lightyeardesign.com

ExpressionEngine: display a navigation menu if an entry is assigned a specific category.

Thantos — Wed, 29 Jun 2011 19:00:48 +0000

As an avid ExpressionEngine user, I like to dynamically generate as much as I can. This also includes the dynamic generation of navigation menus, naturally. However, there are times when I will use an entry as a static navigation menu by assigned it a specific URL TITLE (for example: whats_new or righthand_menu). Now, in the case of categories, how does one display this right-hand menu ONLY on entries of a weblog that are assigned a specific category? Here is how:
{!--Display right-hand menu ONLY if the entry has been assigned to the AUTOMOBILES category--} {exp:query sql="select count(w.url_title) AS post_count from exp_weblog_titles w, exp_category_posts cp, exp_categories c where w.entry_id = cp.entry_id and cp.cat_id = c.cat_id and c.cat_url_title='automobiles_category' and w.url_title = '{segment_3}' limit 1"}


        {/exp:query}

        

            {!-- Display AUTOMOBILES right-hand menu --}

                        {exp:query sql="SELECT e1.title, e1.entry_date, e1.edit_date, e2.field_id_2 FROM exp_weblog_titles e1, exp_weblog_data e2 WHERE e1.entry_id = e2.entry_id and e2.weblog_id = 51 and e1.url_title = 'righthand_menu' LIMIT 1"}

                            {field_id_2}

                        {/exp:query}

So, what exactly does this do?
The first query retrieves the post count of any entries (in this case, the URL TITLE of the entry is in the third segment of the URL) that are assigned to a specific category (we are looking for 1 here; in fact, the LIMIT 1 line keeps the query from searching for anything greater, as our relevant choices are either 1 or 0). The count is then applied to a PHP variable called assignedCatVar.

If the assignedCatVar is = 1, then the next query grabs the contents of the right-hand menu entry and displays it appropriately on the page.

Simple and effective.

ExpressionEngine search results: custom template paths for section URLs with categories

Thantos — Thu, 10 Feb 2011 23:12:01 +0000

We use ExpressionEngine on a number of supported sites, and I tend to use ExpressionEngine’s (EE) internal search mechanism whenever feasible. The search results are generated from path setting specified at Admin › Weblog Administration › Weblog Management › Edit Weblog Preferences› Path Settings › Search Results URL .

For example, setting the Search Results URL value to
{homepage}staff-members will create a SEARCH RESULT of http://mysite.com/staff-members/.

Easy enough, right?

Now, what do you do when you have a Weblog that contains category-based information. The specified Search Results URL does not take this information into account. So, if you have a weblog with a hard-coded path of http://mysite.com/staff-members/category1/johndoe , how do you get the category to show up in the search results?

I have a workaround on the RESULTS template in my SEARCH template group:

{exp:search:search_results}

$lastSegment = basename($autoPath);

//Staff-member URL update, based on the category assigned to the entry

if(strpos($autoPath, ‘staff-members’)){

//variable to assign the category to the appropriate URL segment for the Rule

$catVar = 1;

$basename = ‘catPath’;

?>

{categories}

$tempname = $basename.$catVar;

$$tempname = “{category_url_title}”;

$catVar++;

?>

{/categories}

} ?>

{/exp:search:search_results}

So, if the staff-members URL segment exists in the specified URL’s path, the Category/Categories assigned to the Entry are obtained and then added to the URL, defined by the $autoPath variable.

It might not be the most elegant solution, but it works great for us.

Library Not Registered Javascript error with SharePoint and Internet Explorer 8

Thantos — Mon, 10 Jan 2011 16:33:45 +0000

We use SharePoint 3.0 for quite a bit of document collaboration. Unfortunately, when using Internet Explorer 8, an error is thrown when we attempted to upload multiple documents within SharePoint. The error details mention Library Not Registered.

