Sunday, December 20, 2009

SyntaxHighlighter 2.1 test ob blogger

/**
     * SyntaxHighlighter
     */
    function foo()
    {
        // it works!
    }
SyntaxHighlighter 2.1 failure! Maybe next time I'll find out how to make it work.

Monday, December 07, 2009

Easy installation of Microsoft Office 2007 in Fedora 12 using Wine

As far as I'm concerned, the only thing that forces me to use Windows or Mac from time to time is lack of Microsoft Office World, Excel and PowerPoint 2007 in Linux. In the web you can find info how to install it using wine in Ubuntu, but I could not find much about Fedora, especially Fedora 12. Here I present my experience of installing Office 2007 in Fedora 12. I must admit though, the what I'm going to write is based on my memory, so please feel free to comment if I skipped or made some mistakes.

First thing that we need to do is to install wine (in fedora 12 it is wine-1.1.32-1) sudo yum install wineNow we can install Microsoft Office 2007 from CD. I used Microsoft Office 2007 Enterprise and I install only Word, Excel and PowerPoint and some default common office tools. For the installation I did not had to do any tweaking of wine, or did not had to use winetricks to download any additional dlls!

After the installation, I could start Word and Excel, but not PowerPoint. Also Equation editor in Word did not work, since the windows with default equation formulas were empty!

To fix it, it was necessary to go to Libraries in winecfg and in "New override for library" select usp10 and then set it to native as seen below:


This was enough to make equations work and also enough to start PowerPoint, though I'm not sure of the former.

I also tried to install Microsoft Office 2007 Service Pack 2, but without success. To install this service packed I tried installing some stuff from winetricks, changing some dlls from build in to native, but nothing seemed to work.

In concussion, to install and run Microsoft World 2007, Excel 2007 and PowerPoint 2007 nothing special was necessary. Just install wine from repositories, and set usp10 library to native in winecfg window. However, as I said at the beginning I'm writing this from my memory and I hope I did not skip something. Nevertheless, I think this post might be useful to other Linux users.

Sunday, December 06, 2009

Installing xdebug in xampp (lampp) on fedora 12

xdebug is a PHP extension for powerful debugging. It supports stack and function traces, profiling information and memory allocation and script execution analysis.

By default xampp-linux-1.7.1 does not come with this extension. Therefore, it is necessary to install it.

First, assuming that there is already xampp-linux-1.7.1 installed in /opt/lampp it is necessary to download xampp development package. In my case it was xampp-linux-devel-1.7.1.tar.gz and unpack it
su
tar xvfz xampp-linux-devel-1.7.1.tar.gz -C /opt


Second, install autoconf package (as a root) yum install autoconf


Thrid, xdebug can be installed (as a root)/opt/lampp/bin/pecl install xdebugIf compilation was successful you should get Build process completed successfully
Installing '/opt/lampp/lib/php/extensions/no-debug-non-zts-20060613/xdebug.so'
install ok: channel://pecl.php.net/xdebug-2.0.5
configuration option "php_ini" is not set to php.ini location
You should add "extension=xdebug.so" to php.ini
Finally, localization of xdebug.so should be added to php.ini. In my case, xdebug.so was in opt/lampp/lib/php/extensions/no-debug-non-zts-20060613/. This extension should be added using "zend_extension" and not "extension", therefore, you should ignore the prompt about adding "extension=xdebug.so" to php.ini. Hance, add the following line to /opt/lampp/etc/php.ini restart your lampp server
zend_extension="/opt/lampp/lib/php/extensions/no-debug-non-zts-20060613/xdebug.so"
If everything went wine, using phpinfo() you should get:

Testing Basic HTTP Authentication using PHPUnit in Zend Framework

In Zend Framework, there are few ways of restricting access to the protected areas of an application. The simplest and the fastest to implement is Basic HTTP Authentication. However, it must be remembered that it is not the most secure way, as it is using base64 coding that can be easily broken.

Although Zend_Auth reference guide shows how to implement Basic HTTP Authentication, it does not show how to test it using PHPUnit. Therefore, in this post, a simple example of a Zend project, along with the associated PHPUnit test case is presented. The full source code of the project is available for download. The project's name is httpautheg.

