Installing xDebug PHP module causes – wrong ELF class: ELFCLASS64 – error

Problem description: You had installed lampp to work on some web projects of yours. After a while you decided that it’s time to set up some IDE and chose xDebug to be responsible of PHP debugging. You followed tailored installation instructions from http://xdebug.org/wizard.php, restarted Lampp and got error like this one:

“Failed loading /opt/lampp/lib/php/extensions/no-debug-non-zts-20090626/xdebug.so:  /opt/lampp/lib/php/extensions/no-debug-non-zts-20090626/xdebug.so: wrong ELF class: ELFCLASS64″
Also, the xDebug module is not included anywhere in output of phpinfo() function.

Cause: You probably have 64-bit Windows/Linux distribution and you compiled your PHP/Lampp in 32-bit mode, but xDebug extension (xDebug.so) in 64-bit mode. You need to recompile and fix it.

Solution: (works for Ubuntu/Lampp configuration)

• Download Latest XDebug Source file
• Unpack package, run: tar -xvzf  xdebug-2.2.1
• Run: cd xdebug-2.2.1
• Run: phpize
• Run: sudo apt-get install g++-multilib
• Run: CFLAGS=-m32 CPPFLAGS=-m32 ./configure
• Run: make
• Copy .so file to folder with extensions, run: sudo cp modules/xdebug.so /opt/lampp/lib/php/extensions/no-debug-non-zts-20090626
• Edit /opt/lampp/etc/php.ini and add the line just before [Data] line, run: sudo gedit /opt/lampp/etc/php.ini
  zend_extension = /opt/lampp/lib/php/extensions/no-debug-non-zts-20090626/xdebug.so
• Restart web server, run: sudo /opt/lampp/lampp restart
• Have fun

Installing xDebug PHP module on XAMPP on Ubuntu

• Download Latest XDebug Source file
• Unpack package, run: tar -xvzf  xdebug-2.2.1
• Run: cd xdebug-2.2.1
• Run: phpize
• Run: sudo apt-get install g++-multilib
• Run: CFLAGS=-m32 CPPFLAGS=-m32 ./configure
• Run: make
• Copy .so file to folder with extensions, run: sudo cp modules/xdebug.so /opt/lampp/lib/php/extensions/no-debug-non-zts-20090626
• Edit /opt/lampp/etc/php.ini and add the line just before [Data] line, run: sudo gedit /opt/lampp/etc/php.ini
  zend_extension = /opt/lampp/lib/php/extensions/no-debug-non-zts-20090626/xdebug.so
• Restart web server, run: sudo /opt/lampp/lampp restart
• Have fun

Installing PHPUnit on XAMPP on Ubuntu

the unit testing framework that is used within the yii framework to carry out unit tests on things like class methods etc. It should be installed using the PEAR installer that comes with PHP. I have downloaded XAMPP (version 1.7.7) onto a Ubuntu (version 12.04) system and therefore php is built into the software stack and is installed at:

/opt/lampp/bin

Other blogs and documentation has stated that the pear command can be called directly however I have to use the following syntax to get the thing installed in ubuntu (version 10.10) open the shell and give the full path to the pear shell script:

sudo /opt/lampp/bin/pear channel-discover pear.phpunit.de
sudo /opt/lampp/bin/pear channel-discover components.ez.no
sudo /opt/lampp/bin/pear channel-discover pear.symfony-project.com

I assume that these three line point the PEAR installer to the appropriate libraries. I then tried the following line and got various error messages due to an inadequate version of the PEAR installer.

sudo /opt/lampp/bin/pear -V

if the version PEAR installer needs to be upgraded using the following line:

sudo /opt/lampp/bin/pear upgrade pear

At this stage I discovered if you try to install the phpunit another package / library is required, namely Cache_Lite. Use the following command to update this:

sudo /opt/lampp/bin/pear upgrade pear/Cache_Lite

this resulted in another warning and the recommendation to use the following command:

sudo /opt/lampp/bin/pear channel-update pear.php.net

which did not seem todo much however it worked. The final installation to add the phpunit to the xampp installation is:

sudo /opt/lampp/bin/pear install phpunit/PHPUnit

In order to actually run a unit test I then use the following command from the terminal window:

/opt/lampp/bin/php /opt/lampp/bin/phpunit path/to/test/fileTest.php

The first parameter identifies PHP, the second runs the phpunit.php file and the third identifies the testfile.php to be run. Good to go! running unit testing along with the XAMPP installation.