Luckily, there is an easy fix:

Open up any MS Office 2007 product. In my instance, I used Office 2007.
Go to Help>Office Diagnostics.
Run diagnostics. This took about 5 minutes to complete.
Return to your SharePoint site. the multiple document upload tool should now be working. Apparently, this fix re-registered any .DLLs that were causing the error. I love easy fixes!

Applying Word Wrap to columns in Excel

Thantos — Wed, 10 Feb 2010 22:37:26 +0000

We have to convert a lot of Microsoft Excel sheets to PDF format. Unfortunately, multi-column sheets (for example, 5 columns of contact information: names, addresses, email addresses) take up a lot of real estate, so Adobe PDF usually breaks the sheet into 2 or more pages of columns. One easy way around this is to enable WORD WRAP in Excel, then resize the columns; use Print Preview to remove any borders/padding, and you can get most things to fit across one page.

Here is how to enable Word Wrap in Excel (2003 and 2007 version):

Hold Control and then click on the top column header (usually has a letter next to it) for each column with content. You want to get all of your columns (with data in them) highlighted.
Press CONTROL and the 1 key; this will open up the FORMAT CELLS menu box.
Choose the ALIGNMENT tab, and then put a check next to WRAP TEXT. Press OK. Here is what the menu should look like:
Choose Wrap Text from the MS Excel FORMAT CELLS menu.

Don’t forget to use the PRINT PREVIEW (FILE>PRINT>PRINT PREVIEW) to take a peak at your sheet before printing. You might have to edit the margins to get everything to fit as needed. (Put a check next to SHOW MARGINS at the top menu).

You should now be ready to print to PDF!

Save a semi-colon delimited file in Microsoft Excel

Thantos — Tue, 02 Feb 2010 14:47:35 +0000

Microsoft Excel is a great program, especially when you are created delimited files to import into MySQL databases. However, when you have commas within data columns, using commas as the delimiter will ruin your day. A better approach is to use semi-colons as the delimiter…But Excel does not give you this option. So, the easiest approach is to make this change in the Windows settings.

To do so:

1. Go to START>SETTINGS>REGIONAL AND LANGUAGE OPTIONS
2. Click on the CUSTOMIZE button
3. Next to LIST SEPARATOR, type in a semi-colon (;)

This will set the default delimiter value to a semi-colon. So, when you save a file in Excel as .csv, you will have semi-colons to separate the row data.

Note: I used Windows XP for the above settings. A different flavor of Windows might have different options.

Harden your At-home Wi-Fi Security

Thantos — Mon, 03 Aug 2009 13:53:00 +0000

So you have a wi-fi home network. Have you secured it? Or, did you just plug it in and started surfing? If you just plugged it in, chances are that you are giving your neighbors access to your network. I doubt if they will thank you for the freebie, so here are some steps to keep your wi-fi private and secure.

If your access point is older than 2 or 3 years, it is time to replace it. Most older access points do no adhere to the latest security protocols, such as WPA2 security (WEP and WPA security are pretty much out-dated and should be avoided).
Please, please, PLEASE change the default SSID (service set identifier) and password that comes with the wireless access point. The default values are generally simple and are listed on the manufacturer’s website. Remember, use strong passwords that are not easy to guess.
Turn off the auto-connect option. Automatically connecting to networks is a good way to open up your computer to security risks.
If your access point has a hardware firewall, enable and use it.
When installing your access point, try to keep it in the center of your home. That way, less of the signal leaks out of your house…And into the potential, greedy hands of thy neighbors. Nothing wrong with ‘security through obscurity.’
When you are not online, turn off the access point. It is impossible to hack something that is not powered on. Go a bit green; hook your access point, computers, monitors, printers to a power strip. When not in use, turn the power strip off. You can save some energy and help to protect your systems.

Importing Messages from Outlook to Gmail

Thantos — Mon, 20 Jul 2009 14:49:30 +0000

I have a ton of messages in my Personal Folder in Outlook 2007. However, I want to quickly add them to my gmail account. After a bit of research, I found an easy, straightforward method to do just that.

