MARCH 2004 VOLUME III - ISSUE 3 MARCH 2004 VOLUME III - ISSUE 3 www.phparch.com The Ma g azine For PHP Professional s Plus: Tips & Tricks, Security Corner, Product Reviews and much more Explore your HTML code with Tidy Testing Automation With PHP Using the Amazon.com API through PHP and XML-RPC PHP And WAP: Past, Present & Future Matchmaker Matchmaker Make Me a MatchMake Me a Match PHP Ahoy! A Look at: php Cruise Bahamas 2004 | 0 R Q H \ % D FN /HDUQ2EMHFW2ULHQWHG3URJUDPPLQJ ZLWKRYHU3UDFWLFDO3+36ROXWLRQV 3UHSDUH\RXUVHOIIRU3+3« *HWWKLVVHWRIWZRQHZERRNV 7KH3+3$QWKRORJ\9ROXPH,,$SSOLFDWLRQV 7KH3+3$QWKRORJ\9ROXPH,)RXQGDWLRQV *8 $ 5$ 1 7(( /HDUQWREXLOGIDVWVHFXUHDQGUHOLDEOH 2EMHFW2ULHQWHG3+3DSSOLFDWLRQVXVLQJ SURIHVVLRQDO:HEGHYHORSPHQWWHFKQLTXHV 3UHYHQW64/LQMHFWLRQDWWDFNV 6HQG3DUVH+70/HPDLO )LOWHUXVHUVXEPLWWHGFRQWHQW &DFKHSDJHVIRUIDVWHUDFFHVV &UHDWH\RXURZQ566IHHGV 3URGXFHFKDUWVJUDSKV :ULWH3URIHVVLRQDO(UURUKDQGOLQJURXWLQHV &UHDWHVHDUFKIULHQGO\85/V $QGRWKHUSUDFWLFDODSSOLFDWLRQV %X\ERWKERRNVWRJHWKHUIRURQO\6$9( 3/86¶3+3$UFKLWHFW·UHDGHUVJHWDQH[WUDRII RQO\XQWLO$SULOWK 1 H Z 5 H OH D V H 7R2UGHU12:YLVLW« SKSDUFKLWHFWVLWHSRLQWFRP 1 H Z 5 H OH D V H 5 Editorial 6 What’s New! 34 Book Review Flash MX 2004 for Rich Internet Applications 42 Product Review Mambo Open Source: Content Management System 59 Security Corner Shared Hosting by Chris Shiflett 63 Tips & Tricks By John W. Holmes 66 e x i t ( 0 ) ; I Am Jack's Total Lack of Linux Support By Marco Tabini 9 Connecting to Amazon.com Web Services with NuSOAP by Alessandro Sfondrini 16 Matchmaker, Matchmaker Make Me A Match: An Introduction to Regular Expressions by George Schlossnagle 28 Automated Testing For PHP Applications by Dr. James McCaffrey 35 PHP Ahoy! A look at php|cruise by Marco Tabini 47 WAP: Past, Present and Future by Andrea Trasatti 53 Tidying up your HTML in PHP5 by John Coggeshall 3 March 2004 ● PHP Architect ● www.phparch.com TABLE OF CONTENTS II NN DD EE XX II NN DD EE XX php|architect Features Departments Existing subscribers can upgrade to the Print edition and save! Login to your account for more details. NEW! NEW! *By signing this order form, you agree that we will charge your account in Canadian dollars for the “CAD” amounts indicated above. Because of fluctuations in the exchange rates, the actual amount charged in your currency on your credit card statement may vary slightly. **Offer available only in conjunction with the purchase of a print subscription. Choose a Subscription type: CCaannaaddaa//UUSSAA $$ 8833 9999 CCAADD (($$5599 9999 UUSS**)) IInntteerrnnaattiioonnaall SSuurrffaaccee $$111111 9999 CCAADD (($$7799 9999 UUSS**)) IInntteerrnnaattiioonnaall AAiirr $$112255 9999 CCAADD (($$8899 9999 UUSS**)) CCoommbboo eeddiittiioonn aadddd oonn $$ 1144 0000 CCAADD (($$1100 0000 UUSS)) ((pprriinntt ++ PPDDFF eeddiittiioonn)) Your charge will appear under the name "Marco Tabini & Associates, Inc." Please allow up to 4 to 6 weeks for your subscription to be established and your first issue to be mailed to you. *US Pricing is approximate and for illustration purposes only. php|architect Subscription Dept. P.O. Box 54526 1771 Avenue Road Toronto, ON M5M 4N5 Canada Name: ____________________________________________ Address: _________________________________________ City: _____________________________________________ State/Province: ____________________________________ ZIP/Postal Code: ___________________________________ Country: ___________________________________________ Payment type: VISA Mastercard American Express Credit Card Number:________________________________ Expiration Date: _____________________________________ E-mail address: ______________________________________ Phone Number: ____________________________________ Visit: http://www.phparch.com/print for more information or to subscribe online. Signature: Date: To subscribe via snail mail - please detach/copy this form, fill it out and mail to the address above or fax to +1-416-630-5057 php|architect The Magazine For PHP Professionals YYoouu’’llll nneevveerr kknnooww wwhhaatt wwee’’llll ccoommee uupp wwiitthh nneexxtt March 