CakePHP: Authake plugin with installation guide

Finally the Authake Plugin have an Installation guide.

Basically the plugin provide Authentication and Authorization functionality for CakePHP’s appliation with few line of code. Authake has advanced User-Group-Role interface and allow you to secure your CakePHP’s application within a minute.

The current version of the Plugin is “wrapped” in a single folder (according to CakePHP 1.3 conventions) under the Plugins.

Update: This plugin has been addapted for CakePHP 2.0 by Mutlu Tevfik Kocak. Please use his repository for actual version of the plugin. https://github.com/mtkocak/authake

Share it:
  • Facebook
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Google Bookmarks
  • Yahoo! Buzz
  • Add to favorites
  • Identi.ca

Online html to pdf tool

html to pdf converter I just want to present a new tool for converting HTML to PDF – html-2-pdf.com. It’s basically an online converter which could transform any* web site to a PDF document. Generally it could be useful if you want to print a website, or for example if you want to save the content of the website for offline reading.

The site is really simple – just insert the address of the web page which you want to be converted and few seconds after that it is ready to be downloaded. The site is just an interface of the amazing wkhtmltopdf library.

I am open for suggestions about the functionality of the site.

* – for some reasons there are web sites which are not converted correctly. This is because of HTTP headers which these sites restricting.

Share it:
  • Facebook
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Google Bookmarks
  • Yahoo! Buzz
  • Add to favorites
  • Identi.ca

Careful with the links in the layout

When you building application most likely there are common links within the layout. They could be in a menu, or let’s say “edit profile” and ‘logout’ links which are visible everywhere. As you probably know if you use Html Helper the link could be either Cake-relative URL or array of URL parameters.

The problem may occur if you using the second option – the array.
Continue reading

Share it:
  • Facebook
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Google Bookmarks
  • Yahoo! Buzz
  • Add to favorites
  • Identi.ca

Problem with mysql_real_escape_string when Sanitize your data.

When building applications is always smart to check and clean the user input. This is a must when you building a website or public application.

I create always an instance of Sanitize class in my AppController and then using it in all of my controllers like this
Continue reading

Share it:
  • Facebook
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Google Bookmarks
  • Yahoo! Buzz
  • Add to favorites
  • Identi.ca

How to secure selectively admin location

Securing the admin part of the site is always tricky, especially for open source software CMS. A very good practice is to protect your admin directory with an extra .htaccess, because most of the damages has been done from exploits of the applications rather than brute force cracking.

There are many articles how to set up .htaccess authentication on Apache web server, but here I will explain how to set an extra password request only for Internet users while the users from Local Network should spare the extra password.

The scenario:
When the user in in the local network the administration part need to be accessible with the CMS default authentication, while if the user access the Administration from Internet, an extra password prompt will be shown.

1. Create your password file

# htpasswd -c /your_secret_location/.htpassword user
New password:
Re-type new password:
Adding password for user user

If you writing in an existing file don’t use the option -c

2. Setting the .htaccess
Depending of the server set up you can do this in your httpd.conf, or in apache2 style – in sites-available directory. So, let’s say we have a file in /etc/apache/sites-available called site.com which holds the record of the domain

<VirtualHost *:80>
        ServerAdmin email@site.com
        ServerName  site.com
        ...
        <Location /admin>
                 AuthType Basic
                 AuthName intranet
                 Satisfy any
                 Allow from 192.168
                 Order allow,deny
                 AuthUserFile /your_secret_location/.htpasswd
                 Require valid-user
        </Location>
        ...
</VirtualHost>

Here is the tricky part: The directive “Satisfy any”. By default the directive is set to all so it’s like AND:
If (you are in local net AND you are valid user) {access the location}

while Satisfy any is like OR
If (you are in local net OR you are valid user) {access the location}

More on this topic: Satisfy directive

Share it:
  • Facebook
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Google Bookmarks
  • Yahoo! Buzz
  • Add to favorites
  • Identi.ca

Adding notification when new order arrives. Magento

It’s very common practice the administrators to get notification mail when a new order is placed on the shop. Here is how to activate this feature in Magento for free (there is paid Admin Notification Module as well):

Log in into admin area, then go to System->Configuration menu. Scroll down to Sales section and click on the Sales Emails and select the first section Orders. Enter your admin e-mail in the field “Send Order Email Copy To”.

And here comes the tricky one 🙂 Select the option “Separate email” from the “Send Order Email Copy Method” field. I don’t know why, but if it’s selected “Bcc”, the e-mail to the admin wasn’t send.

It’s possible that this is fixed in the versions above 1.2.x, but I haven’t tested.

hope this helps someone.

Share it:
  • Facebook
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Google Bookmarks
  • Yahoo! Buzz
  • Add to favorites
  • Identi.ca

Web based CakePHP Project generation tool

Yesterday I found a tool which could be handy for rookie CakePHP developers. Atlas is a web code generator based in CakePHP. As a glance it’s a web alternative of CakePHP bake console which is a nice idea indeed.

My first impression was that tool is like diamond in the mud and I was wondering how I didn’t hear about this tool till now, but after installing I realized that it’s not so good as it looked like.

Why?

The first problem occurs in the generation of my first project – I’ve got a error message in Spanish which I couldn’t understand. I had to use Google translate for it, but after the translation, the message still doesn’t say much – “Failed to generate project skeleton”.

After debugging the code figuring out why this error means, I found that the application uses backslash as directory separator (\) ?!? and of course this lead to directories and files with strange names like /var/www/ctest\app\controllers directories where ctest\app\controllers was the full name of the directory :). I am on Ubuntu Desktop machine where backslash is not a directory separator.

Pros and Cons about this tool:

Pros:

  • Very nice interface – really big point for Atlas
  • It should work properly on windows environment and based on the features list and screenshots it quite intuitive.
  • I like web based development everything is in your web browser, so another big plus.

Cons

  • Not working as expected – the backslash problem described above
  • If you are not Spanish speaking person – you are in the middle of nowhere when you see error like this: Error: no se ha podido generar el esqueleto del proyecto
  • No documentation at all. I had to look in the code in order to get idea why I cannot create a project – Not clear labels (or at least no hints). Probably a hint like: Directory (enter a full path to the empty directory under htdocs) or similar could help a lot.

The conclusion:
Atlas looking like promising tool, still it’s far from the final version, but it’s worth to try it in Windows environment. 🙂 I definitely will follow that project in the future, so hopefully I could use it one day 🙂

Share it:
  • Facebook
  • Twitter
  • Digg
  • StumbleUpon
  • del.icio.us
  • Google Bookmarks
  • Yahoo! Buzz
  • Add to favorites
  • Identi.ca