Jeremy Knope dot com

So I’m currently working on a new site for hosting my mac software projects and wanted to include support for some popular things used by mac programs. For example many programs use Sparkle for doing automatic updates, or even Sparkle+ for tracking system information from the updating applications. So I wanted to go about making a site that would let me manage programs, their downloads, and possibly auto-generate appcasts for use by Sparkle updaters.

So I currently have quite a bit of the front-end going, no administration yet. I have a system that has products, product releases (downloads), download stats, sparkle profile tracking and appcast generation, and download stats integration for sparkle downloads. A lot of this is or will be configurable if this proves to be useful for other people to use.

It’s using a PHP MVC framework also, providing nice URls for everything, some examples:

• example.com/products/view/MetaGrowler
• example.com/downloads/get/6
• example.com/downloads/product/MetaGrowler
• example.com/downloads/get/6/fromsparkle/MetaGrowler_0.1.1.zip
• example.com/appcast/MetaGrowler
• example.com/sparkleProfile/MetaGrowler?profilerArgsHere

That’s just some of the basic stuff I’ve got so far, I mostly wanted a nice way of managing various products and their downloads, I’d want purchase ability eventually too. I’ve heard there’s someone that might be working on a similar project too, mentioned on the macsb yahoo group but that’s currently not searchable due to some error.

I’d like to hear any feedback, and also see what the other projects are (only know of PotionStore as a similar rails-based project.) I’m mostly geared to build my own site right now but trying to keep in mind it might be useful for others, so any input is helpful. I hope I’m not duplicating someone else’s work, but maybe can work together if there’s similar goals, if anybody knows the post, or maybe if yahoo starts working again soon can see what’s up.

Email me at jerome AT jeremyknope DOT com to talk about it if interested or if you’re working on something similar and want to discuss it.

Technorati Tags: framework, mac, php, software

So I decided to write a bit about my experience and implementation of the Zend_Acl component, it’s a bit rough but I hope it gives an idea of how to possibly implement Zend_Acl. Let me know if there’s anything not very clear, I’m no english major so there’s bound to be some awful sections.



Background

So where I work, at RainStorm Consulting, we have a large web application system that drives parts of client’s websites. It currently does not have a public facing site that I could provide for more information, but it’s something that’s evolved over time to facilitate common needs among clients, eventually turning into a central service-providing administration site that clients can go to one place for to administer various dynamic content. It’s also a multi-tenant system, currently only with basic privileges, super administrator, site administrator, and a basic user that can only edit their ‘profile’ for a couple applications. There’s now a client with desire for more fine-grained permissions so Zend_Acl fit the bill.

Implementation

After brainstorming a bit, what exactly we needed for permission control and much frustration wrapping my head around the idea of ACL, taking it’s full capabilities into my head and getting confused. I basically ended up at the end with an ACL implementation that is similar to Drupal’s. I didn’t go into a full implementation of the hierarchy that Zend_Acl offers for both resources and roles. Our system has modules(separate applications) which will map directly to a resource, so say NewsStorm will have a resource by the same name. A role will then have various resource & permission words mapped to it, with a flag for allow or deny. The basic schema is sketched out roughly in this diagram:

I still haven’t finalized the best way for providing possible permissions from a module, but possibly a central module file that al modules will have, possibly containing a class. Currently it’s stored in the modules table in the database, modules create a record there on installation. A simple field right now has a csv of permissions, for example NewsStorm might have “manage categories, new post, edit post, delete post, publish post” which are provided in the permission management, which is modeled after drupal’s.

Shot of the client’s version of this permission management tool:

The actual setup so permissions can be checked happens in the core class in setupAcl(), it pulls everything from the database and builds the ACL tree. We have 2 core roles, Administrator which is just hard-coded and Site Administrator which exists in the database and is meant for almost full control over every module for a site. We fetch all the roles and add them, along with resources.

