Categories
Main PHP Tech WordPress

What Would Seth Godin Do

If you’re a marketer or a WordPress user, you might like the WordPress plugin I recently created. Based on a principle taught by Seth Godin, it lets you treat new visitors to your site different from returning visitors:

“What Would Seth Godin Do” WordPress plugin

Categories
Main PHP

Report on PHP Hacker Night

Last night John, Jonathan, Alvaro and I got together to talk PHP over dinner and dessert. I had fun and learned a lot. Here are my notes:

  • Sitening is a web development consultancy with a bunch of cool online tools and what appears to be a good blog. (I haven’t read it yet.) John printed a post from their blog about databases and PHP. I’m going to subscribe to it.
  • We talked about Qcodo, a code generator that John likes because it’s simple.
  • Alvaro really likes Propel for creating database objects to perform CRUD operations. It’s “intuitive” to use.
  • We discussed apt-get vs. yum, with the winner being apt-get.
  • We discussed Ruby on Rails and the similar frameworks for PHP such as Cake, Symfony, and PHP on Trax. John and Alvaro think these frameworks are too limiting, though if the scope of your project falls within the conventions of the framework they can be nice. They both prefer a lighter-weight framework.
  • Alvaro is building a custom, light-weight framework that will be simply combine Propel and Smarty. He’ll release it at protonframework.com when it’s ready.
  • Alvaro recommends the Selenium Firefox extension for code testing and automation. It can record each of your steps as you use your web app, then you can set up assertions (unit tests?), then you can run the recorded tests each time you make changes to your web app. This seems like a great way to test web apps consistently and thoroughly. I’m looking forward to trying Selenium.
  • We discussed the virtues of SVG and lamented that Internet Explorer doesn’t have better support for it. John uses SVG extensively for creating reports and modeling streets and traffic flow in his work.
  • Alvaro really likes XPath, a language for querying an XML document. On the browser side, XPath is useful for finding a certain node in the DOM. Firefox has a built-in Javascript function for running XPath queries on the DOM.
  • With AJAX John can change SVG reports in real time by changing the specific DOM node that needs to be updated. XPath could be useful here.
  • On the server side, XPath is useful for screen scraping. You can retrieve an HTML page, run it through Tidy to convert it to XML, then use XPath (through the PHP DOM library) to query it. Alvaro says its easier and more portable than writing regular expressions, which is how I currently do my screen scraping.
  • There are Firefox extensions for working with XPath. They allow you to click anywhere on a web page and see the XPath query that would retrieve that element.
  • Martin Fowler’s book was recommended.
  • By using the Apache directive “ForceType”, you can forgo the “.php” extension on your files and create pretty URL’s. (ALL of your files are parsed for PHP.)

The food was good and the company was excellent. I look forward to doing this again.

Categories
Main MediaWiki MySQL PHP Tech

Password protecting MediaWiki with mod_auth_mysql

MediaWiki is the powerful software on which Wikipedia and many other sites are built. It does not, however, come with the option to password protect pages from being viewed. (It can password protect pages from being edited.)

If you need to setup a private, members-only wiki for internal use, here is how you can do it with MediaWiki software and the Apache server extension mod_auth_mysql:

1. Install MediaWiki as usual. Create a user account for yourself.

2. Add the following line to your LocalSettings.php file, located in the root of your MediaWiki installation. This will cause MediaWiki to use a simple MD5 hash for user passwords in the database, instead of the more complicated “salted hash hash” that it normally uses.

$wgPasswordSalt = false;

3. Activate mod_auth_mysql in Apache. This is usually done with a LoadModule line in your Apache configuration file (httpd.conf), provided the module is available. (If not, you may need to compile or download the module.)

LoadModule mysql_auth_module libexec/apache2/mod_auth_mysql.so

4. Create a new MySQL user that has SELECT access to the “user_name” and “user_password” fields in the “user” table of your MediaWiki installation. Apache will use this MySQL user for connecting to the MediaWiki database.

5. Configure mod_auth_mysql to use the MediaWiki user table for authentication by placing the follow directives in your Apache configuration file:



AuthName "This wiki is password protected (make sure the first letter of the username is Uppercase)"
AuthType Basic
require valid-user
AuthMySQLEnable On
AuthMySQLHost localhost
AuthMySQLUser unprivilegeduser
AuthMySQLPassword thesecretpassword
AuthMySQLDB mediawikidatabase
AuthMySQLUserTable user
AuthMySQLNameField user_name
AuthMySQLPasswordField user_password
AuthMySQLPwEncryption md5
AuthMySQLAuthoritative On

6. Restart Apache.

Your installation of MediaWiki should now be password-protected, but your username and password will let you in. This protects the entire wiki; no one will even know that MediaWiki is present until they login. To give other people access, you can either create user accounts for them, or you can create a guest account that they can use until they sign themselves up.

P.S. Thanks to Gary Thornock for helping me with the details of installing mod_auth_mysql on FreeBSD.

UPDATE (2008-09-11):
The latest version of MediaWiki (version 1.13) uses a new password format which is incompatible with mod_auth_mysql. It prepends “:A:” to each MD5 hash. Here is a workaround:

1. Create a MySQL view that mirrors the username and password, minus the prefix:
CREATE VIEW user_view AS SELECT user_id, user_name, substring_index(user_password, ':', -1) AS user_password FROM user;
2. Configure mod_auth_mysql to use user_view instead of user as the lookup table.