News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

Jordi Boggiano:
Authentication management in Composer
May 28, 2014 @ 11:07:35

Jordi Boggiano has posted about a new feature in Composer, the popular dependency manager for PHP, around the handling of authentication information.

Up until today if you run a home-grown package repository serving private packages it was quite a pain to use with Composer. You did not have efficient way to password-protect the repository except by inlining the password in the composer.json or by typing the username/password every single time. With the merge of PR#1862 and some further improvements you can now remove credentials from your composer.json!

The new functionality allows for the external storage of the credentials in a file, either globally of in one relative to the repository. He also includes the command you can use to configure and set these username/password combinations and have them stored in the "auth.json" file.

0 comments voice your opinion now!
composer authentication management username password authjson json

Link: http://seld.be/notes/authentication-management-in-composer

BitExpert.de Blog:
Composer, Bower and HTTP Basic Auth
December 27, 2013 @ 11:16:23

Stephan Hochdörfer has shared a handy tip for the Composers users out there that may have to deal with username/password protected repositories as a part of your package install process. In his post he shows how to use a simple "expect" script to automatic the HTTP Basic Auth login.

A couple of months ago when we set-up our own internal Satis repository to host our custom Composer packages. We ran into an "unpleasant" issue with Composer that had this PR as an result. To sum things up: We are using HTTP Basic Auth to password-project our Satis repository. There was no way we could switch to an SSL client certificate to allow Composer to authenticate itself automatically without asking for a password. Asking for the password on a developer`s machine is no big thing, but it since we need an automated Composer run in our Jenkins environment, there was no way to set things up.

As Composer doesn't currently support this functionality, they had to find a way around it. They went with an expect script that is used to work with the prompts and send the username/password information when expected. He also points out that this could be useful for other situations and tools - like a Bower build.

0 comments voice your opinion now!
composer satis username password http basic authorization bower expect

Link: http://blog.bitexpert.de/blog/composer-bower-and-http-basic-auth/

Mike Purcell's Blog:
Symfony - sfGuardPlugin - Use Email Instead of Username
August 15, 2011 @ 08:43:56

Mike Purcell has a handy new post for the Symfony users out there wanting more flexibility with their sfGuardPlugin use in their application. He describes how you can use email instead of a username for working with the user information.

sfGuardPlugin is pretty awesome. It allows a symfony developer the ability to quickly implement a user login and access control system. However, there is an issue with respect to telling the plugin whether to use the username or the email column for validating user submitted input. After some Googling I found a few sites which forced sfGuardPlugin to use email rather than username, but only after quite a bit of work. What I am going to show will accomplish the same end goal, but with minor changes.

He starts with a look at the validator class, showing how the values are going to be passed to the backend. The plugin makes a call to a "retrieveByUsername" method to get the user's information, but his method overrides this...sort of. His method actually contains the query to fetch the user information by email instead. This is useful if you want to use the email address as a username for the site but still want to maintain data integrity on the user records (valid emails can then be used for auth and for sending messages).

0 comments voice your opinion now!
sfguard symfony email username tutorial authentication


PHPBuilder.com:
Create a Dynamic Username Validator with PHP, MySQL and jQuery
May 11, 2011 @ 12:45:36

On PHPBuilder.com there's a new article showing you how to create a dynamic username validator with the combination of PHP, MySQL and jQuery to do some of the front end work.

One of the easiest ways to streamline the registration process is by providing the user with real-time feedback regarding username availability. This is accomplished by monitoring the registration form's username field and immediately following the user's completion of this field, rather than waiting for the user to complete all fields and submit the form. Although a seemingly complex feature, it's actually easily accomplished thanks to the powerful jQuery library.

His scripts bases its checking on an "accounts" table that holds the username and password. The javascript (jQuery) handles the "blur" event on the username text field in the form and runs a check against a backend script to see if that username exists in the database (bound parameters used for helping to prevent SQL injections).

2 comments voice your opinion now!
username validation exists tutorial jquery mysql


Adam Jensen's Blog:
Flexible User Authentication with Zend_Auth
April 10, 2009 @ 07:56:35

Adam Jensen has written up a new article today on how you can use the Zend_Auth component of the Zend Framework to authenticate your users in a few different ways based on a strategy selected.

For this example, we're going to allow our users to authenticate in one of multiple ways: e.g., against a database table, against an LDAP server, or by OpenID [1]. Zend_Auth already provides the necessary authentication adapters, so what we'll be concerned with here is how to implement all three systems without ending up in an FSUC situation.

