HirdWeb

OK, so I am a little late in posting something for the New Year. Now that college football season is over, there is less distractions for me on the TV. In my last post, I mentioned that my only New Year’s resolution was to take down the Christmas Tree. Well, I have done that, so this year is a success.

Now for some of the code stuff going on, more applications appear to be on the horizon. Some are big for a project, others are a couple of things that should be able to be completed fairly quickly. Some will have newer, “flashy” things on them, more integrated AJAX and what not.

But the real excitement is the new MacBook Pro 17″. I was hoping they would do that one soon, and now that they have, I think I want to get it. I just need to convince my wife that it is the right investment to do. Maybe I need to take on a few different projects here and there to help me out to get that new MBP. Then again, I really do not need any new hardware really. I just like getting hardware, especially when it comes with a possible 8G of RAM.

One hope of mine is to return to the UK with my family, possibly moving there. My kids are still younger, so the impact on them would not be as bad as it would be had they been teenagers. Yeah I know it sounds odd for me to want to immigrate to the UK, but that is what I feel would be best for my family. I can not really explain it, just a feeling I have.

So much for the musings and ramblings I have done. Next post will be about some code stuff. Most likely going again in the vein of CakePHP.

As the country starts in the festivities to lay to rest this past year, many people come up with lists, a la “10 Best Somethings of 2008″. Sometimes the lists even expand to 25. And if you are VH1 and MTV, with little to no viewership and the most horrible shows on earth (BTW, I thought MTV and VH1 were supposed to show music videos, novel concept for a couple of stations name Music Television and Video Hits 1), then your lists go to 100 and there is pointless commentary along with each number.

However, this is not the way I wanted to end 2008, with a list of something. I could list off many things:
10 biggest mistakes in 2008
10 best code tips of 2008
10 best sites of 2008
10 worst stories of 2008

Or I could just say that this past year has been a great learning experience for me. From all the things that have troubled me this past year, to the successes, not-so much successes, illnesses, code projects completed, and what not. Just like my last post, there is always something to learn. This past year was a great year to learn many lessons. Some lessons I hope to never go through again, as the learning part was very painful and unpleasant.

But now as the new year is coming along, many people will make promises to themselves they will promptly break. My only real New Years resolution is to take down this Christmas Tree in my house. I do that, and this next year will be a success.

There are a few different code projects I am looking to complete this year. I also want to go back to school and learn some more. I want to get better at all aspects of the languages I use, better at security and performance to anticipate threats coming in 2009, and as DSL/Cable speeds up in America (about time freakin A) tune the applications to perform better and not lose functionality. I want to also learn Russian. I know a little, but I would really love to be able to write and speak it fluently. Maybe even Spanish and French as well. I also want to learn to play the piano. I know how to read music, now I ought to put that to use.

And I can never forget my kids. I love them so much. I am really glad I am able to be around them, and I want to be able to help them out, play football with them, and just be the best dad I can be.

So, thank you for all the memories 2008. Thank you for all the lessons as well. Hopefully 2009 comes in with success and prosperity for all.

Just a quick post, as this is now December and I have not posted for almost a month. But this is another simple, and easy, and sometimes forgotten idea among the web programming world. Never pass up the opportunity to learn something new. I know this sounds really easy, and possibly even like a “duh” comment. But there are so many times I come across people from all areas of life, and all areas of business who think that they have nothing new to learn. When they encounter something they have not done before, or something that is done different than the way they did it, then it is wrong, and it is not right, and it is not correct, that it needs to be scrapped and how much they could do it better. Now while this may sometimes may be the case, it usually is not.

Just because something is different, or there is a requirement to do something in a different way, then it does not mean it is wrong, it is just an opportunity to learn. On Twitter, I started to follow PHP Advent. There are many ideas presented in this that provide a great perspective. Some I would not have tried, just because I would not have thought of that approach. But I would not dismiss them just because of that. There is always something new to learn. Never “poo-poo” anything just because you are not familiar with it.

OK, soapbox post is complete.

