Reader Feedback
I’m interested in your feedback about my new book “Beginning CakePHP: From Novice to Professional.” Please visit the Forum to discuss the book, ask questions, or otherwise let me know what you think of the book. You can also reach me by commenting on blog posts or writing reviews on Amazon.com.
This book represents the first major effort to publish a CakePHP manual in English, and has gone through rigorous testing and technical reviews to get it to this point. Many of you got started with my first drafts of “The Newbie’s Guide to CakePHP” and made suggestions as far back as 14 months ago. That feedback has certainly culminated in what is now “Beginning CakePHP,” and was so valuable back then. I hope to get similar feedback from what is sure to be a wider audience with the release of a much larger and in-depth book. I can promise that I’ll consider your suggestions and who knows — maybe another edition will be ready as Cake matures into 1.2 and 2.0 releases.
As always, thanks for the support, and I hope you enjoy the read!
What Version of Cake Does the Book Use?
I’ve been asked this question many times. So, let me put your mind at ease if you’ve wondered this same thing. Beginning CakePHP: From Novice to Professional uses version 1.2 RC1.
I did my best to keep the book as up-to-date as possible, and some changes were happening during the final stages of the book (for one, version 1.2 RC2 was released), but I felt that regardless of when the book was to be published, it had to deal with 1.2 from start to finish. When the final proofs came back, I was able to remove flay(), for instance, since this is on the way out. And I was pleased that the Containable behavior made its way into the core in time for me to include a section on it in Chapter 14.
Obfuscate CakePHP Helper
Sometimes you may need to obfuscate your HTML markup. I know for one of my projects, I needed to set up a PayPal redirect page and didn’t want the data to be manipulated by any users, so I opted to obfuscate the markup using JavaScript functions. Obfuscation is by no means a perfect method for encrypting HTML markup, but it certainly makes hacking your stuff a pain, and generally gets the job done.
A CakePHP Helper
To simplify obfuscation methods for Cake, I put together the Obfuscate helper, which you can see below. Using it is easy. Copy the contents of the helper into the app/views/helpers/obfuscate.php file, then include the helper in your controller, like so:
var $helpers = array('Obfuscate');Then in the view, whatever you want to obfuscate, simply run:
$obfuscate->string('Markup to obfuscate');The Helper’s Code
Here’s the code you’ll need to copy to app/views/helpers/obfuscate.php:
<?php
/* Based on Ian Willis' iScramble PHP script: z-host.com/php/iscramble */
class ObfuscateHelper extends Helper {
/**
* Obfuscate::_rot13()
* ++ performs ROT13 enconding on a given string
* @param string $str The string to encode
* @access private
*/
function _rot13($str) {
$from = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$to = 'nopqrstuvwxyzabcdefghijklmNOPQRSTUVWXYZABCDEFGHIJKLM';
return strtr($str, $from, $to);
}
/* Perform the equivalent of the JavaScript escape function */
/**
* Obfuscate::_escape()
* ++ Equivalent of the JavaScript escape function
* @param string $plain The string to escape
* @access private
*/
function _escape($plain) {
$escaped = "";
$passChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789*@-_+./";
for ($i = 0; $i < strlen($plain); $i++) {
$char = $plain{$i};
if (strpos($passChars, $char) === false) {
$escaped .= sprintf("%%%02X", ord($char));
} else {
$escaped .= $char;
}
}
return $escaped;
}
/**
* Obfuscate::string()
* ++ Obfuscates a given string
* @param string $plain The string to obfuscate
* @param bool $longPwn Whether to use more JavaScript code for better obfuscation
* @param bool $rot13 Whether to use ROT13 encoding; takes longer to decode, not recommended for long strings
* @param string $sorry Markup to display if the user doesn't have JavaScript enabled in the browser
* @return Obfuscated JavaScript code
* @access public
*/
function string($plain, $longPwd=false, $rot13=false, $sorry="[Please Enable JavaScript]") {
$escaped = $this->_escape($plain);
if ($rot13) {
$escaped = $this->_rot13($escaped);
}
$numberOfColumns = 10;
$numberOfRows = ceil(strlen($escaped) / $numberOfColumns);
$scrambled = "";
$escaped = str_pad($escaped, $numberOfColumns * $numberOfRows);
$password = "";
srand(time());
for ($j = 0; $j < ($longPwd ? $numberOfRows : 1); $j++) {
$availChars = substr("0123456789", 0, $numberOfColumns);
for ($i = 0 ; $i < $numberOfColumns; $i++) {
$char = $availChars{ rand(0, strlen($availChars)-1) };
$password .= $char;
$availChars = str_replace($char, "", $availChars);
}
}
$scramblePassword = str_repeat($password, $longPwd ? 1 : $numberOfRows);
$scrambled = str_repeat(" ", $numberOfColumns * $numberOfRows);
$k = 0;
for ($i = 0; $i < $numberOfRows; $i++) {
for($j = 0; $j < $numberOfColumns; $j++ ) {
$scrambled{(((int)$scramblePassword{$k}) * $numberOfRows) + $i} = $escaped{$k};
$k++;
}
}
$javascript = "<SCRIPT>\n\n</SCRIPT>\n";
$javascript .= "<NOSCRIPT>\n$sorry\n</NOSCRIPT>\n";
return $javascript;
}
}
?>