Thursday, 26 July 2007

I'm addicted to blogging

67%How Addicted to Blogging Are You?

Installing PHP under Windows

Installing PHP is supposed to be easy under Windows using the installer.

First you need to install Apache, or other web server.
Then launch the php windows installer and follow the instructions.

What I installed was Apache 2.2.4 and I tried to install PHP 5.2.2.
Everything was fine until I wanted to use some extension functions, like pg_connect, which is the function to connect to a PostgreSQL server. It didn't work and I was very surprised, because when I installed PHP I specified that I wanted to install the PostgreSQL extension.

I checked the php.ini file and the extension was indeed activated. I checked if the dll exists, it was there. So what was the problem? I figured out that php.ini was not being parsed, so I had to check the httpd.conf file for Apache where you need to specify the path for the php file.

I noticed that the PHP installer was writing the httpd.conf file wrongly, giving the path in forward slash notation, but everywhere else in the file all the paths were given in back slash notation, so I changed the path notation for php specifying the correct path both to the php.ini file and to the php5 module that Apache needs to load.

I restarted Apache and I got even more confused, the server couldn't recognise the php files as scripts and it displayed the code as text. That happens usually when the php module fails to load, so I changed the path only for the php5 module back to the way it was, no improvement. Then I changed the PHPIniDir attribute to the way it was before and it worked again, but I was back to no php.ini parsing. I changed only the PHPIniDir attribute to the backslash notation and I got the same result as earlier: code displayed as text.

I thought maybe the php.ini has a problem, but going through all of didn't reveal any mistake. I decided to rename it for a while to see what happens. Well, surprise, surprise, PHP worked, but no extensions...

My conclusion: writing the paths in backslash notations is the right thing to do, but if the server parses the php.ini file, it fails to load the php module.

php.ini looks good, everything is fine, the doc_root (that the installer failed to write) is there written correctly. I also followed the instructions to install php manually and I did everything accordingly, no improvement.

Is PHP meant to be used on Windows with Apache?

UPDATE: I solved my problem by installing XAMPP. Thank you very much Jo Cook for the tip.

Monday, 16 July 2007

Loading dependencies in JavaScript

Isn't it nice to work modularized, even in JavaScript?
I like putting all my classes in their own files and all the little functions that don't belog to any class in a file called toolbox.js

That's pretty neat and organized, but when it comes to inserting all the necessary js files into your webpage, it's a pain, isn't it?

Well, not for me. I add the toolbox.js to every webpage that uses JavaScript and then the most important js file for that particular page.

Here's an example; I have a webpage that needs to use the EntryModule class. But this class needs a few more classes that are stored in other files, the TableEntryClass, the TextEntryClass and ColourObjectClass. All I need to do is to call this function:

loadDependencies(Array('js/ColourObjectClass.js', 'js/TableEntryClass.js', 'js/TextEntryClass.js'));

This function takes either a string or an array of strings that specify the js files to add to the same webpage that loaded EntryModuleClass.js

Here's the code, use it wise:

function loadDependencies(dependency)
{
  var head = document.getElementsByTagName('head')[0];
   var scripts = head.getElementsByTagName('script');
  var i, j, newjs;
  if(typeof dependency == 'string')
  {
    //search if it's loaded already
    for(i=0; i < scripts.length; ++i)
      if(scripts[i].src.toLowerCase() == dependency.toLowerCase())
        return;
    //if not, load it
    newjs = document.createElement('script');
    newjs.type = 'text/javascript';
    newjs.src = dependency;
    head.appendChild(newjs);
  }
  if(typeof dependency == 'object')//it must be an array
  {
     //search if it's loaded already
     for(i=0; i < dependency.length; ++i)
     {
       for(j=0; j < scripts.length; ++j)
         if(scripts[j].src.toLowerCase() == dependency[i].toLowerCase())
           return;
       //if not, load it
       newjs = document.createElement('script');
       newjs.type = 'text/javascript';
       newjs.src = dependency[i];
       head.appendChild(newjs);
     }
   }
}

I hope you notice the care I took with declaring the variables at the begining of the function and also getting the head tag and the script tags at the begining to optimize the number of searches...

Saturday, 14 July 2007

Virtual Perfume

While chatting with a friend, I got this term that made my imagination run wild.

I searched for "virtual perfume" and got a few interesting links like this one about Calvin Klein launching a virtual perfume on Second Life. While what CK did is just a smart marketing action to promote their brand and their new perfume, Second Life is quite a nice application, but I'd rather not start using it. It might turn out addictive and then I might find myself into the Matrix, disconnecting only to go to the toilet :-D

My imagination went further then just marketing material to distribute on the web, I actually thought of the media of the future. The techniques of recording and reproduction of visual and auditory information are nowadays well established, maybe it's time to move forward and put some more time into researching how to record and reproduce information to serve the other human senses.

What about having this artificial nose to sniff you and transmit the data over the internet to a device installed on your friend's machine that takes this data and makes up the exact smell? Does this sound like something belonging to the far future? I honestly think not. There are so many sensors that detect all kind of smells, mostly designed for safety, like those to sniff gas, food turned bad or illegal substances (there's such a device at the entry to the Statue of Liberty, at security check). Look there's even something simpler here. This is just small patch that displays special visual patterns according to the smell in the air. Of course it has only a few smells that it recognises.

The sniffer should detect all the simple chemical substance and their amount in the composition of the air at any given time and the reproducer should have stores (just like printers have cartridges) of many chemical substances to combine them in the exact amount specified by the sniffer in order to produce the same odor.

