Ideas and Sorts

So Long 2008

As the country starts in the festivities to lay to rest this past year, many people come up with lists, a la “10 Best Somethings of 2008”. Sometimes the lists even expand to 25. And if you are VH1 and MTV, with little to no viewership and the most horrible shows on earth (BTW, I thought MTV and VH1 were supposed to show music videos, novel concept for a couple of stations name Music Television and Video Hits 1), then your lists go to 100 and there is pointless commentary along with each number.

However, this is not the way I wanted to end 2008, with a list of something. I could list off many things:
10 biggest mistakes in 2008
10 best code tips of 2008
10 best sites of 2008
10 worst stories of 2008

Or I could just say that this past year has been a great learning experience for me. From all the things that have troubled me this past year, to the successes, not-so much successes, illnesses, code projects completed, and what not. Just like my last post, there is always something to learn. This past year was a great year to learn many lessons. Some lessons I hope to never go through again, as the learning part was very painful and unpleasant.

But now as the new year is coming along, many people will make promises to themselves they will promptly break. My only real New Years resolution is to take down this Christmas Tree in my house. I do that, and this next year will be a success.

There are a few different code projects I am looking to complete this year. I also want to go back to school and learn some more. I want to get better at all aspects of the languages I use, better at security and performance to anticipate threats coming in 2009, and as DSL/Cable speeds up in America (about time freakin A) tune the applications to perform better and not lose functionality. I want to also learn Russian. I know a little, but I would really love to be able to write and speak it fluently. Maybe even Spanish and French as well. I also want to learn to play the piano. I know how to read music, now I ought to put that to use.

And I can never forget my kids. I love them so much. I am really glad I am able to be around them, and I want to be able to help them out, play football with them, and just be the best dad I can be.

So, thank you for all the memories 2008. Thank you for all the lessons as well. Hopefully 2009 comes in with success and prosperity for all.

Ideas and Sorts

Never Pass up the Opportunity to Learn

2 Comments

Just a quick post, as this is now December and I have not posted for almost a month. But this is another simple, and easy, and sometimes forgotten idea among the web programming world. Never pass up the opportunity to learn something new. I know this sounds really easy, and possibly even like a “duh” comment. But there are so many times I come across people from all areas of life, and all areas of business who think that they have nothing new to learn. When they encounter something they have not done before, or something that is done different than the way they did it, then it is wrong, and it is not right, and it is not correct, that it needs to be scrapped and how much they could do it better. Now while this may sometimes may be the case, it usually is not.

Just because something is different, or there is a requirement to do something in a different way, then it does not mean it is wrong, it is just an opportunity to learn. On Twitter, I started to follow PHP Advent. There are many ideas presented in this that provide a great perspective. Some I would not have tried, just because I would not have thought of that approach. But I would not dismiss them just because of that. There is always something new to learn. Never “poo-poo” anything just because you are not familiar with it.

OK, soapbox post is complete.

Applications, PHP

Central ACL Check

1 Comment

With checking ACL’s, the code I use is as follows:

$info = $this->Member->read(null, $id);

// Check for permissions to edit this account
if ( !$this->Acl->check(array('model' => 'Member', 'foreign_key' => $this->Auth->user('member_id')), $info['Member']['username'], 'update') ) {
	$this->Session->setFlash(__('You are not allowed to edit this user. -- ' . $this->Auth->user('member_id'), true));
	$this->redirect(array('action'=>'index'));
}

While this works and is not that bad of an idea at all, there is a way to centralize this check and put it in the main app_controller.php file.
Continue reading Central ACL Check

Applications, PHP

ACL Implementation

After doing a few posts on Access Control Lists (ACLs), the need to look further into the implementation of ACLs in a CakePHP project could be helpful. If there are questions on setting up the ACL tri-table in the database, you can review the previous postings, or check out the CakePHP documentation. But now that you have the ACL tables set up, how does it actually work?

First, the ACL happens after authentication. So whether or not you are using the Auth component, you will still need to authenticate the user some how, some way. Then once the user is authenticated and logged in, that user will have permissions to do different thing. Let’s say one of those things is to edit accounts. If it is a regular user, he should be able to edit his own and no one else. If the user was a “site admin” he should be able to edit his own and any account that is not a “super-admin”. If he is a super admin then he should edit everyone’s account. However, the first part of this is setting up the initial ACL permissions.

Continue reading ACL Implementation

Applications, PHP

Resetting the passwords

In some applications on the web, you are required to log in to view content, post content, or any other sort of thing. With this, there will be times when a member of the site/application/whatever will forget the password they used, and it will have to be reset for them. So there are different methods of doing this, and different ideas behind what should make this work. I am going to give you one that I use, which will use a close to random method for resetting the passwords.