RESTful Web services

Representational State Transfer (REST)

REST defines a set of architectural principles by which you can design Web services that focus on a system’s resources

REST Web service follows four basic design principles:

• Use HTTP methods explicitly.
• Be stateless.
• Expose directory structure-like URIs.
• Transfer XML, JavaScript Object Notation (JSON), or both.

Use HTTP methods explicitly

REST asks developers to use HTTP methods explicitly and in a way that’s consistent with the protocol definition. This basic REST design principle establishes a one-to-one mapping between create, read, update, and delete (CRUD) operations and HTTP methods. According to this mapping:

• To create a resource on the server, use POST.
• To retrieve a resource, use GET.
• To change the state of a resource or to update it, use PUT.
• To remove or delete a resource, use DELETE.

Be stateless

independent request doesn’t require the server, while processing the request, to retrieve any kind of application context or state. A REST Web service application (or client) includes within the HTTP headers and body of a request all of the parameters, context, and data needed by the server-side component to generate a response. Statelessness in this sense improves Web service performance and simplifies the design and implementation of server-side components because the absence of state on the server removes the need to synchronize session data with an external application.

Figure 1. Stateful design

Figure 2. Stateless design

Expose directory structure-like URIs

REST Web service URIs should be intuitive to the point where they are easy to guess. Think of a URI as a kind of self-documenting interface that requires little, if any, explanation or reference for a developer to understand what it points to and to derive related resources. To this end, the structure of a URI should be straightforward, predictable, and easily understood.
One way to achieve this level of usability is to define directory structure-like URIs. This type of URI is hierarchical, rooted at a single path, and branching from it are subpaths that expose the service’s main areas. According to this definition, a URI is not merely a slash-delimited string, but rather a tree with subordinate and superordinate branches connected at nodes. For example, in a discussion threading service that gathers topics ranging from Java to paper, you might define a structured set of URIs like this:

http://www.myservice.org/discussion/topics/{topic}

The root, /discussion, has a /topics node beneath it. Underneath that there are a series of topic names, such as gossip, technology, and so on, each of which points to a discussion thread. Within this structure, it’s easy to pull up discussion threads just by typing something after /topics/.
In some cases, the path to a resource lends itself especially well to a directory-like structure. Take resources organized by date, for instance, which are a very good match for using a hierarchical syntax.
This example is intuitive because it is based on rules:

http://www.myservice.org/discussion/2008/12/10/{topic}

http://www.myservice.org/discussion/{year}/{day}/{month}/{topic}

Some additional guidelines to make note of while thinking about URI structure for a RESTful Web service are:
Hide the server-side scripting technology file extensions (.jsp, .php, .asp), if any, so you can port to something else without changing the URIs.

• Keep everything lowercase.
• Substitute spaces with hyphens or underscores (one or the other).
• Avoid query strings as much as you can.
• Instead of using the 404 Not Found code if the request URI is for a partial path, always provide a default page or resource as a response.

Transfer XML, JSON, or both

MIME-Type	Content-Type
JSON	application/json
XML	application/xml
XHTML	application/xhtml+xml

This allows the service to be used by a variety of clients written in different languages running on different platforms and devices. Using MIME types and the HTTP Accept header is a mechanism known as content negotiation, which lets clients choose which data format is right for them and minimizes data coupling between the service and the applications that use it.

Facebook notifications when someone comments on your site

How to ensure you get Facebook notifications when someone comments on your site ?

However, Facebook will not, by default, let you know when someone comments on your blog. In most cases, you will want to get notifications so you can maintain some moderation of the comments.

Visit the Facebook Comments Moderation tool page on the Facebook Developers site. Click “Settings” over on the right hand side. This will open some basic settings for your comments box.

You can enter your own name to select your Facebook profile as a moderator. Also, enter any other friends who will be monitoring comments for your site.

Here are the settings I recommend:

Now, you should get a Facebook notification whenever someone comments on your site.