$acl = new Zend_Acl();

$roles = Siteturbine_Acl_Role::find('all', array('parent_id is null'));
foreach($roles as $role) {
	$acl->addRole($role);
}
$resources = Siteturbine_Acl_Resource::find('all', array('parent_id is null'));
foreach($resources as $resource) {
	$acl->add($resource);
}
$acl->allow('Administrator', null, null);

foreach($roles as $role) {
	$query = "SELECT ro.name as role,re.name as resource,GROUP_CONCAT(rr.permission SEPARATOR ',') as perm
  FROM acl_roles ro
  LEFT OUTER JOIN acl_resources_roles rr ON rr.role_id = ro.id
  LEFT OUTER JOIN acl_resources re ON re.id = rr.resource_id
  WHERE ro.id = ? AND rr.allow = 1
  GROUP BY rr.resource_id";
	$allows = Siteturbine_Acl_Resource::findBySql(array($query, $role->id));
	$has_allow = false;
	foreach($allows as $a) {
		$has_allow = true;
		$acl->allow($role, $a->resource, explode(',', $a->perm));
	}
	if($has_allow) {
		$acl->allow($role, $a->resource, null);
		$acl->allow($role, $a->resource, 'view');
	}

	$query = "SELECT ro.name as role,re.name as resource,GROUP_CONCAT(rr.permission SEPARATOR ',') as perm
  FROM acl_roles ro
  LEFT OUTER JOIN acl_resources_roles rr ON rr.role_id = ro.id
  LEFT OUTER JOIN acl_resources re ON re.id = rr.resource_id
  WHERE ro.id = ? AND rr.deny = 1
  GROUP BY rr.resource_id";
	$allows = Siteturbine_Acl_Resource::findBySql(array($query, $role->id));
	foreach($allows as $a) {
		$acl->deny($role, $a->resource, explode(',', $a->perm));
	}
}

So tons of stuff going on in here I suppose, basically I query out the resource-permission maps into separate rows that I can loop through and call $acl->allow() or $acl->deny() as appropriate. If a role has any allow permission at all, I also set a hard-coded allow to the ‘view’ permission, which I use as a way to see if someone has ANY module permission at all, used in navigation.

After all that, I can call a helper type function I have for checking if the current user has permission for a specific area or task. This function takes care of automatically getting the current user and also the module if one isn’t specified.

	function isAllowed($permission, $module=null)

so $this->isAllowed(’new post’) might return true if the current user has a role that allows the ‘new post’ permission on the current module.

This was a pretty rough post, but I’m not so great at writing but I hope it might be useful. Let me know if it could use more clarification, I probably glossed over a lot.

Technorati Tags: php, framework, zend

So Zend Core recently released an update which has the PDO extension so I can now use it since all my applications run off of PDO for data access. Problem is I’m trying this on Mac OS X which currently has a problem with building PDO separately for PHP. So I had to wait for Zend Core to integrate the core PDO extension to even use it.

Zend Core offers a simple installation and management suite for a PHP installation. It installs PHP and it’s components along with some optional components (like phpMyAdmin and the likes and even Apache 2) and gives you a web interface for managing your php configuration, seeing general status of Apache, benchmark (ap), and grab updates automatically or manually for Zend Core. It’s also free to use it seems, you pay if you want support.

My favorite part of this is probably the offline searchable PHP manual it also includes and the easy to use php.ini editor that lets you edit settings & load extensions easily. Check out some screenshots.

Technorati Tags:
php, programming, zend, review

I whipped together a simple PHP script for automating the build process of installing a new PHP version. It’s designed for people like me who do installs of PHP that use extensions instead of building everything in. It automatically tries to figure out what extensions you got loaded that aren’t typically built-in and builds & installs those after building & installing PHP.

