Tag Archives: Zend

Subnet validation with Zend Framework

(Note – I accidentally gave conflicting instructions to the person who runs our newsletter.  If you are actually interested in the article I wrote about people being silly about dynamicly typed languages you can go here)

I saw on a StackOverflow posting, someone was asking to see how you could use a Zend Framework validator to tell if an IP address was between two addresses.  The individual was trying to use Zend_Validate_Between to do the checking.  However, IP addresses generally are not checked between two arbitrary addresses such as between 192.168.0.45 and 192.168.0.60.  Instead, the check is usually done to validate an IP address against a subnet.

So, assuming that the individual was actually asking about subnet validation, and seeing that I couldn’t find a subnet validator for Zend Framework, I wrote a quick one.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
class Esc_Validate_Subnet extends Zend_Validate_Abstract
{
    const NOT_ON_SUBNET = 'not-on-subnet';
    private $_subnet;
    private $_netmask;
    protected $_messageTemplates = array(
        self::NOT_ON_SUBNET => "'%value%' is not on the subnet"
    );
 
    public function __construct($subnet, $netmask = null)
    {
        if ($netmask === null && strpos($subnet, '/') === false) {
            throw new Zend_Validate_Exception(
                 'If the netmask is not specified then the CIDR (e.g. /24) must be provided');
        }
        if ($netmask === null) {
            $this->_subnet    = ip2long(substr($subnet, 0, strpos($subnet, '/')));
            $cidr = substr($subnet, strpos($subnet, '/') + 1);
            // /0 is used to denote the default route.  Since we're not doing routing,
            // we will use it for error checking
            if ($cidr < 1 || $cidr > 32) {
                throw new Zend_Validate_Exception('Invalid CIDR specified');
            }
            $this->_netmask = -1 << (32 - (int)$cidr);
 
        } else {
            $this->_subnet    = ip2long($subnet);
            $this->_netmask = ip2long($netmask);
        }
 
    }
 
    public function isValid ($value)
    {
        $this->_setValue($value);
        $host = ip2long($value);
 
        $check1 = $host & $this->_netmask;
        $check2 = $this->_subnet & $this->_netmask;
 
        if ($check1 == $check2) {
            return true;
        }
        $this->_error(self::NOT_ON_SUBNET);
        return false;
    }
}

 

Here is the Unit Test case

 

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
assertTrue($sn->isValid('192.168.0.2'));
    }
 
    public function testValidSubnetWithCIDR()
    {
        $sn = new Esc_Validate_Subnet('192.168.0.1/24');
        $this->assertTrue($sn->isValid('192.168.0.2'));
    }
 
    public function testInvalidSubnetAndNetmask()
    {
        $sn = new Esc_Validate_Subnet('192.168.1.1', '255.255.255.0');
        $this->assertFalse($sn->isValid('192.168.0.2'));
    }
 
    public function testInvalidSubnetWithCIDR()
    {
        $sn = new Esc_Validate_Subnet('192.168.1.1/24');
        $this->assertFalse($sn->isValid('192.168.0.2'));
    }
 
    /**
     * @expectedException Zend_Validate_Exception
     */
 
    public function testMalformedCIDRBadSeperator()
    {
        $sn = new Esc_Validate_Subnet('192.168.0.1_24');
        $this->assertTrue($sn->isValid('192.168.0.2'));
    }
 
    /**
     * @expectedException Zend_Validate_Exception
     */
 
    public function testMalformedCIDRNumericalCIDR()
    {
        $sn = new Esc_Validate_Subnet('192.168.0.1/abc');
        $this->assertTrue($sn->isValid('192.168.0.2'));
    }
 
    /**
     * @expectedException Zend_Validate_Exception
     */
 
    public function testMalformedCIDRLowCIDR()
    {
        $sn = new Esc_Validate_Subnet('192.168.0.1/-1');
        $this->assertTrue($sn->isValid('192.168.0.2'));
    }
    /**
     * @expectedException Zend_Validate_Exception
     */
 
    public function testMalformedCIDRHighCIDR()
    {
        $sn = new Esc_Validate_Subnet('192.168.0.1/33');
        $this->assertTrue($sn->isValid('192.168.0.2'));
    }
 
}

 

Feel free to peruse and see if I have made any mistakes.  I wrote it pretty quickly and so there is, in all likelihood, something that could be tweaked.