He defines the code for the basic controller and a simple view that allows the user to select how they want to log in - email/password, username/password or OpenID. The model does all of the heavy lifting by letting the controller set the authentication type (strategy) and pulling in the correct Zend_Form instance along with its validation rules. Code is also included for the model and each of these.

2 comments voice your opinion now!
flexible user authentication zendauth zendframework email password username openid


Juozas Kaziukenas' Blog:
Scraping login requiring websites with cURL
February 24, 2009 @ 08:44:43

Several sites have areas that have content protected behind a login making them difficult to pull into a script. Juozas Kaziukenas has created an option to help you past this hurdle - a PHP class (that uses cURL) that can POST the login data to the script and pull back the session ID.

But how you are going to do all this work with cookies and session id? Luckily, PHP has cURL extension which simplifies connecting to remote addresses, using cookies, staying in one session, POSTing data, etc. It's really powerful library, which basically allows you to use all HTTP headers functionality. For secure pages crawling, I've created very simple Secure_Crawler class.

The class uses the built-in cURL functionality to send the POST information (in this case the username and password, but it can be easily changed for whatever the form requires) and provides a get() method to use for fetching other pages once you're connected.

0 comments voice your opinion now!
login require scrape curl secure crawler tutorial username password


Joey's Blog:
8 Practical PHP Regular Expressions
October 17, 2007 @ 10:27:00

On his web development blog, Joey has posted a new list of eight handy regular expressions you can use in your code for common validations.

Here are eight examples of practical PHP regular expressions and techniques that I've used over the past few years using Perl Compatible Regular Expressions. This guide goes over the eight different validation techniques and describes briefly how they work. Usernames, telephone numbers, email addresses, and more.

Each of the regular expressions comes complete with an explanation of what it is and the kinds of strings it's looking for. Comments on the post have helped even more, finding places where they might break or not catch all possibilities.

1 comment voice your opinion now!
regular expression list practical username phone email zip ipaddress date regular expression list practical username phone email zip ipaddress date


Andreas Gohr's Blog:
Determine StumbleUpon Rankings
September 03, 2007 @ 10:35:00

Andreas Gohr has posted some info and code about one of the social networking/linking services out there, StumbleUpon. His post includes PHP code to figure out what your site's StumbleUpon ranking is.

StumbleUpon recently(?) added a "search result enhancement" feature to their toolbar. It adds StumbleUpon "star ratings" to Google results (See screenshot). This got me interested and I had a closer look at their extension...

As part of this "closer look" he came up with the code to return a general ranking for the URL you would give it. It does require a StumbleUpon auth key and username, but if you use the service already, you're one step ahead on that.

1 comment voice your opinion now!
stumbleupon ranking example url authkey username stumbleupon ranking example url authkey username


IBM developerWorks:
Cook up Web sites fast w/CakePHP, Part 1 Adding related information & services
November 29, 2006 @ 08:19:00

The IBM developerWorks site brings the community another great tutorial today, this time looking at the CakePHP framework and the creation of a simple application with it.

In "Cook up Web sites fast with CakePHP, Part 1: Adding related information and services", they build a sample application (Tor) from the ground up (installation guide and all) that will take in a username and password on a login page. Their goal is to show you how much time you could safe by using the framework over just the usual library-based (or procedural) programming methods.

You will need to be a bit familiar with PHP and the Model/View/Controller design pattern before you get started here, but if you have that down, you can just jump right in. You'll also either need to register with the site or log in with your account information to get to the good stuff.

0 comments voice your opinion now!
cakephp tutorial fast related information service install username password cakephp tutorial fast related information service install username password


Ryan Malesevich's Blog:
MD5 to SHA-1 in PHP and MySQL (Part 1)
October 02, 2006 @ 09:31:00

Ryan Malesevich is taking a break from his look at some handy WordPress packages to share a small series on how to move from using MD5 hashes out to SHA-1 hashes for passwords in a MySQL database. He's posted part one today.

What if you're using MD5 in your web application and want to switch over to another encryption method. It's actually not that hard and I plan to cover them in this multi-part tutorial (I know I planned on writing this months ago, but it's better late then never). In this first part I plan on going over updating the database structure and a 'pseudo-code' of what will need to be done.

As mentioned, he gives the outline (pseudo-code) of how the process will work - basically, creating an SHA1 hash of the MD5 and the username in a "newpassword" column added to your database.

2 comments voice your opinion now!
md5 sha1 encryption mysql username generate pseudocode md5 sha1 encryption mysql username generate pseudocode



Community Events





Don't see your event here?
Let us know!


laravel configure series code developer api application interview podcast framework community introduction project bugfix library wordpress threedevsandamaybe release list language

All content copyright, 2014 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework