I have just tried to implement a stub object for a unit test in PHP using PHPUnit.
Normally no problem there.
This time, the object I am stubbing is passed into the constructor of my tested object, but the constructor uses type hinting to an interface.
Everything I try causes an error similar to this one:
ErrorException: Catchable Fatal Error: Argument 1 passed to xxx\xxx\xx::__construct() must be an instance of xxx\xxx\DataRepositoryInterface, instance of Mock_DataRepositoryInterface_9f459e93 given, called in D:\_projects\xxx.php on line 22 and defined in D:\_projects\yyy.php line 12
If anyone has any suggestions about this, I would love to hear them...
Showing posts with label PHP. Show all posts
Showing posts with label PHP. Show all posts
Saturday, 14 April 2012
Symfony2: a PHP MVC framework for a java developer
I have just spent an interesting day implementing a basic symfony2 application.
I applied for a new contract, and the potential client asked me to show my skills in the framework they use, Symfony2. As it has been quite a while since I used PHP properly, I am somewhat rusty.
So imagine my delighted surprise, when I realised that Symfony2 has gone out there and stolen all the good parts of the frameworks they can find, mostly from Java.
Brilliant, basically nothing new for me to learn, just details about how they implement it.
All in all, a very productive day spent reading and implementing it.
I hated symfony1, it is probably why I quit using php.
My recommendation now... try Symfony2, especially if you are a java/spring/etc programmer.
I have found quite a few interesting bugs/problems, but those go in another post.
I applied for a new contract, and the potential client asked me to show my skills in the framework they use, Symfony2. As it has been quite a while since I used PHP properly, I am somewhat rusty.
So imagine my delighted surprise, when I realised that Symfony2 has gone out there and stolen all the good parts of the frameworks they can find, mostly from Java.
- IOC and dependancy injection
- Routing with annotations
- Entities with annotations for ORM
- Controllers
- Templating
- Validation by config
- and good testing
Brilliant, basically nothing new for me to learn, just details about how they implement it.
All in all, a very productive day spent reading and implementing it.
I hated symfony1, it is probably why I quit using php.
My recommendation now... try Symfony2, especially if you are a java/spring/etc programmer.
I have found quite a few interesting bugs/problems, but those go in another post.
Monday, 11 August 2008
Secure your phpinfo from the bad people
I use the phpinfo() function a great deal, for basic information to advanced server administration checking, so I like to have it running on all my hosts.
Unfortunately this is a great hole in my security, as this information is a gold mine for the hackers out there.
I could simply remove the file when I am finished, or obfuscate the filename to make it difficult to find. But both of these would rather destroy the ease and simplicity I am looking for.
So, I decided to sort this out today.
The solution I am using is simple. Basic HTTP Auth.
Just enough to deter any would be hackers, as no-one can see how complicated my security is behind this shield. And, this should work on all PHP servers.
Here is the code.
[cc lang="php" tab_size="2" lines="40"]
function authenticate($uid,$pw) {
if (
!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
$_SERVER['PHP_AUTH_USER'] != $uid ||
$_SERVER['PHP_AUTH_PW'] != $pw
){
header('WWW-Authenticate: Basic realm="Security Check"');
header('HTTP/1.0 401 Unauthorized');
echo "You must enter a valid login ID and password to access this resource\n";
exit;
}
if($pw == "password"){
echo "You must change the 'password' before you can have access to this...";
exit;
}
}
authenticate("admin","password");
phpinfo();
[/cc]
And a zipped version.
If you have a standard file with phpinfo() in it...
I highly suggest you start using this.
Unfortunately this is a great hole in my security, as this information is a gold mine for the hackers out there.
I could simply remove the file when I am finished, or obfuscate the filename to make it difficult to find. But both of these would rather destroy the ease and simplicity I am looking for.
So, I decided to sort this out today.
The solution I am using is simple. Basic HTTP Auth.
Just enough to deter any would be hackers, as no-one can see how complicated my security is behind this shield. And, this should work on all PHP servers.
Here is the code.
[cc lang="php" tab_size="2" lines="40"]
function authenticate($uid,$pw) {
if (
!isset($_SERVER['PHP_AUTH_USER']) ||
!isset($_SERVER['PHP_AUTH_PW']) ||
$_SERVER['PHP_AUTH_USER'] != $uid ||
$_SERVER['PHP_AUTH_PW'] != $pw
){
header('WWW-Authenticate: Basic realm="Security Check"');
header('HTTP/1.0 401 Unauthorized');
echo "You must enter a valid login ID and password to access this resource\n";
exit;
}
if($pw == "password"){
echo "You must change the 'password' before you can have access to this...";
exit;
}
}
authenticate("admin","password");
phpinfo();
[/cc]
And a zipped version.
If you have a standard file with phpinfo() in it...
I highly suggest you start using this.
Subscribe to:
Posts (Atom)