2004 ● PHP Architect ● www.phparch.com EE DD II TT OO RR II AA LL RR AA NN TT SS php|architect Volume III - Issue 3 March, 2004 Publisher Marco Tabini Editorial Team Arbi Arzoumani Peter MacIntyre Eddie Peloke Graphics & Layout Arbi Arzoumani Managing Editor Emanuela Corso Director of Marketing J. Scott Johnson scott@phparch.com Account Executive Shelley Johnston shelley@phparch.com Authors John Coggeshall, John Holmes, Dr. James McCaffrey, George Schlossnagle, Alessandro Sfondrini, Chris Shiflett, Andrea Trasatti php|architect (ISSN 1709-7169) is published twelve times a year by Marco Tabini & Associates, Inc., P.O. Box 54526, 1771 Avenue Road, Toronto, ON M5M 4N5, Canada. Although all possible care has been placed in assuring the accuracy of the contents of this magazine, including all associated source code, listings and figures, the publisher assumes no responsibilities with regards of use of the information contained herein or in all asso- ciated material. Contact Information: General mailbox: info@phparch.com Editorial: editors@phparch.com Subscriptions: subs@phparch.com Sales & advertising: sales@phparch.com Technical support: support@phparch.com Copyright © 2003-2004 Marco Tabini & Associates, Inc. — All Rights Reserved I 'm sure you're familiar with the Chinese proverb "may you live in interesting times." Even though I rarely think of my professional life as dull and boring, the last month has been particularly exciting. As promised in my exit(0) column from last month's issue, if you look through the middle of the magazine you'll find a full report (in colour!) on the best conference I have ever attended—our very own php|cruise (forgive me for a bit of professional price—eight months of prep work will do that to you). Things went so well that we're working on another cruise—this time going to Alaska in the fall—and plan on making php|c an annu- al event for many years to come. All good things come to an end, of course, and, once back from the cruise, it's back to work. Luckily for us, work means bringing you yet another great issue of php|architect—and I personally consider that another good thing. Like every month, we've got some great content waiting for you in the following pages. The one I'm most proud of is George Schlossnagle's regular expressions article. Regexes are something that pretty much every programmer has to deal with, but that very few among us really know how to use. In fact, I've seen developers write extremely complicated code with the explicit purpose of getting around having to use a regular expression—and that is just plain wrong. After all, using the best solution for each problem is what being a programmer is all about. Thus, I approached George about writing an article on regular expressions—and it became quickly evident that one article would not even come close to covering the complexity of regex. Now, everyone knows that I always try my best to stay away from multi-part articles for a multitude of reasons, but in this case I felt that the topic more than deserved our attention over multiple issues and, therefore, George's article is the first in a series of three. Over the next three months, he will take you for a ride from the basics (which are covered in this issue) to the more complex and exotic aspects of regu- lar expressions, thus hopefully providing the PHP world with a definitive guide to this topic. If regular expressions are not your bag, one of the other topics covered in this month's issue is certain to tickle your fancy. For example, you may want to read Alessandro Sfondrini's excellent article on using the Amazon.com API directly from your PHP website, or Andrea Trasatti's look at the world of WAP. As you can probably imagine, both Andrea and Alessandro hail from my native Italy—and that alone makes their arti- cles more than worth reading. There, my monthly her- itage tax is now paid up! As I'm sure you've noticed, in the past few months we've been publishing material about testing practices quite frequently. As larger and larger projects are devel- EDITORIAL Continued on page 