteBase, with that we’re telling WP where to find the blog. On default setups, when http://example.com/ points to the blog, the RewriteBase is simply / but with the blog located at http://example.com/blog/ we need to change the RewriteBase. If all is well, we’re done with organizing the links.

While you’re still in the dashboard, write some new static pages with content. For the parent of these pages choose Portfolio and leave the template the default (the default page template is page.php).

Time for coding!

Here are two functions I wrote for retrieving content from static pages which will be then included in other static pages:

// functions.php
<?php

/**
* Gets last $number_of_subpages from their $parent_page
* If the <!--more--> tag is ignored ($ignore_more=true) returns the entire content of the subpages
*
* @param mixed $parent_page Contains either the slug of the parent page or it's ID
* @param integer $number_of_subpages Number of subpages to return
* @param boolean $ignore_more Whether to ignore the <!--more--> tag or not
* @return array Contents and titles of subapages
*/
function wpascms_get_subpages($parent_page='portfolio', $number_of_subpages=2, $ignore_more=false)
{
    global $wpdb;

    if(is_string($parent_page))
    {
        $parent_page_ID = wpascms_get_parent_page_ID($parent_page);
    }
    else
    {
        $parent_page_ID = $parent_page;
    }  

    if($number_of_subpages == 0)
    {
        $limit = '';
    }
    else
    {
        $limit = 'LIMIT 0, ' . $number_of_subpages;
    }
    // Get all subpages that are published and are childs of the given parent page
    // and order them by date in descending order (latest first)
    // also, if needed, limit to the latest $number_of_subpages
    $subpages = $wpdb->get_results("SELECT * FROM $wpdb->posts
                                    WHERE `post_parent` = '$parent_page_ID' AND `post_type` = 'page' AND `post_status` = 'publish'
                                    ORDER BY `post_date` DESC $limit");

    if(!$ignore_more)
    {
        foreach($subpages as $key=>$subpage)
            if(strpos($subpage->post_content, '<!--more-->') !== false)
            {
                $short_content = explode('<!--more-->', $subpage->post_content, 2);
                $subpages[$key]->post_content = $short_content[0] . '<a href="' . get_permalink($subpage->ID) . '">Read more...</a>';
            }
        }
    }

    return $subpages;
}

function wpascms_get_parent_page_ID($parent_page)
{
    global $wpdb;

    $id = $wpdb->get_var($wpdb->prepare("SELECT ID FROM $wpdb->posts WHERE `post_name` = %s AND `post_type` = 'page' AND `post_status` = 'publish'", $parent_page));

    return $id;
}

?>

The first function, wpascms_get_subpages() returns the given number of subpages from a specific parent page. By default it will break the content on the tag and append a “Read more…” link. The first parameter can be either a string containing the slug of the parent page, or the ID of the parent page. The second parameter is the number of subpages we want returned. If it’s zero, all subpages will be returned. The second function is merely a helper function, to get the id of the parent page based on it’s slug. To read more on querying the database, read this page.

Here’s how I’m calling this function on my example Home page:

<?php
/*
Template name: Home
*/

get_header();
?>

    <div id="home">
    <?php if (have_posts()) : while (have_posts()) : the_post(); ?>

        <h2><?php the_title(); ?></h2>

        <?php the_content('<p class="serif">Read the rest of this page &raquo;</p>'); ?>

    <?php endwhile; endif; ?>
    </div><!-- home -->

    <div id="latest_works">
    <h1>Recent work</h1>
    <?php $subpages = wpascms_get_subpages();
    if(count($subpages) > 0):
        foreach($subpages as $row=>$subpage):
        if($row%2 == 0)
        {
            $class = "left_work";
        }
        else
        {
            $class = "right_work";
        }
    ?>
        <div class="<?php echo $class; ?>">
            <h2><a href=<?php echo get_permalink($subpage->ID); ?>><?php echo $subpage->post_title; ?></a></h2>
                <?php echo $subpage->post_content; ?>
        </div>
    <?php
        endforeach;
    endif;
    ?>
    </div><!-- latest_works -->

<?php
get_footer();
?>

In words: including the header, then showing any content of the home page. After that getting the subpages: by default, wpascms_get_subpages() is getting the newest 2 subpages of the portfolio page. I’m showing the content of the subpages in 2 columns. What we got with this? Add a new subpage to the portfolio and it will automagically show up on the left side column. In the end, including the footer.

Here’s another example from the portfolio page:

<?php
/*
Template name: Portfolio
*/

get_header();
?>

    <div id="portfolio">
    <?php if (have_posts()) : while (have_posts()) : the_post(); ?>

        <h2><?php the_title(); ?></h2>

        <?php the_content('<p class="serif">Read the rest of this page &raquo;</p>'); ?>

    <?php endwhile; endif; ?>
    </div><!-- home -->

    <div id="latest_works">

    <?php $subpages = wpascms_get_subpages('portfolio', 0);
    if(count($subpages) > 0):
        foreach($subpages as $row=>$subpage):
    ?>
        <div class="work">
            <h2><a href=<?php echo get_permalink($subpage->ID); ?>><?php echo $subpage->post_title; ?></a></h2>
                <?php echo $subpage->post_content; ?>
        </div>
    <?php
        endforeach;
    endif;
    ?>
    </div><!-- latest_works -->

<?php
get_footer();
?>

Same thing is happening here: including the header, showing the content of the portfolio page. Getting the subpages, but now all of the subpages that are childs of the portfolio page, and showing them one under the other.

All subpages can be viewed each on it’s own page, but that is just a plain ol’ page.php file, so I’ll skip that.

Don’t limit yourself to the existing plugins or waiting for one tutorial/example that will show how you can make everything. Don’t be afraid to get your hands dirty by hacking some code. It really doesn’t take too much to create magic with Wordpress ;)

Cheers!

pywst - setting up web projects quickly

published on February 22, 2009.
Heads-up! You're reading an old post and the information in it is quite probably outdated.

I wrote a Python script for automating the steps required to setup a web project environment on my local dev machine that runs on Ubuntu. Called it pywst: Python, Web, Svn, Trac. That’s the best I could do, sorry :P

The main steps for setting up a new project are:

  • Create a virtual host
  • Add it to /etc/hosts
  • Enable the virtual host
  • Import the new project to the SVN repository
  • Checkout the project to /var/www
  • Create a TRAC environment for the project
  • Restart Apache

After these steps I have http://projectName.lh/ which points to /var/www/projectName/public/, SVN repo under http://localhost/repos/projectName/ and the TRAC environment under http://localhost/trac/projectName/.

As I have this ability to forget things, I always forget a step or 2 of this process. Thus, I wrote pywst (note, this is a txt file, to use it, save it to your HDD and rename it to pywst.py). It’s not the best and nicest Python script ever wrote, but gets the job done. All that is need to be done to setup a project with pywst is:

sudo ./pywst.py projectName

2 things are required: to run it with sudo powers and to provide a name for the project.

Future improvements

The first, and the most important is to finish the rollback() method. Now, it only exits pywst when an error occurs, but it should undo all the steps made prior to the error.

Second, to make it work on other distros, not only on Ubuntu. That would require for me getting those other distros, set them up, look where they store Apache and stuff, where’s the default document root, etc. Hmm… This will take a while :)

Third, support PHP frameworks - Zend Framework, CodeIgniter and CakePHP — ZF is a must :P Under support I mean to create the basic file structure for them automagically.

Cheers!

Robert Basic

Robert Basic

Software engineer, consultant, open source contributor.

Let's work together!

If you require outsourcing or consulting help on your projects, I'm available!

Robert Basic © 2008 — 2019
Get the feed