Staple Diet

Wootten's Weblog

Archive for January, 2008

Book Review: Code Igniter for Rapid PHP Application Development

Jan 31

Posted by Ian in Book Reviews, Code, Computers and Internet, Geek, PHP, web apps

Code Igniter for Rapid PHP Application DevelopmentIn this book, author David Upton walks you through use of the Code Igniter framework, which is essentially PHP’s answer to Ruby on Rails. I’ve been a avid user of Code Igniter since I discovered it last year, which is a nice waypoint for anyone trying to understand model-view-controller architectures and not wanting to make the move over to ROR quite yet.

The angle of this book is taken from a first time CI developer, but one with some knowledge of both PHP and web development in general. The initial chapters begin by exploring why you’d choose to use CI and some of its benefits over straight PHP code (such as saving on code reproduction or easing development burdens), though doesn’t really offer any real comparison of features of other similar frameworks. A traditional chapter on setup of CI is also included, (though I think at 4 pages could have perhaps been merged with another!).

The book then proceeds by tackling the subject at the core of CI, ‘model-view-controller’ and how this relates to traditional methods of programming. David breaks down how CI is structured very well and gives suggestions of how applications built within it should be designed to be successful. Some of the example code savings at this stage are somewhat minimal over a standard approach, but I think David conveys how these rack up throughout a web app. Useful chapters of how active record and CRUD can be used to ease DB interaction and also how views can be organised to avoid repitition complete with examples should allow any new CI developer to get to grips with it very quickly.

The later chapters quite extensively cover more “geeky” complicated subjects (using objects and namespaces, localisation, getting CI to interact with other services) which might be a bit much for a hobbyist user, but it gives some room for learning for others. The book also includes some good descriptions of how to make the most of the testing and profiling features which CI has out of the box to debug some of the larger web applications that you might undertake (Both features which I’ve previously been unaware of).

The use of friendly language is a welcome change from other texts, but I think in places it does get in the way a bit of the particular functionality which is being talked about. The constant reenforcement of the MVC throughout will be welcome for new converts, but my own practical experience suggests this might be better bent in places. A number of the descriptions of features provided in the book are at the CI site, and I think what might have helped this book is if a single larger running example led the way to describing each of the features.

At the moment, this is the only CI book available and it does well at covering the large featureset CI has. For a seasoned CI veteran it won’t bring any revelations, but if you’re new the framework it will serve you extremely well at getting your head round what makes it shine.

[Disclosure: This book was given freely by PackPub for review within the Cardiff Geeks group.]

Tags: , ,

4 Comments

Location Based Job Boards

Jan 30

Posted by Ian in Computers and Internet, Geek

One of the most frustrating things I find about hearing about possible web development jobs on certain sites is the sheer amount of them which are simply unviable due to my UK location. Previously I decided to post all those jobs I could find to my own webtyrant site and the recent job and profile sites in the django communities has got me thinking about how these two pieces of information on locality could be aggregated together (I don’t have time myself to do this though unfortunately – perhaps someone might like to chat about collaborating). What I’ve concluded is that being aware of those jobs within a certain area might be quite useful – and simple to implement. What you’d basically end up with is a situation where you could subscribe to updates on jobs in a particular field within a certain area (think – “tell me about all dev jobs within 50 miles”). Whilst this feature may exist on some other sites (though I’m unaware of it) my experience tells me that it probably isn’t executed particularly well.

Tags: , , , ,

4 Comments

Book Review: Learning jQuery

Jan 9

Posted by Ian in Book Reviews, Code, Computers and Internet, Geek

Learning jQueryLearning jQuery takes a look at the JavaScript library jQuery by Jonathan Chaffer and Karl Swedberg, whom run learningjquery.com, a popular resource to jQuery developers. Jonathan and Karl work through a example based approach of common problems in web application development to demonstrate how jQuery can be used to minimize the amount of code written by developers and instead focus on the functionality of their code.

The book is set for the developer with some knowledge of HTML, CSS and Javascript but a jQuery novice. The examples in the first few chapters offer solutions which may be achieved more simply through alternative approaches (e.g. applying styles with JavaScript, rather than applying it directly in HTML), but they serve their purpose of introducing what can be done without introducing a huge amount of features of the library too quickly. The following examples are far more realistic, focusing on tasks more suited to the library.

Each example is explained so thoroughly it includes exploring many eventualities that the less descerning developer may glaze over, with many set over the course of a chapter. I certainly found that many of the examples highlighted problems I just wouldn’t be aware of. The applications built through the examples include style switchers, animation effects and Chapters 8-9 cover much more completely how to build more full featured scripts such as AJAX based searches, a shopping cart system and image shufflers and rotators. Other topics of note include how to perform manipulation of the DOM tree of a HTML page and how to handle particular event requests. The book also does really well at consistently suggesting in the later examples the must haves of any page featuring JavaScript, progressive enhancement and graceful degradation.

One of the things that frustrated me slightly however was the frequency of code repitition and screen captures for each new added feature, but this is a minor problem considering how well the books covers the subject.

I found this an extremely easy and interesting read, with the example based approach keeping me engaged in how each situation could be enhanced with use of jQuery. The sensible organisation of each chapter means that many asides are covered enough to give the reader a working knowledge of how complementary technologies are able to be used with the library. The book also includes appendices documenting a number of useful web development sites, not all specific to just jQuery. Overall, a thorough introduction to the language.

[Disclosure: This book was given freely by PackPub for review within the Cardiff Geeks group.]

Tags: , ,

No Comments

Decrypting Filezilla Passwords with PHP

Jan 5

Posted by Ian in Code, PHP

One of the most frustrating things I find in managing a number of websites is that I’m always forgetting passwords. The version of Filezilla I’m running however makes it easy to remember them again through its use of weak XOR encryption and a the key being hard coded into the software. I’ve used a program previously called the Filezilla Password Recover, but it turns out that this is also extremely easy to extract them using a simple PHP script. The following code makes use of the nice XML parsing in PHP5 and a decryption function I found over here. I’ve added some comments to roughly describe what is going on.

Note: Apparently this encryption has been dropped from version 3 with absolutely no encryption featured at all, that’ll make my job easier now.


<?php
$filezilla_password_file "FileZilla.xml";
    
$xml file_get_contents($filezilla_password_file);
    
$simple_xml simplexml_load_string($xml);

foreach($simple_xml->Sites->Site as $site)
{
    $attributes =  $site->attributes();

    print "Site: ".$attributes->Name."\n";
    print "User: ".$attributes->User."\n";
    print "Encrypted Pass: ".$attributes->Pass."\n";
    print "Unencrypted Pass:".decryptPass((string)$attributes->Pass)."\n\n";
}
    
function decryptPass($pass
{
        // Encryption Key for FileZilla 2 Passwords
    $key "FILEZILLA1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZ";
        
    // Find the offset position in the key for this pass
    $pos=(strlen($pass)/3) % strlen($key);
    $decrypt '';

    $t=0;
        
    //Loop through each 3rd of the password
    for($i=0;$i strlen($pass) / 3;$i++) {
            
        //Get 3 characters, remove the 0 at the 
    //front to get ASCII code to represent the character 
    $num substr($pass,$i 3,3);

    if (substr($num,0,1) == 0) {
        $num substr($num,1,2);
    }
            
    //Get the ascii code of the unencrypted character
    //by performing XOR against current ASCII and key
    //before converting back and adding to decrypted pass
        $t $num ord($key[($i $pos) % strlen($pass)]);
         $decrypt .= chr($t);
            
    }
        
    // Return the decrypted pass
       return $decrypt;
}

?>


Tags: , ,

13 Comments