Posts tagged PHP
Behind the Scenes at OSNews
May 4th
I just started putting together a series of articles I will be publishing on OSNews. I’ve only roughly sketched it out, but in short, it’s going to discuss how OSNews works, how the PHP is structured, why we made certain architectural decisions, why we don’t use tried-and-true CMSes like WordPress, Slash, or Joomla!, and how, during peak traffic times, we have survived 30,000 unique visitors per hour on a single server. OSNews didn’t happen by mistake: over a series of months, arguably years, we took a constant read of performance, hits, server load, and usability with the mission to continually improve load time, performance, and UX. We’ve just recently begun testing some new data presentation methods that I intend to include in my little exposé.
If you’re interested in some revealing behind-the-scenes info, feel free to ask questions now.
Flip 3.0.1
Mar 31st
I never expected to release another version of my old weblog project Flip, but while searching my own name in a new search engine, I came upon several vulnerability reports for Flip 3.0. I’ve known about them for awhile now, but having dropped Flip in favor of another project (which I’ve since abandoned, for the most part, in favor of WordPress), it seemed pointless to bother. However, since there is an active exploit, I thought I’d release an update and a patch.
I don’t believe anyone out there is still using Flip, but if there is, this is how to defeat the script: simple add this line at line 102 of account.php:
if(strstr($_POST['em'],"][")) { die('Fail'); }
and this at line 162:
if(strstr($_POST['nem'],"][")) { die('Fail'); }
Alternatively, you can download the modified file here or download Flip 3.0.1 here.
It may sound odd, but I would highly recommend that you do *not* use this code. It’s now 7 years old and the web is a much different place. The code here is really not suited for running a website today. That said, it was odd to unzip and install it and see that it actually works. The rendering of most of the “themes” is weird (Fudge works great), but otherwise, everything worked.
If you are still a Flip user, I recommend you update your account.php page immediately, and if you have the time and inclination, upgrade to 3.0.1. The following files have some minor changes:
- account.php
- index.php
- inc/config.php
- README.html
Once again, this code is aged not particularly well suited for today’s web. If you want a simple weblog, I recommend WordPress.
Microsoft’s Web App Gallery FAIL
Mar 25th
Giving Microsoft, IIS, and PHP.exe the benefit of the doubt, I decided to try installing WordPress on Windows via Microsoft’s new Web Application Gallery. The install is simple and straightforward: install MySQL, go to the web app gallery, click on the download, choose what you want, poof! Done.
I got the first few steps knocked out, I selected WordPress, gave it my MySQL username and password, and let it go. It installed PHP for Windows, the MySQL connector, and WordPress. Then I launched my browser and pointed to http://localhost:81 and… no. Error 402. I monkeyed with the site in IIS and was able to generate an error that simply says: Parameter not found.
PHP is installed. IIS assicates .php files with PHP.exe. But Wordpress no worky.
Fail.
Posting Your Latest Tweet in Wordpress
Feb 19th
Although I posted yesterday how to add your latest tweet to Wordpress without a plugin, I made several changes to the script before I posted it to make it more “generic” and re-usable. Since I’ve changed it quite a bit, I decided to repost it. This new script also autolinks @usernames and #hash tags.
Directions are this easy: set the path of $tw_File with a static, writable file. Set $tw_userid to your Twitter user id. Done.
How to Add Latest Tweet to Wordpress (Without a Plugin)
Feb 18th
I decided to add my latest “tweet” from Twitter to the sidebar of my Wordpress blog. Rather than use yet another plugin that adds yet another hook – and there are many that do this with lots of code, I decided to use a homegrown solution, dependant only on PHP4+ and cURL (most webhosts already have cURL compiled in, if not, you should request it). Adding the following to any of the files in your Wordpress theme will print out your current Twitter status and cache the results so you don’t hammer their system.
First, snag your Twitter user id. Then, open up your theme file. I put mine in sidebar.php found in /wp-content/themes/<THEMENAME>/. Use the below code. If you want the output wrapped in a list, you would need to put <ul> and <li> tags around this code.
Carefully set your variables. The cache file should be writable. Note that you can use a decimal value for $tw_BlankAfter and $tw_Minutes if necessary. That’s it.
Due to what must be a bug in Wordpress, please ignore the closing “</text></created_at>” at the end of this post. It’s trying be smart and “fix” broken tags, but the code is right.
NOTE (2/20/09): I have updated the below code. The new version can be found at “Posting Your Latest Tweet in Wordpress“.
