Skip to content

xPyrus community framework released by UniHelp e.V.

UniHelp e.V. - a registered student association in Magdeburg/Germany - announces the release of xPyrus, a framework for operating communities and document sharing platforms.

The framework is based on PHP 5 and PostgreSQL and has been running the students' community UniHelp.de (a platform for exchanging study-related documents and connecting students) in Magdeburg since 2002.

The entire framework is released under the GNU Affero General Public License v3 at http://www.xpyrus.org. A unix-based server is required for installation and use of all features, however, a hosting service can be provided by UniHelp e.V. on request, especially for student organizations.

The press release can be found at:
UniHelp Blogs - Press release

Further information can be found at:
- Homepage of the framework: http://www.xpyrus.org
- Reference application: http://magdeburg.unihelp.de
- Homepage of the publisher: http://magdeburg.unihelp.de/imprint
  • Twitter
  • Bookmark xPyrus community framework released by UniHelp e.V. at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg xPyrus community framework released by UniHelp e.V.
  • Bloglines xPyrus community framework released by UniHelp e.V.
  • Technorati xPyrus community framework released by UniHelp e.V.
  • Fark this: xPyrus community framework released by UniHelp e.V.
  • Bookmark xPyrus community framework released by UniHelp e.V. at YahooMyWeb
  • Bookmark xPyrus community framework released by UniHelp e.V. at Furl.net
  • Bookmark xPyrus community framework released by UniHelp e.V. at reddit.com
  • Bookmark xPyrus community framework released by UniHelp e.V. at blinklist.com
  • Bookmark xPyrus community framework released by UniHelp e.V. at Spurl.net
  • Bookmark xPyrus community framework released by UniHelp e.V. at Simpy.com
  • Bookmark xPyrus community framework released by UniHelp e.V. at blogmarks
  • Bookmark xPyrus community framework released by UniHelp e.V. with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca

Manage Serendipity installations with Spartacus

I have to manage some Serendipity (s9y) installations. Only one of them is my personal blog, the others are customer installations, all on different servers. Apart from new serendipity versions there's also the problem with updated plugins. How can one know about available updates without opening each blog in a browser window, open administration, select "Configure Plugins" and check for new sidebar and event plugins?

Continue reading "Manage Serendipity installations with Spartacus"
  • Twitter
  • Bookmark Manage Serendipity installations with Spartacus at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg Manage Serendipity installations with Spartacus
  • Bloglines Manage Serendipity installations with Spartacus
  • Technorati Manage Serendipity installations with Spartacus
  • Fark this: Manage Serendipity installations with Spartacus
  • Bookmark Manage Serendipity installations with Spartacus at YahooMyWeb
  • Bookmark Manage Serendipity installations with Spartacus at Furl.net
  • Bookmark Manage Serendipity installations with Spartacus at reddit.com
  • Bookmark Manage Serendipity installations with Spartacus at blinklist.com
  • Bookmark Manage Serendipity installations with Spartacus at Spurl.net
  • Bookmark Manage Serendipity installations with Spartacus at Simpy.com
  • Bookmark Manage Serendipity installations with Spartacus at blogmarks
  • Bookmark Manage Serendipity installations with Spartacus with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca

Stupid open_basedir handling in PHP

I have an application which has to run on different webservers (or to be more specific on servers with a different directory layout). On one server the php files are in /usr/home, the next one is using /www, the third one /var/www and last but not least my laptop has the files in my home directory which is below /home.

No problem - or?

Since we want a bit security, we have open_basedir activated. Now the script has to check if a specific directory exists. I added this directory name to the open_basedir settings on all webservers. But surprise PHP tries to be intelligent. On servers where the specific directory does not exist, PHP removes the directory name from the open_basedir directory list (note: this cost another stat() call on startup).

You imagine what comes next? Now the is_dir() call on this server fails, because of an "open_basedir restriction in effect" error.