8 March 2004 ● PHP Architect ● www.phparch.com 6 NNEEWW SSTTUUFFFF PHP 5.0 Beta 4 PHP.net has announced the release of PHP 4.3.5 RC1. This fourth beta of PHP 5 is also scheduled to be the last one (barring unexpected surprises, that did occur with beta 3). This beta incorporates dozens of bug fixes since Beta 3, rewritten exceptions support, improved interfaces support, new experimental SOAP support, as well as lots of other improvements, some of which are documented in the ChangeLog. Some of the key fea- tures of PHP 5 include: • PHP 5 features the Zend Engine 2. • XML support has been completely redone in PHP 5, all extensions are now focused around the excellent libxml2 library ( hhttttpp::////wwwwww xxmmllssoofftt oorrgg// ). • SQLite has been bundled with PHP. For more information on SQLite, please visit their web- site. • A new SimpleXML extension for easily access- ing and manipulating XML as PHP objects. It can also interface with the DOM extension and vice-versa. • Streams have been greatly improved, includ- ing the ability to access low-level socket oper- ations on streams. PHP.net also announced the release of PHP 4.3.5 RC 3. This will be the last release candidate prior to the final release, so please test it as much as possible. For more information visit hhttttpp::////wwwwww pphhpp nneett// . ZEND Optimizer 2.5.1 Zend has announced the release of Zend Optimizer 2.5.1. Zend.com describes the Optimizer as: "a free applica- tion that runs the files encoded by the Zend Encoder and Zend SafeGuard Suite, while enhancing the run- ning speed of PHP applications. Benefits: • Enables users to run files encoded by the Zend Encoder • Increases runtime performance up to 40%." Get more information from ZZeenndd ccoomm . What’s New! NN EE WW SS TT UU FF FF March 2004 ● PHP Architect ● www.phparch.com 7 Zend Launches New PHP5 In-Depth Articles Section Zend Technologies have launched a new version of their Developer's Corner on the zend.com website. PHP5 In-depth showcases articles from many well-known PHP authors on the new features of PHP. For more information, check out hhttttpp::////wwwwww zzeenndd ccoomm//pphhpp//iinn ddeepptthh pphhpp DEV Web Management System Dev is small, but powerful and very flexible content management system for web portals. System is licensed as freeware under the terms of GNU/GPL license. It is absolutely free for non-commercial and commercial use. Based on php4 + MySQL technology. This project allows the user to publish articles, evalu- ate article by taking the pool, publish short news and create back-ends in xml format, manage download lists, Manage advertisement on your site, Be informed about events on your site, create system reports and export them into MS Excel or XML format and much more. For more information visit: hhttttpp::////ddeevv wwmmss ssoouurrccee ffoorrggee nneett// . PhpMyAdmin 2.5.6 Phpmyadmin.net has released their latest version of phpMyAdmin. PHPMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. "Welcome to this new version, aimed at stabilization of the 2.5 branch. Meanwhile, work is continuing on the new 2.6 branch. PhpMyAdmin is a tool written in PHP intend- ed to handle the administration of MySQL over the Web. Currently it can create and drop databases, create/drop/alter tables, delete/edit/add fields, execute any SQL statement, manage keys on fields." For more information visit: wwwwww pphhppmmyyaaddmmiinn nneett . PhpSQLiteAdmin 0.2 PhpSQLiteAdmin is a Web interface for the administra- tion of SQLite databases. Version 0.2 comes with some new features and a lot of internal cleanups and refactoring. PhpSQLiteAdmin is still in an early stage of development. It comes free of charge and without warranty. For more information visit: wwwwww pphhppssqqlliitteeaaddmmiinn nneett . phpMyEdit 5.4 phpMyEdit generates PHP code for displaying/editing MySQL tables in HTML. All you need to do is to write a simple calling program (a utility to do this is included). NNEEWW SSTTUUFFFF Looking for a new PHP Extension? Check out some of the latest offerings from PECL. ps 1.1.0 ps is an