2007年12月9日星期日

感觉很不好啊，这些天过的很迷茫，虽然我有在为我的个人主页工作，但是找不到动力，一是因为我自己觉得没有好的想法，陷入了一种细节当中，但是这些很有可能是后面需要改动的，我采用的自底而上的开发方法似乎有点问题，我连网站需要些什么都不是很明确，虽然我确定了开发方向，但是始终是没有动力，找不到突破点，我想自己找一个需要的点子去做一些东西。就做ROR的吧，一是可以学习很多的东西，二是要让自己完完整整的做点东西吧，没有实践是不行的。

阅读更多博文 »

这边风景独烂

阅读更多博文 »

zendframework之我见

asdf

杨晶，你为什么会让我如此的痴迷？

真的说不上为什么，就是喜欢你，不过对自己也很无语，没有一点的勇气。。

2007年12月8日星期六

askeet 10

symfony advent calendar day seventeen: API

Previously on symfony

The askeet application was just put online yesterday, and we already have a lot of feedback about feature tweaking and additions. The user input is fundamental to the design of a web 2.0 application, and even if the concept of the application is new, it has to be experimented with as soon as possible.

But we will add unplanned functionalities on day 21. Before that, we have scheduled a handful of advanced web application development techniques to show you through askeet, and the first to be revealed today is the programming of an external API requiring an HTTP authentication.

As we made quite a lot of little changes yesterday, you are strongly advised to start today's tutorial with a fresh downloaded version of askeet from the day 16 tagged version in the askeet repository.

The API

An Application Programming Interface, or API, is a developer's interface to a particular service on your application, so that it can be included in external websites. Think about Google Maps or Flickr, which are used to extend lots of websites over the Internet thanks to their APIs.

Askeet makes no exception, and we believe that in order to increase the service's popularity, it has to be made available to other websites. The RSS feed developed during day 11 was a first approach to that requirement, but we can do much better.

Askeet will provide an API of answers to a question asked by the user. The access to this API will be restricted to registered askeet users, through HTTP authentication. The API response format chosen is Representational State Transfer, or REST - that means that the response is a simple XML block similar to most of the output of main APIs in the web:

[xml]
<?xml version="1.0" encoding="utf-8" ?>
<rsp stat="ok" version="1.0">
  <question href="http://www.askeet.com/question/what-shall-i-do-tonight-with-my-girlfriend" time="2005-11-21T21:19:18Z" >
    <title>What shall I do tonight with my girlfriend?</title>
    <tags>
      <tag>activities</tag>
      <tag>relatives</tag>
      <tag>girl</tag>
    <tags>
    <answers>
      <answer relevancy="50" time="2005-11-22T12:21:53Z">You can try to read her poetry. Chicks love that kind of things.</answer>
      <answer relevancy="0" time="2005-11-22T15:45:03Z">Don't bring her to a doughnuts shop. Ever. Girls don't like to be seen eating with their fingers - although it's nice.</answer>
    </answers>
  </question>
</rsp>

We will implement the API in a new module of the frontend application, so use the command line to build the module skeleton:

$ symfony init-module frontend api

HTTP Authentication

We choose to limit the use of the API to registered askeet users. For that, we will use the HTTP authentication process, which is a built-in authentication mechanism of the HTTP protocol. It is different from the web authentication that we have seen previously because it doesn't even require a web page - all the exchanges take place in the HTTP headers.

