Mayflower Blog - PHP

Zend Framework application.ini Cheat-Sheet

nospam@example.com (Florian Eibeck) — Fri, 03 Feb 2012 10:01:00 +0100

With the release of Zend Framework 1.8 came the long awaited component for bootstrapping a Zend Framework application. Many different bootstrapping-solutions became obsolete with Zend_Application.

In the beginning of the framework most developers didnt give much thought on bootstrapping. Most of the initialisation work was done directly in index.php, the central starting point of the application. Teams often moved that bootstrapping code to a separate configuration script. The solution worked, but many people wanted a more standardised process for application initialisation.

Continue reading "Zend Framework application.ini Cheat-Sheet"

24.12. PHP and the Lean Startup

nospam@example.com (johann) — Sat, 24 Dec 2011 14:47:00 +0100

About ten years ago there was a rumour. If you want to get things done, and if you want to get them done fast, go for PHP. Yes, it's been like a badly done perl ripoff with even worse object orientation and inconsistent apis, but somehow the people creating in software in PHP were able to deliver. And they were able to deliver fast, open for changes in the last 24 hours and they fixed bugs in production fast. From a software engineering professionals point of view this sounded risky, unprofessional and dangerous. This could only lead to crappy code. A proper software engineer would never use this language, and he won't ever accept changes in the last minute nor work with a customer that does not know exactly what he wants.

Continue reading "24.12. PHP and the Lean Startup"

21.12. Agile Developer Skills (ADS)

nospam@example.com (Nina Schmitt) — Wed, 21 Dec 2011 08:00:00 +0100

Last week I had the chance to attend an Agile Developer Skills Workshop in Berlin.

The 3 day workshop is, next to a Scrum Master or PO Certification, a prerequisite for the Certified Scrum Developer, short CSD.

I was very excited about the ADS workshop and I found it an intersting approach to hold a workshop which focusses on developers rather than on the management side of scrum. Especially as in my experience all the other scrum workshops mainly concentrate on the rituals, artefacts and organisation of Scrum, without giving answers on how to develop high quality software.

Continue reading "21.12. Agile Developer Skills (ADS)"

19.12. Test Driven JavaScript Development

nospam@example.com (Martin Ruprecht) — Sun, 18 Dec 2011 22:26:27 +0100

A couple of weeks ago, I was attending a three-day workshop for agile developer skills. The workshop was split into five topics: Colaboration, Refactoring, Design & Architecture, Continious Integration and Test Driven Development. Especially the session about Test Driven Development was very interesting. Although I know the principles of TDD I was really impressed by the demonstration of solving a simple exercise (a coding kata) done in Java by the instructors of the workshop. It was not so much the coding in Java that was interesting for me, it was the combination of writing a test, executing the test with a shortcut from the IDE, see the test fail, write the implementation and re-start the test again within the IDE. You will say that´s test driven development- it´s nothing new! and you are right! But is there a way to do Test Driven Development in the same way for JavaScript? I mean writing a test, execute the tests with a shortcut from the IDE, see the test fail, implement the method and re-start the test? Yes, there is a way! So let me show you what I have done to do the same coding kata (called Fizzbuzz) with JavaScript.

Continue reading "19.12. Test Driven JavaScript Development"

18.12. Cloud2Go Services for your web development

nospam@example.com (Daniel Hallmann) — Sun, 18 Dec 2011 08:00:00 +0100

From simple to full featured cloud capacity

Cloud technologies and services increase every day. Global players like Amazon put continuously new features to their cloud and products to provide sufficiently functionality of actually web development activities and requirements.

Services for us

In fact, Amazon starts with the S3 (Simple Storages Service) to provide cloud storage space since 2006 and only a few months later EC2 (Elastic Compute Cloud) was launched a service to provide computing power to manage capacity as many as we need over time. Now, RDS (Relational Database Service) is available to get elastic database power as much as we need to cover all components that we require to implement the whole stack of current web applications.

Liquid applications

Use that services to transform the development and of course every application in a liquid and full dynamic status. Every service increase productivity and can be used to cover architecture requirements in sufficient way. That means, use every service as long as we need and allocate capacity as many as we need in the finest way up to 100% not more, not less to reduce resources and costs.

Swim a little bit around

Ok let us start to introduce each important service below to get more details and show examples what we have to do to use these services. Amazon provides a SDK especially for PHP developers to connect each service. You can download the SDK under the following URL:

http://aws.amazon.com/sdkforphp/

To start, download and install the SDK to your destination directory in your application root folder. Before we can start edit the configuration file and change the privacy settings with your AWS (Amazon Web Services) credentials (see Listing 1). To get credentials please create an AWS account on:

http://aws.amazon.com/de/ and follow the instructions.

S3

Store data in S3 and handle it similar to our local storages

S3 is the storages service from Amazon where we can store (Create), retrieve (Read), overwrite (Update) and remove (Delete) data. The logical structure based on buckets that contains items like files e.g. images, videos or documents or any data that we want to store. Buckets must have a unique developer-assigned key across the account each item can be contain 1 byte up to 5 terabytes.

Create our bucket

First, to store our objects we create a bucket with the method create_bucket. All what we have to do is specify a name of the bucket testbucket and the region where we want to create it. In our case the region is EU_E1 (European 1- Region). Additionally, a simple if check covers the return value whether the call was correct.

Store our private data

In the next step, we put files to the bucket and store some data to the cloud. Simply, call the create_object method to handle our request.

Listing 3 shows the PHP snippet to create a test file. Call the method with the bucket name testbucket, name of the file testfile.txt and some additional parameters in our case body, acl and contentType to specify the characteristic of our data.

Get data from the cloud storage

Now we want to get back our stored data. To finalize that request we have to use the method get_object.

Listing 4 visualizes that request and shows the method call with the parameters testbucket that is our bucket name and the name (key) of the file testfile.txt where our data will be stored.

Execute our get_object.php file and receive the entire string from the cloud storage for further use.

Listing 5 covers our example and echoed the string that we have inserted a few minutes before.

To see it is very simple to communicate to our cloud storage with the SDK and execute the proper methods. If you do not know the right method take a look in the library service file where every single method is described well that enclose every required parameter and excepted return values.

EC2

Allocate computing resources as much as we need

EC2 is the next create cloud services that we can use to allocate computing resources for our web environment. Through defined methods from the SDK and the proper service file you can easily start an AMI (Amazon Machine Image) with an operating system that match our requirements. There are images from the market leaders like Linux and Windows systems and you can upload an own image as well whether you need a self defined system e.g. pre-installed web, db or chat server. Please go to the Amazon website:

http://aws.amazon.com/ec2/

to see which kind of images are available that fits your requirements. After we have chosen a suitable images we can start it with a method call from the SDK similar create a bucket in S3.

Listing 6 shows that method call run_instances with the parameter ami-48aa4921 with specifies the machine images that will be loaded and some optional parameters in that case the type of the underlying hardware configuration which is specified by m1.micro instance - currently the smallest type with 2 processor kernels (CPUs) - and round about 613MB RAM. Check the response value with the method isOk. If everything is fine we can connect our recently started machine through a secure shell.

Listing 7 visualize a connection to the virtual machine that we have started. We need only our private key that you can download from the AWS account and the hostname of the machine that you can find on the EC2 overview simply go to the AWS website:

http://aws.amazon.com/ec2/.

After the login (see Listing 8) we see our secure shell of the machine where we can input commands like on our self administrated local systems.

Similar S3, EC2 is also pretty easy to use with some SDK commands like run_instances that helps us to integrate this service into our web application. You need only a valid AWS account (key credentials) to access the service, a machine image like ami-48aa4921 and a proper instance type e.g. m1.micro with sufficient processor and memory power.

RDS

RDS a service to handle relational database capacity

The final service that we want to cover is the RDS service the third part to complete our web environment stack. It is also pretty easy to use it with the SDK. Call only a single method to start a new RDS instance and connect to the machine.

See Listing 9 to show an example how to create a database instance. Execute simple the method create_db_instance with the parameter testinstance the name of the instance, 5 specifies the size of the db storages in GB, db.m1.small clarifies the size of the underlying instance type (varies in processor and memory power), MySQL the type of the database system, testuser a user name and testpassword the password to connect the database. Check also with the isOk method the response value to guarantee the availability of the system.

Now we can connect to our new instantiated database through a secure shell. Input only the following known MySQL client command to connect. Specify the user name, password and the database host (see Listing 10).

After we have connected to the database server we will see the start screen where we can input commands (see Listing 11).

Check out which tables are available and execute the show databases command. Additionally, show all tables in the MySQL database with the show tables command (see Listing 12).

What happens at the cloud front?

In this blog post we have cover common cloud services from the Amazon service. S3, EC2 and the RDS are services to extend and of course to replace current development architectures where normally dedicated machines and systems work. With the SDK it is very simple to connect all the services, request commands and response values e.g. S3 items. These proposed services cover a small overview about available services. There are much more excellent functionalities we can use to integrate.

CloudWatch and ELB (Elastic Load Balancer) combined work as a service to measure system values e.g. processor load, RAM utilization and control capacity. Start more or stop EC2 machines to balance the current load up to 100%.

SimpleDB is an additional database service that based on a key value store without any relation between items unlike relational database systems. Handle data in domains similar buckets in S3 and retrieve values with proper SQL statements.

Last but not least, SQS (Simple Queue Service) integrate a SOA service. Loosely coupled items communicate through defined interfaces. Add values to a queue at one application point and retrieve items on another. Works asynchronous and can be used to handle jobs that converts large data like image or video rendering. Thank you for your attention to read until the end ;-) if you have any comments please add your notes and ideas after that post.

17.12. Zend Framework (1) vs. Symfony2

nospam@example.com (Paul Seiffert) — Sat, 17 Dec 2011 08:00:00 +0100

In this article, I want to highlight some differences between the two PHP frameworks that have been the most popular ones at the time of writing. Zend Framework (ZF) is currently a quasi-standard in many PHP companies and Symony2's popularity is constantly increasing. Symfony2 is pretty new now and many developers are thinking about if and when to make the switch from ZF to Symfony2 which is why I think we should spend time looking at the frameworks' differences.
I selected three topics that are implemented differently in these frameworks and will describe how each of them does it.

Project Setup

I took the setup of new projects as one category of comparison because it is an important to make this step as easy as possible for developers that are learning a new framework. In my opinion, the adoption time of a new technology somehow correlates with the easiness of starting a project with using this technology.

Zend Framework Project Setup

To set up a Zend Framework (ZF) project, download the framework's minimal package and extract it to an empty directory. You will see two new folders: bin and library. To initialize the project structure, run the included cli script in the project directory like this:

php bin/zf.php create project .

When you now go to http://<hostname>/ with your web browser, you see a blue welcome page which indicates that the installation was successful. To configure a database connection, you will have to manually edit the file application/configs/application.ini and add the following lines to the [production] environment.

After this step, you have a fully functional Zend Framework project which can be configured using different environments. The next step is to implement custom controllers, views and model classes.

Symfony2 Project Setup

Setting up a project with Symfony2 is pretty easy. You start by downloading a copy of the Symfony2 Standard Edition, extract it to an empty directory and can start to configure your project. However your system has to fulfill some requirements which can be checked by running the script check.php in the app folder (just run php check.php in the command line). When all requirements are fulfilled (and you created a virtual host with its DocumentRoot pointing to the project's web directory), you can navigate your browser to http://<hostname>/config.php and configure the project via a fancy web UI. After checking all requirements again, the Symfony2 sandbox asks you to enter your database configuration which will be written to a configuration file afterwards. The sandbox also includes a sample page where you can see that everything is up and running: http://<hostname>/app_dev.php/demo/hello/World.

