PEPr: Latest proposals with status Proposed

PEPr Proposal [617]: Internationalization::Arabic

2009-11-02T07:21:15-05:00

Proposed package: Internationalization::Arabic

Proposer: Khaled Al-Shamaa

Class enhances developing Arabic web applications by providing set of methods to process and present Arabic text such as:

* Arabic text auto summarization (Example)

* Advanced Arabic search (Example)

* Render Arabic text (PDF, GD, SWF, VRML, etc...) (Example)

* Present dates in Arabic or Hijri (Example)

* Convert Hijri date into Unix timestamp (Example)

* Parse Arabic textual datetime into timestamp (Example)

* Transliterate English words in Arabic and vice versa (Example)

* Spell numbers in Arabic idiom (Example)

* Phonetically alike Arabic words (Example)

* Identify Arabic in multi language UTF-8 documents (Example)

* Identify names & places in Arabic text (Example)

* Guess gender of Arabic names (Example)

* Convert keyboard language programmatically (Example)

* Calculate time of Muslim prayer and Qibla direction (Example)

* Standardize Arabic text (Example)

and more ...

For more information please visit PHP and Arabic Language project website

PEPr Proposal [616]: XML::Create_KML

2009-09-30T12:53:38-05:00

Proposed package: XML::Create_KML

Proposer: Robert McLeod

Class for creating KML code from a data source and outputing it to either a file or string

PEPr Proposal [611]: Images::Image_Diff

2009-09-03T03:06:46-05:00

Proposed package: Images::Image_Diff

Proposer: Dave Hall

Compare the differences between 2 images

Checks any image format supported by GD.

PEPr Proposal [609]: Database::Database_SQL_Intervals

2009-08-19T21:40:44-05:00

Proposed package: Database::Database_SQL_Intervals

Proposer: Samuel ROZE

Database_SQL_Intervals does an abstraction between an SQL table which is formated as a hierarchy table using intervals. It help developper to use a hierarchy without many reflexions. The class is able to:

- Create elements [into others]

- Remove elements (and its children)

- Move element into another

A new hierarchy gestion

Hierarchy gestion is a complex think and in a database or in a static file, this hierachy have to be structured to be (re)used after. The hierarchy gestion using intervals is a way to structure your hierarchy tables. Contrary to recursive method, the intervals method provide a very simple DB structure which can be (partitaly or not) export even more simply !

A more complex table

In fact, (just!) into the table, values structure is more complex. It's why using a library to manage these tables is great : you're sure that you'll not break the table integrity with your table management.

Very simple to use:

<?php


$sql = PDO( ... );


$intervalles = new Database_SQL_Intervals($sql);





$intervalles->add('my_table', $parent, array('field' => 'value'));


$intervalles->move('my_table', $object, $target);


$intervalles->remove('my_table', $object);


?>

Example

Consider a table "my_table" like this:

<?php 


require_once 'Database/SQL_Intervals.php'; 


require_once 'Database/SQL_Intervals_mysql.php'; 





define('TABLE', 'my_table'); 





// Creation of the database access


$sql = new PDO('mysql:host=localhost;dbname=tests', 'root', ''); 





// Creation of the Database_SQL_Intervals instance


$intervals = new Database_SQL_Intervals($sql); 





// Creation of elements...


$first = $intervals->add(TABLE, 1, array('other1' => 'first'));


$second = $intervals->add(TABLE, 1, array('other1' => 'first2', 'other2' => 'value2'));





// ... and children


$intervals->add(TABLE, $second, array('other1' => 'child');


$last = $intervals->add(TABLE, $second, array('other2' => 'child');


?>

At the moment, we have a table like:

Which is provide this hierarchy:

<?php


// Move


$intervals->move(TABLE, $second, $first);


$intervals->move(TABLE, $last, 1); // 1 = Top-Father


?>

At the end of the first function, we have a hierarchy tree like:

And at the end of the second function:

Which it structured into the table:

To remove an object, you just have to call "remove" method:

<?php


$intervals->remove(TABLE, $second);


?>

And the tree's like that:

Note: package.xml & documentations will be generated after corrections which you'll give me will be done. :)

See test/tests.php

PEPr Proposal [606]: RFC::Drop requirement of renaming a package when migrating from PHP 4.x to PHP 5.x

2009-07-16T20:25:30-05:00

Proposed package: RFC::Drop requirement of renaming a package when migrating from PHP 4.x to PHP 5.x

Proposer: Sebastian Nohn

This RFC proposes to drop the requirement of renaming a package when migrating from PHP 4.x to PHP 5.x. It should be a cleare exception for migration from 4.x to 5.x, not within 4.x nor within 5.x nor from 5.x to 6.x.

It would however also be possible to have a fixed rule like "1.5 years after the end of life of a PHP version it is allowed to bump PHP version requirements to any release in the next major version without having to rename the Package".

All that needs to be said is on http://gophp5.org/. People may still argue for PHP 4 like "it always has worked" or "I don't want to upgrade because..." but see the facts: PHP 4 is dead. It's not supported anymore by PHP.net, receives no bug fixes, no security fixes no attention at all.

PEPr Proposal [605]: Mail::Mail_CheckUser

2009-07-15T09:35:10-05:00

Proposed package: Mail::Mail_CheckUser

Proposer: Takayuki Miyauchi

The Mail_CheckUser is check email addresses for validity with SMTP commands.

qmail,other non-monolithic mail servers and Some spam mail filters often report that a user exists even if it is not so.

But network checks of this package is useful for the decrease of the bounced email by the misspelling, server errors etc.

You should add SPF record to your domain's DNS configuration.

If you don't, response of 5xx might be returned also to the existing address.

(e.g hotmail and other)

In that case, Your server can't send email to those servers.

1) This will check email address by regex with The Mail_RFC822 package

2) Next, This will send SMTP commands with The Net_SMTP package

HELO fqdn # constructor param

Mail From: sender@example.com # constructor param

RCPT TO: check@example.net

3) Check response code from SMTP server and return true or flase.

Default, if response code is 250 or 251, return true.

Response code for true can customize.

example:

$chk = new CheckUser($fqdn, $sender);


if ( $chk->checkUser($_POST['email']) ) {


    print "OK";


}else{


    print "Invalid email address";


}

If you think almost every other situation indicates 'possible' success.

You can set response code to return true.

example:

It will return true when SMTP SEVER connection failed and other temporary error.

$chk = new CheckUser($fqdn, $sender);


$chk->setOKCodes(1001,450,451,452);


if ( $chk->checkUser($_POST['email']) ) {


    print "OK";


}else{


    print "Invalid email address";


}

getResponse() method will returun SMTP response information as array.

e.g.

array(2) {


  [0]=>


  int(550)


  [1]=>


  string(100) "5.1.1 <unknown@example.com>: Recipient address rejected: User unknown in local recipient table"


}

PEPr Proposal [603]: Authentication::OpenID

2009-07-06T16:49:52-05:00

Proposed package: Authentication::OpenID

Proposer: Bill Shupp

OpenID is a PHP implementation of the OpenID 1.1 and 2.0 specifications. OpenID is a free and easy way to use a single digital identity across the Internet. See openid.net for details.

Only Relying Party support is complete at this time. Provider support is already underway, I just didn't want to hold up the proposal in the meantime, as I'll be using the RP support initially for work.

There is out of the box support for a few extensions, including Simple Registration (1.0 and 1.1), Attribute Exchange, and some support for the new UI extension.

This package supports a storage interface (including Cache_Lite and MDB2 drivers) for easy addition of custom drivers. There is also support for observers for logging, etc.

There is an example web console for testing discovery, relying party (with some useful debugging functionality), and also a sample implementation of an OpenID JS Selector (i.e. the "NASCAR" solution).