We will need the authentication method included in a custom validator during day six, so first of all we will do some refactoring and relocate the login code in the UserPeer model class:

[php]
public static function getAuthenticatedUser($login, $password)
{
  $c = new Criteria();
  $c->add(UserPeer::NICKNAME, $login);
  $user = UserPeer::doSelectOne($c);

  // nickname exists?
  if ($user)
  {
    // password is OK?
    if (sha1($user->getSalt().$password) == $user->getSha1Password())
    {
      return $user;
    }
  }

  return null;
}

The new class method UserPeer::getAutenticatedUser() can now be used in the myLoginValidator.class.php (we'll leave that to you) and in the new api/index web service:

[php]
<?php

class apiActions extends sfActions
{
  public function preExecute()
  {
    sfConfig::set('sf_web_debug', false);
  }

  public function executeIndex()
  {
    $user = $this->authenticateUser();
    if (!$user)
    {
      $this->error_code    = 1;
      $this->error_message = 'login failed';

      $this->forward('api', 'error');
    }
    // do some stuff
  }

  private function authenticateUser()
  {
    if (isset($_SERVER['PHP_AUTH_USER']))
    {
      if ($user = UserPeer::getAuthenticatedUser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
      {
        $this->getContext()->getUser()->signIn($user);

        return $user;
      }
    }

    header('WWW-Authenticate: Basic realm="askeet API"');
    header('HTTP/1.0 401 Unauthorized');
  }

  public function executeError()
  {
  }
}

?>

阅读更多博文 »

askeet 10

symfony advent calendar day seventeen: API

Previously on symfony

The API

[xml]
<?xml version="1.0" encoding="utf-8" ?>
<rsp stat="ok" version="1.0">
  <question href="http://www.askeet.com/question/what-shall-i-do-tonight-with-my-girlfriend" time="2005-11-21T21:19:18Z" >
    <title>What shall I do tonight with my girlfriend?</title>
    <tags>
      <tag>activities</tag>
      <tag>relatives</tag>
      <tag>girl</tag>
    <tags>
    <answers>
      <answer relevancy="50" time="2005-11-22T12:21:53Z">You can try to read her poetry. Chicks love that kind of things.</answer>
      <answer relevancy="0" time="2005-11-22T15:45:03Z">Don't bring her to a doughnuts shop. Ever. Girls don't like to be seen eating with their fingers - although it's nice.</answer>
    </answers>
  </question>
</rsp>

We will implement the API in a new module of the frontend application, so use the command line to build the module skeleton:

$ symfony init-module frontend api

HTTP Authentication

We will need the authentication method included in a custom validator during day six, so first of all we will do some refactoring and relocate the login code in the UserPeer model class:

[php]
public static function getAuthenticatedUser($login, $password)
{
  $c = new Criteria();
  $c->add(UserPeer::NICKNAME, $login);
  $user = UserPeer::doSelectOne($c);

  // nickname exists?
  if ($user)
  {
    // password is OK?
    if (sha1($user->getSalt().$password) == $user->getSha1Password())
    {
      return $user;
    }
  }

  return null;
}

The new class method UserPeer::getAutenticatedUser() can now be used in the myLoginValidator.class.php (we'll leave that to you) and in the new api/index web service:

[php]
<?php

class apiActions extends sfActions
{
  public function preExecute()
  {
    sfConfig::set('sf_web_debug', false);
  }

  public function executeIndex()
  {
    $user = $this->authenticateUser();
    if (!$user)
    {
      $this->error_code    = 1;
      $this->error_message = 'login failed';

      $this->forward('api', 'error');
    }
    // do some stuff
  }

  private function authenticateUser()
  {
    if (isset($_SERVER['PHP_AUTH_USER']))
    {
      if ($user = UserPeer::getAuthenticatedUser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
      {
        $this->getContext()->getUser()->signIn($user);

        return $user;
      }
    }

    header('WWW-Authenticate: Basic realm="askeet API"');
    header('HTTP/1.0 401 Unauthorized');
  }

  public function executeError()
  {
  }
}

?>

阅读更多博文 »