To use the sandbox for a real project, I suggest removing the demo pages visited before. Remove the line registering the demo bundle from the file app/AppKernel.php and the demo bundle's router configuration from app/config/routing_dev.yml. Last you can delete the bundle's folder src/Acme.

app/AppKernel.php

app/routing_dev.yml

To be able to define different database connection parameters for the various environments (as with ZF), copy the file app/config/parameters.ini to (this example uses the environment dev, of course you can to the same for any other environment!) app/config/parameters_dev.ini and adjust the other config files accordingly:

Project Setup - Conclusion

The initialization process of a new project is very easy with both of the compared frameworks. One benefit of ZF is that it eases the differentiation between different environments when it comes to configuration - all configuration options can appear in one file in multiple configuration environments that inherit default values from other environments in a defined hierarchy. With Symfony2 you have to create a separate config file and include it into your project's configuration as described above.
Symfony2 on the other hand comes with a nice example bundle that contains a sample configuration, controllers, views and even a very basic authentication infrastructure which can be used as template for your own bundles. Of course, the initial project structure of a ZF project has some default controllers as well, but they don't show you how to configure e.g. security.

Model View Controller

The Model View Controller (MVC) pattern is one of the basic structural patterns used in application development. It basically applies the concept of Separation of Concerns to the structure of applications in a way that separates business logic (Model), the rendering of user interfaces (View) and user interaction handling (Controller) from each other. Most object-oriented frameworks provide scaffolding for MVC implementations - so do Zend Framework and Symfony2. Let's have a look how MVC is applied in both cases.

MVC in Zend Framework Projects

In a classical project infrastructure, ZF projects use controllers that contain multiple actions. Every HTTP request sent to the application is being handled by one (in some cases also multiple) controller's action and most of the times, one action is mapped to one view (This is of course due to the fact that in the WWW, user interaction required a reload of the complete web page - at least for a long time. Nowadays, many web pages (so-called single-page- or Ajax-applications) do not need reloads to change the displayed data and views.).
Views are implemented as templates that contain HTML markup code with inlined PHP snippets. To pass data to a view, the controller has to set this data as a member variable on its view. In the view script you can later access this data by using $this->variable.

In web development, the term Model Class is often mistaken for Persistent Entity Class. Model objects do not only represent data stored in a database, but should also contain all the business logic of your applications. I have seen many applications that do all the logic inside of controller classes and only use models to have an abstraction over the database.
ZF cannot force you to have model classes for all your logic and it also does not try to do so. What it does is giving you a utility for implementing your database abstraction: Zend_Db.
Zend_Db is a component of ZF that provides several APIs to access databases and have an abstraction for persistent records. In times of Doctrine 2, I would suggest neither to learn the use of Zend_Db nor to implement a custom database abstraction. Doctrine 2 can be integrated into ZF projects very easily as you can look up in my article from December 6th and it probably will do a better and more efficient job than a custom solution, too.

Besides my own affinity for Doctrine 2, there are several impartial reasons for not using Zend_Db. In my opinion, the biggest disadvantage is that to add custom logic to your entity objects, you end up writing subclasses of Zend_Db_Table_Row_Abstract. This is a thing I really don't like. Dealing with business logic entities that map the application domain should not require you to think about persistence at all (espacially not to subclass a certain class just to make your objects persistable)! You might say "but this is Active Record!" now. Yes, you are right - Zend_Db_Table_Row implements the Active Record pattern. But: Active Record has not heard a word about separation of concerns. Hence it is just a collection of bad OO code.

MVC in Symfony2 Projects

Using Symfony2, you split your application into one or more bundles. Each bundle has its own controller and model classes, configuration and views. Similar to ZF's modules, controllers and the related model classes are grouped into bundles together with views used by these controllers. This way it is easy to reuse code from other projects by just copying the required bundle.
One difference regarding controllers is the definition of the term controller in Symfony2: A controller is a PHP function that houses all the logic necessary to return a Response object that represents a particular page. (from the Symfony2 Glossary)
Thus a controller does not have to be a full-blown class with differnt actions but only a function handling a specific type of requests. Inside your controller functions, you have to create and return a Response object. How you do this is up to you. There are cases in which you use a templating language (Symfony2 comes with Twig which might take some getting used to it but is very powerful eventually) for rendering HTML but you can always just serialize some data to provide it via a REST API, too.
As with ZF, views are implemented using templates in Symfony2. To use a template, you call the render method in your controller and pass all data required to replace the placeholders in the template. The render method will create a Response object for you which can be returned by your action directly.

When it comes to model classes, there are no restrictions in Symfony2. It is recommended to use Doctrine 2 (which also is included in the distribution package of Symfony2) as your applications' ORM system. Doctrine 2 is already integrated into Symfony2 which makes the configuration really easy. If you follwed the steps in the Project Setup section above, you even configured Doctrine 2 already!

MVC Round-Up

Real MVC is hard to implement the correct way. This is espacially true when it comes to web applications. One major component missing to a real MVC implementation in classic web applications is the synchronity of model and view (which is normally done using an Observer Pattern). Using PHP, HTTP and HTML, you normally render a web page once and the user has to reload the page to see whether there have been changes on the displayed data. By using Ajax in combination with XMPP or any other RealTime-Web implementation, you can imitate this mechanisms. Doing so, you will end up with two MVC implementations: One on the server side and one inside the browser.
After the comparison of ZF and Symfony2 regarding MVC, you cannot say that one does a better job at it. Both frameworks help you separating your code, but the real work has still to be done by the developer using the framework.

Dependency Handling

Dependency Injection (DI) has been a buzzword in the last few years (again, PHP adopted this technique some years after the Java world did) and still is, so we will have a look on how the ZF and Symfony2 are handling objects dependent on each other.

Dependencies in ZF

There is no real DI mechanism in Zend Framework by now. It comes however with multiple components that do something similar to dependency injection. We will have a short look at two of them: The Zend_Registry and Zend_Application_Resources.

The Zend_Registry is a container for services that should be available globally in an application. You can access the registry statically, store values in it and access them somewhere else. This approach can be seen as an implementation of the Service Locator pattern. If you have external dependencies in your controller and/or model classes, you can just read them from the registry every time you need them. Two downsides of the Zend_Registry is that it does support lazy initialization of dependencies and that it cannot provide non-shared objects (to achive this, you can always put factory objects into the registry!).
Another mechanism related to DI is provided by the package Zend_Application_Resource. Resources are dependencies configured at the time the Zend_Application is being bootstrapped. You can access all application resources in your controller by calling $this->getFrontController()->getParam('bootstrap')->getResource($resourceName).

Dependency Injection in Symfony2

Symfony2 is shipped with a dependency injection component which can be used as a standalone package, too. Every Symfony2 project uses it since the framework itself makes use of it in its core components. Besides that, you can benefit from DI in your own bundles as well. Symfony2's dependency injection container is configured via extensions that specify their services and the objects required to build these services. Imagine for example a user management bundle which sends welcome emails to new users. Therefore there might be a service called Acme\UserBundle\WelcomeMailer which requires a mailer object to perform its work. In this case you would create an extension for the DI container and define your service like this:

To access the welcome mailer in a controller, you just call $this->get('welcome.mailer.acme.user') and receive a lazily created instance of the class Acme\UserBundle\WelcomeMailer. Objects defined as arguments of a service will be provided to the service's constructor as parameters. If you want to use the welcome mailer somewhere else, just define it as an argument of this other class and you will have an instance of the service injected.

Dependency Management: Conclusion

As we have seen, the winner of this discipline is Symfony2. It enables developers to define their objects' dependencies explicitely in a very flexible way. Zend Framework on the other side provides mechanisms that ease the distribution of service objects, but does not implement lazi dependency initialization or and injection of dependencies at all.

These were just a few differences between Symfony2 and Zend Framework 1. If you got interested in Symfony2 by this article, you should have a look at the framework's website and read the Symfony2 bible.
All in all I prefer Symfony2 for new projects because it makes me write better OO code. Zend Framework is fine, too, but it looks kind of outdated to me. Anyways I'm also excited to see how ZF 2 (currently beta) works and will spend some time comparing it to Symfony2 as well - maybe in another blog article.

16.12. Eine Einführung in Behavior Driven Development

nospam@example.com (Alberto Assmann) — Thu, 15 Dec 2011 13:39:32 +0100

Testdriven Development, also das Schreiben eines oder mehrerer Tests bevor der eigentliche Code entsteht, ist inzwischen ein alter Hut.
Ein großer Nachteil dieses Verfahrens ist, dass im agilen Umfeld die User Stories erst verstanden werden müssen.
Wenn die Story aber falsch verstanden wurde, dann wird auch der Test falsch implementiert. Knackpunkt ist also immer noch der Abgrund zwischen Analyse und Verdeutlichung der Geschäftsprozesse sowie dem korrekten Erfassen und testen eben jener.
Eine Lösung hierfür soll Behavior Driven Development - kurz BDD - bieten.

Continue reading "16.12. Eine Einführung in Behavior Driven Development"

15.12. Using custom annotations in PHP

nospam@example.com (Dominik Liebler) — Thu, 15 Dec 2011 08:30:00 +0100

When developing enterprise software one should always keep an eye on writing code that is easily maintainable, testable and extendable. Design patterns already propose a way to implement a loosely coupled architecture. With annotations you can take a step forward to make your code look even more expressive, focusing on the primary problem instead of writing a lot of boilerplate code. A single comment line can save you many more lines of code but as it is written in the project's domain language it will be much more meaningful to the developer.
Continue reading "15.12. Using custom annotations in PHP"

14.12. Backbone VS Knockout VS JavaScriptMVC

nospam@example.com (Marco Francke) — Wed, 14 Dec 2011 07:05:00 +0100

In this article Id like to compare Backbone, Knockout and JavaScriptMVC under the following points:

documentation
installation
understanding
complexity
for what kind of project

So lets start with Backbone.
The documentation of Backbone is available under the following link. The complete documentation is written on a single page. Its very easy to search for topics you are interested in. After a short introduction youll find one or more code examples for each topic. These examples are nicely short and well described. Some of them are testable right away. Everything is easy to understand. The only thing missing is a short demonstration how all parts of Backbone work together. But if you search for Backbone snippets on Google you will find lots of examples because it has a wide acceptance among frontend developers.

Backbone is lightweight with just 4.6KB (compressed and Gzipped). It comes along with models, views and controllers to separate the contexts of your application. The only hard dependency of Backbone is underscore.js, a library full of useful utilities and JavaScript functions. For DOM manipulation you are advised to include either jQuery (>1.4.2) or Zepto. To use Backbone just download the backbone.js and underscore.js files and include them in your application. If you include jQuery as well you have a very powerful set to implement complex applications. One thing I experienced myself and read a lot about it on the Internet is the error handling of Backbone. If something went wrong (i. e. you forgot to include underscore.js) a JavaScript error occurs with a message that has nothing to do with the real error. Compared to other implemented MVC patterns, the Backbone.View is a kind of controller. It dispatches events that originate from the UI, with the HTML template serving as the true view. They called it view because it represents a logical chunk of UI, responsible for the contents of a single DOM element. Backbones main structure exists of Backbone.Model, Backbone.View, Backbone.Collection and Backbone.Router.

Backbone.Model
It wraps a row of data into business logic. The backbone.Model provides a basic set of functionality for managing changes. An easy model could look like this:

In this piece of code we extend Backbone.Model with our domain-specific method promptName. The this.set function sets a hash of attributes on the model and triggers a change event. Its one of the base functions in Backbone.Model and really handy for updating your view if something changed. You easily bind a change" listener to the instance of your model to observe any changes. Within the callback of your binding you can place your view changes or whatever you like. Lets have a look at an example.