extension similar to the pdf extension but for creating PostScript files. Its api is mod- eled after the pdf extension. Memcache 0.2 Memcached is a caching daemon designed especially for dynamic web applications to decrease database load by storing objects in memory. This extension allows you to work with mem- cached through handy OO interface. This extension allows you to call the functions made avail- able by libstatgrab library. POP3 1.0 The POP3 extension makes it possible for a PHP script to connect to and interact with a POP3 mail server. It is based on the PHP streams interface and requires no external library. Fileinfo 0.1 This extension allows retrieval of information regarding vast majority of file. This information may include dimensions, quality, length etc. Additionally it can also be used to retrieve the mime type for a particular file and for text files proper language encoding. It includes a huge set of table manipulation functions (record adition, change, view, copy, and remove), table sorting, filtering, table lookups, and more. Several minor bugs were fixed. A few new options were added. Major features include tabs support, the ability to specify SQL expressions for fields when writ- ing to the database, the ability to define new triggers, and more. All eval() calls were removed due to security and performance reasons. Some code was optimized. Several parts of the documentation were updated. A lot of new language files were added and updated. For more information visit: hhttttpp::////ppllaattoonn sskk//pprroojjeeccttss// pphhppMMyyEEddiitt// . ionCube Releases New Encoder UK-based ionCube has released a new version of their compiled code PHP encoding tools. New features include a choice of ASCII or binary encoded file formats and optional support for OpenSource extensions such as mmcache. Prices start at a special price of $159 in their March 20% off sale. For further information, please visit the homepage of the Encoder: hhttttpp::////wwwwww iioonnccuubbee ccoomm//ssaa__eennccooddeerr pphhpp March 2004 ● PHP Architect ● www.phparch.com 8 NNEEWW SSTTUUFFFF oped using PHP, serious testing processes are going to become an integral part of every good developer's arsenal of programming tools. What we never quite considered is that PHP is a great testing platform even for those projects that are not written using it. Thankfully, James McCaffrey came to the rescue and provided us with a wonderful article on the subject. Our final article this month is about the new Tidy extension, which author John Coggeshall has recently introduced in PHP. You may have already heard about the Tidy project, which provides a series of libraries capable of parsing and automatically required docu- ments written in markup languages like HTML or XML. Tidy brings an important set of capabilities to PHP, and I'm happy to have the author of the extension intro- duce us to it. That's it for this month—time for me to go tend to my sunburn while I start working on the next issue. Until then, happy readings! Editorial: Contiuned from page 5 php|a Check out some of the hottest new releases from PEAR. Mail_Queue 1.1 Class to handle mail queue managment.Wrapper for PEAR::Mail and PEAR::DB (or PEAR::MDB).It can load, save and send saved mails in background and also backup some mails. The Mail_Queue class puts mails in a temporary container waiting to be fed to the MTA (Mail Transport Agent) and send them later (eg. every few minutes) by crontab or in other way. XML_Transformer 0.9.1 With the XML/Transformer class one can easily bind PHP functionality to XML tags, thus trans- forming the input XML tree into an output XML tree without the need for XSLT. Net_LMTP 0.7.0 Provides an implementation of the RFC2033 LMTP using PEAR's Net_Socket and Auth_SASL class. Text_Wiki 0.8.3 Abstracts parsing and rendering rules for Wiki markup in structured plain text. I n the article "Exploring the Google API with SOAP," which appeared in the January issue of php|a, I showed you what SOAP is and how it can be used together with PHP. We used a SOAP-encoded docu- ment to perform