Category: CakePHP

New Secure Password Hashing API In PHP 5.5

Posted on by Jay

The fifth release of PHP, also known as PHP 5.5, was released in this year with great new features and updated standards. One of the most exciting aspects of the update is the Password Hashing API, which aims to provide a universal standard for password hashing functions.

Hashing is a way to store user passwords so that they are not stored in clear text but can still be verified when users log in again. With this new standard, you can use one function (password_hash) to create an account verification token for your user login system. You use another function (password_verify) to validate a hashed password when users sign up or reset their password again.

From the analysis reports, it is now believed that work has officially begun on PHP 5.5. It will be the first major update since the release of the version earlier this year.

Never miss an update from us. Join 10,000+ marketers and leaders.

In recent years major update releases for PHP were very slow, so it will be interesting to see how fast or slow PHP 5.5 will come into the development process.

Among all the updates in PHP 5.5 the most impressive feature is the new Password Hashing API.

According to some recent security attacks, it is now revealed that a vast majority of PHP developers either don’t understand the password hashing or don’t think it’s worth an effort.

The current implementation of password hashing using crypt() is difficult to implement and work with, but by providing a simple API for password hashing, it will become easier for the developers to simply call the API which will take care of all the issues of the PHP development. Eventually, more projects and developers will be able to use secure password hashing.

It makes sense to include this feature, but let’s just hope for an early official release of this version, so that the PHP developers can take advantage of this security innovation.

Conclusion

The Password Hashing API is a great addition to PHP. It simplifies the process of creating and verifying password hashes. The API is compatible with existing methods and can be used for many different systems, which makes it a useful tool for developers. The Password Hashing API is available in PHP 5.5 and newer versions. This new standard aims to unify the password hashing process and create a universal method to create and verify password hashes.

How To Send Files To Remote Server Via SSH In PHP

Posted on by Prakash S.

You may have faced a situation where you need to send server files to a remote server. If you are working on a website that requires remote server access and files regularly, it is impossible to keep on transferring the file every time they are updated.

This means that you cannot keep these files in your local system and need to transfer them to the remote server only when they’re updated. To do this, you will need SSH access to the server so that you can send files securely via SFTP or any other secure file transfer protocol.

Once you learn how to set up SSH access, there are some things that you need to know about how SSH works and how it’s used with different servers.

Never miss an update from us. Join 10,000+ marketers and leaders.

This example describes ‘How to SSH to remote server in PHP and send files from one server to another server using libssh2.’

ssh2_connect() – Connect to a remote server
ssh2_scp_send() – Send a file via SSH
ssh2_exec() – Execute a command on a remote server

Install libssh2 and then install PECL SSH2 extension for PHP.

Example:   

$ip = "192.168.2.101";
$username = "test";
$port = 22;
$public_ssh_key = "/var/www/html/ssh_keys/id_dsa.pub";
$private_ssh_key = "/var/www/html/ssh_keys/id_dsa";
 
if(function_exists("ssh2_connect")) {
$ssh_conn = ssh2_connect($ip, $port);
if($ssh_conn) {
//Validate your username with ssh keys
if(ssh2_auth_pubkey_file($ssh_conn, $username, $public_ssh_key, $private_ssh_key, 'secret')) {
 
// Check file list
$stream = ssh2_exec($ssh_conn, 'ls -l /home/test/');
if($stream) {
stream_set_blocking($stream, true);
while ($buf = fread($stream,4096)) {
flush(); // comment this line
$data.=$buf;
print_r($buf); // comment this line
}
fclose($stream);
}
 
// send file from one server to another
ssh2_scp_send($ssh_conn, '/path/from/file.ext', '/home/test/file.ext', 0777);
 
}
else {
die("SSH validation failed using Username: ".$username." (specify valid SSH keys or check your SSH key path)");
}
}
else {
die("SSH validation failed for IP: ".$ip);
}
}
else {
die("'ssh2_connect()' doesn't exists. Install libssh2 with PECL SSH2 extension");
}

Other commands:

ssh2_sftp() – Initialize SFTP subsystem
ssh2_sftp_mkdir()– Create directory on remote server