Basic usage:

1. Edit the file to reflect any configure options, and if desired manually specify extensions you want which will disable the automatic detection
2. $ php build_php.php /Users/jerome/php-5.2.1

Get it here

Technorati Tags: development, php, tool, script

So today I was able to successfully send an encrypted email from a PHP application of mine. This isn’t too hard to do with basic plain emails and using say GPG with the PHP GPG extension. I played with this first but came to choose S/MIME based encryption method instead since it’s actually supported by nearly every email client without plugins/addons. This seems way more ideal, you can even get a free certificate from thawte for email use. I was able to find out how to do this in PHP via the openssl extension’s openssl_pkcs7_encrypt function. So today I finished up the encryption support in the web application I was working on by getting html emails to encrypt & send and then show up right on the other end. Was pretty excited to get that working, was just a matter of putting the mime/html related headers into the message data to be encrypted.

Small annoying part is the openssl_pkcs7_encrypt function takes file paths for arguments, not variables with data. So you have to save stuff to say /tmp then delete. Kinda stinks.

Technorati Tags: development, php, encryption

So I just recently updated my Script Logger app, a small PHP web app meant to drop in and log various errors and warnings generated by a larger PHP web application, including pages that might take too long. This was made in response to liking the ability to see what problems may have occurred on a server via Zend Platform that I tried out. So I decided to make a simple one using PHP’s functions for setting error and exception handlers. This isn’t the perfect solution compared to Zend Platform since it’s done with PHP code, and with the handlers, they can’t catch fatal errors. Maybe some day someone, or me if I ever learned how, could write a simple extension for catching all the various errors including the ones unable to be caught within PHP for logging. I’m thinking Xdebug is a good resource for this since it catches all the errors etc, and it would be a good companion to someone with a Xdebug PHP setup to have a free Zend Platform like alternative.

My Script Logger requires PHP 5.1 or better, the PDO extension to be installed (which it often is by default, at least if you build PHP), and sqlite2 or sqlite driver for PDO installed. You can possibly install these via pear/pecl too if you don’t already have them. To install just drop it on your web site, edit config.php to see if the error settings are to your liking, make db folder writable, and you should be good to go.

Script Logger

Technorati Tags: php, programming, software, xdebug, zend

I’m starting to wonder what the future of Zend Studio is due to disappointing updates and the new PHP IDE Project backed by Zend. I’m quite disappointed that the java based cross-platform application that is Zend Studio isn’t a native application to OS X Intel. Supposedly this should work through rosetta, but come on, it’s java, it shouldn’t have to be specific to PowerPC, and shouldn’t be hard to fix this at least for the primary program. I believe my first attempt to actually install Zend Studio on my MacBook Pro was met in similar failure to the friend that warned me that it has issues on OS X intel. I seemed to have installed 5.5 beta just fine and it so far seems fine. But it’s still severly limited since you can’t use the Zend Debugger, Profiler, or Platform features since that requires the Zend extensions which are PowerPC and you can run PowerPC applications but not load shared libraries like those into intel applications. So basically it’s not a 100% package on OS X intel.

The other issue is that I have an expired Zend Studio 5.1, meaning it’s still valid to use but no free updates, so $200 to get 5.2 or 5.5 when it’s out. And for what? Nothing special at all, there’s some cool stuff, like Zend Platform integration is actually something nicer in 5.5 compared to the initial stuff in 5.2. I’m not sure I like the subscription style upgrade program, it benefits you at times like when a huge release comes out like say if 6.0 was coming out when you still had the support/updates. Mine happened to expire before 5.2 or 5.5 so neither are free, I definitely said no to paying to renew and get 5.2 since there was barely anything at all new, and 5.5 isn’t much better either. Not worth it until maybe 6.0.