markdown format files

symfony advent calendar day seventeen: API

Previously on symfony

The API

[xml]
<?xml version="1.0" encoding="utf-8" ?>
<rsp stat="ok" version="1.0">
  <question href="http://www.askeet.com/question/what-shall-i-do-tonight-with-my-girlfriend" time="2005-11-21T21:19:18Z" >
    <title>What shall I do tonight with my girlfriend?</title>
    <tags>
      <tag>activities</tag>
      <tag>relatives</tag>
      <tag>girl</tag>
    <tags>
    <answers>
      <answer relevancy="50" time="2005-11-22T12:21:53Z">You can try to read her poetry. Chicks love that kind of things.</answer>
      <answer relevancy="0" time="2005-11-22T15:45:03Z">Don't bring her to a doughnuts shop. Ever. Girls don't like to be seen eating with their fingers - although it's nice.</answer>
    </answers>
  </question>
</rsp>

We will implement the API in a new module of the frontend application, so use the command line to build the module skeleton:

$ symfony init-module frontend api

HTTP Authentication

We will need the authentication method included in a custom validator during day six, so first of all we will do some refactoring and relocate the login code in the UserPeer model class:

[php]
public static function getAuthenticatedUser($login, $password)
{
  $c = new Criteria();
  $c->add(UserPeer::NICKNAME, $login);
  $user = UserPeer::doSelectOne($c);

  // nickname exists?
  if ($user)
  {
    // password is OK?
    if (sha1($user->getSalt().$password) == $user->getSha1Password())
    {
      return $user;
    }
  }

  return null;
}

The new class method UserPeer::getAutenticatedUser() can now be used in the myLoginValidator.class.php (we'll leave that to you) and in the new api/index web service:

[php]
<?php

class apiActions extends sfActions
{
  public function preExecute()
  {
    sfConfig::set('sf_web_debug', false);
  }

  public function executeIndex()
  {
    $user = $this->authenticateUser();
    if (!$user)
    {
      $this->error_code    = 1;
      $this->error_message = 'login failed';

      $this->forward('api', 'error');
    }
    // do some stuff
  }

  private function authenticateUser()
  {
    if (isset($_SERVER['PHP_AUTH_USER']))
    {
      if ($user = UserPeer::getAuthenticatedUser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']))
      {
        $this->getContext()->getUser()->signIn($user);

        return $user;
      }
    }

    header('WWW-Authenticate: Basic realm="askeet API"');
    header('HTTP/1.0 401 Unauthorized');
  }

  public function executeError()
  {
  }
}

?>

First of all, before executing any action of the API module (thus in the preExecute() method), we turn off the web debug toolbar. The view of this action being XML, the insertion of the toolbar code would produce a non-valid response.

The first thing that the index action will do is to check whether a login and a password are provided, and if they match an existing askeet account. If that is not the case, the authenticateUser() method sets the response HTTP header to '401'. It will cause an HTTP authentication window to pop-up in the user's browser; the user will have to resubmit the request with the login and password.

// first request to the API, without authentication
GET /api/index HTTP/1.1
Host: mysite.example.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8) Gecko/20051111 Firefox/1.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
...  

// the API returns a 401 header with no content
HTTP/1.x 401 Authorization Required
Date: Thu, 15 Dec 2005 10:32:44 GMT
Server: Apache
WWW-Authenticate: Basic realm="Order Answers Feed"
Content-Length: 401
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

// a login box will then appear on the user's window.
// Once the user enters his login/password, a new GET is sent to the server
GET /api/index HTTP/1.1
Host: mysite.example.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8) Gecko/20051111 Firefox/1.5
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
...
Authorization: Basic ZmFicG90OnN5bWZvbnk=

An Authorization attribute is added to the HTTP request, which is sent again. It contains a base 64 encoded 'login:password' string. This is what the $_SERVER['PHP_AUTH_USER'] and $_SERVER['PHP_AUTH_PW'] look for in our authenticateUser() method.

Note: Base64 does not output an encrypted version of its input. Decoding a base64-encoded string is very easy, and it reveals the password in clear. For instance, decoding the string ZmFicG90OnN5bWZvbnk= gives fabpot:symfony. So you have to consider that the password transits in clear in the Internet (as when entered in a web form) and can be intercepted. HTTP authentication must be restricted to non-critical content and services for this reason. Added protection could be gained by requiring the HTTPS protocol for API calls as well.