Pre-caching FTW

I just had an epiphany.  I’ve talked about pre-caching content before and the benefits thereof before.  But this is the first time I realized not only that there are benefits, but that doing it is BETTER than caching inline.  Let me sum up… no, there is to much.  Let me explain.

Typically caching is done like this (stolen from the ZF caching docs):

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
$id = 'myBigLoop'; // cache id of "what we want to cache"
 
if ( ($data = $cache->load($id)) === false ) {
    // cache miss
 
    $data = '';
    for ($i = 0; $i < 10000; $i++) {
        $data = $data . $i;
    }
 
    $cache->save($data);
 
}
 
echo $data;

Pretty easy.  But what happens if you have code like this:

1
2
3
4
5
6
$options = $app->getOption('google');
$client = Zend_Gdata_ClientLogin::getHttpClient(
       $options['username'],
       $options['password'],
       Zend_Gdata_Analytics::AUTH_SERVICE_NAME
);

What’s so important about this code?  Is it because it is of a remote nature?  Is it because it uses GData?  Nope.  It’s because it has a username and a password.  Given the previous caching what happens if that password changes (like mine did)?  Your site is down.

So, why do I now think that pre-caching is better than inline caching?  Look at my front page.  You would never know that I’m currently having a problem because it’s still reading from the same cache key (with non-expiring data).

THAT is why I’m forming the opinion that pre-caching/asynchronous caching not only has benefits over inline caching, but that it may actually be better.  I’m not one to make blanket statements, and I’m not going to.  But I am toying with the idea of using pre-caching as the default mechanism for caching instead of the other way around.

Last Facebook and Twitter book giveaway

OK, this is it.  The LAST giveaway for "You want to do WHAT with PHP?"  The giveaway will occur at the end of the day on Tuesday!  This will also be the second last giveaway for the User Group library.  The rules still apply; if you win I will ask you to cover shipping costs.  See one of my previous posts on what that looks like.

So, to win

  1. Tweet this posting.  The tweet MUST contain the bit.ly link for this page.  I will make the drawing based off of who bit.ly says has tweeted it
     
  2. Become a fan of my Facebook page and Like this posting.  The Like will be how you will be entered.  But remember, the winner will be asked to cover shipping costs.
     
  3. Be the user group leader for your local PHP user group.  Enter by emailing me at [email protected]  You will need to match the Zend User Group List.

Book Description:
PHP is the hottest thing in Web development today, with over 30 million Web sites currently using the technology. Programmers are scrambling to get as much information as they can to stretch their use of PHP to the limits, and this book will help you do just that. In it you will find practical, but atypical, examples of PHP coding.

Author Kevin Schroeder is co-author of The IBM i Programmer's Guide to PHP and the Technology Evangelist for Zend Technologies—The PHP Company—with an in-depth knowledge of the language and an innovative approach to development. He shows PHP solutions and examples you won’t find in other books: binary protocols, character encoding, asynchronous operations, structured file access, daemons, and much more.

There are quite literally hundreds of books of the “build a Web site in PHP” genre, but this is not your typical how-to “PHP 101” book. No, this book is for the creative and the curious. It is a “what’s possible” book. Creative PHP types who have already purchased a book on PHP and want to go beyond the basics into what is possible, not just practical, will find it especially useful. Curious PHP types who have written a fair amount of PHP code but are now ready to go deeper, into the lower-level aspects of PHP, will also be inspired by what this book has to offer.

You Want to Do What with PHP? is like a PHP cookbook. It contains not just theories, but also considerations and varying options on top of simply providing code. With it, you will discover new approaches to problem-solving using PHP, expand your development skill set, and gain valuable assistance toward building ever more advanced PHP applications.