*grrr*

  • Twitter
  • Bookmark Stupid open_basedir handling in PHP at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg Stupid open_basedir handling in PHP
  • Bloglines Stupid open_basedir handling in PHP
  • Technorati Stupid open_basedir handling in PHP
  • Fark this: Stupid open_basedir handling in PHP
  • Bookmark Stupid open_basedir handling in PHP at YahooMyWeb
  • Bookmark Stupid open_basedir handling in PHP at Furl.net
  • Bookmark Stupid open_basedir handling in PHP at reddit.com
  • Bookmark Stupid open_basedir handling in PHP at blinklist.com
  • Bookmark Stupid open_basedir handling in PHP at Spurl.net
  • Bookmark Stupid open_basedir handling in PHP at Simpy.com
  • Bookmark Stupid open_basedir handling in PHP at blogmarks
  • Bookmark Stupid open_basedir handling in PHP with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca

BOOLEAN datatype with PHP-compatible output

If you use pure PHP (no database abstraction layer) with PostgreSQL, you may run into the problem that your BOOLEAN columns are not recognized by PHP but the value is instead returned as a string. So any code like:

if (!$boolean)

always returns true because the 't' and 'f' are just strings in PHP.

Other programming languages like Perl, Python or Java and even the newer PHP PDO don't have this problem so it's clearly a PHP issue ... but i don't expect this one to be fixed, because this may break a lot existing applications. The column type information is available in the query result information so normally this should not be a big problem.

How to resolve this problem? There are some possibilities, one simple way would be to just use a SMALLINT instead a BOOLEAN but with the disadvantage that you loose the boolean input values. Another way is to create a new BOOLEAN type and change the output to something PHP-compatible. This new type is binary compatible with the existing BOOLEAN type so casts in either way are not a problem.

Note: i asked around, but it seems, there is no easy solution which does not require updates in the PHP or SQL code. Any workaround like explicit casts to integer are error-prone and you cannot easily find out, because your application will work, but in a wrong way.

Continue reading "BOOLEAN datatype with PHP-compatible output"
  • Twitter
  • Bookmark BOOLEAN datatype with PHP-compatible output at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg BOOLEAN datatype with PHP-compatible output
  • Bloglines BOOLEAN datatype with PHP-compatible output
  • Technorati BOOLEAN datatype with PHP-compatible output
  • Fark this: BOOLEAN datatype with PHP-compatible output
  • Bookmark BOOLEAN datatype with PHP-compatible output at YahooMyWeb
  • Bookmark BOOLEAN datatype with PHP-compatible output at Furl.net
  • Bookmark BOOLEAN datatype with PHP-compatible output at reddit.com
  • Bookmark BOOLEAN datatype with PHP-compatible output at blinklist.com
  • Bookmark BOOLEAN datatype with PHP-compatible output at Spurl.net
  • Bookmark BOOLEAN datatype with PHP-compatible output at Simpy.com
  • Bookmark BOOLEAN datatype with PHP-compatible output at blogmarks
  • Bookmark BOOLEAN datatype with PHP-compatible output with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca

UBERWACH plugin for serendipity

Maybe you already noted the small surveillance camera in the menu list on the right side. Hopefully the icon is green, that would be good for you. If it's red your request comes from an ip-address known for being allocated by a german ministry or political party. Thats nice to know, isn't it?


More details about the icon and the project behind can be found at http://www.uberwach.de/.


If you are running a Serendipity blog and want to show this icon, i wrote a small plugin. You can get it from: http://base.wars-nicht.de/projects/serendipity/. Unpack the zip archive, copy the contained directory into your blog plugin directory and check the "Configure plugins" link in the admin menu. The new plugin should be available in the list for the sidebar plugins. Have fun!


  • Twitter
  • Bookmark UBERWACH plugin for serendipity at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg UBERWACH plugin for serendipity
  • Bloglines UBERWACH plugin for serendipity
  • Technorati UBERWACH plugin for serendipity
  • Fark this: UBERWACH plugin for serendipity
  • Bookmark UBERWACH plugin for serendipity at YahooMyWeb
  • Bookmark UBERWACH plugin for serendipity at Furl.net
  • Bookmark UBERWACH plugin for serendipity at reddit.com
  • Bookmark UBERWACH plugin for serendipity at blinklist.com
  • Bookmark UBERWACH plugin for serendipity at Spurl.net
  • Bookmark UBERWACH plugin for serendipity at Simpy.com
  • Bookmark UBERWACH plugin for serendipity at blogmarks
  • Bookmark UBERWACH plugin for serendipity with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca

PHP and version numbers

I just updated my local mirror of different documentations so i always have docs at hand, even if i'm working offline. So i went to the php.net website and then to the docs. Now try to find out, for which versions documentation is available ...

