I've been working on this shitty video sharing site for a couple weeks now and thought I'd try out some new things. I' used phpass for the password management and ended up using Twig as a template framework. I've never used a template engine before so I was new to using one. Twig is actually quite easy to implement into any of your projects. In your PHP script add:

require_once 'Twig/Autoloader.php';
Twig_Autoloader::register();

$loader = new Twig_Loader_Filesystem('templates');
$twig = new Twig_Environment($loader);
$template = $twig->loadTemplate('index.html');
echo $template->render(array('value' => 'test');

And that's it. In the example, 'index.html' is the template file. The array passes the variables onto the template. So, your index.html would look something like this:

This is a {{ value }} 

That would echo 'test'. The documentation for Twig is alright but it doesn't show how one uses the core extensions. See the below example as a block is transated for Twig's use:
 

      $a = $s + ($limit);
       if ($a > $numrows):
       $a = $numrows;
       endif;
       $b = $s + 1;
       echo "Showing results $b to $a of $numrows";

Becomes:

{% set a = s + limit %}
    {% if a > numrows %}
        {% set a = numrows %}
    {% endif %}    
{% set b = s + 1 %}  
   Showing results {{ b }} to {{ a }} of  {{ numrows }}

I figured out when you're calling a template, you're able to call two. So for example, the follow code will pass the variables into both index.tmpl and menu.tmpl

 $template = $twig->loadTemplate('index.tmpl', 'menu.tmpl');

I needed to do this because index.tmpl was my main page as to keep the entire sites template intact, I also needed to pass two variables to menu.tmpl. Before, I included my menu file, menu.inc.php' into the pages but that became broken after a while. What I changed was that I added Twig variables to menu.tmpl, which changes on whether a user is logged in. So, rather than using menu.inc.php anymore, I went to the template.
To include templates is simple:

{% include 'menu.tmpl' %}

Also, one could also extend one template with another. There are no foreach or while loops available in Twig but you can use this as a foreach statement:
 

{% for message,thing in test %}
    {{ message }} contains {{ thing }}
{% endfor %}

Twig also has a sandbox feature which seems great for sanitizing input and such. I'm definitely glad I found out about Twig; my code is much cleaner and doesn't look [as ] hideous.

^{[Photo by Honza Soukup]}

A couple years back when I released WorkSimple, my PHP knowledge was very limited. I went through a couple versions of WorkSimple adding features and such but without thinking of security. Then, about a year and a half ago, I came upon a zero-day exploit site [1][2] site. On the site, it chronicled the current exploits in WorkSimple. Now, of course I acted quickly and fixed the problems. At first, I was offended by this. Then, I realized the helping hand it had lent me. Not only did these sites show how one could use the exploit, but also how to fix it. The user login system used MD5 hashed passowords in a specified [plain text] file in a specified place. After, the hashes were salted and in a .php file as not to display the contents. 

It definitely made me think more about security; not that I did not before just more comprehensively. To this day, I'm surprised that people use WorkSimple. Besides the terrible coding of it, the design is attrocious (which will be updated in 2.0 of WS). So, these zero-day exploits helped me be a better coder. It's difficult to design a perfect application without having something breaking. Apart from the aforementioned notes, I would think that it even created a little bit more publicity for WorkSimple :)

WorkSimple 1.3.4 has been released! Numerous fixes are included with this release, along with the removal of the uploader module as it had security risks. Download here.

That's right! After almost a year, WorkSimple 1.3.3 is out! You can now edit and delete posts. Other little bugs are fixed too. Download here. See the upgrade tutorial for upgrade instructions.

I wanted to set up a development server to test more intensive PHP applications, and also a sandbox so I opted to get a typical web server stack on Solaris.

First thing's first: grab nginx from  Cool Stack page. There's some great packages there, like Apache, PHP and MySQL all in one. I decided to go with nginx for something light and something new. 

The binary for nginx is  /opt/coolstack/nginx/sbin/nginx so be sure to set your configuration in /opt/coolstack/nginx/conf/nginx.conf (pretty straight forward). Be sure to enable the FastCGI section in the config file!

Next thing is PHP. Pretty standard here. Get the source from php.net, configure and install. I ran ./configure with --prefix=/usr/local/php5 --enable-fastcg=/usr/local --enable-force-cgi-redirect --enable-cli --enable-zip --with-layout=GNU --with-regex=php --with-zlib=/usr/local --with-curl=/usr/local --enable-exif --with-gd 

Once that's done, set up your php.ini in /usr/local/php5/etc And of course, add cgi.fix_pathinfo = 1 to the end of the file. Now, for everything to piece together, you'll need FastCGI to parse PHP with nginx (as far as I know). Grab FastCGI from here and the standard compile commands.

