Jump to content

redbullmarky

Staff Alumni
  • Posts

    2,863
  • Joined

  • Last visited

    Never

Everything posted by redbullmarky

  1. http://pear.php.net/manual/en/introduction.php
  2. again, i'm not sure, but i believe from a cake point of view, controllers within controllers are referred to as components. i use the equivalent's in my own framework to handle things like blogs, articles, message boards, etc so i can keep the main controllers a bit more manageable and more app-specific
  3. i'm not totally sure. i can't remember whether it's cake or CI that has a benchmark which logs the time at each intersection. failing that, if you really wanna find out, you'll need to be looking at the dispatcher (dispatcher.php) as it's that file that's responsible for handling the initial request, firing up the controller (including loading its dependencies/models, etc) and handling the final view. there's an article listed under 'resources' at the top of the app design forum that looks closely at the dispatcher if you get stuck.
  4. Hi All I'm tying up the lose ends of a pretty ambitious project, however I'm getting a little bit stuck dealing with permissions. The framework i'm building the site on is very similar to Cake in terms of its MVC structure, if that helps with the answer. Now - in terms of content, I'll just use Articles and Blogs for the example. Both are two totally seperate items, yet what they have in common is a 'created_by' (corresponding to the user id of the author) and a 'publish' flag, to determine whether it's live on the site. I have a simple list of permissions: define('GP_VIEW', 1); // can view content define('GP_ADD', 2); // can add new content define('GP_EDIT_OWN', 4); // can edit, but only if $_SESSION equates to created_by define('GP_DELETE_OWN', ; // can delete own, as above define('GP_EDIT', 16); // can edit any define('GP_DELETE', 32); // can delete any define('GP_ALL', 2047); i have 4 main methods for Articles and Blogs - list, view, edit and delete. at the moment, each of these methods checks permissions individually - e.g, in my edit methods, something similar to: <?php if (!$this->checkPerm(GP_EDIT) && !($this->checkPerm(GP_EDIT_OWN) && $_SESSION['user']['id'] == $article['created_by'])) { echo 'you cant do this' } ?> in my list methods, an article/blog is ONLY listed if a) it's published OR b) it belongs to the current user. My question - this seems a bit of a long winded approach and alot of duplicate code, lots of if's and else's, etc. Does anyone have any other methods they use when dealing with content in a multi-user environment? Would you recommend any ways of embedding a permission system INTO the actual CRUD methods, rather than doing the permission system before calling them? ie, like filters? Cheers
  5. i'm not dismissing the results, but I've noticed a vast difference getting a large, properly structured site ticking along nicely compared to doing 'hello world' and <? for ($i = 0; $i < 100000000; $i++) type tests. By their nature (ie, being a framework with lots of bells and whistles), I've found CMS's like Drupal, etc, much slower still - however, there are plenty of tried and tested examples (some huge sites) that chug along quite happily on these, with no REAL noticable difference to the user. What you'll find though is that many of these frameworks are also "one size fits all" type things, designed to be useful to any coder. If you get to know the Cake or CI source well enough, you'll soon realise that there's stuff that's included in the core that never gets used and can be removed. Also, like he states, the use of proper caching can bypass all of this bulk anyway. I personally based my own framework on Cake/CI, based on what I liked and didnt like. It does exactly the same as both of them, has all the bells and whistles I need (or will probably ever need) yet is only a fraction of the size. I am a believer that if you want to use a framework, you really should know what it's doing and get under the bonnet properly. Once you've done this, you should find it easy enough to remove some of the unnecessary bulk that you dont need. Take the results on board, be aware of what might be causing the issues, etc - but be aware also that there are thousands of high traffic, popular sites out there built on some of these frameworks and CMS's without issue.
  6. [quote author=ted_chou12 link=topic=119164.msg535258#msg535258 date=1172083554] my imagenary friend taught me, does that count as self taught? ??? Ted [/quote] no. it just means you should phone a friend and go to the pub or ride a bike or something.
  7. fair comment. topic split....
  8. grammatic is not a word. the word you're looking for is "carrots".