Also, is Zend Studio going to be continued or is the PHP IDE Project slated to eventually be Zend/PHP’s preferred IDE of choice. Doesn’t seem like it, but the fact that Zend is helping with what would be competition for Zend Studio seems kinda odd. That and the lack of intel support for Zend Studio and Zend Platform makes it kinda uncertain if it’s worth spending money for an upgrade, at least not until there’s a better looking update that provides something more worthwhile. In the meantime I’m seriously looking at Komodo Professional to see if it’s at all a better deal, specially with all the languages it’s capable of handling, including code suggestion for more than just PHP, but for other languages and also CSS and XSL too. The biggest concerns for that IDE so far are performance/snapiness and limited PHP code suggestion. I don’t know if PHP IDE Eclipse project will be good, at least not yet, but Eclipse has been incredibly slow on linux and OS X. We’ll see how things progress with it.

Technorati Tags: php, programming, development, software, tools, zend

So I recently ran across SitePoint Blogs » wxDebug when searching for information about what people use to read the cachegrind outputs from Xdebug profiling. This is promissing since it’s a start of a GUI that runs on anything Python/wx runs on which is almost everything, including OS X. I’d like something similar to KCacheGrind but that might be a while before something like that would be available on OS X, maybe if wxDebug gets developed further. So my attempts to run it on OS X failed at first, but that seemed to be due to the bundled python & wxPython in OS X are old. Upgrading to Python 2.5 and latest wxPython resulted in it running and processing files at the least.

So processing a file doesn’t yield in much happening on screen, but hey, maybe it’s easy to resolve. At least it runs, and the analyzer seems ok so far. I’ll have to look into it further sometime.

Technorati Tags: mac, php, profiling, programming, xdebug

So today I did some legitimate profiling of some PHP code using Xdebug for the first time. I used KCacheGrind to open the output files. I had a page in our mailing application that allows importing of emails from a csv file or an excel file, which was taking too long and eventually timing out when given a few thousand entries. I was able to profile a few times and improve code until it finally didn’t time out. The first thing was the importer class which implements the Iterator interface (from SPL), in which array_keys was called over and over again in the iterator functions, so had to store that in an instance variable and therefore much improved that area. Next up was the code responsible for putting the emails in the database, profiling showed that it was calling a settings class a lot, about 58% of the time it’s doing MasterSettings::find() call:

That’s obviously not good, easily fixed again with storing it in an instance variable so I have the limit setting I was asking for available instead of querying the settings system every time. Next profiling run showed addSubscriber and getSubscriber to be the two most time consuming operations, and what they were doing that was time consuming:

So the MSList addSubscriber function was calling subscriberCount() on itself a lot, and that was eating a lot of time. Turns out that was querying the database doing a COUNT() every single call, this being done nearly 6000 times in this particular case. Since ’subscribers’ are added and removed via functions, I changed the subscriberCount() function to only pull from database once and then from there, the add/remove functions increment/decrement respectively. That helped a lot but left the getSubscriber() function that calls to the database to see if one exists, otherwise creating an entry. This I tried to improve but realized not much can be done beyond usage of memcached in the database class. I basically cached the database results into a static class variable, which only served to improve performance when importing a list that has a lot of duplicates. This might be an excellent test case for trying memcached out.

After all that, I’m left with the main script file and getSubscriber() taking the most time up, and the script no longer times out, still some concerns about the database hit but the script is a lot quicker now, and Xdebug + KCacheGrind proved to be very valuable.

I highly recomend Xdebug on the awesome stack traces for notices/errors/warnings alone, I don’t know how many times that’s helped when getting a NOTICE from who knows where.

Technorati Tags: php, profiling, programming

Just saw today on “Zend Developer Zone”:http://devzone.zend.com/node/view/id/576 a post talking about a “PHP poem”:http://jadmadi.net/2006/06/26/php-sad-poem/ that was kinda funny, at least for us geeks. Give it a read, it’s a little sad poem.
Apparently it was posted on the PHP general list originally so thought I’d provide the “link to the original”:http://marc.theaimsgroup.com/?l=php-general&m=115129593132595&w=2 . Although not entirely sure if he’s the author or not, but none-the-less, it’s a hoot.

Technorati Tags: php, poetry, funny