a search using the Google Engine, then we parsed the response to display the results on our website. To perform these operations, we wrote an application from scratch; this approach can be great to understand how SOAP works, but when a customer asks you to implement a SOAP-based feature in an application, you can't waste your time in that way. In this case, there are some libraries that will make your coding quicker and easier: one of these is NuSOAP, which allows you to send Remote Procedure Calls (RPCs) over HTTP. This article will show you how we can use the Amazon.com API with NuSOAP to perform searches and display product details, without having to sort through a lot of SOAP syntax: if you have had an opportunity to read my previous article, you will notice how much shorter an application written this way is, and how much time can actually be saved by using this method. What are Amazon Web Services? Amazon.com is one of the most widely known on-line shops. You can find and buy almost everything, from books to toys to power tools. Several years ago, Amazon launched a very successful affiliate program, which they later expanded in their Web Services pro- gram. Why would you want to use Amazon Web Services (AWS)? For instance, if your website is about Literature, you may want to allow your users to look for books in the (huge) Amazon database directly from your pages, without redirecting them to Amazon.com. You can pro- vide them with a detailed description of each book and, when they decide to buy one, you can add it directly to their Amazon shopping cart. When the time comes to complete the purchase, you can redirect the user directly to the Amazon website, where the checkout process actually takes place and you receive credit for your affiliate referral. It is important to understand that AWS are designed only to retrieve information about products and create, as well as populate, shopping carts, not to perform pay- ments: this must be done directly on the Amazon web- site-the reason being, of course, one of security for the customer's personal information. In any case, a signifi- cant portion of the transaction is performed from your website. This results in a benefit both for you and for your users, since you can offer your customers a nearly seamless user experience and collect your referral fees. Access to AWS, as well as to the affiliate program, requires you to register with the Amazon Associates Program and obtain an Associates ID, which will identi- March 2004 ● PHP Architect ● www.phparch.com 9 FF EE AA TT UU RR EE Connecting to Amazon.com Web Services with NuSOAP by Alessandro Sfondrini PHP: 4.1 and higher OS: Any Other software:: NuSOAP 0.6.4 Code Directory: webs-nusoap REQUIREMENTS Have you ever wanted to add an online shop to your website but gave up on the idea because you lack the expertise and resources to run it? Using SOAP, you can connect to Amazon Web Services and create a PHP appli- cation to remotely browse and search products, add them to Amazon shopping carts or wish lists and, yes, you can even earn money on every purchase performed from your site. [...]... Classes Any alphanumeric character :ascii: Any ASCII character :cntrl: Basic Character Classes Any letter :alnum: Figure 2 :alpha: Any control chatacter Matches any character :digit: Any digit (same as \d) \w An alphanumeric character or the underscore character :graph: Any alphanumeric or punctuation character \W Anything not a \w :lower: Any lowercase letter \d A digit :print: Any printable character... character \D A non-digit :space: Any whitespace character (same as \s) \s Any whitespace This includes spaces, tabs, newlines, control characters :upper: Any upperspace character \S A non-whitespace character :xdigit:] Any hexadecimal 'digit' Figure 4 March 2004 ● PHP Architect ● www.phparch.com 19 FEATURE Matchmaker, Matchmaker Make Me A Match Pattern fragments grouped in this fashion are called sub-patterns... of regular expressions (at least when you can understand what they do) For example, we can use enumeration modifiers to significantly improve our email-address pattern 21 FEATURE Matchmaker, Matchmaker Make Me A Match According to RFC 2822, which defines the "official" valid email address syntax, an email message is composed of a localpart, an '@' and a domain The localpart is one or more characters... if($last_time && $last_time != $this_time) { print “$last_time: $count\n”; $count = 0; } $last_time = $this_time; $count++; } } ?