$sftp = ssh2_sftp($ssh_conn);
ssh2_sftp_mkdir($sftp, '/var/www/html/test');

ssh2_auth_password()  – Authenticate over SSH using a plain password
ssh2_auth_pubkey_file() – Authenticate using a public key
ssh2_shell() – Request an interactive shell
ssh2_tunnel() – Open a tunnel through a remote server

How To Migrate CakePHP 1.x To 2.x

Posted on by Jay

Today, we will focus on what we need to do to get CakePHP 1.3 application upgraded to CakePHP 2.2.3-the latest official stable release

Installation

This is pretty straight forward, same as CakePHP 1.3 version.
Download and unzip the CakePHP 2.2.3 and follow these below-mentioned instructions.

Configuration

  • core.php
  • Make sure to copy the security.salt and Security.cipher_seed from your old core.php
  • Take notice of how errors, sessions and caching have changed.
  • database.php
  • There is a minor change on this file,
  • CakePHP 1.3: ‘driver’ => ‘mysqli’
  • CakePHP 2.2.3: ‘datasource’ => ‘Database/Mysql’
  • routes.php
  • Don’t overwrite this file with your older one.
  • You can place your custom routes before or after CakePlugin::routes()
  • bootstrap.php
  • Copy all functions, constants and other code from your old bootstrap into the new one.

Folder Structure

  • The cake folder is now inside lib folder. There is nothing to do with this.
  • Files and folders are now CamelCased instead of lower_underscored
  • Example: The “users” folder inside the View becomes “Users”
  • The controller files are now UsersController.php instead of users_controller.php
  • project_user_controller.php becomes “ProjectUsersController.php”
  • The model files are now User.php instead of user.php
  • project_user.php model becomes “ProjectUser.php”
  • The components files are now FormatComponent.php instead of format.php
  • The helpers files are now DatetimeHelper.php instead of datetime.php

Moved APP files

  • The parent app_classes have been moved and renamed as well.
  • Instead of app_controller.php, app_model.php, and app_helper.php now become Controller/AppController.php, Model/AppModel.php, and View/Helper/AppHelper.php.

Auth Component and Login

  • Auth now supports multiple authorization adapters that can all be used together
  • Cake 1.3.x was automatically checking if user has correctly entered username/password inside your login () method of users_controller but in cake 2.x we need to manually call $this->Auth->login () this returns Boolean value based on successful login or failure.

If you are using “email” as your login field name
CakePHP 1.3: (inside AppController beforeFilter)

$this->Auth->fields = array('username' => 'email', 'password' => 'passw

CakePHP 2.2.3: (inside AppController beforeFilter)

$this->Auth->authenticate = array('Form' => array('fields' => array('username' => 'email', 'password' => 'password')));

Auth Login

CakePHP 2.2.3: (inside UsersController login function)

if (!empty($this->request->data)) {
if ($this->Auth->login()) {
$this->redirect($this->Auth->redirect());
} else {
//$this->Session->setFlash('Your Email or Password was incorrect.');
}
}

CakePHP 2.x auth automatically hashes the password on login but not on save.

We can add a beforeSave() method on the User model to hash the password.

public function beforeSave($options = array())
{
$this->data['User']['password'] = AuthComponent::password($this->data['User']['password']); return true;
}

Request Data

  • CakePHP 2.0 has done some request related changes.
  • The Request Object does not have “form” element any longer.
  • You will need to replace $this->params[‘form’] with $this->request[‘data’] or $this->request->data.
  • $this->data needs to be replaced with $this->request->data
  • So, now we can use $this->request->data on both form submit and AJAX post.
  • Now, we need to check !empty($this->request->data) instead of “!empty($this->data)” while saving a form.

Views Changes

  • Use $this->Html->link() instead of $html->link()
  • Use $this->Form-> instead of $form->
  • Use $this->Session-> instead of $session->
  • Use $this->Paginator-> intead of $paginator ->
  • For JavaScript inclusion use $this->Html->script(“”) instead of $javascript->link()

Moved Email Elements

  • Email elements have been moved from views/elements to View/Emails.