So, lets assume that we want to restrict access to the actions called protectedAction and editAction in IndexController. We also want a simple action helper, called HTTPAuth that will do the authentication. Finally, we want a test case for IndexController that will perform the tests of incorrect and correct authentications, so that we do not have to worry that during further work on the project we will break something without noticing it.

The directory tree of the httpautheg project





HTTPAuth action helper

The helper has only one function called doBasicHTTPAuth that does the authentication, and returns false or true if authentication failed or succeeded, respectively.
<?php
class My_Controller_Action_Helper_HTTPAuth extends Zend_Controller_Action_Helper_Abstract {
//put your code here

/**
* Perform Basic HTTP authentication
*
* @return boolean authentication successful or not
*/
public function doBasicHTTPAuth() {

$path = APPLICATION_PATH .'/configs/passwdBasic.txt';
$resolver = new Zend_Auth_Adapter_Http_Resolver_File($path);
$config = array(
'accept_schemes' => 'basic',
'realm' => 'Admin Area',
'digest_domains' => '/index',
'nonce_timeout' => 3600,
);
$adapter = new Zend_Auth_Adapter_Http($config);
$adapter->setBasicResolver($resolver);

$request = $this->getRequest();
$response = $this->getResponse();
$adapter->setRequest($request);
$adapter->setResponse($response);

$result = $adapter->authenticate();

if (!$result->isValid()) {
// Bad userame/password, or canceled password prompt
return false;
} else {
return true;
}
}

}


IndexController.php

In the preDispatch() function, public actions that do not require authentication are specified. For all other actions in the controller, basic HTTP Authentication using the above helper. For this example 'index' and 'failedauth' actions are public, while actions named 'protected' and 'edit' require authentication.
<?php
class IndexController extends Zend_Controller_Action {
public function init() {
/* Initialize action controller here */
}
public function preDispatch() {
//any action not in this array will require Auth
$publicActions = array('index','failedauth');
$action = $this->getRequest()->getActionName();

if (!in_array($action, $publicActions)) {
//if requested action is non public one,
//then do authenticated
if ($this->_helper->_HTTPAuth->doBasicHTTPAuth() == false) {
$this->_forward('failedauth');
return;
}
}
}

public function indexAction() {
// public action

}
public function protectedAction() {
// protected action

}
public function editAction() {
// protected action

}

public function failedauthAction() {
//public action
}


}


PHPUnit test case IndexControllerTest.php

Testing of failed authentication is quite easy. The trick is with testing correct authentication, since we have to sent a correct HTTP header to the server. In our case, the username is 'admin' and the password is 'admin12', so before we dispatch the request for a protectedAction, we need to set a header as follows:$this->request->setHeader('Authorization','Basic YWRtaW46YWRtaW4xMg==');where “YWRtaW46YWRtaW4xMg==” is a result of base64_encode("admin:admin12") function.
The full code of the IndexControllerTest.php is <?php

class IndexControllerTest extends ControllerTestCase {

/**
* Check if we go to index controller
*/
public function testIndexController() {
$this->dispatch('/');
$this->assertController('index');
$this->assertAction('index');

}

/**
* Prived an array with protected actions
*
* @return array
*/
public function getProtectedActions() {
return array(
array('/index/protected'),
array('/index/edit'),

);
}

/**
* Going to /index/protected should result in Www-Authenticate header
* and since we do not send header with correct passwors and user
* we should be forwarded to failedauth action and see 'Failed authentification'
*
* @dataProvider getProtectedActions
*/
public function testAccessWithoutAuth($action='/index/protected') {

$this->dispatch($action);

$this->assertHeader('Www-Authenticate');
$this->assertAction('failedauth');
$this->assertQueryContentContains('h1', 'Failed Authentication');
}


/**
* Going to /index/index, but this time we send a header
* with some inccorect password:username, codded as base64_encode.
* Since username and password are inccorect we should get 'Www-Authenticate'
* header.
*
* @dataProvider getProtectedActions
*
*/
public function testAccessWithInccorectAuthCredentials($action='/index/protected') {