The only vaguely available clue is the date the documentation was built. There is no information, which versions are included and which not. Also no link pointing to older docs, not even for the 5.x releases. You have to use the "one size fits all" archive. Oh, thats really great work ...

  • Twitter
  • Bookmark PHP and version numbers at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg PHP and version numbers
  • Bloglines PHP and version numbers
  • Technorati PHP and version numbers
  • Fark this: PHP and version numbers
  • Bookmark PHP and version numbers at YahooMyWeb
  • Bookmark PHP and version numbers at Furl.net
  • Bookmark PHP and version numbers at reddit.com
  • Bookmark PHP and version numbers at blinklist.com
  • Bookmark PHP and version numbers at Spurl.net
  • Bookmark PHP and version numbers at Simpy.com
  • Bookmark PHP and version numbers at blogmarks
  • Bookmark PHP and version numbers with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca

Wenn ein Consultant programmiert ...

So etwas kommt dabei heraus, wenn ein Consultant sich am programmieren versucht:

----- cut -----

function ValidateLink($link) {

...

}

// später:

$url=call_user_func("ValidateLink",$url);

----- cut -----

Das man selbstdefinierte Funktionen auch ohne Umwege aufrufen kann, ist bis in diese Ebene noch nicht durchgedrungen, oder? Von solchen Konstrukten fanden sich (neben anderen Abscheulichkeiten) Hunderte Stellen im Code.

  • Twitter
  • Bookmark Wenn ein Consultant programmiert ... at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg Wenn ein Consultant programmiert ...
  • Bloglines Wenn ein Consultant programmiert ...
  • Technorati Wenn ein Consultant programmiert ...
  • Fark this: Wenn ein Consultant programmiert ...
  • Bookmark Wenn ein Consultant programmiert ... at YahooMyWeb
  • Bookmark Wenn ein Consultant programmiert ... at Furl.net
  • Bookmark Wenn ein Consultant programmiert ... at reddit.com
  • Bookmark Wenn ein Consultant programmiert ... at blinklist.com
  • Bookmark Wenn ein Consultant programmiert ... at Spurl.net
  • Bookmark Wenn ein Consultant programmiert ... at Simpy.com
  • Bookmark Wenn ein Consultant programmiert ... at blogmarks
  • Bookmark Wenn ein Consultant programmiert ... with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca

PHP und assoziative Arrays

Und wieder ein Grund zum Lästern: Es ist ja nicht so, das in PHP ein Array gleich einem Array behandelt wird, zumindest nicht, wenn das Array in der Session gespeichert wird. In diesem Fall muss sich der Key des Arrays an die Vorgaben für Variablennamen halten ... ansonsten wird das Array kommentarlos gelöscht, sobald das Script abgearbeitet ist. Wohlgemerkt, zur Laufzeit kann man auf jeden beliebigen Key zugreifen, die Daten werden erst beim Speichern gelöscht.

Warum? Eine weitere Krankheit aus der Zeit, als beliebige Daten noch global in den Namensraum eingeblendet wurden.

Es ist wohl an der Zeit, damit mal aufzuräumen oder das ganze zumindest konfigurierbar zu gestalten.

  • Twitter
  • Bookmark PHP und assoziative Arrays at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg PHP und assoziative Arrays
  • Bloglines PHP und assoziative Arrays
  • Technorati PHP und assoziative Arrays
  • Fark this: PHP und assoziative Arrays
  • Bookmark PHP und assoziative Arrays at YahooMyWeb
  • Bookmark PHP und assoziative Arrays at Furl.net
  • Bookmark PHP und assoziative Arrays at reddit.com
  • Bookmark PHP und assoziative Arrays at blinklist.com
  • Bookmark PHP und assoziative Arrays at Spurl.net
  • Bookmark PHP und assoziative Arrays at Simpy.com
  • Bookmark PHP und assoziative Arrays at blogmarks
  • Bookmark PHP und assoziative Arrays with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca

Rasmus Lerdorf is praising PHP ...

Rasmus Lerdorf, the creator of PHP, tells us (here), that the web is broken and "we" had damaged it. But there would be PHP, which can fix all the issues. Ok, let's see, what Rasmus has to tell us.

"You don't know that you have to filter user input" ... ohm, which programming language was it, who made the user input from web available in the global namespace without further action? Which programming language was it, who triggered myriads of bugs in any kind of webapplication because of this "feature" in the past, the present and even in the future although the register_globals option is disabled in recent php versions? It is clear, that no beginner knows about filtering of user input, if PHP makes any input available without further checking.