Backbone.View
The general idea of Backbone.View is to organize the interface to logical views. Backed by models each view can be updated independently when the model changes. As well as the model, the view comes along with basic methods like (initialize, render, remove, ...).

In the example we overwrite the function initialize" which is the constructor of the view class. It is always invoked if an instance is created. Within this constructor we bind the change:name listener to the instance of the PersonModel and bind a callback. This callback would be invoked if the name in the model changes. If this happens the new name would be rendered between the body tags.

Backbone.Collection
Backbone.Collections are ordered sets of models. Like the model you can bind change events as well, so the collection get notified if any model changes. It provides a full suite of underscore.js methods to improve the collection handling.

Backbone.Router
Backbone.Router maps URLs to functions and connects them to actions and events. For history routing it uses the history API. So you can use standard URLs like /page instead of #page. Backbone provides a graceful fallback for browsers without support of the history API.

To compare the complexity of each library I built a simple wish list application. This application should be able to add wishes, remove them and count all added wishes. An implementation with Backbone could look like this:

Backbone is very flexible in the way you want to use it. The view as kind of controller keeps your code small and avoids useless overhead (in JavaScript). Backbone is really easy to understand and with the functions of underscore.js its very powerful as well. To use a proper template engine is always a good idea and eases the developing process. Backbone is well known, so you find lots of code examples or solutions for problems in the Internet. Initially you have to write more code as you probably would write normally. But this code is easy to maintain and extend. If you have the base structure of your application its much faster to work with Backbone. I am using Backbone for a while now and I absolutely recommend it. Its best used in medium to large projects. For small projects its probably sufficient to just use a library like jQuery.

KnockoutJS

The website of Knockout is well organized and the key concepts are visible at first sight. It teasers Declarative Bindings, Automatic UI Refresh, Dependency Tracking and Templating. The documentation is well written and easy to read. Its pretty short and lots of code examples are provided. The best way to get through the documentation is to read and try the examples. With only reading the documentation it could be difficult to understand Knockout. Have a look at the impressive 20-minute demo video from Steve Sanderson. It gives you a good roundup of knockout. After reading and testing a little while you are able to start programming applications. Awesome.

Knockout is a JavaScript library and not a framework like Backbone or JavaScriptMVC. It doesnt provide classes to extend or inherit from. Anyway it helps to create rich user interfaces with an underlaying data model. It has features like Observables and dependency tracking which automatically updates the UI whenever your data model changes. Declarative bindings to connect parts of your UI to your data model. With Templating you can build complex, dynamic UIs with nested templates. Knockout is written in pure JavaScript and works with any server or client-side technology. Its light weight as well with 29KB (minified). Like Backbone you just have to download knockout.js and include it in your application.

Knockout is related to the Model-View-View-Model (MVVM) design pattern to build rich user interfaces. The model is independent of any UI and stores the data of your application. The view model is the representation layer of the data and operates on a UI. Its important to understand that the view model is not the UI itself. Its a pure JavaScript object without knowledge of any HTML. It just holds the unsaved data the user is currently working with. The view represents the state of the view model. It displays information from the view model, delegates commands (i.e. click events) to the view model and updates itself if the state of the view model changes. A short example will demonstrate that.

In the view (HTML) the text binding clause will associate the DOM element with our view model parameter personName. After Knockout is activated via ko.applyBindings(viewModel) the view reads the content of this parameter and renders the text between the span tags. So the result of executing this code looks like:

Youve seen how to create a basic view model and how to display its property via binding. But more interesting is how to update the view automatically. Its pretty simple and achieved with so called observables. Just change the previous code into this:

Thats it. Try it in the JavaScript console of your browser and you will see the view being updated automatically.

Now I'd like to demonstrate Knockout with the same wish list example like I used in Backbone. So it could look like this:

Its awesome to see the same example application as written in backbone earlier with much less JavaScript code. But we have to think about readable and understandable code and how hard it is to explain the code to new developers. I think the declarative binding in the HTML is probably hard to read and understand because you dont really know where it belongs to. Some developers just wont like mixing JavaScript and HTML together. If you bring your knockout code into good shape, use namespaces in your HTML bindings and create conventions how to use knockout in your application it could be easier to understand and maintain. Because knockout is just" a library and not a framework you dont have the benefits of classes, inheritance, fixtures and so on. You have to implement that all by yourself. For huge projects you have to look closer into Knockout to check performance issues. I think knockoutJS is absolutely worth a try. Its a good decision if you have to implement rich user interfaces. If you organize your code well, its possible to build bigger applications. But I think the best use case is in small to medium projects.

JavaScriptMVC

The documentation on the website of JavaScriptMVC (JMVC) seems to be complicated and could be overstraining. Its not that well structured like the previous ones and it is not really clear where to start. The installation process looks really complicated and could keep some developers from using JMVC. You have to download Java JRE and the full download size of JMVC with 27MB will probably surprising you. I can assure you its not that bad as it seems. A little bit more description why we have to do all these things could help to understand it easier. Anyway the whole installation process runs without problems and it works like described.

JavaScriptMVC is a really powerful framework. It consists of standalone components like StealJS, FuncUnit, jQueryMX and DocumentJS which are well tested and loved by many developers. This powerful stack provides everything you need to build well organized, tested and documented applications. Lets have a look how everything fits together.

jQueryMX
With this component you have a collection of useful jQuery libraries to implement and organize large-scaled applications. It puts the Model-View-Controller pattern in JavaScript. It comes along with other useful things like an observable system, a DOM extension and special events as well as a browser history routing.

StealJS
This awesome component is a code manager to keep your code beautiful and well organized. Its a collection of command line and browser based utilities to do things like:

load JavaScript, CSS, LESS and CoffeeScript files
build all files into a single production file
generate a file and folder structure with tests and documentation scripts
install third party dependencies
check your code with JSLint and beautify it with steals clean
make your AJAX application crawlable
log messages in development mode

To generate an application simply execute the following command:

This will generate your application structure with everything you need.

The scaffold generator helps you to create a model quickly. It creates fixtures to simulate a service, widgets with basic actions and all dependencies are automatically included. You can just start editing the widgets for your purpose. All you have to do is to execute the following command:

There are lots of awesome commands to simplify the developing process.

FuncUnit
FuncUnit is a web application testing framework. It provides automated unit and functional testing. You can run these tests practically on every browser or system. You can start your tests easily within the browser with:

or run your tests in Envjs with the command:

DocumentJS
This component generates a documentation application of your application. The only thing you have to do is to run the following command:

JMVC is so modular you can easily install all the components or just the ones you need.

I like JMVC! Its easy to structure your code, generate everything you like, check your code all the time and with a single command your application is ready to go. Of course its a heavy framework and for the shown example absolutely oversized. Its not that easy to understand like the previous ones but definitive worth to try it anyway. We use JavaScriptMVC for big projects where unit tests and an API documentations are essential. The framework has proven its power over a long time so you will find lots of code examples and solutions for your problems. I would recommend JMVC for big projects or projects with the need of high code quality and well documented API.

The following code demonstrates the wish list example implemented with the help of JavaScriptMVC. I put the code into one single file to improve readability here.

In summery I would say Backbone, Knockout and JavaScriptMVC are all pretty good libraries. I would prefer KnockoutJS for smaller projects to create user interfaces in a short amount of time. For bigger projects I would use BackboneJS. It's easy to implement and well organized. I would choose JavaScriptMVC for large projects where high quality and long term support is expected.

Links/Sources

BackboneJS
KnockoutJS
JavaScriptMVC
Book: JavaScript Web Applications - Alex MacCaw

11.12.: Migrate to HTML5!

nospam@example.com (Thorsten Rinne) — Sun, 11 Dec 2011 10:58:00 +0100

HTML5 is one of the hottest buzzwords in the web and everyone is using or talking about it. Google is ahead everyone else for sure with Google Docs, their web based office suite and with Chrome OS, an operating system which only needs a browser (from the users view). But also Facebook, they working on their own application platform codenamed Spartacus is based on HTML5. Even classic software companies like Adobe and Microsoft are joining the competition: Microsofts upcoming WIndows 8 operating system will include small HTML5 based apps (another buzzword) and Adobe has a double-tracked strategy: they release new HTML5 development tools almost every month and they still try to rescue their old, main product, Flash.

HTML5 became reality due to the real life challenges in the last 10 years when Microsoft decided to stop their future browser development after releasing the Microsoft Internet Explorer 6 back in 2001. But in the same time more and more business critical applications moved from desktop apps into the web and the World Wide Web Consortium (W3C) wanted to push the web into a XML based world with their XHTML 2.0 draft standard. Today we know it was good everyone ignored the XHTML 2.0 development. Because of this, companies like Google, Mozilla, Apple and Opera started a project called Web Hypertext Application Technology Working Group (WHAT WG) to create an evolutionary path for HTML and the web.

While Microsoft was working on their Windows Vista disaster, the members of the WHAT WG worked on a draft for the so called HTML5 based on HTML 4.01 and they added new features into their browsers. The development was based upon the challenges for things like Google Mail (2005) or Web Apps for iPhone (2007) and many web developers cant wait for these new features and then even Microsoft and the W3C couldnt refuse to see the reality. Nowadays XHTML 2.0 is gone and even Microsoft is working on a browser called Windows Internet Explorer 10 without any plugin interface, without crappy conditional comments and almost full HTML5 support.

The question for web developers is wether we already should use HTML5 in our web applications. HTML5 is for all of us who want to push their documents to online apps and dont want to use plugins or hacks. The update from your HTML 4.01 or XHTML 1.0 markup is quite easy.

HTML5 revised

The first and even most simple modification of HTML5 compare to HTML 4.01 or XHTML 1.0 is the document type, which changed from

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">

to

<!DOCTYPE html>

As you can see immediately the version number is missing. The WHAT working group even calls the HTML5 specification now HTML living standard and there are updates in the specification almost every week. This shouldnt be a problem for anyone because all modern browser like Firefox, Chrome, Safari, Opera and even Internet Explorer 10 are using their HTML5 rendering engine if the HTML5 document type is parsed.

Another goal during the HTML5 draft was a cleanup and removal of obsolete and bad defined elements in HTML 4.01 and XHTML 1.0. HTML5 should have been much more simpler and all redundant elements should be removed. Tags like <acronym>, <applet>, <dir>, <frame> and <frameset> are not part of the spec anymore. As you can see with the removal of the last two elements its not possible to build frame based web pages with HTML5. HTML5 also requires to use Cascading Style Sheets (CSS) for the representation of web pages, all elements and attributes for styling content were also removed. This removal includes attributes like plaintext, isindex, align, alink, vlink and HTML tags like <basefont>, <big>, <center>, <font>, <s>, <strike>, <tt>, <u>.

HTML5 improvements

There are a lot of small improvements to solve daily web development problems. Embedded images now have a border with 0 pixels instead an ugly blue border by default and the <script> tag now assumes to have JavaScript included. If you add links or images to your webpage, please use the id attribute instead name because its much easier for DOM manipulations. One really great improvement is the character set declaration. Instead of adding

<meta http-equiv=Content-Type content=text/html;charset=UTF-8>

you only need this:

<meta charset=UTF-8>

And, please only use UTF-8, nothing else.

A lot of stuff was added to the HTML specification which everyone used but never was part of the standard. HTML5 now officially features the <iframe> element and the <embed> tag for embedding Plugins like our beloved Flash.

Semantic improvements

A lot of changes within HTML5 describes the requirement to improve the semantics of web pages. The draft standard adds the new media attribute for links to set media type. So its possible to add a link to the mobile Twitter page by using the following code:

<a href=http://m.twitter.com rel=alternate media=handheld>
Twitter Mobile
</a>

Some common attributes are now available for all HTML elements:

id to identify elements in the DOM tree
title for setting a title of the element
lang for the language, e.g. de for German language
dir to set the text direction
class for CSS classes
style for CSS inline styles

A note on CSS3: the specification is still in the works and you dont need CSS3 to use HTML5. HTML5 works just fine with CSS 1 and CSS 2.1.