  9. i normal say "owns" (in my head of course). not cos i'm some sort of 10 year old gaming txt spkr, but because that's how i kinda got to understand it. $this->that (this owns that, or that belongs to this) $b->a (b owns a, or a belongs to b)
  10. ??? for some reason, clicking on them once or twice doesnt work for me. maybe someone else could try it and tell me if it works? ahhhh dont worry about that. it has two three special filters. 1, if you're at work, the "www.HowToImpressYourBossAndMakeHimOrHerRich.com" appears instead. 2, if you're a female, the Kate Winslet pic is replaced with Brad Pitt 3, [new!!] if you actually bothered to click on the link in number one above, then you missed the point and should be fired anyway. ;D
  11. IMO, those adverts are the fantastic. Some are just hilarious, some are pretty usefull. Either way, I like to have a look myself. Google ads generally suck very bad and just ruin things - but these ones are genious. However - if you don't like them, they're easily disposed of permanently by triple-clicking the ad quickly. Not only do they disappear, but a picture of Kate Winslet naked appears in its place. Honest! ;D ;D
  12. yep. http://www.youtube.com/watch?v=u1VEY7ndKCs
  13. haha i just had to go looking.... http://www.youtube.com/watch?v=RQymblxjjH8
  14. all that rolling in one day. i'd have puked.
  15. ok maybe not the best examples of people - apart from Branson who started from scratch - but my point still stands. There's countless examples of rags to riches types, too. Again, maybe it varies from country to country how the recruitment methods work - personally, I've placed both qualified and unqualified people into jobs based on their experience, both inside AND out of the IT industry. It also depends much on the size of the company. Larger companies can tend to afford support and training schemes or can afford to at least allow day release to study. "Investment in People" accreditation goes a long way with many companies to attract good people. Smaller companies who can't afford the gamble of taking someone who might not be able to hit the ground running tend to just stick to only the qualified. TBH, it's one of those "this vs. that" arguments that's always gonna come with some bias. Degree holders will swear by a degree. Non-degree holders will swear by not having one if they've done alright. Still.
  16. you'll need to check 'short_open_tag' in your php.ini file.
  17. no. imagine you have a query like this: <?php $query = "SELECT * FROM users WHERE username = '{$_POST['username']}' AND password = MD5('{$_POST['password']}')"; ?> now - imagine if someone put something in the username field that a) caused the first condition (the username check) to be true, and b) the password check to be ignored, so you'd end up with a query such as: <?php $query = "SELECT * FROM users WHERE username = 'admin'; # everything after here is ignored"; ?> and voila - you're in! more experienced people could even get your query into something like: what mysql_real_escape_string will do is to 'escape' stuff like quotes, etc, by prepending backslashes to them, so they can't "affect" your queries in ways that you would prefer not to have. there's a few rules of thumb, in my book at least: 1) NEVER trust input from a user, be it $_GET, $_POST or $_COOKIE. assume EVERYONE is trying to get into your site with nasty input. 2) always validate the input to make sure it meets the criteria. 3) ALWAYS clean up $_GET / $_POST / $_COOKIE data before either using them to interrogate a database or displaying them to the screen. the manual entry for mysql_real_escape_string does go into some detail about stuff like this, and a simple Google search as i pointed out before will open your eyes to prevent all sorts of stuff that you dont want. I've been on the recieving end. Trust me, it's not nice.
  18. **uh oh i'm feeling all philosphical** Your life is what you make of it. Whatever you put in, eventually you'll get out, regardless of the methods and tools you use along the way. Bill Gates does not have a degree. Richard Branson does not have a degree. Steve Jobs does not have a degree. All they did was do what most of the world just arent prepared to do.
  19. with code like this: <?php if (isset($_GET['type'])){ $query = "Select * FROM Posting WHERE type='$_GET[type]'";} else { $query = "Select * FROM Posting WHERE subtype='$_GET[subtype]'";} ?> you're asking for trouble. basically you're taking input directly from the URI and directly throwing it into a query. take a look at mysql_real_escape_string and Google up on "SQL Injection" <?php if (isset($_GET['type'])) { $type = mysql_real_escape_string($_GET['type']; $query = "SELECT * FROM Posting WHERE type='$type'"; ... etc... } else { $subtype = mysql_real_escape_string($_GET['subtype']); ... etc ... } ?>