With You Want to Do WHAT with PHP? you will:

    * Become a better PHP programmer
    * Discover unusual, but practical, solutions to problems you will likely face on a weekly, if not daily, basis
    * Learn lower-level programming that is not typical for Web-based applications
    * Discern why operating system level options matter when devising solutions

Contents:
   Chapter 1: Networking and Sockets
   Chapter 2: Binary Protocols
   Chapter 3: Character Encoding
   Chapter 4: Streams
   Chapter 5: SPL
   Chapter 6: Asynchronous Operations with Some Encryption Thrown In
   Chapter 7: Structured File Access
   Chapter 8: Daemons
   Chapter 9: Debugging, Profiling, and Good Development
   Chapter 10: Preparing for Success

Building better PHP programmers, part 2

I have no "findings", no "conclusions", but I have some thoughts on my continuing goal to help bad/nominal PHP programmers become better PHP programmers.

The first question I asked is "Is there really a shortage of good PHP developers?"  While I didn't get a specific answer the general jist of it is that yes, there is a problem with finding good PHP developers.  Now, some of that may that the people responding ARE the above-average PHP developers and so there can often frustrations in figuring out how to work with developers who don't yet have the chops that they do.

A lot of people also didn't like my "what are 6 of the 10 PHP variable types" question.  I make no apologies for it.  Any developer who has spent any amount of time programming in PHP will have had exposure to them.  ANY PHP developer should be able to get at least 4.  If you've never realized that there's a reason to use === then, no, I wouldn't hire you.  For someone who is thinking through what their code looks like I would think you could figure out at least two more.  And if someone calls me on the error and gives me the correct number of variable types, then I can be reasonably certain that they know their stuff.  But, like most things, it's A qualifier, not THE qualifier.  If they send me a case of Chimay Bleue I might overlook it.

I also had other discussions from people who don't think that programmer's should have to have a certain level of memorization because you can always look it up.  Sorry, but I have to disagree with those people.  If you cannot tell me, offhand, what a callback function looks like then you probably don't have enough experience.  If you can't tell me what PDO is used for then you probably don't have enough experience.  For various levels of developer maturity there MUST be some things that you are required to know offhand.

One of the things I've also found a little interesting is that there is some resistence to standards.  The argument goes; developers get better by different means and so having something set in stone to evaluate them is difficult, nigh impossible, to do.  Perhaps, but I go back to other industries.  They have been doing it for years.  Yes, it WILL be imperfect.  No doubt.  Also, nobody will meet them perfectly.  But if managers, recruiters and new programmers don't know what is required how can they ever become better other than by trial and error?  The goal here is to decrease the "error".  Or maybe people are just argumentative.  I dunno.

That said, there were a few suggestions that were good which I will take into consideration.  I have a little too much to do this short week for me to really get into it.  So, this, I guess, is a blog post without a purpose.

This week’s book giveaway

This Friday I will be giving away the second (technically 4th and 5th) copies of my book "You want to do WHAT with PHP?"  The rules still apply; if you win I will ask you to cover shipping costs.  See one of my previous posts on what that looks like.

So, to win

  1. Tweet this posting.  I will change it up a little and say that it needs to contain the bit.ly link for this page.  I will make the drawing based off of who bit.ly says has tweeted it.  The ywtdwwphp hashtag was a little wierd.
     
  2. Become a fan of my Facebook page and Like this posting.  The Like will be how you will be entered.  But remember, the winner will be asked to cover shipping costs.

Book Description:
PHP is the hottest thing in Web development today, with over 30 million Web sites currently using the technology. Programmers are scrambling to get as much information as they can to stretch their use of PHP to the limits, and this book will help you do just that. In it you will find practical, but atypical, examples of PHP coding.

Author Kevin Schroeder is co-author of The IBM i Programmer's Guide to PHP and a Technology Evangelist for Zend Technologies—The PHP Company—with an in-depth knowledge of the language and an innovative approach to development. He shows PHP solutions and examples you won’t find in other books: binary protocols, character encoding, asynchronous operations, structured file access, daemons, and much more.