Helpers

  • The Ajax, Javascript, and XML helpers have been removed. You will need to replace these helper calls with appropriate alternatives
  • Helpers can no longer be called with “$helper->function()”. You need to update your helper calls to use $this->Helper->function()
  • If you are loading or importing your helpers inside another custom helper or component,
  • $myhelper = new DatetimeHelper() becomes $myhelper = new DatetimeHelper($this->_View) or $myhelper = new DatetimeHelper(new View(null))

Components

  • All component files should be extended by Component Class instead of Object

DB and Code Caution

  • There is no Enum Support in cakephp2.x as sql server doesnt have similar datatype.
  • You can change enum to tinyint(2)
  • In cake 1.3 used tinyint(1) for is_active database fields.
  • While retrieveing from database it returns 0/1
  • But, cakePHP2.x no longer returns as 0. This will return bool(true) /bool(false)
  • Boolean column values will be casted to php native boolean type automatically.

__() Function and Pagination

  • The __() function no longer has the option to echo. It always returns
  • Change the Pagination code,

CakePHP 1.3:

echo $this->Paginator->counter(array( 'format' => __('Page %page% of %pages%, showing %current% records out of %count% total, starting on record %start%, ending on %end%'', true)));

CakePHP 2.2.3:

echo $this->Paginator->counter(array( 'format' => __('Page %page% of %pages%, showing %current% records out of %count% total, starting on record %start%, ending on %end%'')));

The Orangescrum Feature Summary

Posted on by Jay

Constant updates to Orangescrum takes place as the engineers keep on adding new features almost every day. With these new features, your project management will now be simpler, faster, and transparent. Here are a few added:

Case Templates: Create templates for repetitive cases and choose them while posting cases.

Project wise Case Search: Search cases project-wise for effective easy case tracking & project management.

Case Glide Chart: A graphical chart to track bugs, enhancements, development, R & D, Quality Assurance, Maintenance and upgradations during a certain period in the project timeline.

Case Glide Chart

File or Case Archiving: You can archive files or cases not used anymore and also restore them back when needed.

Image Viewer and Direct Image Links: View attached images in your projects through the pop-up image viewer. Also, view images on Orangescrum from direct mail links and download them.

Image Viewer and Direct Image Links

Improved Email Notifications: You can now set preferences for receiving email notifications to admin or team members regarding projects/milestones etc.

Improvised Milestones Management: Keep track of overdue and upcoming milestones.

Improvised Milestones Management

(OPTIONAL)

We’re on the process of adding some new features like calendars, Improved Time Tracking, and Project Report Generation to our future updates.

Keep visiting the space for more updates.

Why Hire PHP Developers for High Quality Web App Development

Posted on by Jay

PHP is a widely-used Open Source, general-purpose, cross-platform & HTML embedded server-side scripting language, that suits web development.

PHP Framework is a fundamental platform that helps programmers for rapid and effective development. It’s one of the powerful tool which helps to tweak code in a standard configured manner & can be used with many relational database management systems (RDBMS).

Reasons of Choosing PHP scripting language

Simple and Easy To Learn

PHP is one of the easiest scripting language to learn and understandable by developers. The syntax is somewhat similar to Java and C. However, knowledge of HTML is the only prerequisite to code in PHP.

Instant Support

When a developer stuck with any coding issue, there are huge numbers of references, forums and support communities available online and they are free. This is simply because, PHP is very popular, widely used and having the largest user base.

Supports All Major OS

PHP can be run on top of major operating systems such as Windows, Linux, UNIX, Mac OSX and so on.

Free of Cost

PHP is an open source and 100% Free for use by anyone. This cuts down cost of production as well as hosting. For these reasons it enjoys popularity over other expensive scripting languages such as ASP, JSP and others.

Integration

PHP makes developers life easy as it can be integrated easily with any of the systems like MongoDB, Memcache, Pusher and more. More or less PHP applications can cater any verticals such as banking sectors, health/hospital industry, government sector or corporates and so on.