Now, nginx was running but I couldn't get it to parse PHP. nginx was listening for port 9000 for FastCGI but it wasn't there. After a bit of Googling I found spawn-cgi, as it comes with lighttpd by default. Anyway, get spawn-cgi and install.

Finally, spawn FastCGI with:
/usr/local/bin/spawn-fcgi -a 127.0.0.1 -p 9000 -u www-data -f /usr/local/php5/bin/php-cgi

(You'll have to create user www-data if it doesn't exist).

And that's about it. I now have Proftpd on there, and it's running quite smoothly indeed. Any comments or ideas are welcome.

Been bored lately, so I'd thought I'd make an IRC bot in PHP. I wasn't sure how they worked, so I found this to be great: http://www.hawkee.com/snippet/5330/

I added a little more to it, using switch() instead of an if statement. So, instead of:

if ($rawcmd[1] == "!sayit") {

I changed it to

 switch(rtrim($rawcmd[1])) {

and of course everything else in between. 
See the full code here: http://pastebin.com/4F9XPkVx or here http://pastebin.org/205819
Not much has changed, but with switch() I found it easier to add more commands. Again, I didn't write most of it. Feel free to test it out though.

Domain expired little while ago (geekness.eu), so all my links are now dead. Ugh. I didn't raise any money whatsoever through donations so I couldn't renew the domain. The URL for my blog is the original, easton.4fd.us

Anyway, Sysode got some new features. Users can now make projects publicly available for viewing. Public users can view the overview of the project, bugs and tasks. More to come, as well. Speed could be an issue down the road, Sysode is one of my bigger projects. Conversion to MySQL or PostreSQL might be needed down the road, as it uses pjjTextBase instead. For the amount of users now (that is, none), it runs fine. 

All of my projects are falling behind. I'm falling behind. Torrentino hasn't changed in months now, other than the new ads I added last week. I get decent traffic on my website, but sadly, no money. At least hosting is free, thanks to Web Hosting Serice (thanks a lot!). WorkSimple is stable yet theres an exploit or two that's out there. I don't know why I'm not worry about that. Rest of my site is in a state of disorganization, and frankly, I don't care. That's me.

Friday night, four day weekend w00t. Got 10.5.2 running again, as when I installed a Ti 200 (swapping it out for a Geforce 5200), OpenSolaris wouldn't boot properly. Everything was messed up. Since I'm that lazy, I douched it out for OS X.

Life's been the same, my blogging life has swindled down as well. I have an old 5" TV/radio (it has a handle on top!) of which I connected to a VCR hooked to one of my spare computers. You get a mess of cables and a very very small monitor. I had to sit an inch away from it to read anything.

Sysode has caught my interest again, I've added some new features too. Fixed some bugs and added the ability for public viewing of the project, check it out.

Celebrated 100 days of uptime on my fileserver the other day. I mainly use it as a SMB/FTP/NFS server and I can say it's pretty solid. 500MHz with 512MB's of RAM, and my first RAID experience as well.

Other than that, it's been quite boring. This is meant as a recap of the things that I've done, though I'm not in a rush.

WorkSimple 1.3.0 has just been released, download here:http://geekness.eu/sites/default/files/worksimple_1.3.0.zip

^{Photo taken by me!}

I've been using PHP for a bit over a year and half. It's come to my conclusion, that I've never used MySQL in any of my applications. I think I'm scared of reliance.

I tend to use either a simple flat file (like WorkSimple) or pjjTextBase (Torrentino for example) because they're quite easy to manipulate. I'm not sure why I don't use MySQL, being PHP's soul. Everything you see nowadays for PHP uses MySQL.

None of my applications use MySQL (or anything that is 'modern'). Hell, Sysode, Torrentino and Ticketo (my larger projects) all use PTB. Plus, flat file is faster. Skip the middleman, and write directly to the file system. Additionally, I tend to keep my projects/scripts small.

Maybe it's just me, but I think that MySQL (or PostgreSQL) is overkill for some applications. Take doobleg for example. Simple 9 column database. On the other hand, Sysode uses 6 different DB's.

The terrible thing about flat file databases is scalability. Ugh, shoot me before I have to scale a single file.

Then again, SQLite seems pretty cool, I might check that out. I think TPB use(d) SQLite.

On another note, I fixed up Sysode and I think I might purchase a domain; considering sysode.com/info/net/org are all available ;)