New elements for page structure

For many people the new HTML5 tags like <audio> and <video> are the most visible change looking deeper into HTML source code. With the new <section> element its now possible to group section within a web page. Its not for design definition, only for semantic structures. For design proposes you should still use the <div> element like you do today. To mark content inside a section, HTML5 introduces the <article> element. For example, you can use this new tag for board postings in a forum, for blog postings, for user comments in your content management system or even a whole article in a online magazine. In these parts of the page you can add side content boxes with the <aside> element. If you e.g. want to add a skyscraper ad on the left side, put it into an <aside> tag.

The navigation should be marked with the <nav> element and the navigation items should be listed as an unordered list inside the root element. If you have to group headers like <h1> to <h6> you can now use the <hgroup> tag. A group of headers are part of a section of a document according to the HTML5 standard. The document header and footer have to own tags which are - quite easy to guess - <header> and <footer>. A HTML5 document can consist of multiple headers, for example at the beginning of a document or to group a header for an introduction and a header:

<header>
<p>Welcom to</p>
<h1>Mayflower Blog</h1>
</header>

The <footer> element can be used multiple times, too. You can use it for example to mark the end of a section or usally to mark the end of the HTML document. This is the area to add relevant links or copyright hints, the contact address for the author should be added by using the <address> tag.

Its also quite easy to migrate the current structures of your web page to HTML5. For example it would be in most cases just a

<div id="footer">This is the end.</div>

converted to

<footer>This is the end.</footer>

The Future

This blog post is just a very short overview what you can do with HTML5, I didnt mentioned the possibilities of Web Workers, Web Sockets, Canvas, SVG or Web Storage. But you can test a lot of things now and you should do it. The world will move to HTML5, at the end of 2012 more than one billion HTML5 capable smartphones and Microsofts Windows 8 will wait for your HTML5 applications.

09.12. 10 good reasons why to learn a css meta language like sass or less

nospam@example.com (Florian Fackler) — Thu, 08 Dec 2011 19:51:00 +0100

There's a bunch of really usefull online css tools like css code shrinkers, validators, sprite generators, px to em calculators just to name a few.
But what I like the best is SASS and LESS.

Continue reading "09.12. 10 good reasons why to learn a css meta language like sass or less"

07.12. One-click Deployment

nospam@example.com (Florian Anderiasch) — Tue, 06 Dec 2011 22:13:27 +0100

Today's topic is deployment. It's called one-click deployment for a reason: Developers are lazy.
It's hard to do less than clicking on one button, so that's our goal.

With the growing need for lower time-to-market and faster response to user feedback it is inevitable to not be limited by technical factors (there are enough other obstacles already). The focus lies on reproducible results.

So, what do we need? Actually, not much. Disregarding the tools and practices that build the foundation of agile software development, you only need a central build server. But you've already got that one covered, right?

If you don't, you should get one. It's a huge help to discover errors quickly and be alerted instantly. This usually leads to a shorter time frame until a fix is done. Tests are run continuously and new parts are integrated into the whole code base.

Everything written here is based on Apache ant, so the easy choices here are Hudson and Jenkins. We're focusing on Jenkins here, but we've successfully used some variation of this continuous integration/deployment script on both.

We've also used CruiseControl/phpUnderControl and Atlassian Bamboo in the past for continuous integration, so the deployment parts should work as well.

Back to the hard facts. We're using the Template for Jenkins Jobs for PHP Projects here for our basic checks, so let's assume you got it installed and your build server is working.

The basics

The typical workflow for a developer now consists of these steps:

write some unit tests
write some lines of code to get the tests to green
commit to git/svn, let's call it "release 1.32c"
build server integrates the commit automatically and runs all configured checks
build status is green (hopefully)

There's not much deployment in this, so a few more steps:

after the build is done, a new ant task is started, called "create-package"
developer clicks on "deploy-to-staging" (yes, another ant task)
some 5 minutes later the staging environment has "release 1.32c" installed

How does this work?

There are a few preconditions in our environment that haven't been named yet. Not all of them are hard requirements, but they make some things a lot easier:

all developers have a VM image for this project, based on Ubuntu 11.04
this VM image is personalized to a certain degree (user/hostname)
it is managed by puppet, all developers can edit puppet manifests
the staging environment also consists of 4 VMs
- Ubuntu 11.04 for the 2 frontend nodes
- Ubuntu 10.04 for the 2 backend nodes
- (hindsight is 20/20, we should've used the same version on all 4, but it's not that bad)
the machine that Jenkins is running on is also based on that same development image. This helps fight issues with incompatible versions and build tools.

The frontend nodes use a setup including varnish, nginx, PHP 5.3+APC, ZF 1.11, Dojo 1.6 and Doctrine 2.1.
The backend nodes use MySQL(Master+Slave), Apache Solr, RabbitMQ, memcached and ejabberd.

Back to ant.

The task create-package is building a .deb package that is to be deployed to all the staging hosts.

It basically executes these steps:

git pull
ant phpunit (unit tests, integration tests)
ant clean (remove build artifacts)
ant compilejs (using Google Closure Compiler)
ant compilecss (compiling SASS to CSS)
dh_make (read the Debian New Maintainers' Guide for details)

And that's it.

The manually executed task is called deploy-to-staging and consists of these steps:

ant deb-sign (sign the package with the development team's key, optional)
ant db-staging-up (we're using Liquibase, so roll out the database changes)
copy the .deb to all staging nodes via scp

Here's one caveat: We've set up our staging (and production) nodes to include a directory (like /opt/repository) in /etc/apt/sources.list and puppet periodically checks if there are new packages in this directory, and installs it. Of course you could just call dpkg -i through ssh as well.

So far, so good. After waiting 5mins we've got our "release 1.32c" deployed to all 4 staging nodes and the testers can do their work.

Wasn't that easy?

We're not quite done yet though. The testers really liked release 1.32c and we want to deploy to live now!

So this means:

developer clicks on deploy-to-live (yes, you've guessed it, an ant task)
some 5mins later "release 1.32c" is live

In greater detail:

fetch the latest "known good" debian package from a staging host
ant db-production-up (Liquibase doing it's magic again)
copy the .deb to all production nodes via scp
there's no step 4

If everything went well, you just deployed a new release!

Of course it's not all perfect, there are some disadvantages and shortcomings.

The first thing we noticed is the build time. The build used to take 15 minutes because of massive disk I/O. Mostly all the analysis/metrics tools are to blame, if you have a few of those, every single one has to read and check all of your hundreds of files even if you exclude the external dependencies and libraries (which is a good idea, anyway). We put the files on a ram disk and brought the build from 15 minutes down to 4. Good enough.

The setup is quite complex (as you've seen if you're still reading). It takes a bit to get used to and there are some moving parts. But so far it's working nicely.

Jenkins is a single point of failure. If your build server goes the way of the dodo, it's very hard to get a release going. There's an easy fix, however: Have a second machine ready that's running an identical copy of your Jenkins setup. If your main build server is down you can still use that one then. As your developer VMs are using the same ant build.xml for daily work, even using that as a last resort is possible.

There are also some goodies that aren't crucial, but nice:

everyone can deploy (even the product owner)
30 minutes from bug report to live deploy is not uncommon with this setup and it's still following a fixed procedure
this setup still allows us to do hotfixes (check out the tag deployed to production, do a fix, commit to a branch and HEAD, create .deb, deploy)
Jenkins has some graphing functions, you can do commit stats or graph your Facebook fans

Having talked with developers from other companies there seem to be quite a few similar setups including chef, rake, phing or even make - so you're surely not forced to use ant or a debian-based distribution.

Good luck simplifying your own deployment!

03.12. Setting up an own QA Environment for Javascript

nospam@example.com (Martin Ruprecht) — Sat, 03 Dec 2011 09:38:00 +0100

Nearly every PHP project comes up with a great set of tools to assure the quality of source code; unit tests are a no longer a nice to have feature, they are common components in new projects. While unit tests help you to provide solid interfaces and proof the functionality of a certain method, there is a long list of tools that check the quality of the source code itself with many different metrics. Each of these mentioned tools reports its results into a XML file, which can easily be interpreted by a continuous integration server like Jenkins. The benefit is enormous: After every commit to your version control system your continuous integration server triggers the execution of the tests and the source code quality analysis and shows the result in meaningful diagrams. As a developer you get a direct feedback and you can make a prediction on the status of the entire project, because if even the smallest units work fine, there is a good chance that the whole system runs stable.

So far for developing with PHP, but what about JavaScript? Are there any tools for quality assurance? Yes! Is it really necessary to do JavaScript QA? Oh yes! Since JavaScript is becoming one of the hottest programming languages for web (and mobile) development, there is no doubt that that we need some way to check the functionality and measure the code quality. Before I will show you some really cool tools and some easy steps on how to set up your own quality assurance environment, let me say a few words on how the increasing popularity of Javascript is affecting the requirements we have on QA for JavaScript and how it is different to QA for PHP. . A couple of years ago, JavaScript was only used for some (unneeded) animation, called DHTML, and for simple form validations. The AJAX hype gave JavaScript a second chance and from this point the lines of JavaScript code where spreading. In other words, most developers haven´t seen the necessity of writing down something similar to unit tests only for some small piece of JavaScript code, they use Firebug for debugging and it works fine for the moment. Another reason why JavaScript QA is different from PHP QA lies in the nature of JavaScript. Whereas PHP is mostly executed on a (Apache) server JavaScript is executed on many different environments and devices that don´t follow common rules and standards. That´s why the requirements for any QA tools are really difficult, because you want to cover a huge amount of environments and devices- otherwise you can only guaranty that your source code runs correctly on a certain device and I´m sure that´s not your intention. In addition, don´t forget the dynamic of JavaScript. It´s easy to extend the range of functions of JavaScript (because of it´s prototypical inheritance) or think of all the functions that come up with the environment, for example the Firefox File API. All these dynamic is really really hard to cover for QA. And last but not least, JavaScript is an interpreted language not a compiled one, this means there is no static code analysis that check the syntax tree like it's done during compiling in other programming languages. So we have indicated two very simple requirements for JavaScript quality assurance: we need something to check our syntax and we need something that tests our code with many different environments/browser and devices. Ok, enough for the moment, let´s introduce our first tool: jsLint.

jsLint
This is not a completely new tool, invented by Douglas Crockford, jsLint is a JavaScript syntax parser written in JavaScript that does not need a browser for its syntax checks. You can use jsLint in many different ways, I prefer the Java wrapper for jsLint as a command line tool, see jslint4java [http://code.google.com/p/jslint4java/]. JsLint (and also jslint4java) comes up with a lot of possible optional parameters to define how strict your code should be checked.
Here is an first example of jsLint (called from the commandline via jsLint4java):

Not only syntax errors like the missing semicolon at the end of a line or a comma after the last entry of an array are considered, mixing spaces and tabs or a wrong indention will be checked as well. Using jsLint4java allows you to print the results into defined XML files. On the way to our own JavaScript QA environment we have entered our first milestone: We check our syntax tree with jsLint, in other words we do a static code analysis- cool!

From now on our source code quality will be checked by jsLint, but this doesn´t guaranty that our functions work well. This is the point where we should think about unit tests. There are a lots of great unit testing tools for JavaScript and nearly every frameworks comes up with its own implementation. To fit the requirement I have mentioned before, run the tests on many different environments (browsers) and devices, we need not only a standalone unit testing tool, we need something that runs the tests on these environments and devices. This is the point where our second tool enters the stage: please say hello to Googles jsTestDriver.