You can try the examples here: ¹

A few notes about this package:

There is about 88% code coverage in unit tests. The rest (in storage and discovery) will be completed soon.

HTTP_Request is used instead of HTTP_Request2 because following redirects was not included in HTTP_Request2. This package may move over to HTTP_Client instead, but that it not yet decided.

PEPr Proposal [593]: Web Services::Services_WhitePages

2009-03-16T20:22:29-05:00

Proposed package: Web Services::Services_WhitePages

Proposer: Juan Manuel Fernandez Arauz

This package works the WhitePages 1.0 API (www.whitepages.com).

It can retrieve information about a person, a business, a thelephone number and an address.

Also there are functions for counting the results and get information of all or one specific register.

PEPr Proposal [591]: Encryption::Crypt_FSHP

2009-02-24T00:55:16-05:00

Proposed package: Encryption::Crypt_FSHP

Proposer: Berk D. Demir

/**

* Fairly Secure Hashed Passwords. A PBKDF1 similar implementation.

*

* Fairly Secure Hashed Password (FSHP) is a salted, iteratively hashed

* password hashing implementation.

*

* Design principle is similar with PBKDF1 specification in RFC 2898

* (a.k.a: PKCS #5: Password-Based Cryptography Specification Version 2.0)

*

* FSHP allows choosing the salt length, number of iterations and the

* underlying cryptographic hash function among SHA-1 and SHA-2 (256, 384, 512).

*

* SECURITY:

* Default FSHP1 uses 8 byte salts, with 4096 iterations of SHA-256 hashing.

* - 8 byte salt renders rainbow table attacks impractical by multiplying the

* required space with 2^64.

* - 4096 iterations causes brute force attacks to be fairly expensive.

* - There are no known attacks against SHA-256 to find collisions with

* a computational effort of fewer than 2^128 operations at the time of

* this release.

*

* BASIC OPERATION:

* <code>

* $fsh = Crypt_FSHP::crypt('OrpheanBeholderScryDoubt');

* </code>

* <samp>

* Return Value:

* {FSHP1|8|4096}GVSUFDAjdh0vBosn1GUhzGLHP7BmkbCZVH/3TQqGIjADXpc+6NCg3g==

* </samp>

* <code>

* Crypt_FSHP::check('OrpheanBeholderScryDoubt', $fsh);

* </code>

* <samp>

* Return Value:

* true

* </samp>

*

* CUSTOMIZING THE CRYPT:

* Let's set a higher password storage security baseline.

* - Increase the salt length from default 8 to 16.

* - Increase the hash rounds from default 4096 to 8192.

* - Select FSHP3 with SHA-512 as the underlying hash algorithm.

*

* <code>

* Crypt_FSHP::crypt('ExecuteOrder66', null, 16, 8192, 3);

* </code>

* <samp>

* Return Value:

* {FSHP3|16|8192}0aY7rZQ+/PR+Rd5/I9ssRM7cjguyT8ibypNaSp/.....wyJJa2EqOsq4Io=

* </samp>

*

* PHP version 5

*

* @category Encryption

* @package Crypt_FSHP

* @author Berk D. Demir <bdd@mindcast.org>

* @license http://creativecommons.org/licenses/publicdomain/ Public Domain

* Author(s) of this computer software disclaim their respective

* copyright on the source code and related documentation, thus

* releasing their work to Public Domain.

* In case you are forced by your lawyer to get a copyright license,

* you may contact any of the authors to get this software

* (and its related documentation) with a BSD type license.

* @version Release: @release_version@

* @link http://github.com/bdd/fshp/ Git Repository

* @link http://pear.php.net/package/Crypt_FSHP/ PEAR

* @since File available since Release 0.2.2

*/

PEPr Proposal [585]: RFC::Unit tests, new packages, good practice

2008-12-29T22:46:02-05:00

Proposed package: RFC::Unit tests, new packages, good practice

Proposer: Daniel O'Connor

The following dot points have been pretty much shamelessly taken from http://misko.hevery.com/code-reviewers-guide/ and other related talks, writings, etc.