/* ~~~~ Custom Twitter Bit ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */ /* ~~~~ Adam S, firsttube.com, twitter @sethadam1 ~~~~~~~~~~~~~~~~~~~~ */ $tw_File = '/path/to/a/static/writable/file/twitter.html'; $tw_Userid='XXXXXXX'; //set to your Twitter user id $tw_BlankAfter = 30; //blank out status if it's older than this many days $tw_Minutes = 10; //minutes between reloads $tw_Offset = FALSE; //leave as is // uncomment below time if you want to allow a manual reset via ?twitter-reset // if($_SERVER['QUERY_STRING']=='twitter-reset') { $tw_Offset=0; } /* Do not edit below this line */ if(filemtime($tw_File)>time()-floatval($tw_Offset)) { include $tw_File; } else { if(is_writable($tw_File)) { $tw_iswritable=1; } $tw_time = (86400*floatval($tw_BlankAfter)); if($tw_Offset) { $tw_time=$tw_Offset; } $tw_hyperlinks = true; $tw_c = curl_init(); curl_setopt($tw_c, CURLOPT_URL, "http://twitter.com/statuses/user_timeline/" .intval($tw_Userid).".xml"); curl_setopt($tw_c, CURLOPT_RETURNTRANSFER, 1); $tw_src = curl_exec($tw_c); curl_close($tw_c); preg_match('/(.*)< \/created_at>/', $tw_src, $tw_d); if(strtotime($tw_d[1]) > time()-$tw_time) { preg_match('/(.*)< \/text>/', $tw_src, $tw_m); $tw_status = htmlentities(str_replace("&","&",$tw_m[1])); if( $tw_hyperlinks ) { $tw_status = ereg_replace( "[[:alpha:]]+://[^<>[:space:]]+[[:alnum:]/]", "<a href="\">\\0</a>", $tw_status); } $tw_output = $tw_status; } else { if($tw_iswritable==1) {file_put_contents($tw_File,''); } } if($tw_iswritable==1) { file_put_contents($tw_File,$tw_output); } echo $tw_output; } /* ~~~ /Custom Twitter Bit ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
Please note that portions of this code come from the twtter_status() function that was not written by me, but is available from various sources online.
Update: Removed function and put code inline.
Sorting a Multi-Dimensional Array with PHP
Jan 16th
Every so often I find myself with a multidimensional array that I want to sort by a value in a sub-array. I have an array that might look like this:
//an array of some songs I like $songs = array( '1' => array('artist'=>'The Smashing Pumpkins', 'songname'=>'Soma'), '2' => array('artist'=>'The Decemberists', 'songname'=>'The Island'), '3' => array('artist'=>'Fleetwood Mac', 'songname' =>'Second-hand News') );
The problem is thus: I’d like to echo out the songs I like in the format “Songname (Artist),” and I’d like to do it alphabetically by artist. PHP provides many functions for sorting arrays, but none will work here. ksort() will allow me to sort by key, but the keys in the $songs array are irrelevant. asort() allows me to sort and preserves keys, but it will sort $songs by the value of each element, which is also useless, since the value of each is “array()”. usort() is another possible candidate and can do multi-dimensional sorting, but it involves building a callback function and is often pretty long-winded. Even the examples in the PHP docs references specific keys.
So I developed a quick function to sort by the value of a key in a sub-array. Please note this version does a case-insensitive sort. See subval_sort() below.
function subval_sort($a,$subkey) { foreach($a as $k=>$v) { $b[$k] = strtolower($v[$subkey]); } asort($b); foreach($b as $key=>$val) { $c[] = $a[$key]; } return $c; }
To use it on the above, I would simply type:
$songs = subval_sort($songs,'artist'); print_r($songs);
This is what you should expect see:
Array ( [0] => Array ( [artist] => Fleetwood Mac [song] => Second-hand News ) [1] => Array ( [artist] => The Decemberists [song] => The Island ) [2] => Array ( [artist] => The Smashing Pumpkins [song] => Cherub Rock ) )
The songs, sorted by artist.
WordPress 2.7 RC1
Dec 2nd
I just downloaded and installed WordPress 2.7 RC1. The upgrade took about 3 minutes, end to end, and the “several moments” database upgrade took less than 2 seconds. All in the all, there’s very little to notice on the front end that is different, I haven’t been able to test comment threading yet. However, the new admin site is really nice looking. The Dashboard is a HUGE improvement over the <2.7 series.
Themes were entirely unbroken. Upgrading firsttube.com may be a bit more of a challenge since I’ve manually changed a few fore WordPress files, which may prevent in place automatic upgrades. However, all in all, I think the 2.7 release is looking really great.
When 2.7 final is released, I expect to be updating my live site pretty quickly.
