Templating with Twig

I've been working on this shitty video sharing site for a couple weeks now and thought I'd try out some new things. I' used phpass for the password management and ended up using Twig as a template framework. I've never used a template engine before so I was new to using one. Twig is actually quite easy to implement into any of your projects. In your PHP script add:

 

require_once 'Twig/Autoloader.php';
Twig_Autoloader::register();

$loader = new Twig_Loader_Filesystem('templates');
$twig = new Twig_Environment($loader);
$template = $twig->loadTemplate('index.html');
echo $template->render(array('value' => 'test');

And that's it. In the example, 'index.html' is the template file. The array passes the variables onto the template. So, your index.html would look something like this:

 

This is a {{ value }} 

That would echo 'test'. The documentation for Twig is alright but it doesn't show how one uses the core extensions. See the below example as a block is transated for Twig's use:
 

      $a = $s + ($limit);
       if ($a > $numrows):
       $a = $numrows;
       endif;
       $b = $s + 1;
       echo "Showing results $b to $a of $numrows";

Becomes:

{% set a = s + limit %}
    {% if a > numrows %}
        {% set a = numrows %}
    {% endif %}    
{% set b = s + 1 %}  
   Showing results {{ b }} to {{ a }} of  {{ numrows }}

 

How publicly released exploits helped WorkSimple

[Photo by Honza Soukup]

A couple years back when I released WorkSimple, my PHP knowledge was very limited. I went through a couple versions of WorkSimple adding features and such but without thinking of security. Then, about a year and a half ago, I came upon a zero-day exploit site [1][2] site. On the site, it chronicled the current exploits in WorkSimple. Now, of course I acted quickly and fixed the problems. At first, I was offended by this. Then, I realized the helping hand it had lent me. Not only did these sites show how one could use the exploit, but also how to fix it. The user login system used MD5 hashed passowords in a specified [plain text] file in a specified place. After, the hashes were salted and in a .php file as not to display the contents. 

 

Quick post is quick

Life's been the same, my blogging life has swindled down as well. I have an old 5" TV/radio (it has a handle on top!) of which I connected to a VCR hooked to one of my spare computers. You get a mess of cables and a very very small monitor. I had to sit an inch away from it to read anything.

Sysode has caught my interest again, I've added some new features too. Fixed some bugs and added the ability for public viewing of the project, check it out.

I'm scared of MySQL

Photo taken by me!

I've been using PHP for a bit over a year and half. It's come to my conclusion, that I've never used MySQL in any of my applications. I think I'm scared of reliance.

I tend to use either a simple flat file (like WorkSimple) or pjjTextBase (Torrentino for example) because they're quite easy to manipulate. I'm not sure why I don't use MySQL, being PHP's soul. Everything you see nowadays for PHP uses MySQL.

None of my applications use MySQL (or anything that is 'modern'). Hell, Sysode, Torrentino and Ticketo (my larger projects) all use PTB. Plus, flat file is faster. Skip the middleman, and write directly to the file system. Additionally, I tend to keep my projects/scripts small.