"The Web is pretty much broken, we can all go home now" ... oh, and who broke the web? Which programming language cannot accept points in variable names in the web input and instead does rewrite every point to a underscore? No way and no intention to fix such a horrible behaviour in current releases. Look here for more details, the part about "Dots in incoming variable names". Surely this happened because of the ugly register_globals "feature", but variables like $_REQUEST are a good place to hold the original input name.

"PHP5 includes all manner of functionality to help developers filter requests, to help prevent the broken Web." ... so it took 5 major releases and 11 years to create a software with adequate functionality? Beside this, the documentation part about "User Submitted Data" in the security section does ask you (the developer) 5 questions about the security of your program, but there is no further explanation, how PHP may help you to secure your application. No links, almost no comments, nothing. You have to go and learn the answers somewhere else.

"If you can fit your problem into what MySQL can handle it's very fast," Lerdorf said. "You can gain quite a bit of performance." ... of course, if i need a filesystem with a more structured access method than fopen/fread/fwrite/fclose, Mysql comes into my mind. If i need a real SQL database which stores my critical business data, than a standard Mysql is not an answer. If Rasmus talks about performance, he surely does not mean performance and integrity of your data. Or could you tell my, why PHP does not even support transactions in the feature-rich set of database functions?

If you switch from the standard (My)Isam tables to tables with transactions (like Innodb) to gain some safety for your data, then your performance advantage is gone and the timing results are comparable with the Postgresql database which is blamed here by Rasmus. But of course, full ACID support is available in the latter.

I could continue speaking about the problems PHP brought to the web, the security holes PHP brought to the average developer and administrator, the uneloquent approaches PHP brought with quick and dirty solutions and the excuses Rasmus brought to defend real problems out there, but the list could run almost endless.

  • Twitter
  • Bookmark Rasmus Lerdorf is praising PHP ... at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg Rasmus Lerdorf is praising PHP ...
  • Bloglines Rasmus Lerdorf is praising PHP ...
  • Technorati Rasmus Lerdorf is praising PHP ...
  • Fark this: Rasmus Lerdorf is praising PHP ...
  • Bookmark Rasmus Lerdorf is praising PHP ... at YahooMyWeb
  • Bookmark Rasmus Lerdorf is praising PHP ... at Furl.net
  • Bookmark Rasmus Lerdorf is praising PHP ... at reddit.com
  • Bookmark Rasmus Lerdorf is praising PHP ... at blinklist.com
  • Bookmark Rasmus Lerdorf is praising PHP ... at Spurl.net
  • Bookmark Rasmus Lerdorf is praising PHP ... at Simpy.com
  • Bookmark Rasmus Lerdorf is praising PHP ... at blogmarks
  • Bookmark Rasmus Lerdorf is praising PHP ... with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca

PHP does not need Transactions

Just stumbled about a curiosity: there are 82 functions in the current PostgreSQL part of PHP. Functions like pg_select(), which takes from you the burden of writing a "SELECT ... FROM tablename" or pg_delete(), pg_insert() and pg_update() which all does, what do you expect: select, delete, insert or update and make the error checking. There are even 7 different functions for getting your results back into PHP.

But there is no function for starting, committing or rolling back a transaction. It seems, the message about the usefulness of transaction has yet not reached the PHP developers. Not that i'm surprised, the standard PHP/MySQL user seems to have no need for transactions ...

  • Twitter
  • Bookmark PHP does not need Transactions at del.icio.us
  • Facebook
  • Google Bookmarks
  • FriendFeed
  • Digg PHP does not need Transactions
  • Bloglines PHP does not need Transactions
  • Technorati PHP does not need Transactions
  • Fark this: PHP does not need Transactions
  • Bookmark PHP does not need Transactions at YahooMyWeb
  • Bookmark PHP does not need Transactions at Furl.net
  • Bookmark PHP does not need Transactions at reddit.com
  • Bookmark PHP does not need Transactions at blinklist.com
  • Bookmark PHP does not need Transactions at Spurl.net
  • Bookmark PHP does not need Transactions at Simpy.com
  • Bookmark PHP does not need Transactions at blogmarks
  • Bookmark PHP does not need Transactions with wists
  • wong it!
  • Bookmark using any bookmark manager!
  • Stumble It!
  • Identi.ca