PHP: Displaying errors in the browser

Posted by & filed under PHP, Programming.

I run into this from time to time, and there are a few options for getting errors to display in browser when the server configuration is preventing it. .htaccess and php.ini can both be modified to allow this to happen. I have found a simpler way is to enable them via PHP:

 

 

util.php – Handy PHP library

Posted by & filed under PHP, Programming.

UtilPHP (Aka util.php) is a collection of useful functions and snippets that you need or could use every day. It’s implemented as a class with static methods, to avoid conflicts with your existing code-base. Just drop it in and start using it immediately.

utility_logo

Included are 40-odd functions that provide you with the ability to do common tasks much easier and more efficiently, without having to find that one comment on php.net where you know it’s been done already. Access superglobals without checking to see if certain indexes are set first and pass default values, use a nicely formatted var dump, validate emails, generate random strings, flatten an array, pull a single column out of a multidimensional array and much more.

Although it’s implemented as one giant class, util.php has extensive documentation and a full suite of unit tests to avoid breaking backwards-compatibility unintentionally.

 

github.com/brandonwamboldt/utilphp/

MySQL – Find and replace string (Useful for WordPress migrations)

Posted by & filed under PHP, Programming, Web Development.

I recently deployed a WordPress site. As part of the development cycle, we first built the site on staging.example.com, then moving it to the primary domain at launch. One issue that this can cause is when creating content, WordPress will create links with the full site’s URL. In our case the staging domain was linked on most images and links. When we went live, this caused some issues. It’s not a uncommon thing to run into, and fortunately there is a simple solution. The following PHP script will connect to the database, searching all tables for the specified string (in our instance a domain name) and replacing it with another string.

Simply update the username, password, database, string_to_replace and new_string with the appropriate values and you are off! I would recommend backing up the database to be safe.

 

Thanks to jimmy.zoger on Stack Overflow for the useful solution.

 

A follow up to this, is that if the values in the database are serialized, a find/replace can wreak havoc on things as it will likely break the serialization unless the character count is the same. A very nice utility I found is the following and it handles the serialization perfectly: https://interconnectit.com/products/search-and-replace-for-wordpress-databases/

WordPress Warnings

Posted by & filed under PHP, Programming, Web Development.

I recently updated some webservers to use PHP 5.4 from 5.3. For a few WordPress sites, this caused it to begin spitting out Warning messages on the website. The warning messages in some cases caused other issues because response headers were already written due to the error, etc.

While the real solution here is to refactor the code to not use deprecated functions, a simple quick and dirty workaround is to add the following directive to the wp-config.php file:

Survive the Deep End: PHP Security

Posted by & filed under PHP, Programming, Security.

As every target of a serious security breach will quickly note in their press releases and websites: Security is very important to them and take it very seriously. Taking this sentiment to heart before you learn it the hard way is recommended. Survive the Deep End: PHP security covers most of the major concepts that should be considered when writing secure PHP web applications.

Despite this, security is also very much an afterthought. Concerns such as having a working application which meets the needs of users within an acceptable budget and timeframe often take precedence over security concerns. It’s an understandable set of priorities, however we can’t ignore security forever and it’s often far better to keep it upfront in your mind when building applications so that we can include security defenses during development while change is cheap.

The afterthought nature of security is largely a product of programmer culture. Some programmers will start to sweat at the very idea of a security vulnerability while others can quite literally argue the definition of a security vulnerability to the point where they can confidently state it is not a security vulnerability. In between may be programmers who do a lot of shoulder shrugging since nothing has gone completely sideways on them before. It’s a weird world out there

phpsecurity.readthedocs.org/en/latest/in…

Enabling error reporting in cPanel

Posted by & filed under PHP, Programming.

Error reporting is disabled server wide. But for a development project, we need it turned on. Adding a php.ini file with the following directives will get the job done:

This will cause PHP to write out the error to a file in the same directory as the script called error.log. Adjust to your liking.

Another option, is to set the display_errors flag to true. This is not a recommended practice as it can expose sensitive information that should never be sent to clients. In a closed dev environment though it can be handy especially if you do not have a way to easily tail the log file.

Yii: Returning array data from a ActiveRecord object

Posted by & filed under PHP, Programming.

Two simple ways to convert a ActiveRecord object into a array:

  1. Using cHTML::ListDatause CHtml::listData (see www.yiiframework.com/wiki/48/by-example-… )

    It will give you array id => city
  2. Using array_map (used this method last time, array_map rocks):

 

PHP Snippet: Check if page is included by another page or not

Posted by & filed under PHP, Programming.

Sometimes it is useful to know if a page has been included by another page or not, and then take action based on the result. A quick and handy way to accomplish this is to use a tenary operator to do something like:

Which will return true if it is included, and false if it is running as itself. Now, we are able to do something like:

Year 2038 bug

Posted by & filed under PHP, Programming.

Wow. Just got hit with this bug. It’s going to be a fairly easy fix (more on that later), but crazy none the less.

Excerpt from wikipedia:

“The year 2038 problem may cause some computer software to fail at some point near the year 2038. The problem affects all software and systems that both store system time as a signed 32-bit integer, and interpret this number as the number of seconds since 00:00:00 UTC on Thursday, 1 January 1970. The furthest time that can be represented this way is 03:14:07 UTC on Tuesday, 19 January 2038. Times beyond this moment will “wrap around” and be stored internally as a negative number, which these systems will interpret as a date in 1901 rather than 2038. This is caused by integer overflow.”

en.wikipedia.org/wiki/Year_2038_problem

I wrote a reporting system for a client of mine. It displays memberships based on their expiration date. Several members have their expiration dates set as 2046 and higher. I found that these members were being incorrectly classified by the system as expired. Hello Y2K bug all over again!

For MySQL, I found that storing dates as DATETIME rather than TIMESTAMP solves the issue. For PHP, using the DateTime API allows you to work with dates beyond 2038.

In my case, I was actually following this already by storing the dates in the database as DATETIME and using PHP’s DateTime API to process the dates. In my case the problem came into play when… I was comparing dates using strtotime():

Switched to comparing the DateTime objects and problem solved:

More Ref:
stackoverflow.com/questions/3953333/maxi… stackoverflow.com/questions/2012589/php-…

Ubuntu, Apache2 and relaying mail thru an external relay

Posted by & filed under Server Admin.

I have a fresh Ubuntu 11 server installation with the LAMP stack installed. When I sent e-mail thru PHP, the message never left the server.

I believe there is a more kosher way to do this, but this is what worked for me.
=> Modify /etc/mail/sendmail.cf
=> Locate the lines that say:

# “Smart” relay host (may be null)
DS

=> Edit the DS line like so:
DSsmtp.my.mailserver.com

Restart the services… good to go.

Connecting to a MySQL Database with Apache and PHP with Ubuntu.

Posted by & filed under Uncategorized.

It’s this easy:

Configuration under Yii is simple as well. Simply add a new item under components in main.php:

Yii Components

Posted by & filed under PHP, Programming.

Yii components can be quite handy, exposing functions to the entire app. This helps keep the controller thin and adheres to the DRY methodology.

To create a “Hello World” component, first we create the component in protected/components, and populate it with:

Now that we have our component, the next step is to modify our protected/config/main.php, including our new component in the components array:

In the same file, we can set our component to be preloaded. Meaning it won’t be lazy loaded on first access, but rather preloaded on the app’s init.

Lastly, we can access the output from our component by using something like:

Echoing this var should display “Hello World”