If a login and password are provided and exist in the user database, then the index action executes. Otherwise, it forwards to the error action (empty) and displays the errorSuccess.php template:

[php]
<?php echo '<?' ?>xml version="1.0" encoding="utf-8" ?>
<rsp stat="fail" version="1.0">
  <err code="<?php echo $error_code ?>" msg="<?php echo $error_message ?>" />
</rsp>

Of course, you have to set all the views of the api module to a XML content-type, and to deactivate the decorator. This is done by adding a view.yml file in the askeet/apps/frontend/modules/api/config/ directory:

all:
  has_layout: off

  http_metas:
    content-type: text/xml

Note: The reason why the index action returns a forward('api', 'error') instead of a sfView::ERROR in case of error is because all of the actions of the api module use the same view. Imagine that both our index action and another one, for instance popular, end up with sfView::ERROR: we would have to serve two identical error views (indexError.php and popularError.php) with the same content. The choice of a forward() limits the repetition of code. However, it forces the execution of another action.

API response

Building an XML response is exactly like building an XHTML page. So none of the following should surprise you now that you have 16 days of symfony behind you.

`api/index` action

[php]
public function executeQuestion()
{
  $user = $this->authenticateUser();
  if (!$user)
  {
    $this->error_code    = 1;
    $this->error_message = 'login failed';

    $this->forward('api', 'error');
  }

  if (!$this->getRequestParameter('stripped_title'))
  {
    $this->error_code    = 2;
    $this->error_message = 'The API returns answers to a specific question. Please provide a stripped_title parameter';

    $this->forward('api', 'error');
  }
  else
  {
    // get the question
    $question = QuestionPeer::getQuestionFromTitle($this->getRequestParameter('stripped_title'));

    if ($question->getUserId() != $user->getId())
    {
      $this->error_code    = 3;
      $this->error_message = 'You can only use the API for the questions you asked';

      $this->forward('api', 'error');
    }
    else
    {
      // get the answers
      $this->answers  = $question->getAnswers();
      $this->question = $question;
    }
  }
}

`questionSuccess.php` template

[php]
<?php echo '<?' ?>xml version="1.0" encoding="utf-8" ?>
<rsp stat="ok" version="1.0">
  <question href="<?php echo url_for('@question?stripped_title='.$question->getStrippedTitle(), true) ?>" time="<?php echo strftime('%Y-%m-%dT%H:%M:%SZ', $question->getCreatedAt('U')) ?>">
    <title><?php echo $question->getTitle() ?></title>
    <tags>
      <?php foreach ($sf_user->getSubscriber()->getTagsFor($question) as $tag): ?>
      <tag><?php echo $tag ?></tag>
      <?php endforeach ?>
    </tags>
    <answers>
      <?php foreach ($answers as $answer): ?>
      <answer relevancy="<?php echo $answer->getRelevancyUpPercent() ?>" time="<?php echo strftime('%Y-%m-%dT%H:%M:%SZ', $answer->getCreatedAt('U')) ?>"><?php echo $answer->getBody() ?></answer>
      <?php endforeach ?>
    </answers>
  </question>
</rsp>

Add a new routing rule for this API call:

api_question:
  url:   /api/question/:stripped_title
  param: { module: api, action: question }

Test it

As the response of a REST API is simple XML, you can test it with a simple browser by requiring:

http://askeet/api/question/what-shall-i-do-tonight-with-my-girlfriend

Integrating an external API

Integrating an external API is not any harder than reading XML in PHP. As there is no immediate interest to integrate an existing external API in askeet, we will describe in a few words how to integrate the askeet API in a foreign website - whether built with symfony or not.