Continue reading Resetting the passwords

Applications

Alert Message When the Form Is Not Complete

4 Comments

Another quick post. This has some info on the “intrawebs” but there is also bad data out there. Say you have a form, that has some info on it that requires a good amount of data to be input by the end user. If the user leaves the form to go to another page, or closes the window, all of that will be lost. So there is a couple ways you can combat that.

1. You could make everyone create an account to save any data on a smaller scale and come back later and submit the form
or
2. You can create an alert message when the user no longer wants your page to show.

There are different reasons to do one or the other. If you had a long form for something like a scholarship or a detailed personal profile, that would be the case for the account to save the data in smaller chunks. However, lets say you have a form with many fields that requires some data input and alot of options to parse through. That would be a case for an alert message. But since HTTP is stateless, how would one accomplish this?

Continue reading Alert Message When the Form Is Not Complete

Applications, PHP

October Posting

1 Comment

It is finally October and I have not posted one thing yet. I was in California last week though. However that should not be an excuse for the lack of posting I have made. I really wanted to be able to post at least once a week, trying for twice a week. However, that has not happened.

So a quick post about security in a site. I will not claim that I know everything about security, but I have always been about the common sense stuff of a site. Some of the things to keep in mind:

Continue reading October Posting

PHP

Zend Certification Practice Exam

4 Comments

In preparation for the Zend Certification Exam (ZCE), Zend provides a great (sarcasm) online practice test that consists of 8 questions. That is right, 8 questions. A certification exam that consists of 70 questions and Zend offers 8 questions. And the other thing with the practice test, is that if you get 5 out of 8 correct, then you are “ready” to take the exam. Which I would not suggest, unless of course you have at least 1 year of real PHP experience coding, testing, even hacking. Plus, there is a good amount of DB stuff on the test, as well as security, streams, XML/Web Services and other stuff. I also suggest you pay (that is right, pay) for a set of practice exams. But I digress. Back to the Zend practice test. They give you 8 questions, then just tell you how many you got right/wrong. There is no feedback (like a real exam) on the practice test, which I think there ought to be. So I decided I would not only give you the answer, but why it is the answer. Following is the exam questions and the answers and why they are the answers.
Continue reading Zend Certification Practice Exam

Everything Else

Ghost Town

I did not post on Monday, which I really wanted to do. I am studying for the Zend Certification, but may have to put it off based on work load, and family obligations. Do I think I can just take the exam and pass it? Well, I am not that conceited, but I am sure I may be able to pass it on a good day. However, test taking is not one of my strengths, so even if I knew everything on the test, I may still fail the test. So studying really helps me go through the exam work, and then helps me to get through the anxiety of tests.

And there is also new work things I am doing on the side. Most involve CakePHP, some involve just doing some very basic PHP work. So I am doing those and having less time to actually blog. And let’s not forget football season is now in full swing, so I spend a good portion of my Saturday afternoons watching college football and doing some studying.

Hopefully next week I can make a couple of posts, and hopefully I will make a couple of posts per week.

The next post will probably deal with more of the CakePHP work I am doing. (Working on a “social” calendar, like there isn’t already 2000 of them already).

PHP

Zend Certification

Another quick post this week, as I am bogged down in work and preparing for a Zend Certification Exam. I am going to be taking the exam for Zend Certified Engineer (ZCE). While I do not expect it to be much problem, these types of exams are usually worded in a way that may not give you all the basics.

I do highly recommend to visit the Zend site, download the exam prep book, and then also get a 5 pack of the test exams. The Zend store has the book and you can add on the practice exams for $17 (for 5 exams). The book explains the basics on the exam, things like network programming, XML and web services, and other items that will appear on the exam. Then if you get the 5 pack for the exam, you can take a practice test 5 times, and be able to get an idea of what the exam will be like.

Some of the questions seem like no brainers, but then there are times when the question has a key word, that makes the question mean something completely different than first appearances. One of the things I learned a long time ago, is that with these types of exams, the multiple choice has four to five questions that can be peared down quickly. Usually one is not going to be correct because of absurdity, one is going to sound like it is right, but for obvious reasons it is incorrect. Then there are the final 2 questions that can both be correct, but there is one answer they are looking for.

Sounds easy right? Would be if it was just like college, where you get to take a test, if you do not get a “pass” grade, then there are other things you can do to make up the score. With these exams, and this one in particular, it is $125 for one certification exam. You do not pass, not only are you out $125, you do not get anything, no certification of any kind. You need to pay again for another shot at the exam. So no matter how much you know a language, no matter how much you think you may know, always study and prepare. It never hurts and in the process, you may get to know more about the language than you did before.