> 25 FEATURE Matchmaker, Matchmaker Make Me A Match could easily convert this to display hits per hour by changing $this_time = $data[4]; to $this_sec = "$data[5]/$data[6]/$data[7] $data[8]"; Similarly, we could count bytes instead of pages by accumulating $data[17] (bytes transferred)... need to iterate over $matches and manually build the result set The other possible pattern modifiers are as follows: 23 FEATURE Matchmaker, Matchmaker Make Me A Match dollar end-anchor $ will match only at the • m (treat as multiline) By default, PCRE end of the string By default, $ will match assumes that we intend our search text to before the final character if that character is processed as one big... document to be completely scanned twice Note that we are using # as a delimiter March 2004 Come visit us at phpa.com< /a> ● www.phparch.com The leading ^ anchors the match at the beginning of the text, meaning that the match will only succeed 22 FEATURE Matchmaker, Matchmaker Make Me A Match if it begins there The trailing $ anchors the match at the end of the text, meaning... number: PHP Architect ● www.phparch.com or, by noting that the area code and exchange match the same pattern, we can compress it even further, as follows: /\b([2-9]\d{2}-) {2}\d{4}\b/ 20 FEATURE Matchmaker, Matchmaker Make Me A Match /\b(\w)(\w)(\w)\3\2\1\b/ When we run this pattern against a palindrome like ' hallah', it matches as shown in Figure 5 Notice that you need to use \b to make sure you... POSIX character class by adding a ^ after the first colon For instance, to match all non-letter characters, you could use the class :^alpha: Negations are also available in custom character classes—for example, to match anything that is not the greater-than character (>), you can use the custom character class [^>] Negations are very useful when you are creating regular expressions that extract quoted... that in the examples shown in this article we always referred to Amazon.com, the American website AWS are also available for Amazon.co.uk, Amazon.de and Amazon.co.jp, but you have to modify the URIs in the script, changing the specifications in the WSDL document from [soap.amazon.com/] to soapeu.amazon.com/, and so on You will also have to add the locale parameter to your RPC invocations—its value can... test case data is arbitrary—in general, you can use any character but want to avoid characters that appear in the actual test case data We append the input value to lastname= using the urlencode() function It replaces characters that might be misinterpreted by the Web server with their escaped equivalents For example, a '/' character would be replaced by a %2F sequence After we have a test case ID, an . ● www.phparch.com 19 FFEEAATTUURREE Matchmaker, Matchmaker Make Me A Match BBaassiicc CChhaarraacctteerr CCllaasssseess . Matches any character w An alphanumeric. And WAP: Past, Present & Future Matchmaker Matchmaker Make Me a MatchMake Me a Match PHP Ahoy! A Look at: php Cruise Bahamas 2004 | 0 R Q H % D FN /HDUQ2EMHFW2ULHQWHG3URJUDPPLQJ ZLWKRYHU3UDFWLFDO3+36ROXWLRQV 3UHSDUHRXUVHOIIRU3+3« *HWWKLVVHWRIWZRQHZERRNV 7KH3+3$QWKRORJ9ROXPH,,$SSOLFDWLRQV 7KH3+3$QWKRORJ9ROXPH,)RXQGDWLRQV *8 $ 5$ 1 7(( /HDUQWREXLOGIDVWVHFXUHDQGUHOLDEOH 2EMHFW2ULHQWHG3+3DSSOLFDWLRQVXVLQJ SURIHVVLRQDO:HEGHYHORSPHQWWHFKQLTXHV 3UHYHQW64/LQMHFWLRQDWWDFNV 6HQG3DUVH+70/HPDLO )LOWHUXVHUVXEPLWWHGFRQWHQW &DFKHSDJHVIRUIDVWHUDFFHVV &UHDWHRXURZQ566IHHGV 3URGXFHFKDUWVJUDSKV :ULWH3URIHVVLRQDO(UURUKDQGOLQJURXWLQHV &UHDWHVHDUFKIULHQGO85/V $QGRWKHUSUDFWLFDODSSOLFDWLRQV %XERWKERRNVWRJHWKHUIRURQO6$9( 3/86¶3+3$UFKLWHFW·UHDGHUVJHWDQH[WUDRII RQOXQWLO$SULOWK 1 H Z 5 H OH D V H 7R2UGHU12:YLVLW« SKSDUFKLWHFWVLWHSRLQWFRP 1 H Z 5 H OH D V H 5