Today I release a new php caging class for improved security – Peregrine.

I’ve always been impressed by the idea of a “variable cage” in programming. It’s an additional method of protecting your incoming variables and making sure that you only accept what you’re expecting.

If you’re not familiar with a cage, think of it as a class that copies any (usually incoming) data into an object while destroying the original “unclean” data. At this point you must access this data through the “cage”, which provides a whole bunch of ways to filter out what you don’t want.

So an incoming variable (through a GET/POST request for example) may only need to be a integer. You may use a method that returns or checks for integers, and either removes non-integer characters or returns false.

This provides an excellent wall against any malicious attackers, and really helps you define data validation more accurately within your projects.

There are some others out there, and some are very good. However, none worked as well or were as cleanly coded as I would have liked, so I’ve been working on Peregrine.

It’s hosted at github so you’re welcome to fork it and contribute back any fixes or feature requests you would like.

To learn how to use it, please read the documentation provided with the code and look through the class itself.

http://github.com/botskonet/Peregrine

Almost four years ago I launched MySquibbles.com – a community for parents and teachers to find and share links their children enjoy. It was a great idea and would have been extremely useful, but it failed for several reasons.

Primarily, it wasn’t enough to draw visitors. Parents tend to frequent sites that have parenting information from articles and advice, to links to great deals. Without offering that content as well, Squibbles wasn’t a place you would go because kids are not online that often until they’re older.

The other problem was that the average parent going online with their kids is a target audience that’s very difficult to market to. They typically only learn about things through other parents, school materials, or parenting magazines. Without any time to market or promote the website, it was left online only to serve as a good portfolio piece.

I’ve recently moved servers and during the transition, I made the decision to take the website offline. I’ve kept everything in the event that I want to restore it at some point, but for now it’s no longer needed.

When working with MySQL databases it’s often necessary to convert a regular field into one that refers to a second table using a foreign key. The process for this requires several steps:

1. Insert distinct column values into new secondary table.
2. Replace (update) existing table fields with proper foreign key for the related record in the secondary table.

This process can be time consuming if attempted manually. Luckily, MySQL 4.1+ allows for subqueries as well as the INSERT… SELECT… syntax.
(more…)

I’ve spent the past year doing all of my development using the Git version control system. It’s far better than than subversion and has made my job as project manager/developer/commit manager much easier.

However, since it does not use revision numbers like subversion it’s more difficult to include as build numbers or version numbers. I wanted some automated way to identify the build in some way other than a non-incremental SHA1-hash. The only solution I’ve been able to find (without using any external software) is as follows.

The workflow to make this process work as expected would involve the following:

• Prepare master for a new release. Create a new branch for the release and tag it with 1.0.
• Make a single commit on master (necessary to separate the history) and re-tag with something for the next revision, like 1.1-alpha.
• Tags on branch continue with 1.0-1, 1.0-2, etc. Tags on master continue with 1.1-alpha-1, 1.1-alpha-2, etc.

What’s problematic with this is the requirement to both tag and branch each time you want a release. You also need to add in a extra commit before re-tagging master so there’s an unwanted extra step.
(more…)

I was recently installing Bugzilla on a new server and ran into problems with the CGI perl module from CPAN being too recent. Apparently, version 3.47 has some issues, so I had to downgrade to 3.45.

Bugzilla recommends that you use their installer when the checksetup.pl script spits out missing modules. However, if you encounter problems or need older version, this won’t work.

However, their own script makes a copy of the CGI.pm file inside of the bugzilla libs/ directory.

In order to solve the issue, you need download and install the proper version, but then copy of the file to the bugzilla libs folder.


$ wget http://search.cpan.org/CPAN/authors/id/L/LD/LDS/CGI.pm-3.45.tar.gz
$ tar -xzvf CGI.pm-3.45.tar.gz
$ cd CGI*
$ perl Makefile.PL
$ make
$ make install
$ cp /usr/lib/perl5/5.8.8/CGI.pm /var/www/vhosts/trellisdev.com/subdomains/bugs/httpdocs/lib/CGI.pm


Then, continue with your checksetup.pl process as usual.