//send header with inccorect user and password, e.g.
//YWRtaW46d3JvbnRwYXNzd29yZA== is equal to base64_encode("admin:wrontpassword")
$this->request->setHeader('Authorization','Basic YWRtaW46d3JvbnRwYXNzd29yZA==');

$this->dispatch($action);
$this->assertHeader('Www-Authenticate');
$this->assertNotQueryContentContains('h1', 'Successful Authentication');

}


/**
* Going to /index/index, but this time we send a header
* with CORRECT password:username, codded as base64_encode.
* Since username and password are ccorect we should not get 'Www-Authenticate'
* header and be able to see protected content.
*
* @dataProvider getProtectedActions
*/
public function testAccessWithCorrectAuthCredentials($action='/index/protected') {

//send header with correct user and password i.e.
//YWRtaW46YWRtaW4xMg== is equal to base64_encode("admin:admin12")
$this->request->setHeader('Authorization','Basic YWRtaW46YWRtaW4xMg==');

$this->dispatch($action);
$this->assertNotHeader('Www-Authenticate');
$this->assertQueryContentContains('h1', 'Successful Authentication');

if ($action == '/index/protected') {
$this->assertQueryContentContains('h2', 'Protected action');
} elseif ($action == '/index/edit') {
$this->assertQueryContentContains('h2', 'Edit action');
}
}
}

Some example screenshots

After clicking “Go to protected action” we are ask for credentials:


Failed Authentication:


Successful access to protected action:


Execution of PHPUnit


Download the project (httpautheg.tar.bz2)

The project was done using ZendFramework-1.9.3PL1. For simplicity, the archive file contains the Zend library. Therefore, just download the archive, unpack it, change file rights if necessary and it should work. Assuming that the project directory is in your root path in the localhost, than it can be executed with url: http://localhost/httpautheg/public/. If xampp is used, it must be remembered that PHPUnit version that comes with xampp is too old and it must be upgraded to execute PHPUnit tests. To execute PHPUnits, a phpunit command must be used in a terminal - not a web browser.

Testing Digest HTTP Authentication

Testing Digest HTTP Authentication can be done in a similar way. The difference would be in setting a correct header when requesting for protected action. More details on Digest HTTP Authentication header is here.

Friday, December 04, 2009

Installing Abaqus 6.9 on CentOS 5.3

In the past post I was installing Abaqus 6.9 on CentOS 5.2. However, the CentOS was upgraded to 5.3 and I needed to also install newer version of Abaqus, i.e. Abaqus 6.9. So, how did it go?

Just like before, the first problem was: Unable to determine Linux Distribution. But this time it was neccessery to put "Red Hat Enterprise Linux Server release 5.0 (Tikanga)" into /etc/redhat-release. To change this file root permissions are required.

After that there were no more problems with the installation or the execution of abaqus 6.9.

After the installation was finished I just original content (i.e. "CentOS release 5.3 (Final)") of /etc/redhat-release back.

Thursday, December 03, 2009

PHP: Generation of MD5 hash for HTTP digest access authentication

HTTP Digest access authentication is one of the agreed methods a web server can use to negotiate credentials with a web user (using the HTTP protocol). Digest authentication is intended to supersede unencrypted use of the Basic access authentication, allowing user identity to be established securely without having to send a password in plaintext over the network. Digest authentication is basically an application of MD5 cryptographic hashing with usage of nonce values to prevent cryptanalysis.

For example, lets assume that we want to allow a user called "adminuser" access a realm called "Admin Realm" with a password "secretpassword". Using php command the MD5 hash for this can be generated using:php -r 'echo MD5("adminuser:Admin Realm:secretpassword")."\n";'This gives the following MD5 hash:3228e0b5f8ae5ffb249d16125baffe63Therefore, for example when using Zend_Auth in Zend Framework, a file e.g. 'files/passwd.txt' with the username,realm and password that has to go into a resolver Zend_Auth_Adapter_Http_Resolver_File can containadminuser:Admin Realm:3228e0b5f8ae5ffb249d16125baffe63


In case of basic authentication, in 'files/passwd.txt' we would have password in a plain textadminuser:Admin Realm:secretpassword