Frameworks

PHP developers can develop robust application within a very short time frame using a variety of frameworks like Symfony, Slim, Silex, Zend and Aiki. Each framework allows you to avail a set of benefits including code reuse, better session management and database access libraries.

Easier to fix problems

It is obvious that the web application development is not free from issues, however with PHP it is comparatively easier to troubleshoot than it’s counterparts. This is because with each request, PHP cleans up and starts over. So issue with one request does not affect another request.

Scalability

Scalability is always in demand be it for databases, hosting, or programming, scalability. PHP is built in such a way that you can easily increase your cluster size with grow of your projects.

Object Oriented

Java and Windows COM objects can be called called from PHP. Also PHP allows to create custom classes which in turn can be borrowed by other classes. This is one of the useful capabilities of PHP.

Speed

PHP does not take lot of system resource and operates much faster than other scripting languages. PHP maintains its speed even if it is used with other software. Since PHP is out for a long time, continuous effort is on to make it even better. As a result of which it is fairly stable compared to it’s counterparts.

While planning anything on CakePHP, you should always choose a reliable company like Andolasoft to handle your work. Get in touch to convert your ideas into app.

How To Generate PDF File In CakePHP

Posted on by Netrananda M

TCPDF is a free and open source software one of the widely used PHP libraries in the world. This is because of the fact that it already included in the most popular PHP-based CMS and applications including CakePHPHow to generate pdf file in cakephp.

The installation is pretty straight forward and easy-to-use in CakePHP Framework. Many web applications use this as output documents like invoices, contracts or just web pages in the PDF format.

 

Following are the steps to integrate TCPDF in CakePHP MVC framework.

Step 1:

  • Go to http://www.tcpdf.org and download the latest version of TCPDF zip file.
  • Then unzip the zip file and save under the Vendor folder in cakephp framework(app\vendors)
  • This creates a directory tcpdf there with tcpdf.php and more in it (app\vendors\tcpdf)
  •  You can configure the PDF file Like header Logo Image, Page Title, page Margin etc. in the TCPDF configure file (app->vendors->tcpdf-> tcpdf_config.php)

Step 2:

You can create your own header and footer page of your PDF file. Create a page “xtcpdf.php” under app/vendors with these contents as shown below.

App::import('Vendor','tcpdf/tcpdf');
class XTCPDF extends TCPDF
{
var $xheadertext = 'PDF created using CakePHP and TCPDF';
var $xheadercolor = array(0,0,200);
var $xfootertext = 'Copyright © %d XXXXXXXXXXX. All rights reserved.';
var $xfooterfont = PDF_FONT_NAME_MAIN ;
var $xfooterfontsize = 8 ;
/* Change header text and font size as per your requirement in the above variable*******/
function Header()
{
list($r, $b, $g) = $this->xheadercolor;
$this->setY(10); // shouldn't be needed due to page margin, but helas, otherwise it's at the page top
$this->SetFillColor($r, $b, $g);
$this->SetTextColor(0 , 0, 0);
$this->Cell(0,20, '', 0,1,'C', 1);
$this->Text(15,26,$this->xheadertext );
}
function Footer()
{
$year = date('Y');
$footertext = sprintf($this->xfootertext, $year);
$this->SetY(-20);
$this->SetTextColor(0, 0, 0);
$this->SetFont($this->xfooterfont,'',$this->xfooterfontsize);
$this->Cell(0,8, $footertext,'T',1,'C');
}
}
?>

Step 3:

Create your layout under app/views/layouts/pdf.ctp;

header("Content-type: application/pdf");
echo $content_for_layout;
?>

Step 4:

Here is the Controller code which will display output code of generating PDF file;

function view_pdf($id = null) {
if (!$id) {
$this->Session->setFlash('Sorry, there was no PDF selected.');
$this->redirect(array('action'=>'index'), null, true);
}
$this->layout = 'pdf'; //this will use the pdf.ctp layout
$this->render();
}

Step 5:

Create a page under your view directory (app/views/) named as “view_pdf.ctp” (this name can be change as per your controller method) and write your HTML code/PHP code.