Secure Password Authentication

If you’re running a web service where your users have to authenticate, one of your options will probably be the classic password authentication. The user provides a term that uniquely identifies it, probably a user name or an email address, and a secret only known by the two involved parties, your service and the user. By presenting the correct secret both parties agreed upon when the user account was created, the user can prove his identity to the web service. Weiterlesen

Performant Handling of Excel Files in PHP

When you look at Excel solutions for PHP, the first thing you find is PHPExcel, digging a little bit further lets you find libXl. The prior is a pure PHP solution, the latter a native library for a couple of operating systems. There is a PHP extension that exposes this library to PHP, so you can do the same things with it that you can do with PHPExcel.

TL;DR: PHPExcel is nice, libXl with php_excel can do the same WAY faster. Use the Diagrams below to convince your customer/boss/CFO to invest in performance.

Weiterlesen

git rebase vs git merge

I am working now with git for about 1 year. The question when to use a git rebase and when to use a git merge always lead to confusion for me. To clarify this I want to show you what a git rebase really is, what advantages we can leverage from it and how to use it safely. Weiterlesen

beyond tellerrand / btconf 2014

It was the month of may – it was btconf time! Lucky me: I was able to attend this years beyond tellerrand conference in Dusseldorf again. It was for the fourth time Marc Thiele hosted this curated web conference and again, he managed to have really famous speakers on stage:

Weiterlesen

Salt and Pepper — Running native code within the browser with Google Native Client

When the web started off in 1989 at CERN, it was just a collection of static HTML documents, the first browsers were little more than document viewers, and computing still happend largely on big servers connected to many thin-client workstations. Much has changed over the last 20 years. Computing has moved from a the server-terminal model to the personal computers we know, and as web browsers are rapidly transforming from document viewers into sandboxed Javascript runtime environments, something amazing is happening: computing is moving back to a client-server model, with servers located in the cloud serving web applications running in the browser sandbox.

With browsers transforming into target platforms for general application development, there comes a desire for software running at near-native speed, something which a highly dynamic language like Javascript still has a hard time to deliver (even though Javascript runtimes have improved speed tremendously over the last years). It is not surprising that Google has come up with their own answer to this problem: Google native client (NaCl) allows native C/C++ code to be compiled to run directly in the browser and has been part of Chrome since version 14 (November 2011). In this blog post, I’ll take a closer look at this technology and explore how it works. Weiterlesen

Enslaving eZ Publish

Web applications of all sizes rarely come without the need for editable text content. Implementing a complete content editing solution might yet be still oversized. So why not make use of one of the better known content management solutions available to the open source community – eZ Publish?

As a full blown content management system, eZ Publish does not only supply a quite powerful content repository, but also an ideally tailored content editor that supports all relevant features such as content versioning, publishing workflow or roles and permissions management.
Weiterlesen

Testing your ExtJS 3.4 components with Jasmine

Developing your own ExtJS components for your application is more fun and results into more resilient code if you write them hand-in-hand with test code. A solid test basis can also facilitate the task of refactoring your software.

Although, test driven development is easy for javascript code, how can ExtJS 3.4 components be tested? Which parts of our components should be tested to accomplish a successful refactoring?
Weiterlesen

Gaming the game: Using Selenium to automate playing

An online acquaintance described it like this:

„You build your tool to reduce grinding. After a while, building the tool becomes a game in itself. One where you make the rules“

Multiplayer online games nowadays heavily rely on small repetitive tasks to regulate the pace in which you proceed in your competition with other players. Duel a player once and win to earn a point. You have enough energy to duel 10 times. Then you have to wait to regain your energy. If the designer did a good job, it’s fun at first. After a while it gets boring, but you have to do it to compete.
Weiterlesen

A sane architecture for Android apps

Building native Android apps is fairly simple: just throw some Java code together, add some XML to it and there you have it: a cool new Android app. But also sadly in most cases an unmaintainable Android app in the long run.

For many developers this seems to be just fine but I often asked myself why the code I wrote got more and more messy with every feature I added. I refactored a lot of the code step by step but it still felt very ugly.

Weiterlesen

Pimp my Backbone.View (by replacing it with React)

I’ve been using Backbone.js in a couple of projects now and my feelings about it are quite diverse. On the one hand, I like how it provides you with guidelines on how to structure your frontend code. Although splitting model and view is a very basic idea in software development, it also is very powerful. Backbone.js is of great help by providing collections which aggregate model instances and by being able to sync these models with a server via RESTful APIs. On the other hand, it always (and I hope that it’s not just me) seems to be a pain in the b*** to figure out the best way to implement a proper view lifecycle and to keep track of all registered event handlers. If you aren’t careful when removing or even just re-rendering views, you can seriously mess up event handling and prevent proper garbage collection. If you are just a little sloppy, this leads to a slow frontend with an always increasing memory footprint.
I’m not saying that Backbone.js is bad in handling UI events, just that you have to care about too many things that are common to most web applications. This article describes an alternative to the Backbone.View component.

Weiterlesen