I would like to propose for all new packages / PEPr proposals:

1) All new packages have unit tests (PHPUnit or phpt)

If you don't have some kind of tests in your PEPr proposal, it shouldn't go to call for votes / votes should be conditional.

They don't have to be complete, but at least a start.

For packages before being considered a stable release:

2) The unit tests should completely control the test environment

Mock out HTTP requests, database results, etc. This means really fast tests, and stops false positives.

3) Tests should cover both expected and common error cases

For example, if you are doing something over HTTP; inject a mock 404, 403 or 505 response; and expect certain exceptions to be raised.

4) Code should avoid the use of static methods which can't be mocked out.




// Bad:


function foo() {


    $result = Bar::someComplexSlowOperation(); // I can't make a MockBar with canned results


    return $result + 1;


}

5) Use of Agile Documentation for PHPUnit tests should be encouraged - FooTest::testShouldPerformSomeAction() instead of FooTest::testMethodName()

Hint: try phpunit --testdox YourTest some time :)

6) An AllTests.php should be provided, so that it can integrate into pear-wide test coverage.

See http://cvs.php.net/viewvc.cgi/pear/AllTests.php?view=markup and http://lauken.com/doconnor/ for a little bit more info.

7) Aim for near 100% coverage (as much coverage as is reasonably possible, at least coverage of every method)

8) All tests should run just fine from CVS/SVN.

A directory structure of:

Services_FooBar_BarFoo/Services/FooBar/BarFoo.php

instead of:

Services_FooBar_BarFoo/FooBar/BarFoo.php

Basically, when you




cd Services_FooBar_BarFoo


phpunit tests/AllTests.php 





or 





pear run-tests -r tests/

All of the require_once's should pick up CVS's first, not the installed version

9) If there is something which can't be mocked out - ie, a DB driver - and it needs configuration; the unit tests should skip, not fail.

phpt:




--SKIPIF--


<?php if (!file_exists('config-local.php')) { die("skip Can't run test without setting up a DB server! See config-dist.php"); } ?>

phpunit




FooTest::setup() {


    if (!file_exists('config-local.php')) {


        $this->markTestSkipped("Can't run test without setting up a DB server! See config-dist.php");


    }


}

10) Unless there's a very compelling reason, your code should work just fine with PHPUnit's backupGlobals off.

IE: Avoid using $_POST, $_GET, $_REQUEST or any other superglobals unless you are specifically designed to mess with them - HTTP_Session for instance.

11) In general, make sure you can pass dependencies in through the constructor or setters.




// Bad


function __construct() {


    $this->request = new HTTP_Request2();


}




// Good.


function __construct(HTTP_Request2 $request = null) {


    if ($request === null) {


       $request = new HTTP_Request2();


    }





    $this->setRequest($request);


}

12) In general, your constructor should avoid doing any Real Work - it takes values and puts them into correct places.




// Bad


function __construct(HTTP_Request2 $request) {


    $this->result = $request->get('http://example.com/');


}




// Good


class Foo {


function __construct(HTTP_Request2 $request) {


    $this->request = $request;


}





function fetch() {


    $this->result = $this->request->get('http://example.com/');


}


}





$foo = new Foo(new HTTP_Request2());


$foo->fetch();





or





function factory() {


   $foo =  new Foo(new HTTP_Request2());


   $foo->fetch();





   return $foo;


}





$foo = factory();

13) In general, the new operator should not appear outside of the constructor or factory methods - otherwise this cannot be mocked out.




//Bad


function bar() {


   $bar = new Bar();


   return $bar->doSomething();


}




//Good


function bar(Bar $bar) {


   return $bar->doSomething();


}





function bar() {


   return $this->bar->doSomething();


}