JsTestDriver
JsTestDriver is pretty easys to use it consist of a single JAR file which contains everything you need to get started. Here is an overview of how JsTestDriver works at runtime: This tool combines an independent test framework and a testrunner to execute the tests on many different environments and devices.
This is the general architecture of jsTestDriver

Therefore the tool starts a simple HTTP server to connect with your browser. From this point your browser is marked as a browser to test, this process is called capturing. There are only two steps left to run tests on the captured browsers. Step one is to write down some tests and step two is to trigger the execution of the tests from the command line of your system. Furthermore for jsTestDriver it doesn´t matter whether you are executing your tests from Windows, Mac or any Linux operation system you can capture a browser form any remote system or a mobile device. By the way, it´s not strictly needed to add a browser by visiting the capture page, it´s also possible to pass the path to the browser to an optional command line parameter (--browser). In this case jsTestDriver will open the browser, execute the tests and shut down the browser. For writing the tests jsTestDriver provides a huge amount of assertions but it´s also possible to write the tests with nearly every test framework of your choice by using an adapter for it. By starting the tests, all tests will be sent over HTTP to all captured browsers and executed, the results will be sent back to the server and will be displayed by default at the screen. An export of the results into a XML file is also possible.

Here is a short example how a test for jsTestDriver could look like
MathmaticsTest = TestCase("MathmaticsTest");
MathmaticsTest.prototype.testAdd = function() {
var mathmatics = new school.Mathmatics();
assertEquals(3, mathmatics.add(1,2));
}

MathmaticsTest.prototype.testSub = function() {
var mathmatics = new school.Mathmatics();
assertEquals(1, mathmatics.sub(4,3));
}

MathmaticsTest.prototype.testDiv = function() {
var mathmatics = new school.Mathmatics();
assertEquals(4, mathmatics.div(8,2));
}

MathmaticsTest.prototype.testMultiple = function() {
var mathmatics = new school.Mathmatics();
assertEquals(9, mathmatics.multiple(3,3));
}

Executing the tests ends in a result like this:

After knowing these two very nice tools we already have two major components for or QA environment. What is still missing? Running a static code analysis and triggering unit tests for different devices from the command line is pretty cool already, but it would be even cooler if we were able to integrate jsLint and jsTestDriver into a continuous integration environment to automate the process of checking and testing our source code. A couple of lines ago, I have mentioned Jenkins as one possible tool for continuous integration and do you remember that jsLint4java and also jsTestDriver have a XML output? Bingo! This is the great benefit of these two tools, they generate a XML file that could easily be read by Jenkins (or any other continuous integration tool). Imagine this workflow: You write some new JavaScript code including tests, you check in your changes into your projects version control system, Jenkins recognizes that there are some changes and triggers the static code analysis and starts the execution of the test and after performing these two tasks the results will be displayed in some nice graphs.Sounds promising, doesn't it? This is exactly what we will do with the next easy steps, because we only have to configure Jenkins- nothing more! Step one is to create an ANT task for each tool, this will be done in the projects build file (build.xml). A sample definition of an ANT task could be found at the homepage of jsLint4 [http://docs.jslint4java.googlecode.com/git/2.0.1/ant.html].

Important for this configuration is the node target with it´s attribute name, because this is the value you have to enter into the Jenkins configuration. In addition, see the jslint node, where you can configure the strength or weakness of your analysis via the attribute options. Whereas the node formatter defines where the XML output should be saved, the fileset node defines the directory with the source code file that should be checked. That´s all for jsLint. The task definition for jsTestDriver looks pretty similar:

This ANT task executes the tests on the defined browsers. Also it writes the output into the defined directory. And that´s all for the moment, all other needed steps have to be done in Jenkins, and that´s also easy.
Here the two needed steps:

And these are the results:

Conclusion
For this blogpost I have introduced two (free available) tools and showed the steps to build your own basic JavaScript QA environment with Jenkins for continuous integration. In summary what you will get with this setup is a solid environment for checking your source code quality and a way for automated unit test execution. Beside the presentation of the syntax violation results (jsLint) and unit tests (jsTestDriver) results I recommend a small subversion post commit hook that will send you an email with the results coming from jsLint. To conclude this blogpost, there is not only jsLint and jsTestDriver for measuring, checking and saving the quality of JavaScript code, for example it´s possible to use a plugin for jsTestDriver that checks the code coverage or define another ANT task that automatically generates a minified version of your source code.

01.12. CLOUD Transformation Model

nospam@example.com (Daniel Hallmann) — Thu, 01 Dec 2011 08:03:00 +0100

What we want to do?

The blog post proposes procedures to analyze architectures and applications that are based on clients, server and cloud technologies to find vulnerabilities with the goal to increase security.

Who are the unknowns?

Web Desktop Systems (WDS) are based on web technologies that distribute their parts over clients and servers with clients that provide simple versions of an operating system and installed browsers. The server part integrates cloud computing and cloud storage technologies.

Cover our main idea.

The main idea is to transform a common WDS environment to a more secure environment by using a way that is divided into single phases to split the whole process into small pieces that can be handled more easily. The approach visualizes strategies against security issues to increase security with the help of a predefined rule set. Use that set to handle transform strategies and execute phases that can be processed separately similar transforming objects to executable pieces.

Lets start with the phase model. Its very simple to use.

Formula 1 explains a mathematical abstraction of the proposed phase model. I_n is the current security issue that has to be localized and handled. R_n is a single element from the defined rule set. The optimal case is the elimination of the issue I_n while applying the rule set element R_n. S_gescovers all issues and approximate the best security transformation of all issues that were handled and eliminated. Formula 2 shows the range of all security issues n_max that exists and must be processed.

Lets rock it!

Step 1: Preparation Phase

The aim of this phase is the definition of the areas in which we want to examine the architecture and functionality of the application. Define a rule set and transformation strategies, visualize how it would be accomplished and propose appropriated methods to finalize it.

Include technical aspects and indicate appropriate search phrases to cover all important technical parts. Prepare metrics like LOC to get the amount of source code lines and cyclomatic complexity to cover complexity and get details about the structure. Figure out operational tools like TCP/IP Sniffer e.g. Wireshark^® which are helpful to localize insecure vulnerabilities.

According to these findings define a rule set for transformation of vulnerabilities to ensure security. A target that will be covered is transfer data to the cloud. Study encryption on the client and server side. Look for sections that are used to send data that are a potential risk to compromise data. The following part shows an example to store documents to Amazon S3^® to cover a real live scenario:

Preparation Phase

Important vulnerable application part: Use as example the important application unit to transfer data to the cloud and the storage system. Think about the possibility to attack that part and how can an unauthorized person get access to sensitive data and entries? If data was stored in clear text form a hacker can access all data or a part of information without any protection. To prevent this kind of access store data encrypted with a proper algorithm. Now, the task is to find a mechanism to mitigate that risk and create a rule set entity that matches the current behavior and can be used for similar risks in the future. See Table 1which shows a possible entry.

Create rule set entity that matches the vulnerability: Amazon S3 provides a process that handles encrypted exchange of data between client and server. A request-header covers encrypted exchange of data that will be transferred between client and cloud service.

R_n	Entity	Description
R₁	...
R₂	Specifying Server-Side Encryption using the AWS SDK for PHP	Use request-header x-amz-server-side-encryption that handles encrypted exchange of data between client and cloud service.
R₃	...

Table 1 Rule set entity

Step 2: Analysis Phase

The aim of the analysis phase is to find security issues depending on the code structure. After scanning the architecture order all findings in descending sequence to start with the important one.

To get information cover technical environments and determine all facts specified in the preparation phase. Find critical fragments with code reviews that are interesting like the cloud service on the server side. These are parts that are not in the user space and managed by the provider.

Recognize procedures that will be used to optimize the technical structure and prepare techniques for the action phase. For instance, intercept all outgoing and incoming request headers that were exchanged between client instances and cloud components. Search for critical vulnerabilities and evaluate the way how data is processed during a request.

Analysis Phase

Source code part: StoreObjects.php

Process all important areas that have been specified in the Preparation Phase. Listing 1 shows a source code part that stores entities in the cloud. The method create_object is called with a bucket name testbucket, the name of the file testfile.txt and some optional parameters like body, acl and contentType. All body data testdata will be stored in plain text and can be read by a hacker that gets unauthorized access. Now, step to the Action Phase that handles this vulnerable source part.

Step 3: Action Phase

The objective of this phase is the transformation of vulnerabilities which were found in the analysis phase. Therefore the action phase reduces security issues by a defined rule set from the preparation phase. At the end of the action phase all detected vulnerabilities will be covered. Select critical parts and implement technical code fragments to eliminate security vulnerabilities. An example could be the encryption of data to the server through a secure connection. Similar hackers in web development that get unauthorized access to resources in cloud storages data can be compromised too. A possible scenario is to steal server credentials and hack into to get server access.

Action Phase

Apply rule set Entity: R2: Specifying Server-Side Encryption using the AWS SDK for PHP

To encrypt data add the parameter encryption (see Listing 2) with the value AES256 that set the x-amz-server-side-encryption request header to store the file secure. After that change, it is necessary to check if the modification does not bring the application in an instable status. Now, step to the Validation Phase to ensure the stability of the application.

Step 4: Validation Phase

The aim of this phase is ensure architecture consistency during every transformation. Guarantee that every change works as expected and validate all enclosed components. Loose parts have to work separate and through their interfaces as integration. Run unit tests to ensure functionality of separate single code fragments and cover consistency of multiple components.

Scenarios could be either exchange of data between applications that run on the client and the transfer of data to server components. That includes cloud computing and storage with can be used to execute programs and store data.

Validation Phase

Testing Tool: PHPUnit

To validate change use test cases and check if the modification runs as expected. The first test case testHeaders validates the request headers and check against the new x-amz-server-side-encryption header if it was set to AES256. The second test case testRetrieveObjects covers the data that was stored and validate the correct data type, format and value that was retrieved.

Each phase of the transformation model concentrates on increasing security and eliminating vulnerabilities. Collect suitable information about code artifacts before transforming it. Always ensure validation of functionality while updating code fragments and cover revert strategies to get an opportunity for role back scenarios in case of incorrect transformation.

Make your life easier.

Use that transformation model as a pattern structure to cover the complexity of current web architectures that includes WDS like Google Chrome OS^® and cloud services like Amazon EC2^® and Eucalyptus Cloud^®. Integrate technologies like cloud computing and storages that manage more computing cycles and storage outside the traditional resources that locate in the basement of companies that manage their own hardware. Handle each part of the whole structure and the communication between each other. Fill every phase with proper single methods - e.g. rule set entities - that fit perfect the current architecture object and integrate that model as helping pattern for your daily work.

06.12. Doctrine 2 - Zend Framework Integration

nospam@example.com (Paul Seiffert) — Tue, 06 Dec 2011 08:00:00 +0100

In yesterday's article of our advent calendar, we explained the concepts underlying Doctrine 2. In today's article, we want to use that knowledge and create a simple Zend Framework (ZF) application that uses Doctrine 2 to persist its business objects.

While explaining how to integrate Doctrine 2 into Zend Framework, we will create a generic sandbox that can be used for future projects building up on these technologies.