There are quite literally hundreds of books of the “build a Web site in PHP” genre, but this is not your typical how-to “PHP 101” book. No, this book is for the creative and the curious. It is a “what’s possible” book. Creative PHP types who have already purchased a book on PHP and want to go beyond the basics into what is possible, not just practical, will find it especially useful. Curious PHP types who have written a fair amount of PHP code but are now ready to go deeper, into the lower-level aspects of PHP, will also be inspired by what this book has to offer.

You Want to Do What with PHP? is like a PHP cookbook. It contains not just theories, but also considerations and varying options on top of simply providing code. With it, you will discover new approaches to problem-solving using PHP, expand your development skill set, and gain valuable assistance toward building ever more advanced PHP applications.

With You Want to Do WHAT with PHP? you will:

    * Become a better PHP programmer
    * Discover unusual, but practical, solutions to problems you will likely face on a weekly, if not daily, basis
    * Learn lower-level programming that is not typical for Web-based applications
    * Discern why operating system level options matter when devising solutions

Contents:
   Chapter 1: Networking and Sockets
   Chapter 2: Binary Protocols
   Chapter 3: Character Encoding
   Chapter 4: Streams
   Chapter 5: SPL
   Chapter 6: Asynchronous Operations with Some Encryption Thrown In
   Chapter 7: Structured File Access
   Chapter 8: Daemons
   Chapter 9: Debugging, Profiling, and Good Development
   Chapter 10: Preparing for Success

Getting good PHP programmers

One of the interesting conversations I had during Zendcon was while talking to a recruiter.  She asked what questions she could ask to help guage how strong a PHP developer is.  The best one I could come up with was "name 6 of the 10 variable types in PHP".  I've had the pleasure of being able to interview several people for working at Zend and that is usually one of the first questions I ask and I can usually get a good feel for how long the conversation will be after that.  It's an esoteric question but by asking it I can guage a) how well that person knows PHP, and b) how easy it will be for me to work with them.  If they know the answer (and correct it) they know their PHP.  If they don't know the answer but get flustered or angered by it, then they will probably be harder to work with.

But the truth is that most of the people I've interviewed, and who have eventually worked with me, I've recommended after simply talking with them without a script.  I've interviewed a bunch of people for Zend Services and I think that the best interviews were the ones where we just talked tech.  The times when I was going off of a script was usually when I got the feeling that they wouldn't be a good fit.  Especially if they had attitude issues.  They would be going out in front of customers and if I thought they would have attitude problems I would start pounding them with questions that they probably didn't know and see what their responses would be.  They could answer correct or incorrect but what I was looking for was their reaction.  More often than not it was quite easy to pick out the people that I would not put in front of customers.  In fact, I would take someone who got more questions wrong, but could keep from getting frustrated over someone who would get them right but act incredulous.  I was interviewing one person one time who would be working as my counterpart in Services who got kind of upset with me and said "I don't need to know those things to do this job."  That conversation didn't last much longer than that.  Not because he didn't know, but because he lost his cool.

But, I'm getting a little off-topic, mostly because I like reminicing over some of the more colorful interviews.  That is what brings me to the point of this blog posting.  I can interview for certain (but by no means all) PHP positions because I know a fair about PHP and I believe that being smart but being an asshole does not make you a good PHPer.  But not everyone who interviews knows that.  And not only that, it is getting difficult to find good PHP developers.  A lot of the good ones are being taken up by top companies, but even they are having trouble finding all the good developers they need.

The point

Because of that, I would like to see if we couldn't (pseudo) standardize on deciding what makes a good PHP developer.  In other words, if someone asks "what does a good PHP developer look like" we could give a concise answer.  Jim Plush actually blogged about this a few years ago and I think that what he said there was quite accurate.

But it doesn't end there.  Knowing what makes a good PHP developer is not enough.  In order for PHP to succeed we need to raise the competance of all professional PHP developers.  And when I say "make PHP succeed" I'm not talking about the simple number of domain names where PHP is run on.  What I mean is increasing the quality of PHP developers to the point where companies who run PHP-based applications are able to fulfill their need for good PHP developers.  What I also want to do is get a feeling not only for what good PHP developers look like but also what they can do, specifically, to increase their value.  Being a ZCE is one example, but the ZCE exam can only do/tell so much.