First, we will need to enable IMAP in Gmail:

Sign in to your Gmail account.
Click on Settings (the link should be at the top of the page)
Choose Forwarding and POP/IMAP.
Choose Enable IMAP
Choose Save Changes

Now, we need to configure Outlook to connect to the Gmail account:

Open Outlook.
Click on Tools>Account Settings.
Click New.
Enter your display name, email address (including ‘@gmail.com’), and password.
Select the ‘Manually configure server settings or additional server types‘ checkbox.

Step 1 of Configuring Outlook to connect to Gmail.

Select Internet E-mail.
Settings: name, full email address (including ‘@gmail.com’ or ‘@your_domain.com’)
- In the Account Type dropdown menu, select IMAP; enter the incoming and outgoing server names shown below.
- In the ‘User Name’ field, give your full Gmail address, including ‘@gmail.com’ or ‘@your_domain.com.’
- After creating these settings, clicking Next takes you to the end of the setup.
Step 2 of configuring Outlook to communicate with Gmail.
In the Tools menu, select Options then Mail Setup. Under ‘Email Accounts,’ click E-mail Accounts.
Select an account, and click Change above the list of accounts. Click More Settings, then the Advanced tab.
- Incoming server must be 993, and must use SSL encryption.
- Outgoing server can use 587, TLS encryption.
Configuring Incoming and Outgoing information for communication between Outlook and Gmail.
Click the Outgoing Server tab. Make sure that ‘My outgoing server (SMTP) requires authentication’ is selected. The button ‘Use same settings as my incoming mail server‘ should also be selected.

Internet Email Settings for communication between Outlook and Gmail.

Click OK > Next > Finish > Close > OK.

You can now drop and drag folders/messages from Outlook to your newly created Gmail account from within Outlook. When you create new folders, this will create new labels/folders in your Gmail account. One note: sub-folders do not seem to display within Gmail, so you might need to create new folders for each of your sub-folder. Once you have copied everything over to Gmail, you can simply remove the new account from within Outlook.

Simplified PHP Input Validation for forms

Thantos — Tue, 16 Jun 2009 14:21:51 +0000

When it comes to online forms, gathering information from the user is of utmost importance. That being said, one must ensure that the user enters the correct information in the form, especially from a security point of view…Input from users in a web form provides a direct avenue of attack into the application (just google SQL Injection).

Take a simplified, yet effective approach to input validation with your web forms and PHP.

As far as input validation goes, most programmers prefer a proactive strategy: you determine what input you want to collect from the user (number format for ages, alpha characters for names, and so forth) and then you collect only that format, producing an error message when the user enters something else. However, some users quickly get frustrated when they have to re-enter the input again, or they can’t figure out what is causing the problem. To combat the inherent confusion of the user, why not run all input through a validation function that automatically searches for potentially harmful input, removes the offending characters, then continues to process the form? This is what we are going to do:

[php]

//When the form is submitted, our 2 form fields, username and password, will be purged of potentially harmful characters.
//In this case, the characters will be replaced with blank spaces.
if ($_POST) {

//Function to remove specific special characters
function cleanInput($text)
{
$code_entities_match = array(‘-’,'>’,'!’,'#’,'$’,'%’,'^’,'&’,'*’,'(‘,’)',’{‘,’}',’|',’:',’"’,'<’,’[',']‘,’\\’,';’,"’",’,',’/',’*',’~',’`');
$code_entities_replace = array(”,”,”,”,”,”,”,”,”,”,”,”,”,”,”,”,”,”);
$text = str_replace($code_entities_match, $code_entities_replace, $text);
return $text;
}
//Set form variables
$Username=stripslashes(cleanInput($_POST['username']));
$Password=stripslashes(cleanInput($_POST['password']));

//process your form variables as needed, as they have been sanitized with our cleanInput function.
//You can write the values to a database, send via an email script, and so forth.