Setting up a ZF project with Doctrine 2

Since this article is not about how to setup a ZF project, the following steps will require you to have a clean but working project with the usual folder structure.
To use Doctrine 2 you will have to get a copy of its source code first. You can get one either from the project's website or by cloning the git repository. In my opinion, downloading the source package from the website is a lot easier (you don't have to take care of all the project's git submodules etc.). So download and extract the archive into a temporary directory. After that, move the folder Doctrine from the archive's root into the library of your new ZF application. Now, your project structure should look like this:

The first thing that will occur to you if you look at the Doctrine 2 source code is that 100% of the code is namespaced (for a (German) introduction to namespaces have a look at the article "PHP 5.3 Features in Real Life" from a colleague of mine). This is pretty nice for people who are not scared of new language constructs but for many people that are using ZF it might look odd at first. I am sure that you will get familiar with the syntax differences really fast, but ZF (1) does not - because it does support real namespacing yet (however this will change with version 2).
Therefore we have to do some additional work that enables us to autoload classes that reside in namespaces. Luckily, Doctrine 2 comes with a neat set of helper classes bundled in the project Doctrine Common which also includes a class loader that fulfills our needs. The class loader is called Doctrine\Common\ClassLoader and is really easy to use:

This code snippet creates and registers a new class loader that looks for classes in the namespace Doctrine. These classes should be placed in a folder called Doctrine which is part of the current include path. Every namespace separator will be transformed into a directory separator when looking for the classes, so make sure to keep your class-, namespace-, file- and folder-names in sync!

I recommend putting the initialization of the class loader into your application's bootstrap class because this way it can be used for cli scripts, too. As you might have seen, there are several packages inside the Doctrine folder that we placed in your library. The folders ORM, DBAL and Common contain the Doctrine 2 classes required by the framework. The fourth folder Symfony contains some classes borrowed from the Symfony2 framework. To load all these classes, we have to initialize multiple class loaders:

The initialization of the loaders responsible for Symfony2 and entity classes requires a second argument, that indicates the directory in which the classes of the namespaces can be found. If you do not provide this argument, the class loader just looks in the directories of your include path for folder names matching the given namespace.

Creating the Entity Manager

The next thing we will do is creating an entity manager. To do so, we have to initialize a configuration object (of the type Doctrine\ORM\Configuration) and pass it to the entity manager. Since we want to create a project that can be configured easily, we separate the configuration data from the initialization code. Let's begin with the initialization code and add the required configuration directives to our application.ini file later.

Instead of describing each single option here, I add some detailed comments in the initialization code:

From now on, you can access the entity manager by requesting it from the Zend_Registry. This should probably be done via a dependency injection system, but this article will not cover how to implement dependency injection or even a dependency injection container.
To make this bootstrap code work, you will have to add the following directives to your application.ini:

Basically, this is all you have to do to integrate Doctrine 2 into your ZF application. It is fully functional with this configuration, so let us take a snapshot of the project now and declare it as our sandbox for future ZF-Doctrine 2 projects.
\ Next, I want to show you how to create entity classes within your project and how to initialize a database scheme from these entities.

Creating Entity Classes

If you have read my yesterday's article, the following part will not look very new to you. I will create two entity classes: User and Group which have a n:m relationship called membership.

To write create tables in the database for these entities, we will use Doctrine's console tools which are really handy. Create a new script named doctrine.php in your application's bin directory and copy the following code snippet into it.

This script sets up a Zend_Application first, bootstraps it and creates a normal Doctrine 2 console. You might want to have a look at the original console script which is included in the Doctrine 2 archive we downloaded before. I added the ZF initialization to be able to use the application's configuration here.

When you run the script now, the output should look like this:

All actions related to your database's schema have the prefix orm:schema-tool. Create your schema now by executing

$ php bin/doctrine.php orm:schema-tool:create

If you have no errors in your configuration, your database should have three new tables now: user, group and group_user.

Now you are ready to implement your application's logic. You can write code that queries, modifies and creates user and group objects and have all data persisted by Doctrine 2. To end this article, I just want to give you a feeling for how you might interact with Doctrine 2 in your business logic.

I hope this article helps you setting up the infrastructure for your next project and covers everything you have to know to begin using Doctrine 2. The sandbox we set up can be downloaded here. Make sure to include the current versions of ZF and Doctrine 2 after downloading it.

05.12. Doctrine 2

nospam@example.com (Paul Seiffert) — Mon, 05 Dec 2011 01:00:00 +0100

Introduction

Object-relational mapping (ORM) frameworks have been around for several years now and for some people, ORM is already outdated by now. As we have seen with other technologies and concepts before, PHP is not exactly what we call an early adopter among the programming languages. Thus it took some time for ORM to grow up in the PHP context.

There have been some frameworks before Doctrine 2 that implement ORM (remember e.g. Propel) specific tasks but most of them lack the required maturity to be used in large projects. With Doctrine 2, PHP takes a huge step into the right direction Doctrine 2 is fast, extensible and easy to use.

This article will take you on a tour through the main concepts of Doctrine 2 in the first part and then explain how to use it in a real world application in the second part. Since at the time of writing Zend Framework 1.11.xx (ZF) is very popular, we will integrate Doctrine 2 into a ZF project.

Basic Concepts

To understand Doctrine 2, we have to take a look at some relevant terms (or in this case objects), study their behavior and practice their usage. We start with some introductory phrases on ORM systems and then go on to the concepts underlying Doctrine 2: Entity Objects, the Entity Manager, Repositories and Proxies.

Object-relational Mapping

Since the beginning of Object-Orientation, people had to manage the persistence of their application's state resp. their objects. In the context of Web Application Development, this usually involves a Database server which is being consulted using a Query Language. One example for this pattern is a PHP application that uses some kind of SQL server by sending SQL queries to it. Another one is an application using a CouchDB server by querying it via its REST API.
Due to the author's laziness, we will talk in terms of relational databases from now on. Keep in mind, that you can accomplish almost everything mentioned here with NoSQL databases, too.

ORM relates value objects that exist in an application's business logic to database records. Thus every object that should be persistent is saved in one row of a database table. The most common approach is to map classes to tables and the classes' objects to rows in the these tables.
Besides writing objects to a database, ORM systems are also intended to ease the process of finding data stored in the database. When talking in terms of ORM, finding data always means making the framework fetch one or many objects that meet a certain criteria.

Entity Objects

The objects that are being managed by an ORM system are called Entity Objects. Every entity object relates to one entry in a table. In Doctrine 2, the classes that represent entities do not have to fulfill special requirements like inheriting from a certain super class (as you might have seen in other database abstraction frameworks like Zend_Db). When creating a new entity class with Doctrine 2, all you have to do is to write down a regular PHP class with properties. Besides this, you have to provide some hints on how these attributes should be persisted. The information how entity attributes relate to columns in the DB is called Metadata. Metadata can be described in different ways: By default there are metadata drivers for descriptions in XML, YAML and PHP. The fourth and most popular driver is based on DocBlock annotations (since in PHP, annotations aren't a language feature as in Java (see Wikipedia), they are contained by the classes' and attributes' DocBlocks). We will use annotations to describe our entities metadata. To get an impression on how easy this is, take a look at the following example.

This example contains all it needs to tell Doctrine 2 about the new entity User. With this class, you can create, find, delete and modify user objects and persist their state to the underlying database. But keep in mind: as long as you don't need any persistence features, you can use your user objects just like any other objects!

The next two objects resp. object types we will describe are responsible for doing the ORM functionality: persisting and finding.

The Entity Manager

To use ORM functionality, the Entity Manager (Doctrine\ORM\EntityManager) is the main access point to Doctrine 2. The entity manager is responsible as you might have guessed for managing entities and for building a facade for the whole framework. To accomplish its tasks, the entity manager uses some helpers. The Unit of Work object for example collects entities that should be written back to the database and is capable of doing this in batches. This way, database operation can be executed with almost no overhead and therefore are really fast.

Another dependency of the entity manager is the Event Manager. To be as extensible as possible, Doctrine 2 comes with an event system that publishes all important state changes to the outside as events. You can register for such events and extend the life cycle of your entity objects at one single point.

The entity manager's API combines methods for managing entities (find, persist, contains, copy, detatch, merge, remove and refresh), methods that control the use of transations (beginTransaction, commit, flush, rollback and transactional) and some helper methods for creating custom queries and accessing some of the entity manager's dependencies.

The following example shows how to query an object from the entity manager, modify it and write the changes back into the database.

Creating a new persistent object is almost as easy as modifying it:

Repositories

For finding entities, Repositories are used. Every entity class has its own repository which is responsible for finding entities of that type. By default, repositories have some handy methods for fetching entities that match certain criteria:

find: Finds an entity by its primary key / identifier
findAll: Finds all entities of the repository's entity type
findBy / findOneBy: Finds all resp. one entity that matches the passed criteria:
findBy<attribute> / findOneBy<attribute>: Magic methods that ease the filtering by a single attribute:

To access a repository, all you have to do is ask the entity manager for one. If you have implemented your own repository, it will be returned by Doctrine\ORM\EntityManager::getRepository(). Otherwise, Doctrine 2 will provide a generic repository. The main reason to implement custom repository classes is to group custom queries for an entity type to make them reusable. For custom query logic, there are several mechanisms you can use: You can either use Doctrine's query builder that implements an API similar to Zend_Db_Select or queries written in the Doctrine Query Language (DQL) or you can even execute plain SQL queries. With these options, it is also possible to migrate old applications which use complex queries by just wrapping these queries into the methods of custom repositories.

Proxies

When traversing a graph of entity objects (which is required when entities are having relations to other entities), it would be very expensive (in the sense of requiring many database queries) to fetch every depending entity with an additional query. Therefore Doctrine 2 uses the concept of Proxy objects that represent regular entity objects which have not been populated with data from the database. Take a look at the following example where the entity Group aggregates a list of User objects in its member property. When accessing the members list, Doctrine 2 provides a collection of proxy objects instead of complete User objects. When an object of this collection is being asked for one of its properties, Doctrine loads the object's data from the database. This way, the users' data is not loaded until it is really needed.

Advanced Mapping Concepts

This section describes some advanced concepts that are required when mapping entity classes that have relationships to other entity classes. Possible relationship types are association and inheritance. Inheritance is the mechanism used for representing subtypes in object-oriented programming languages. An example would be a class User that implements methods every user of a software should have and a class Administrator inheriting from User that adds methods for determining the administrator's access rights.

Association is a weaker relation type. It means that an entity object can be related to other entity objects of other types. In terms of relational databases, there are three types of association which differ in the number of entities an object is related to: 1:1, 1:n and n:m relationships. n and m are placeholders and mean multiple.

Association

To put objects of an entity type into relation, you just have to mention this relation in the entity class' mapping information. The simplest case is a unidirectional 1:1 relationship. In the following example we describe a User entity which has its access information (user credentials) encapsulated into another entity class called UserCredential. Since every user has at most one credential object and every credential object may only be associated to one user object, this is a 1:1 relationship.

If the relationship should be bidirectional, include the OneToOne attribute in the other class, too, and add an attribute which denotes the attribute of the other entity that mapps the related object:

This way, you can access the user object from the credentials object, too.
Most of the times, developers have to deal with relationships which include many objects on at least one side. These relationships are called 1:n or n:m relationships. This means that either one or multiple entities are standing in relationship with an arbitrary number of entities of another type. To accomplish this, you have to use the mapping keywords OneToMany or ManyToMany when describing your entities. Besides that, the mapping works the exact same way as with 1:1 relationships.

There are however some tricks you should know when dealing with collections of associated entity objects. Consider the following relationship between the entity classes User and Group:

When a group has at least one member, the group object will have a collection of the type Doctrine\Common\Collections\ArrayCollection set as its members property. This collection contains all user objects (or proxy objects as we have seen before) and can be modified intuitively with the methods add and removeElement. To honor object-orientation, you might want to introduce custom methods for these tasks. If you do so, you get into trouble when the group object does not have any users associated. In this case, the collection will simply be set to null. To avoid checks whether the collection has already be initialized, you should to this by yourself in the entity class' constructor:

It is also important to notice that one entity has to update the other entity's state as well when a relationship between to objects is created or removed. Take care to do this only in one class to avoid endless recursion loops! This class is called the Owning Side of the relationship. When implementing a bidirectional relationship, the other class is called the Inverse Side. It is important to determine owning and inverse side and implement the the classes accordingly to avoid greater trouble during debugging.