For example, if someone should know XHTML, WHAT should they know, WHERE can they learn it properly and HOW will they know when they know enough.  We're real good at saying what, in general, developers should know (e.g. Unit Testing), but we're not so good at being specific.

For the record, I have my idea of what should be done, but I'm one person with one point of view.  What is your point of view?

Specifically (since we're being specific)

  1. Is there really a shortage of good PHP developers?
  2. Is there an interest in some level of semi-official developer standards beyond being a ZCE/ZFCE?
  3. What are the significant topic areas that PHP developers should be reasonably expected to know well?
  4. Should these questions be broken down by discipline?  (e.g. backend developers, web page designers, performance gurus)

If you have answers/thoughts concerning these questions you can either post them in the comments or email me at kevin at zend . com.

@DragonBe is awesome

After I posted my slides for use by user groups Michelango van Dam of PHPBenelux posted on the Zend Facebook page that people could use his too.  They are CC-licensed so you are free to use them as well.  So I asked if he could provide the PPT versions so I could post the full deal for people and he agreed.  So here are three presentations that Michelangelo did that you can use for your user group as well.

Why Zend Framework powers the enterprise – In this preso, Mike talks about (surprise) why it is that Zend Framework has become so popular in the enterprise.

Unit Testing after Zend Framework 1.8 – This was an interesting presentation in that it talks about how to unit test Zend_Application-based applications.

Improving QA on php projects – Another interesting one on testing, though it gets much deeper into unit testing in general.

Read first, then tweet, for a free book

A few weeks ago I blogged that I was going to give away 9 copies of my book, You want to do WHAT with PHP?  Well, today is the day to start.  There are a few ways you can win.

  1. Tweet this page.  You can use the kudos link on the top right of the page, retweet it, or tweet it on your own, but it MUST be under the hashtag of #ywtdwwphp.  If you use the kudos link, that tag will be automatically added to your tweet. That is how I am tracking who to put into the random drawing.  I will be making my drawing around 12:00 noon, central time, on Friday, November 12th.  That's tomorrow.
     
  2. Join my Facebook page for the book.  Around the same time I do the drawing from Twitter I will be choosing a random person from all of the people who like my Facebook page.
     
  3. If you are part of a user group AND the user group has a member library, have the user group maintainer email me.  The information that I receive MUST match the Zend local user group information.  I will make that drawing on Wednesday of next week

I will do this three times over the next three weeks since the publisher gave me 9 copies to give away.

One last thing, you are getting the book for free but you will need to still pay shipping costs if you win.  USPS estimates about $13 to ship almost everywhere.  Cheaper in the U.S.  But, I will use any shipping method that you like.  For example, if you wanted something with a tracking number.  So, before you retweet make sure that you a) know what it will cost to ship to your address, and b) are willing to do that.  I will accept PayPal to cover the shipping costs.  If you win, but don't want to cover shipping costs I will politely thank you for entering, and run the random person selector again.

If you want to increase your odds of winning both RT this page and join my Facebook page.

If you want to, or need to, contact me, email me at [email protected].

Good luck!!

Free slides for user group meetings

One of the problems I have heard that user groups have had is that it is quite difficult to get content.  Some of the larger, or more active ones, may not have as much of a problem with this but a lot of the smaller ones that I've talked to do.  So what I've decided to do is, in effect, open source a lot of my presentations for re-use at user groups.  What that means is that if you are looking for content specifically for a user group feel free to use some of my stuff to help you along.  No warranty or support will be supplied, and they are provided "as-is".  What that means is that if you see something on there that is weird or perhaps even "wrong" I was probably using it as a keyword or reminder for something I wanted to say.  So, if I wrote something that was spot-on, it was intended, if I wrote something that was wrong or inaccurate, I was trying to prove a point.  It's called nuance.  :-)

I am also going to provide several of the workspaces and projects that I used for delivering these.  Again, treat them with a grain of salt.  Often examples are done in the interest of expediency and I have a tendency to not re-use content, which means re-writing a lot of stuff, quickly, because I speak for a variety of audiences.  And, like the PPTs, I won't be able to provide much by way of support.  If it don't work, you'll probably be on your own, unless, in the vastness of my free time, I am able to help.  Also, I did all of my stuff using Zend Studio, so if there are project-related issues, using Zend Studio might help.

