Archive

Archive for January, 2009

Symfony sfGuard - Setting up users,groups,permissions

January 11th, 2009

sfGuard is a Symfony plugin that implements a user management and login system for an application. It supports both groups and individual users… and it saves you from having to ‘roll your own’ user administration system. This guide assumes you have followed the steps given in the readme and that you now want to begin setting up users/permissions etc.

1. Create links in the backend menu to the user/group/permissions tables.

Edit apps/backend/templates/layout.php and add these items to the menu.

1
2
3
<li><?php echo link_to('Users', '@sf_guard_user') ?></li>
<li><?php echo link_to('Groups', '@sf_guard_group') ?></li>
<li><?php echo link_to('Permissions', '@sf_guard_permission') ?></li>

2. Create a login/logout link on the frontend.

Edit apps/frontend/templates/layout.php and add these items to the menu. (Notice the use of $sf_user in the templates.)

1
2
3
4
5
<?php if($sf_user->isAuthenticated()): ?>
   <ul><li><?php echo link_to('Logout', '/logout') ?></li></ul>
<?php else: ?>
   <ul><li><?php echo link_to('Login', '/login') ?></li></ul>
<?php endif; ?>

3. Create some users, groups, permissions

for us to play with using the backend. Create user->basicUser, group->basicGroup, permission->basicPermission. I will be using a basic setup where users always belong to a group and the group has permissions. I will not assigning permissions to individual users. therefore give basicGroup the basicPermission. and you will have something similar to this:

sfGuard user

sfGuard user

4. Restricting access to certain modules/actions

Similar to how I never set individual permissions for one user I make it standard that I only ever set permissions using credentials. ie. In the application I never restrict security dependent on user or group id only on permission/credentials. This allows greater flexibility in the future. Note sfGuard gets confusing to some people because many documents talk about credentials, well basically credentials are what is called in sfGuard permissions.

If we have a module called “question”, inside of apps/frontend/modules/question we create a config folder and a new security.yml. Inside of apps/frontend/modules/question/config/security.yml we would have

1
2
3
all:
    is_secure: on
    credentials: basicPermission

To set permissions on an action level we would have something similar to the following:

1
2
3
4
5
6
7
8
9
10
all:
    is_secure: on
    credentials: basicPermission
 
index:
    is_secure: off
 
new:
    is_secure: on
    credentials: basicPermission

Part 2 will detail setting up user registration

web development ,

How to setup a complete PHP development environment on windows

January 8th, 2009

Why to use an IDE

Code Completion

When you start to type a variable name or reference an object the IDE will present options that would autocomplete what your typing. It also presents the documentation saying which each parameter of a method call is. This is easiest to explain by showing you a picture:

Netbeans - Code Completion

Netbeans - Code Completion

Easy browsing

As you can see in the image, I have one pane for browsing files, one pane for browsing methods. The central pane showing the code is coloured to tell you which words are variables, functions, constants etc. Notice also that you have multiple files open in tabs like firefox. So I can now browse easily through directories/methods and recently opened files. very Handy.

Netbeans PHP Support

Netbeans PHP Support

No more echo debug_var

Why waste time echo’ing some variables, XDEBUG allows you to select a line that your interested in, the program will then stop running at that point and you can step through the code line by line and watch as each variable changes to see where the problem is.

The Setup

Download and install Netbeans 6.5 for PHP

Take advantage of syntactic and semantic code highlighting, pop-up documentation, code formating and folding, instant rename, code templates, and automatic code completion (including bracket completion) for PHP. The Editor recognizes PHP code including heredoc notation in PHP projects and in PHTML and PHP files.

Download and install MySQL GUI Tools

Never type “Select * from …” again. With simple clicking you can create/edit/drop/select tables. Far easier and quicker. You might also want to check out mysql workbench on the same site.

mysql-gui-tools

mysql-gui-tools

OPTIONAL install Subversion

If only working indiviually the versioning provided internally by netbeans may be sufficient otherwise checkout installing subversion and tortoise SVN. This allows you to save your project at different points. Later if you find out something has broken, you can revert to any earlier date. But thats the simplest method it offers. You can look back at one particular file and see which lines changed on what date. In a team environment this is essential for seeing who changed what files.

Download and install WAMP

WampServer is a Windows web development environment. It allows you to create web applications with Apache, PHP and the MySQL database. It also comes with PHPMyAdmin and SQLiteManager to easily manage your databases.

Environment setting

At times we will need to call PHP or MySQL from the command line to do this we have to setup the PATH environment. Right-click on My Computer, than Properties. Switch to Advanced tab and click the Environment Variables button. At the end of variable PATH add “;C:\wamp\bin\php\php5.2.6;C:\wamp\bin\mysql\mysql5.0.45\bin” (note separated by a semicolon). These paths may be slightly different depending on your version, Have a browse.

XDebug

Download the .dll from XDebug website (last time I checked it was on right hand menu, under windows modules). Save the file “php_xdebug-2.0.3-5.1.7.dll” to the “C:\wamp\bin\php\php5.2.6\ext” folder. Or the similar folder on your install as your PHP version may be different. Browse to “C:\wamp\bin\apache\apache2.2.8\bin” and edit “php.ini”. At the bottom of the PHP.ini also add

zend_extension_ts=”C:/wamp/bin/php/php5.2.6/ext/php_xdebug-2.0.2-5.2.5.dll”
xdebug.remote_enable=1

Apache Rewrite

Apache URL Rewrite Module is needed to allow nicer looking URL’s, by default its off in WAMP. We need to turn it on - left click on WAMP’s tray icon , then in Apache >> Apache Modules menu select rewrite_module.

php_xsl extension

Again left click on WAMP’s tray icon. Then PHP >> PHP Extension menu, look for php_xsl and click it. But there is one more php.ini file, which WAMP won’t change (no clue why) - we need to do it by hand, let’s open: C:\wamp\bin\php\php5.2.5\php.ini and remove “;” from the line “;extension=php_xsl.dll”. This uncomments it. At the bottom of the PHP.ini also add

zend_extension_ts=”C:/wamp/bin/php/php5.2.6/ext/php_xdebug-2.0.2-5.2.5.dll”
xdebug.remote_enable=1

Restart WAMP

Again left click on WAMP’s tray icon then select restart all services. Note: mySQL default username:”root” password:”" , thats right BLANK. All documents for the webserver are now located in c:\wamp\www\

web development , , ,