If this doesn’t work, return to the comments moderation tool settings screen. Take note of the Application ID at the top, then double check to ensure it is the same number that you find in the “FB:App_id” meta tag. (<meta property="fb:app_id" content="{YOUR_APP_ID}">)

CSRF – Cross Site Request Forgery

What is CSRF or Cross Site Request Forgery ?

allows an attacker to capture and replay a previous request, and sometimes submit data requests using image tags or resources on other domains.

How does the attack work?

There are numerous ways in which an end-user can be tricked into loading information from or submitting information to a web application. In order to execute an attack, we must first understand how to generate a malicious request for our victim to execute. Let us consider the following example: Alice wishes to transfer $100 to Bob using bank.com. The request generated by Alice will look similar to the following:

POST http://bank.com/transfer.do HTTP/1.1
...
...
...
Content-Length: 19;

acct=BOB&amount=100

However, Maria notices that the same web application will execute the same transfer using URL parameters as follows:

GET http://bank.com/transfer.do?acct=BOB&amount=100 HTTP/1.1

Maria now decides to exploit this web application vulnerability using Alice as her victim. Maria first constructs the following URL which will transfer $100,000 from Alice’s account to her account:

http://bank.com/transfer.do?acct=MARIA&amount=100000

Now that her malicious request is generated, Maria must trick Alice into submitting the request. The most basic method is to send Alice an HTML email containing the following:

<a href="http://bank.com/transfer.do?acct=MARIA&amount=100000">View my Pictures!</a>

Assuming Alice is authenticated with the application when she clicks the link, the transfer of $100,000 to Maria’s account will occur. However, Maria realizes that if Alice clicks the link, then Alice will notice that a transfer has occurred. Therefore, Maria decides to hide the attack in a zero-byte image:

<img src="http://bank.com/transfer.do?acct=MARIA&amount=100000" width="1" height="1" border="0">

If this image tag were included in the email, Alice would only see a little box indicating that the browser could not render the image. However, the browser will still submit the request to bank.com without any visual indication that the transfer has taken place.

String could not be parsed as XML

Cakephp 2.0

Warning (2): SimpleXMLElement::__construct(“URL”) [simplexmlelement.--construct]: failed to open stream: HTTP request failed! HTTP/1.1 400 pt missing.
[CORE/Cake/Utility/Xml.php, line 97]

To Fix it
Open lib/Utility/XML.php
Line 96
if ($options['return'] === ‘simplexml’ || $options['return'] === ‘simplexmlelement’) {
if (@simplexml_load_string($input)) {
return new SimpleXMLElement($input, LIBXML_NOCDATA, true);
} else {
return array();
}

}

Run Xampp On Ubuntu 12.04

Download & Install Xampp

Issue following command at terminal

sudo apt-get install ia32-libs

then start XAMPP as usual

PHP Headers and Popular Mime Types

Atom

header('Content-Type: application/atom+xml');

header('Content-Type: application/atom+xml');

CSS

header('Content-Type: text/css');

header('Content-Type: text/css');

Javascript

header('Content-Type: text/javascript');

header('Content-Type: text/javascript');

JPEG Image

header('Content-Type: image/jpeg');

header('Content-Type: image/jpeg');

JSON

header('Content-Type: application/json');

header('Content-Type: application/json');

PDF

header('Content-Type: application/pdf');

header('Content-Type: application/pdf');

RSS

header('Content-Type: application/rss+xml; charset=ISO-8859-1');

header('Content-Type: application/rss+xml; charset=ISO-8859-1');

Text (Plain)

header('Content-Type: text/plain');

header('Content-Type: text/plain');

XML

header('Content-Type: text/xml');

header('Content-Type: text/xml');

Cakphp2 TCPDF

Download TCPDF and extract Package to app/Vendor

In controller action
$this->response->type(‘pdf’); (new in Cakephp 2)
$this -> layout = ‘pdf’;

In pdf layout
echo $content_for_layout;

In your view
App::import(‘Vendor’, ‘tcpdf/config/lang/eng’);
App::import(‘Vendor’, ‘tcpdf/tcpdf’);

// create new PDF document
$pdf = new TCPDF(PDF_PAGE_ORIENTATION, PDF_UNIT, PDF_PAGE_FORMAT, true, ‘UTF-8′, false);

And Go on..