  20. i'd actually say that maybe the "necessity" varies from place to place, as I agree with my fellow Brit SemiApocalyptic on this one. Maybe your boss is telling you that a degree is a waste as it generally costs more for qualified people (some companies have grading/payment scales that dictate beforehand what a qualified/unqualified person gets). I dont wanna turn it into a salary showcase as I'm not one for discussing my finer details, but I got a job working for a recruitment company when I was 22. In all, I stayed there for 3 years, and I sailed out my last year there on £38,000 (about $75,000), yet I started off as a trainee and have no degree to my name. All it took was TONNES of hard work. So I'm not discrediting degrees and qualifications at all - they do help get the foot in the door, especially with regards to your Curriculum Vitae, but I personally believe that it's down to the individual and how hard they push.
  21. the question "how to capture a webpage snapshot automatically" does come up a fair bit - and from a little test I just tried, it does exactly that. impressive stuff!!!
  22. hmm listenable, but not fantastic. *puts music hat on* I like minor/major scales and pretty basic stuff. When a band tries to be innovative/funny/quirky/clever, etc, one of two things happen. a) they end up ridiculously big, like Queen, Radiohead, REM, etc. b) they die on their ass. It just doesnt strike up any happy or nostalgic or sad or anything in me. It's just music. When I turn on a song, I want it to make me dance around, get nostalgic, make me laugh, make me think, etc. Happy/Uplifting/DriveTime!!!: Vanessa Carlton - A Thousand Miles, Bryan Adams - Summer of 69, REM - Leave, Motorhead - Ace of Spades Neutral/Dreamy/Thoughtful: Smashing Pumkins - Mayonnaise, Led Zep - Bron Yr Aur, Simple Plan - Perfect Sad: Beth Orton - I Wish I'd never Saw the Sunshine (cover, but not sure who of), Radiohead - Fake Plastic Trees *takes music hat off* I dunno. I'm all up for giving bands a second chance and a second listen, but i'm very fussy about what clogs up my earholes these days. Either way - thanks for sharing it with us!
  23. some people like to do stuff like: include('header.php'), etc. but i tend to use an 'outer' template. If you've had experience with CakePHP or Rails, or possibly even dreamweaver templates, you'll know where i'm coming from - you have an "outer" file which contains all your doctype, css/js includes, and the "common" layout for your site. loadtovar is a bit like 'set', only instead of putting a value into a variable, it puts a parsed template into a variable. it's very rare you'll use a template system on a site and not want to put templates within templates. for example: <?php $tpl = new Template('/templates/'); $tpl->set('name', 'Cornholio'); $tpl->loadtovar('nav', 'navigation.tpl.php'); $tpl->loadtovar('content', 'index.tpl.php'); $out = $tpl->render(); echo $out; ?> master.tpl.php ...doctype, etc... <html> <head> ...js/css includes, etc </head> <body> <div id="wrapper"> <div id="header"> <img src="/images/logo.gif" alt="logo" /> </div> <div id="navigation"> <?=$nav ?> </div> <div id="content"> <?=$content ?> </div> <div id="footer"> Copyright 2007 etc etc </div> </div> </body> </html> navigation.tpl.php <ul> <li><a href="/">Home</a></li> <li><a href="/about/">About</a></li> </ul> index.tpl.php <h1>Home Page</h1> <p>Hello, I am the home page!</p> <p>I am <?=$name ?></p>
  24. Sounds like a case of 'EasilyBoredAndFrustrated' syndrome - some of the symtoms which can be found here If you have a specific goal (ie, an ebay type site) then you need to break it down into managable pieces. Having a goal with no knowledge of how to get there can be very frustrating and cause you to give up or lose track. But as your goal will probably have specific elements, you need to look up tutorials based on specific things. If I took a quick look at ebay and wanted to make a simple version, then i might look at: 1, user authentication / login scripts 2, shopping carts 3, paypal integration Obviously don't expect results overnight - as with everything, it takes time as well as much trial and error to get things the way you want - but it IS important to break it down so that you can see that your huge project is actually achievable. The tutorials on the main phpfreaks site may start you off. I've also come across various packages that support crafting your own auction sites, written in PHP. A handful of them are only a Google away. Good luck!
  25. something like: <head> <style type="text/css"> body { margin:0 auto; } #wrapper { width:80%; } </style> </head> <body> <div id="wrapper"> ... everything currently between the body tags goes here </div> </body>
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.