There are some more features implemented by Doctrine 2 enabling developers to specify their entities' relationships including sorting, pre-fetching and indexing. These topics are not covered in this article but are explained very understandable in the Doctrine 2 documentation.

Inheritance

Subtyping can be implemented in different ways using Doctrine 2. The main difference between these implementations is how the inheritance is mapped to the database. The options are to have one table for every class (Class Table Inheritance), to have one table for all classes in a hierarchy (Single Table Inheritance) and to have a table for every specialized sub-class of a given super-class (Mapped Super Class).We will give a short overview on all three alternatives, you have to pick the right one yourself. This decision should be made based on how many common attributes there are in your sub-classes.

Mapped Superclasses

Introducing a mapped superclass is probably the easiest way for specifying inheritance but might lead to many duplicate columns in your database schema. The superclass of your entities is not being declared as an entity itself (and might also be declared abstract) but provides attributes and optionally methods that will be available in all subclasses. When creating the database schema, Doctrine 2 merges all attributes and relationships of the superclass into the definitions of the subclasses and processes them as regular entities.

After creating the database from this mapping information, your tables will look like this:

Single Table Inheritance

When having entities that are very similar besides some few attributes, you might want to store them together in one database table. This approach is called Single Table Inheritance. To distinguish between the different types, there is always a column marked as discriminator column and a discriminator map that tells Doctrine 2 which values in the discriminator indicate what entity types.

These definitions cause the existing of one single table called User with all the attributes declared inside the classes User and Administrator plus a column type the discriminator column. When working with entities of these types, Doctrine will manage the type flag automatically for you.

The resulting database schema looks as illustrated by the following diagram:

Class Table Inheritance

Having each entity type stored in its own table is always good for keeping your schema extensible. When you have to create a new subtype, Doctrine 2 will just create a new table for this type and it can inherit the logic and common attributes of a superclass. The only overhead you have with this approach is that all tables that correspond to subtypes have to maintain a relationship to their supertype's table. Using class table inheritance, the example with the entities User and Administrator looks like this:

Besides the inheritance type, there is no difference to the example using single table inheritance. The outcome on the resulting database scheme is huge. Now you have to separate tables which store users and administrators. Every record in the table Administrator has a corresponding record in the User table.

This was the first part of this article. Stay tuned for part II which will be published tomorrow (on 6th of December 2011)! In the second part, we will integrate Doctrine 2 into a Zend Framework application and include a generic sandbox (ZF-)project with Doctrine 2!

To Protect and Surf

nospam@example.com (Martin Brotzeller) — Mon, 05 Dec 2011 01:15:11 +0100

Slashdot reports, that CSS History Sniffing is back - this time utilizing the latency that your browser shows when you have visited a site already. The time a browser takes to respond differs when the resource that is linked in a page is already in the browser cache. Of course that only works when you actually fetch the resources. As i described earlier, there is a Firefox extension that protects you: Request Policy. This extension lets you choose which sites may refer to which other sites. It's a bit tedious to get started, but it protects you not only from the ever-watching eye of social networks that load "like" buttons everywhere, but also from this renewed threat.

04.12. PDF nicht nur mit PHP

nospam@example.com (Christian Albrecht) — Sun, 04 Dec 2011 10:19:24 +0100

Eine Suche nach php pdf bei der Suchmaschine meiner Wahl ergibt eine Vielzahl an Tutorials, Blog-Einträgen und natürlich auch Klassen und Bibliotheken. In diesem Blog-Artikel möchte ich einen knappen Überblick über einige der gebräuchlichsten PHP-Tools zur PDF-Generierung geben und Alternativen zeigen die keine Programmierung erfordern.

PHP: PDF Manual

Das erste Suchergebnis führt uns auf die PHP Manual Seite. Das braucht Ihr Euch nicht anzuschauen weil es einfach nur verwirrend und unvollständig ist. Dahinter steht eine PECL Erweiterung, welche PHP einen Wrapper zur kommerziellen PDFlib bietet.

PDFlib

Ist in Version 8 verfügbar und unterstützt laut Hersteller verschiedene Features aus Acrobat 9, der PDF-Spezifikation 1.7 extension level 3. Etwas ausführlicher betrachtet bedeutet das:

Es kann über Verweise auf Ressourcen in externen PDF-Dokumenten zugegriffen werden.
Der Inhalt kann in durch den Benutzer auswählbare Ebenen aufgeteilt sein welche sich gruppieren
lassen um zum Beispiel in Sprachspezifischen Ebenen ein und dieselbe Bildebene zu zeigen.
Bilder, Seiten und Teile von Seiten können mit Georeferenzen ausgestattet werden.
AES-256 Verschlüsselung und Unicode Passwörter werden unterstützt.

Im Gegensatz zum PHP:PDF Manual bietet sich auf der Herstellerseite ein Haufen an Dokumentation. Dort findet Ihr neben einem Installations- und Konfigurations-Howto für PHP, eine 256-seitige PDFlib API Dokumentation und ein 312-seitiges PDFlib Tutorial.

Schon alleine die Länge der API Dokumentation lässt darauf schließen das die PDFlib umfangreiche Funktionen zum gestalten von PDF Dokumenten mit sich bringt. Auszugsweise, wie auch unter What's new in PDFlib 8? nachzulesen:

Bidirektionale Schriftformatierung für internationale Sprachen und Fallback Fonts.
Unterstützung OpenType spezifischer Font-Features
Textumbruch um Bilder, in Pfaden sowie Text an Pfaden entlang
Transparenz in TIFF und PNG Bildern
Interaktive Formulare
Druckvorlagen Farbmanagement PDF/X-4 und PDF/X-5

PDFlib ist ein renommiertes Produkt und auch in PHP können damit professionelle PDF Dokumente erstellt werden.

Zend Framework PDF

Wer etwas weniger komplexe Ansprüche an die PDF-Generierung stellt ist auch mit dem Zend_PDF Modul des unter OpenSource Lizenz veröffentlichten Zend Frameworks gut beraten.

Laden von PDF Dokumenten (Acrobat 5, Spezifikation 1.4)
Versionsverwaltung: Laden von Versionen, Rollback nach Änderung
Schreiben oder Ausgeben und diese Vorgänge auf die geänderten Stellen beschränken
Seiten als Vorlagen verwenden, Seiten zu einem Dokument hinzufügen oder entfernen
Einfache Vektorgrafikelemente
Seitentransformationen (Drehen, Zoomen)
14 gebrauchsfertige PDF-Fonts, Unterstützung von TrueType Fonts
Unterstützung von Sprungzielen, Lesezeichen-Menüs, Anhängen und Aktionen
Unterstützung von Dokument Information und Metadaten

Das erstellen und Laden von PDF Dokumenten geht dank der durchdachten API sehr einfach von statten. Einzig den automatisierten Textumbruch mag man vermissen. Zwar kann man sich anhand der API die Weiten der einzelnen Zeichen berechnen lassen, das erscheint dann aber doch etwas aufwendig zu sein für jedes Zeichen eines Textes.

Verschiedene Typen von Anhängen und Aktionen, sofern noch nicht in Zend_PDF enthalten, lassen sich nach Lektüre der gesuchten Funktionalität in der 980-seitigen Adobe PDF Reference relativ einfach und schnell integrieren.

FPDF

Verspricht High-Level Funktionen und steht auch unter OpenSource Lizenz zum Download bereit. Ebenso wie bei Zend_PDF werden PDF-Dokumente mit FPDF nur durch Einsatz von PHP generiert und es ist keine weitere Bibliothek notwendig.

Auswahl der Maßeinheit, Seitenformat und -ränder
Seitenkopf- und Fußzeilen Verwaltung
Automatisierter Seitenumbruch, Zeilenumbruch und Textausrichtung

bietet FPDF unter anderem und füllt damit die Lücke in Bezug auf Automation der Textgestaltung. Es gibt FPDF Tutorials für verschiedene Anwendungsfälle und eine überschaubare FPDF API Dokumentation.
Anhand einer Extension FPDI ist es möglich Seiten aus anderen PDF-Dokumenten auszulesen und in das zu erstellende Dokument zu importieren.
Dazu gibt es auch noch eine Menge an FPDF Scripts die die Funktionalität um viele interessante Features wie Barcodes, SVG Templates bis hin zu Formularausfüllung erweitern.

Prince XML

ist eine kommerzielle aber im Privatgebrauch kostenfreie Lösung zum erstellen von PDF-Dokumenten aus XML oder HTML Quellen mithilfe gängiger CSS 2, 2.1 und 3 Eigenschaften und Selektoren sowie eigenen CSS Erweiterungen. Prince misst sich mit den gängigen Browsern im bewältigen des Acid2 Tests und bewirbt:

(X)(HT)ML, SVG, CSS, JPEG, PNG, TIFF, JavaScript / ECMAScript
Seitenkopf- und Fußzeilen, Seitennummerierung sowie Duplex drucken.
Mehrspalten Layouts, fließende und positionierte Blöcke
Verweise, Sprungziele, PDF-Metadaten und Anhänge
Verschlüsselung und Dokumenten Zugriffschutz

Neben dem Kommandozeilenprogramm gibt es auch für PHP eine Wrapperklasse und unter Windows gibt es sogar eine GUI zum bedienen des Programms. Die Dokumentation ist ausführlich und übersichtlich aufgebaut.

Eine schöne Lösung zum erstellen von PDF-Dokumenten wenn man sich nicht direkt mit der programmatischen Erstellung von PDF-Dokumenten beschäftigen möchte.

Online Service

Des weiteren gibt es unzählige von kostenpflichtigen und kostenfreien Online-Services wie zum Beispiel pdfcrowd das in der Lage ist HTML-Seiten von einer angegebenen Url oder auch mit einem WYSIWYG Editor erstelltes HTML-Dokument als PDF auszugeben. In einer kostenpflichtigen Version lassen sich dann auch noch verschiedene Optionen zur Konvertierung angeben.

Mit cometdocs lassen sich über 50 Dateiformate in andere Formate konvertieren. Unter anderen mit dabei Word nach PDF, HTML nach PDF und sogar Excel nach PDF.

Introducing Gigger, a Realtime Javascript Monitoring Framework

nospam@example.com (Felix Kaser) — Thu, 22 Sep 2011 17:17:00 +0200

Go to Live Demo >>>

Monitoring your web application is essential for professional maintenance and development. Especially if you have a high load on your website and you want to keep the current users on your site, you definitely should stay alert for problems and be able to react fast in case of problems. Monitoring is also crucial for A/B tests, since you have to evaluate somehow which version of your website performs better. Many big players also measure constantly how much revenue the website produces. For them it is important to monitor if a new feature increases or decreases the revenue and take decisions based on that information.

Mayflower is currently developing a javascript framework which provides a smart tool for realtime monitoring and measuring. Read the full article for more information.

Continue reading "Introducing Gigger, a Realtime Javascript Monitoring Framework"

Tracking Menaces for Your Privacy

nospam@example.com (Martin Brotzeller) — Tue, 02 Aug 2011 00:19:42 +0200

A lot of people are talking about a particular research paper featured by Wired of late. That paper describes, how users can be, and are, tracked against their express wish. Even deleting cookies does not solve the tracking problem. A lot of folks talk about how unethical, probably unlawful and unfair it is.

So far, although, I have not seen a site that gives more than hints how to prevent being tracked. Firefox users have a couple of tools at hand that can easily circumvent most, if not all, attack vectors. Using these measures comes at the cost of comfort, though.