PHP5 comes bundled with SimpleXML, a very easy-to-use set of tools to interpret and loop through an XML document. With SimpleXML, element names are automatically mapped to properties on an object, and this happens recursively. Attributes are mapped to iterator accesses.

To reconstitute the list of answers to a question provided by the API into a simple page, all it takes is these few lines of PHP:

[php]
<?php $xml = simplexml_load_file(dirname(__FILE__).'/question.xml') ?>

<h1><?php echo $xml->question->title ?></h1>
<p>Published on <?php echo $xml->question['time'] ?></p>

<h2>Tags</h2>
<ul>
  <?php foreach ($xml->question->tags->tag as $tag): ?>
  <li><?php echo $tag ?></li>
  <?php endforeach ?>
</ul>

<h2>Answers to this question from askeet users</h2>
<ul>
<?php foreach ($xml->question->answers->answer as $answer): ?>
  <li>
    <?php echo $answer ?>
    <br />
    Relevancy: <?php echo $answer['relevancy'] ?>% - Pulished on <?php echo $answer['time'] ?>
  </li>
<?php endforeach ?>
</ul>

Paypal donation

While we talk about external APIs, some of them are very simple to integrate and can bring a lot to your site. The Paypal donation API is a simple chunk of HTML code in which the email of the accountant must be included.

Wouldn't it be a good motivation for askeet users who generously answer questions to be able to receive a small donation from all the happy users who found their answer useful? The 'Donate' button could appear on the user profile page, and link to his/her Paypal donation page.

First, add a has_paypal column to the User table in the schema.xml:

[xml]
<column name="has_paypal" type="boolean" default="0" />

Rebuild the model, and add to the user/show template the following code:

[php]
<?php if ($subscriber->getHasPaypal()): ?>
<p>If you appreciated this user's contributions, you can grant him a small donation.</p>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
  <input type="hidden" name="cmd" value="_xclick">
  <input type="hidden" name="business" value="<?php echo $subscriber->getEmail() ?>">
  <input type="hidden" name="item_name" value="askeet">
  <input type="hidden" name="return" value="http://www.askeet.com">
  <input type="hidden" name="no_shipping" value="1">
  <input type="hidden" name="no_note" value="1">
  <input type="hidden" name="tax" value="0">
  <input type="hidden" name="bn" value="PP-DonationsBF">
  <input type="image" src="http://images.paypal.com/images/x-click-but04.gif" border="0" name="submit" alt="Donate to this user">
</form>
<?php endif ?>

Now a user must be given the opportunity to declare a Paypal account linked to his/her email address. It will be a good occasion to allow a user to modify his/her profile. If a logged user displays his/her own profile, an 'edit profile' must appear. It will link to a user/edit action, used both to display the form and to handle the form submission. The 'edit profile' form will allow the modification of the password and the email address. The nickname, as it is used as a key, cannot be modified. Since you are familiar with symfony by now, the code will not be described here but included in the SVN repository.

See you Tomorrow

Developing a web service or integrating an external one should not give you any difficulty with symfony

Tomorrow will be the occasion to talk about filters, and to divide askeet.com in sub projects such as php.askeet.com and symfony.askeet.com with only a few lines of code. If you were not convinced about development speed and power with symfony, you may change your mind then.

As usual, today's code has been committed to the askeet SVN repository, under the /tags/release_day_17 tag. Questions ans suggestions about askeet and the advent calendar tutorials are welcome in the askeet forum. See you tomorrow!

html格式的东西，any problem?

problemen
==================
1. asdfas
2. adfsafsa

html格式的东西code

这个问题需要解决先。。。。。。

markdown test

markdown 功能测试

很好，很强大

但是还是有很多不好的地方。。

时间问题

效率问题

感情问题？，哈哈。。

阅读更多博文 »

是否开启评论功能？

开启评论功能

我是怎么了？

不知道为什么我会这样子。。

哈哈哈。

测试功能

我怎么忘了我要做什么了

晕死啊。

sadf sadfasdf

saasd f

Bug报告日志

strip title:

处理的有问题。。。

直接同步日志。。

哈。。

新日志4

阿斯顿飞

新日志3

阿斯顿飞

新日志2

阿斯顿飞

新日志1

阿桑福德

Bug报告

同步的过程中，顺序与编写的顺序相反。。。

测试第1篇日志

第一篇日志

测试第2篇日志

阿斯大法师父

测试第3篇日志

阿斯顿飞虱

测试第4篇日志

阿斯顿飞洒的

哈哈。。新的功能。

cvdcvf

ahha

asefsdafsf

Blogger还是不怎么好用

真的。。不怎么好用，上面那个东西都不怎么动，干吗要每次刷新啊。真是的！

sdff

adfasdf

2007年12月7日星期五

zendframework据说也挺好的，不过也不是我这样的懒人喜欢的

不过类库还是比较牛x的

wakao晕死了。不知道哪里的问题了

我找我还在哦啊。

哈哈Blogger 同步功能测试2，测试新的内容，engy

阿斯顿飞

再来一个处理法

哈哈。

下一步就是完成更新的同步。

日志每次被编辑都被标记为未同步，所以可以让他来同步。。

系统开发日志

系统开发日志
博客程序TODO 列表

添加Blogger同步功能__coding now __

添加TrackBack功能

添加评论系统

添加标签系统

添加分页系统

添加归档功能

主题功能完成

还有好多东西需要做

新的功能测试！！Markdown test

恩，把心思放到一个地方比较好。

准备把markdown加如到我的Blog程序中，不过我目前的实现方式有点“硬”，

阅读更多博文 »

我的博客，基本上可以用了，哈哈。只差一些管理功能了

其实准备了好多功能的。
blogger同步功能
主要是感觉把东西只放在一个地方比较危险，如果是我租用的空间更是这样子，也怕自己误操作，所以想，每次发博客都会自动同步到blogger上面去，

2222blog测试了。

阿斯顿飞

blog同步功能部分测试通过。。ID:1

真与梦。。有点问题啊。。

莫非是因为字符类型的原因吗？ID:

可能哦。

真是的。。开发真的很有意思。ID:

阿斯顿

测试AAAABlogger 同步功能测试2，测试新的内容ID:

测试。。

修改功能，使得可以批量后台同步

这样可以避免等待造成的大量时间浪费

系统开发日志

系统开发日志
博客程序TODO 列表

添加Blogger同步功能__coding now __

添加TrackBack功能

添加评论系统

添加标签系统

添加分页系统

添加归档功能

主题功能完成

ToFix

strip title重复问题。

还有好多东西需要做

新的功能测试！！Markdown test

恩，把心思放到一个地方比较好。
准备把markdown加如到我的Blog程序中，不过我目前的实现方式有点“硬”，

阅读更多博文 »

系统开发日志

  <!--markdown-->
  系统开发日志
  博客程序TODO 列表

  1. 添加Blogger同步功能**__coding now __**
  2. 添加TrackBack功能
  3. 添加评论系统
  4. 添加标签系统
  5. 添加分页系统
  6. 添加归档功能
  7. **主题功能完成**

  还有好多东西需要做

2007年12月9日星期日

2007年12月8日星期六

symfony advent calendar day seventeen: API

Previously on symfony

The API

HTTP Authentication

symfony advent calendar day seventeen: API

Previously on symfony

The API

HTTP Authentication

symfony advent calendar day seventeen: API

Previously on symfony

The API

HTTP Authentication

API response

api/index action

questionSuccess.php template

Test it

Integrating an external API

Paypal donation

See you Tomorrow

markdown 功能测试

2007年12月7日星期五

准备把markdown加如到我的Blog程序中，不过我目前的实现方式有点“硬”，

ToFix

more

博客归档

我的简介

`api/index` action

`questionSuccess.php` template