With checking ACL’s, the code I use is as follows:

$info = $this->Member->read(null, $id);

// Check for permissions to edit this account
if ( !$this->Acl->check(array('model' => 'Member', 'foreign_key' => $this->Auth->user('member_id')), $info['Member']['username'], 'update') ) {
	$this->Session->setFlash(__('You are not allowed to edit this user. -- ' . $this->Auth->user('member_id'), true));
	$this->redirect(array('action'=>'index'));
}

While this works and is not that bad of an idea at all, there is a way to centralize this check and put it in the main app_controller.php file.
Continue reading…

After doing a few posts on Access Control Lists (ACLs), the need to look further into the implementation of ACLs in a CakePHP project could be helpful. If there are questions on setting up the ACL tri-table in the database, you can review the previous postings, or check out the CakePHP documentation. But now that you have the ACL tables set up, how does it actually work?

First, the ACL happens after authentication. So whether or not you are using the Auth component, you will still need to authenticate the user some how, some way. Then once the user is authenticated and logged in, that user will have permissions to do different thing. Let’s say one of those things is to edit accounts. If it is a regular user, he should be able to edit his own and no one else. If the user was a “site admin” he should be able to edit his own and any account that is not a “super-admin”. If he is a super admin then he should edit everyone’s account. However, the first part of this is setting up the initial ACL permissions.

Continue reading…

In some applications on the web, you are required to log in to view content, post content, or any other sort of thing. With this, there will be times when a member of the site/application/whatever will forget the password they used, and it will have to be reset for them. So there are different methods of doing this, and different ideas behind what should make this work. I am going to give you one that I use, which will use a close to random method for resetting the passwords.

Continue reading…

Another quick post. This has some info on the “intrawebs” but there is also bad data out there. Say you have a form, that has some info on it that requires a good amount of data to be input by the end user. If the user leaves the form to go to another page, or closes the window, all of that will be lost. So there is a couple ways you can combat that.

1. You could make everyone create an account to save any data on a smaller scale and come back later and submit the form
or
2. You can create an alert message when the user no longer wants your page to show.

There are different reasons to do one or the other. If you had a long form for something like a scholarship or a detailed personal profile, that would be the case for the account to save the data in smaller chunks. However, lets say you have a form with many fields that requires some data input and alot of options to parse through. That would be a case for an alert message. But since HTTP is stateless, how would one accomplish this?

Continue reading…

It is finally October and I have not posted one thing yet. I was in California last week though. However that should not be an excuse for the lack of posting I have made. I really wanted to be able to post at least once a week, trying for twice a week. However, that has not happened.

So a quick post about security in a site. I will not claim that I know everything about security, but I have always been about the common sense stuff of a site. Some of the things to keep in mind:

Continue reading…

In preparation for the Zend Certification Exam (ZCE), Zend provides a great (sarcasm) online practice test that consists of 8 questions. That is right, 8 questions. A certification exam that consists of 70 questions and Zend offers 8 questions. And the other thing with the practice test, is that if you get 5 out of 8 correct, then you are “ready” to take the exam. Which I would not suggest, unless of course you have at least 1 year of real PHP experience coding, testing, even hacking. Plus, there is a good amount of DB stuff on the test, as well as security, streams, XML/Web Services and other stuff. I also suggest you pay (that is right, pay) for a set of practice exams. But I digress. Back to the Zend practice test. They give you 8 questions, then just tell you how many you got right/wrong. There is no feedback (like a real exam) on the practice test, which I think there ought to be. So I decided I would not only give you the answer, but why it is the answer. Following is the exam questions and the answers and why they are the answers.
Continue reading…

I did not post on Monday, which I really wanted to do. I am studying for the Zend Certification, but may have to put it off based on work load, and family obligations. Do I think I can just take the exam and pass it? Well, I am not that conceited, but I am sure I may be able to pass it on a good day. However, test taking is not one of my strengths, so even if I knew everything on the test, I may still fail the test. So studying really helps me go through the exam work, and then helps me to get through the anxiety of tests.

And there is also new work things I am doing on the side. Most involve CakePHP, some involve just doing some very basic PHP work. So I am doing those and having less time to actually blog. And let’s not forget football season is now in full swing, so I spend a good portion of my Saturday afternoons watching college football and doing some studying.

Hopefully next week I can make a couple of posts, and hopefully I will make a couple of posts per week.

The next post will probably deal with more of the CakePHP work I am doing. (Working on a “social” calendar, like there isn’t already 2000 of them already).