Caffeinated PHP – This is based off of the first presentation I did.  Since I kind of came from a Java background that was the easiest thing for me to do that differentiated myself right off the bat.  This is an updated presentation that I gave at Zendcon in 2009, I believe.  It talks about integrating PHP and Java using the PHP/Java Bridge in Zend Server CE.

There are two projects.  One called Caffeinated PHP, which contains a UI to all of the examples that I worked on.  Most of the examples work with just standard Java.  However, one of the examples uses JMS to connect to ActiveMQ and another uses JPS (Java Printing System) to print to a local printer.  The latter has a simple abstraction layer that provides some basic info to PHP. 

PHP Security.  This talk is an intro to some of the things that PHP developers need to know to help build apps that don't have glaring security holes.  Security is a complicated topic and as such this will not be complete.  However, there is some good content for you to re-use.

Deployment.  I have given this talk a few times and it seems to be relatively well received.  If you decide to use it, make sure to follow the links to the blog posts that I did on this, especially for the PEAR and RPM ones.  This does not cover Continuous Deployment or build tools such as Hudson.

PHP Performance.  Performance, like security, can be a very complicated topic.  What this presentation does is look at some common problems, common symptoms and common remedies. 

I think I have 3 or 4 more I will upload but it's approaching the end of the day and I'm trying to recover after Zendcon so we'll leave it at that for the time being.  Feel free to use all or part of these presentations in a user group.  Please do not use them in webinars or anything that is intended for commercial production/promotion.  If you want to do them in that kind of a context please contact me and I would be happy to do a joint webinar with you (pending boss approval, of course).

If you have criticism I am open to it, but do remember that when building for a presentation you are building for clarity.  Bear that in mind.

You want to do WHAT with PHP? GIVEAWAY

I just got my copies of my book "You want to do WHAT with PHP?" today.  During my conversations with MCPress, my publisher, I had asked for 3 copies to do a social media promotion and they agreed.  I posted that I would be giving away 3 copies on Twitter and got a whole bunch of "I WANTS".  So I asked my publisher for more copies to give away and they agreed to another 6. So that is a total of 9 copies I have avaialble to give away.

Now the problem I have is; how do I give them away.  So here's what I'm thinking.  First of all, I'd like to open it up to everyone around the world.  But shipping 9 copies of a book to Timbuktu can get expensive, so I will ask that anybody who wins be willing to pay for shipping from my address in the U.S. to the address where you want to receive it.  I believe it will fit into a USPS international mail envelope which looks like it costs $13US to ship anywhere in the world (I tried the UK, India and China and all came up as $13).  So it doesn't look horribly unreasonable.  If the actual shipping costs end up being more I'll give you the option of deciding.

So, with 9 books I'm thinking of splitting it into 3 categories with 3 winners each.  I would split up the winners over the course of three weeks, announcing the winners on each Friday (or thereabouts).  The standard exclusions would apply; family, friends, coworkers (sorry all you Zenders!).  The categories would be:

1) User groups libraries.  What I would do is have the user group leaders submit their group to me via Twitter, Facebook or email.  I would have to verify that it is an actual user group and so I would check it against the list that Zend maintains.  I, technically, manage that list so if you want your user group on it contact me now. 

2) Twitterers.  I will have a blog post that, for you to enter, all you would need to do is retweet the link to the page that I post (and be willing to pay for shipping).

3) Facebookers.  I have a fan page for the book.  I would choose 3 random "Likers" from that page to win a copy of the book.  To win, just "Like" the page and be willing to pay postage.

How does that sound?  If you think it's dumb feel free to make alternate suggestions in the comments.

UPDATED: I would also be willing to accept PayPal to cover shipping charges

UPDATE #2: My twitter handle is kpschrade

Web Analytics