PHP Weirdness
Aug 14th
Beware: this post is definitely not for the feint of heart. It includes a lot of code. You have been warned.
I wrote an application some time ago for my company that looks up the longitude and latitude of an address for use in our geocoding initiative. It relied on yahoo_geo(), a function written by PHP creator Rasmus Lerdorf and the Yahoo Maps API. It was largely dependent on this function:
function yahoo_geo($location) { $q = 'http://api.local.yahoo.com/MapsService/V1/geocode?appid=rlerdorf&location=' .rawurlencode($location); $tmp = '/tmp/yws_geo_'.md5($q); request_cache($q, $tmp, 43200); libxml_use_internal_errors(true); $xml = simplexml_load_file($tmp); $ret['precision'] = (string)$xml->Result['precision']; foreach($xml->Result->children() as $key=>$val) { if(strlen($val)) $ret[(string)$key] = (string)$val; } return $ret; }
This function worked for over two years for us with no problems at all. Then suddenly, in the last month, it started getting spotty. I fixed things by commenting out the caching parts of the function and forcing each execution to run again. Then I got errors about the libxml_use_internal_errors() function, so I commented that out. But today, the function just flat out failed, every single time returning the same error:
Warning: file_get_contents(http://XXXXXXXXXX/XXX) [function.file-get-contents]: failed to open stream: HTTP request failed! in /home/intranet/html/fetch.php on line X
What the heck? This code is all over the web. I’ve tried a million permutations of this function, including using fopen() and ob_get_contents(), and none have worked. And most frustratingly, I could load the URL successfully in Lynx and eLinks, so the machine could quickly and easily fetch the URL.
So I ventured into a sandbox I’ve never really played before: cURL. cURL is an interesting animal. But the interesting thing is, once I got it working, it worked faster than ever! So, without further ado, here is the new and improved yahoo_geo() function:
function yahoo_geo($location) { $q = 'http://api.local.yahoo.com/MapsService/V1/geocode?appid=rlerdorf&location='.urlencode(trim($location)); $ch = curl_init($q); curl_setopt($ch, CURLOPT_HEADER, 0); ob_start(); curl_exec($ch); $stream = ob_get_contents(); ob_end_clean(); if($stream) { $xml = simplexml_load_string($stream); $ret['precision'] = (string)$xml->Result['precision']; if($xml) { foreach($xml->Result->children() as $key=>$val) { if(strlen($val)) $ret[(string)$key] = (string)$val; } } curl_close($ch); return $ret; } else { return FALSE; } }
Note: If you’re reproducing these functions elsewhere, be careful – WordPress may have converted the quotes into smart quotes that will need to be fixed before this script will run properly.
OSNews vs. WordPress
Aug 13th
I’ve spent quite a bit of time, over the last 5 or 6 days, diving into WordPress and learning what makes it tick. Parts of WordPress are really impressive – just flat out cool. The way some of it works is fairly complex and deciphering it sometimes means reading page after page after page to understand an entire routine. But sometimes, when you finally see, end to end, how something in WordPress works – I mean really see individual bits of the engine – you have to admit it teaches you a little about PHP. WordPress, underneath it all, is a pretty big beast and its strength and ubiquitous presence comes largely, I think, from the fact that it can do virtually anything. The really sweet plugin system, the ways hooks work, “The Loop,” the dynamic options panel – it’s all very educational.
The interesting thing here is that I’ve browsed the source of Slash, Scoop, phpNuke, and now WordPress, and all of them are definitively more complex and much heavier than the entire OSNews codebase. Now, before you jump all over me – firstly, Slash and Scoop are Perl, and I don’t really read Perl, so I can’t speak as an expert there. Secondly, WordPress and Nuke both are very portable and dynamic, whereas OSNews has a narrow focus and, location-wise, is very static. But that aside, OSNews has withstood simultaneous link bombs from Slashdot and Digg. As amazing as WordPress is, it’s mostly amazing that it functions at all and loads in less than 2 minutes per page with as much going on as I can see behind the scenes. That’s not a cut on WordPress, by the way.
In fact, if anything , what is really impressed upon me is how smooth and simple OSNews code is, if I may be so bold. OSNews runs superfast due, in part, to lots of creative caching, some on-demand, some via cron. But it also does so because of highly efficient queries that are measured for speed on their JOINs, meaning in some cases, it’s faster to do 20 simple queries than one complex one, or build a long and scary chain of “OR x=a OR x=b OR x=c OR x=d…” Watching WordPress code in action is really fun for me, but watching OSNews work knowing what I now know about how much work PHP can cram into its threads is even more fun.