Feed items

Beware of the underscore

Submitted by Derick Ng on 26 September 2008 - 1:15am

Have you ever tried using underscores (_) in your controllers variables that you are passing to the view using a combination of Controller::set() and compact()? Well, if you did, you must have realized that they never make it there, right? I haven’t submitted it as a bug yet but here it is:

class SandboxController extends AppController {
var $uses = null;
var $layout = 'sandbox';
function beforeRender(){}
function index()
{
$foo = 'foo';
$bar = 'bar';
$foo_bar = 'foobar';
$this->set(compact('foo', 'bar', 'foo_bar'));
$john = 'john';
$doe = 'doe';
$john_doe = 'john_doe';
$this->set(compact('john', 'doe'));
$this->set('john_doe', $john_doe);
}
}

Now, in your view:

HtmlSource - a new DBO driver for CakePHP

Submitted by Derick Ng on 6 December 2007 - 10:45pm

Ok, ok - I’ve been slacking on this blog again, but I will keep that for another post where I will announce some major changes I have been thinking of lately. For today, I’d like to introduce the new DBO Source Driver: HtmlSource - which is completely functional but still lacking some of the features I have planned for it.

So what’s an HTML DBO driver you ask?

Simply put, it’s a way to treat any HTML page like a database and be able to retrieve (scrape) certain parts using an SQL-like command:

SELECT href, title FROM a WHERE class="submit"

(more…)

GridHelper - for easy grids in CakePHP

Submitted by Derick Ng on 3 November 2007 - 11:40am

Been busy as hell and I’m afraid it will be like this for another month or so, but here is a quick one I felt like sharing because I hope it will be helpful to some.

Haven’t you ever wished to only have to write something like this in your views:

e($grid->create($results));
(more…)

Conventional solution for the visitors + AclComponent

Submitted by Derick Ng on 28 October 2007 - 1:24pm

At different places where I read about ACL, a common question that always comes early in the comments is:
Assuming ‘Guests’ users are unidentified web visitors, how do you handler their access rights? They don’t login, so they can’t be assigned an ARO and thus ACL will reject their access to any actions.
How do you handle ‘Guest’ user’s permissons if they are not logged in? (more…)

Components used in Shells

Submitted by Derick Ng on 27 October 2007 - 1:12am

While working with Shells, most of the time I have some Tasks taking care of certain specific business logic each. Today, I had the need for a special Task. Special because it was actually a kinda duplicate of an existing Component, my quite useful but still incomplete to share, SerialComponent.

XSS prevention and general sanitization

Submitted by Derick Ng on 21 October 2007 - 9:42am

Today, while lurking on irc, someone asked about field sanitization and how to avoid XSS attacks (cross site scripting for those who are wondering), something, every one of us should think about when developing an application. Truth is, that while CakePHP does an amazing job at making you ‘forget’ about SQL injections (since it takes care of that right out of the box), it doesn’t deter nor filter other ways like the infamous XSS unless you ask it to do so.

SQL query logs in CakePHP’s shells

Submitted by Derick Ng on 18 October 2007 - 3:29pm

When I was coding some shells today, and after getting used to the invaluable query logs when working with controllers/views, it didn’t take much to realize that one of my favorite features in CakePHP just stopped working. When I asked on irc, gwoo said it doesn’t work.

Custom error handling in CakePHP

Submitted by Derick Ng on 12 October 2007 - 10:34pm

One of CakePHP’s magic is the routing system: router, dispatcher, error handler.

All three are involved in handling every HTTP request made to the application. Some of the invaluable features of this routing system are the default missing controller/action/helper/component/etc. which saves any new comer to the CakePHP community lots of trouble when starting to bake stuff.

When I started looking into the system’s core for how to best handle custom errors, I stumbled on different things that I thought interesting to point out and a couple bugs (or uncleaned legacy lines of code). I also realized that it couldn’t do the basic stuff I needed to handle like logging errors and showing a specific error template for specific errors. So, let’s get to it.
(more…)

SQL query opmitization for HABTM in CakePHP

Submitted by Derick Ng on 6 October 2007 - 1:08pm

My last SQL optimization post found no response from the CakePHP community; which makes me wonder how many are actually using ACL with large databases. Anyhow, the ticket was submitted and gwoo seemed to approve the results. I can also now confirm that the last suggested indexes will give another push to your performance:

ARO: alias
ACO: model and foreign_key

Now what’s that about HABTM? While reading the source code for the Model class, I stumbled on the Model::_deleteLinks() method:

function _deleteLinks($id) {
$db =& ConnectionManager::getDataSource($this->useDbConfig);
foreach ($this->hasAndBelongsToMany as $assoc => $data) {
if (isset($data['with'])) {
$model =& $this->{$data['with']};
$records = $model->findAll(array($data['foreignKey'] => $id), $model->primaryKey, null, null, null, -1);

Validation combined with i18n in CakePHP

Submitted by Derick Ng on 4 October 2007 - 5:06am

Not too long ago, I wrote a quite lengthy ‘how-to use validation in CakePHP‘ post. Over the past couple of days, I had to work with a form that uses 2 models and for which i18n is combined with validation - using __() for error messages.