I see a few problems here, the speed and the accuracy of sniffing every small change in the air's chemical composition, the speed and the accuracy of reproducing the small changes at the other end must be as high as possible. I'm sure these will be solved by future technologies. Another problem will arise when the accuracy is very good, the fragrance creators will lose their market as people will be able to recreate their smell in their own homes...

Every ingenious idea that you get, after breaking it into smaller parts and realizing that it's so simple, you realise it's impossible to be the only one to come up with it. So of course, I'm not the first, bummer, I was about to request a patent for it... Here's a very nice explanation of the idea, the tests they ran and their results.

Nokia's idea is also very interesting, I think in a few years we'll use these kind of technologies. I'm so looking forward to it. Imagine including in your profile on myspace or facebook your smell, how cool would that be?

Thursday, 12 July 2007

LDAP issue

A few weeks ago I decided that it would be better if all the web applications we develop would log users in by using their Active Directory authentication details.

This makes things easier for our users, they don't need to remember their username and password for each application. They will most probably use the same details everywhere anyway, but there's no point in keeping this information in many places, is there?

Well this task seemed pretty SF when I got the idea, but with researching, reading and testing, I managed to make it work. So I use LDAP to connect to our AD server and because I use PHP on the server side, I use PHP's LDAP Functions which are not enabled by default.

The typical sequence of LDAP calls you will make in an application will follow this pattern:

ldap_connect() // establish connection to server
|
ldap_bind() // anonymous or authenticated "login"
|
ldap_search() // search for some information
|
ldap_close() // "logout"

For authentication a typical application will do this:
- connect to the server
- bind anonymously or with a predefined user made especially for authenticating
- search for the user name in the directory
- try to bind with the user name and password given and see if it works
- disconnect from the server

Well this approach is very common. Here's a code example. If you search on google for "php ldap authentication" you'll find many code samples that do it in a similar way.

Well, my approach is different. Why bind anonymously or with a special user name and password? Why not try binding directly with the given name and password? That's what I did and it worked, but I noticed a weird thing about the ldap_bind function that I didn't find in the documentation: if the user name doesn't exist in the directory, the function will bind automatically anonymously even though a password is given.

To make sure the user is really authenticated after a successful bind, do a search of the directory and see if the user name exists and of course if it belongs to the right branch of the directory tree. I think this is more efficient and as secure as the other approach. The other approach does one more bind without reason and if a user enters wrong login password a bind and a search is done anyway, in my approach binding fails and returns failure quicker. Also instead of getting the search results and then the right data out of the structure, I check only the number of results which should be one for a successful authentication.
I know, I know, I'm an optimization freak ;-)

I found another weird behaviour that needed some more research. I noticed that even though my login details were correct the search returned no results. Here's the comment that helped me get to the bottom of it. So I had to change the port I was connecting to, from 389 to 3268.

However I was wondering what did "search the entire tree" mean. I thought I wasn't searching the entire tree, I was searching only for users in a certain domain because I was specifying the DC attribute. Changing the port made everything work, but I just was a bit confused so I tried different filters for my search.

I finally found that if I include in my filter the OU (OrganisationalUnit) the search works fine even when connecting to the 389 port. Isn't that interesting? So what does exactly "search the entire tree" mean?

Here's my code, take a look, give me some comments.


$LDAPFail = true;
//ldap rdn or dn
$ldaprdn = $username."@mydomain.com";
// associated password
$ldappass = $password;
// connect to ldap server
@$ldapconn = ldap_connect("xxx.xxx.xxx.xxx","389");
if ($ldapconn)
{
   //binding to ldap server
   $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);

   // verify binding
   if ($ldapbind)
   {
     $dn = "OU=MyCompany_Users;DC=mydomain,DC=com";
     $filter="(SAMAccountName=".$username.")";
     $sr = ldap_search($ldapconn, $dn, $filter,Array("samaccountname"));

     if(ldap_count_entries($ldapconn, $sr) == 1)
       $LDAPFail = false;

   }
   ldap_close($ldapconn);
}


I hope this helps someone out there...

Wednesday, 11 July 2007

The Origin of the "Bit" Term

I had this expression in my mind after reading various forums/blogs/comments: "just my two cents". People used to end their comments with it and I thought it sounded really cool, so I searched for it to see exactly what it means.

Well here's what I came across, it's the most explanatory explanation I could have found ;-)

Well this is how I found out that a bit used to mean a long time ago an eighth of a coin, because the coins were very valuable because they were made of gold or silver and they were worth the value of the metal they were made of. Therefore they used to split the coins into halves, quarters and eighths. Imagine how small an eighth of a coin was.
Now I assume that the expression "bits and pieces" is as well related to old coins and subdivisions. So they used to make their money bit by bit ;-)

Well, just my two cents :)

Friday, 6 July 2007

Voodoo Programming

Here's a concept I just found out: voodoo programming.
I've had people around me doing this and I had a hard time explaining to others what these guys do, now I have a quick way to categorize them. 
OK, so voodoo programming is basically programming without fully understanding. 
Just push run and if it works, call it your masterpiece :) Come on, there are so many people that do this. First step is google for the code that does what you want. Then copy, paste and run. If it works, job done, carry on with the next task...

These programmers are called witch doctors, pretty nifty, don't you think?
Well, gladly for me, I like to consider myself a guru or wizard. And yes, I'd like to be thought the same by those around me.

More info here. Thanks for Thau, he's the one that I heard this concept from.