Continue reading "Tracking Menaces for Your Privacy"

Decoupling URLs from Rewrite Rules

nospam@example.com (Martin Brotzeller) — Mon, 25 Jul 2011 13:18:00 +0200

Apache's mod_rewrite is a really powerful tool, but with great power comes great responsibility. You wouldn't like your customer to have to edit your rewriting rules.
Continue reading "Decoupling URLs from Rewrite Rules"

About planetary-sized posters

nospam@example.com (Björn Schotte) — Mon, 13 Jul 2009 23:17:01 +0200

Geez, what a week! On Friday, we'll party on celebrating the PHP 5.3 release in Munich/Germany. For those of you who can't be there, I'm sure there will be enough photos on Flickr, Facebook and the like. But, as you may remember, we've produced some very cool Zend Framework posters. I just got an e-mail from Rob Zienert about planetary-sized posters :-)

If you want to experience the true size of our Zend Framework poster, just drop me an e-mail and tell me your company address and if you want to have the poster in English (as long as it's available) or German. Oh, and btw, we're currently finishing a PHP Web Security poster (at the same size) by Stefan Esser from SektionEins. Don't miss it!

Redis - Vortrag@Mayflower-Würzburg

nospam@example.com (Andreas Ganje) — Mon, 13 Jun 2011 23:20:58 +0200

Am kommenden Donnerstag, den 16.06.2011 findet ein weiterer öffentlicher Vortrag im Mayflower-Büro in Würzburg statt (Pleichertorstrasse 2, 97070 Würzburg, Straßenbahn und die Haltestelle Congress Centrum).
Beginn ist um 18:00 Uhr, Thema des Vortrags ist "Redis".

In dem Vortrag von Peter Voringer geht es um die Funktionalität und den Einsatzbereich/-möglichkeiten von Redis, sowie die PHP Client Library Rediska.

Die Donnerstags-Vorträge werden sowohl in Würzburg als auch in München gehalten. Bei Interesse einfach das Blog beobachten, um auf dem Laufenden zu bleiben!
Wir freuen uns auf viele Teilnehmer!

Anfahrt zum Mayflowerbüro Würzburg

Zur Anmeldung einfach einen Kommentar im Beitrag hinterlassen.

Creating coding standards for PHP_CodeSniffer

nospam@example.com (Daniel Schlichtholz) — Thu, 24 Feb 2011 17:21:00 +0100

When our project is supervised by a continous integration platform, we are (hopefully) using static code analysis tools. One of the best for analysing PHP code is PHP_CodeSniffer which integrates fine into systems like PhpUnderControl, Hudson or Bamboo. But in some cases the pre-installed coding standards like PEAR or Zend might not be sufficient for our current project or we want to deviate. This is the moment when we want to be able to create a custom one that fits our special needs. In this article I want to share my first experiences with you about how to create a custom coding standard for PHP_CodeSniffer.

Continue reading "Creating coding standards for PHP_CodeSniffer"

Cinder now available at Mayflower Open Source Labs

nospam@example.com (Florian Anderiasch) — Thu, 23 Dec 2010 13:56:35 +0100

Cinder is a plug-in for your eclipse-based IDE (eclipse, Zend Studio, etc.) to display results of your Continuous Integration environment right inside your IDE.

We just released version 0.1.6, which you can install via the Eclipse Update Manager and the URL http://opensource.mayflower.de/cinder, then activating it via "Window -> Show View -> Other -> Cinder".

If you haven't heard of Cinder yet, here's a short summary:

You open the XML file containing the errors and warnings of your build (for us that's typically the PHP_CodeBrowser XML generated by a Hudson build) and get an overview of reports. Now you can sort them, categorize them and work on them in any order. Cinder can grab these files periodically if you make them available via http or on a filesystem.

A few screenshots:

The Cinder View after reading an XML file.

After selecting a warning the file is opened at the matching line.

Bug reports, ideas and feedback are welcome, please visit the github pageto tell us about your ideas.

PHP_CodeBrowser goes stable

nospam@example.com (Simon Kohlmeyer) — Tue, 14 Dec 2010 18:52:05 +0100

We already wrote about CodeBrowser 0.9 in August and after fixing a few minor bugs the Mayflower Open Source Labs Team is very happy to present PHP_CodeBrowser 1.0.0.

The new version is already available on pear.phpunit.de. To check it out, just run

pear channel-discover pear.phpunit.de pear install phpunit/PHP_CodeBrowser

or, if you have already installed PHP_CodeBrowser, you can upgrade with

pear upgrade phpunit/PHP_CodeBrowser

If you would like to see any features in the next releases , please visit the github page and tell us about your ideas.

OpenSocial

nospam@example.com (Daniel Prokscha) — Mon, 22 Nov 2010 09:19:21 +0100

Three years ago, on the 1st of November 2007, Google released OpenSocial. A lot of time and development work has passed since then. It is a perfect time to deal with it, so in this blog we get to learn where OpenSocial is today and how it actually works (read german version).

Continue reading "OpenSocial"

(Pseudo)dynamic data generation in JMeter

nospam@example.com (Anatoliy Belsky) — Tue, 07 Sep 2010 13:55:00 +0200

What if you have to do extensive performance tests for a complicated webapp with login, search forms, etc.? If the tool you would use for this must be very powerful, opensource and have graphic interface there is no way you can pass by JMeter. At this time I'll tell about how to get dynamical data to be used inside JMeter tests. I'll presume you've already worked with JMeter before and have at least knowhow about a standard test plan structure.

Continue reading "(Pseudo)dynamic data generation in JMeter"

Contributing to ZendFramework

nospam@example.com (Stefan Staudenmeyer) — Wed, 01 Sep 2010 10:13:48 +0200

... on contribution

Who hasn't ever started writing his own Framework/CMS? It is considered best practice for learning purposes, but going through all the security stuff can be stressful and boring at the same time. That's where most devs start to contribute to big Open Source-projects like Typo3 or the Zend Framework, because they are already experienced working with it and yet evolving another system on the market or even getting people to contribute seems like an unachievable task. Instead of wasting his time on yet another ACL implementation, the developer is taking part in making a software become even better, no matter if he delivers new features, reports / fixes bugs or works on documentation (another, yet an often underestimated part of contribution). It is also worth noting that every single Blog-entry and every HowTo thats put on the web also is a great deal of contribution that helps the software spreading. Beginners articles are important to put on the web since every one of us had it's beginnings and these are the sort of articles where many people decide to either use the software for a certain project or not.

As you might see, this article is not only a guide on contributing bugfixes, but also I want to motivate you to just give it a try.

... on Zend Framework

Having spent almost a year at the IRC support channel, I can tell they're really fun guys to hang around with. Of course, the Framework itself developed into a great piece of software. I do not want to discuss the up or downsides of a use-at-will framework, neither I want to recommend it over {put your favourite software here}. But what I can talk about is a little summary of the support channel's chatlogs. The widely annouced channel (which is #zftalk on Freenode) includes all kinds of concerns. One kind of people finds bugs, the other do have really clever ideas on improvements, but when you ask them to contribute its all the same: they either think it takes years to get into it, the others think they might be "not good enough for this". We sure won't force or threaten people to contribute, but what I can do is taking the fear out of it and demystify the thing, so later you might see that its actually just a few minutes to spend. Let me just loose a few words to the latter ones before we get into it: You can't destroy anything, and every idea of yours can also lead to a great improvement either realted to your concern or in a completely different area. We're glad that you take your time, even if you are completely new to ZF. Some beginners concerns already caused developers to write guides and articles that are still around and are linked at times in #zftalk...

... on contributing to Zend Framework

Contributing any code to ZF requires signing the CLA, which is an agreement that both you have the right to share any code you supply, and that you will not patent that code. This is to ensure that the frameworks codebase remains business friendly, and free to use for everyone. In fact you have to actually sign a paper, having done this you can just scan and mail or fax it. This is an important step, and none of your code will be used in any official package unless you did this.

The next step will be reading the coding & subversion standards. If you already had a look at actual ZF components code you should be familiar with the standards. Once you took a short insight (you probably wont be able to just remember all of this at once), you can check out the official SVN repository. Notice, that you, even having signed the CLA and being confirmed, do not have commit rights. So you might now ask yourself how to contribute then? All magic is taking place in the bugtracker, ZF's official Jira. All bug tickets, additions and improvements are filed as tickets here. So if you find a bug, report it here, and soon there will be a discussion in the comments section of a ticket.

Mostly all of these people, being listed by their reallife names, are also to be found on different names in the support channel, so feel free to ask them any ticket-related stuff.

The code itself will be submitted as a patch file (svn diff > patchFile), and uploaded in the Jira-Ticket. This might also be done by people who do have commit rights, but one might not be sure how to fix a problem, or any question might be left. This method of code management then leaves it to the original package developer to decide whether a change should be made or it should be thought over again (might have side effects on other packages and so on).

The last yet very important point is unit tests. ZF makes heavy use of them and so should you. The best you can do is report bugs as failing tests with a short description, fix them with the code diff and then deliver them with working tests.

... in closing

As you might now see, once the problems and the contaminated areas are visible, you can pull out your armory and kill the bugs within minutes. The contribution of new packages for the ZF are made in the Wiki, filed as proposals that later get discussed by the community review team, but I might do another article about that one as its a not so trivial workflow. Whenever you fix a bug or deliver an improvement you will be listed on the official Jira´s Overview page of top contributors. Can you make it to the top? ZF´s bug hunting days are the place for many contributors to join the battle on a shirt, but you might also see that being an active contributor on an open source project might be a good point of interest on your CV.

Having run out of things to say, I want to call all the devs out there to give it a try. A short quote of Ben Scholzen (ZF Core developer): "I code whenever I feel like it": In closing, remember that neither having an account on JIRA nor Signing the CLA ties you in to any minimum commitment, and you can do as much or as little as you are comfortable with. Just pick the level which feels right for you.

MySQLnd Plugins: Writing a MySQL Query Logger in PHP

nospam@example.com (David Soria Parra) — Mon, 16 Aug 2010 14:50:00 +0200

During the development of an application, not all time is spent on writing code. A lot of time is spent on reading debug output, crawling through log files and firing up the debugger to figure out what the application does. While the debugger helps us to inspect details of a running application on a testing environment, logfiles are often the only indication of the origin of an error on a production system. In this blogpost I want to describe how to log SQL statements on an existing application without touching any existing line of code at all. We will use a new MySQLnd Extension developed at the Mayflower OpenSource Labs for that purpose.

As an example, I will use PHProjekt 6. The project is particularly suitable for demonstration purposes as it has a logging infrastructure for function calls, but does not log SQL statements.

Continue reading "MySQLnd Plugins: Writing a MySQL Query Logger in PHP"

PHP_CodeBrowser 0.9.0 is out

nospam@example.com (Simon Kohlmeyer) — Thu, 12 Aug 2010 16:12:02 +0200

PHP_CodeBrowser is a tool that creates good looking web pages from your code and annotates them with problems found by checkstyle, pmd and others.

We have covered the release of PHP_CodeBroser version 0.1.0-alpha some months ago, see this post. Now, we're proud to announce version 0.9.0-beta.

It features a neat interface that let you find errors even quicker, a clear commandline interface and much better performance, it's almost seven times faster than the 0.1.x release.

You can get it via pear, just do

pear channel-discover pear.phpunit.de

pear config-set preferred_state beta

pear install phpunit/PHP_CodeBrowser

or you can check out the from github, just visit http://github.com/mayflowergmbh/PHP_CodeBrowser or just try

git clone git://github.com/mayflowergmbh/PHP_CodeBrowser.git

Here are some pictures to give you an impression of what it looks like

This is the overview page

And this is how the real code browser looks like.