}//End post
?>

[/php]

Please read the script comments to see what is taking place. This is a rudimentary approach to input validation, but it works, is simple to initialize, and it will help to keep your data safe.

LDAP and PHP login script

Thantos — Wed, 10 Jun 2009 20:03:41 +0000

Authenticating users of your web applications can be tedious, especially when your users are expected to remember multiple passwords (which can become a security vulnerability in it’s own right). That being said, integrating your login scripts with Active Directory/LDAP can be beneficial for a variety reasons: stronger passwords, fewer login credentials for your user to remember, and fewer headaches for you. Here is how we integrated LDAP with our online application authentication.

LDAP (short for Lightweight Directory Access Protocol), a directory service that runs over TCP/IP, stores information. The storage is similar to how a database stores information, but the structure is ideal for attribute-based, hierarchical structured data that does not undergo frequent changes (for example, the employees’s name, Active Directory group membership, address, and so forth). The LDAP directory can be thought of as a tree of nodes, where each node represents an entry in the LDAP database. These entries are comprised of a collection of attribute-value pairs, and they are identified uniquely by a ‘distinguished name’ or DN. The DN is important, because this is what we will be using to determine a user’s group membership.
Our login script will

First bind to our LDAP server with a resource account (we are not using anonymous binding, so we will need to provide a resource account’s credentials)
Check that the user’s ID and password are legit and exist in our Active Directory environment
Check if the user is a member of a particular security group

If all of these conditions are met, the users will have successfully logged on and will be granted access to our application.

We will store our authentication function in a php file entitled resourceBind.php. The entire contents of resourceBind.php:
[php]

function UMldap($Username, $SSO_Password){
//*************************************
///////////////////////////////// Using ldap bind
$ldaprdn = ‘bindaccountname’; // ldap rdn or dn
$ldappass = ‘bindaccountpassword’; // associated password
$ldapserver = ‘ldaps://your.ldap.server:3269′;

//This is the Active Directory group that users MUST be a member of in order to login successfully
$groupPath1 = "CN=YOURSECURITYGROUP-GS,OU=Accounting,OU=Lewis-Building,OU=Headquarters,DC=headquarters,DC=acme,DC=com";

/////////////////////////////Base DN
$ldap_base_dn = "CN=Users,DC=headquarters,DC=acme,DC=com";

$ldapconn = ldap_connect($ldapserver)or die("Could not connect to LDAP server.");

if ($ldapconn) { //connect to ldap server
// binding to ldap server
$ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass);
// verify binding
if ($ldapbind) {
// echo "LDAP bind successful…";
$errorCount = 0;

$ld_filter = "samaccountname=" . $Username;
$ldap_base_dn = "DC=com";
//Recursively search for the account name in the directory tree. Slow, but effective…
$result = ldap_search($ldapconn, $ldap_base_dn, $ld_filter);

//Create result set
$entries = ldap_get_entries($ldapconn, $result);

//If the account exists, attempt a bind with it. This will ensure that the provided password is legit

$bind = @ldap_bind($ldapconn, $entries[0][dn], $SSO_Password);
if( !$bind || !isset($bind))
{
//the bind failed, which means that the user could have typed in the wrong ID or password. We will display another login form
?>

Username:

Password:

//no point in running the rest of the function, so exit out.
exit;

}

$ii=0;
for ($i=0; $ii < $entries[$i]["count"]; $ii++)
{

$data = $entries[$i][$ii];

if ($data == "memberof") {

$total_memberof = count($entries[$i][$data]);

$jj=0;
for ($jj=0; $jj<$total_memberof; $jj++) {

//Check the groups that the user is a member of and see if our specific group is in the list
if ($entries[$i][$data][$jj] == $groupPath1)
{
// The user is a member of the group, so lets create a session and then return true
$_SESSION['USERGROUP'] = $entries[$i][$data][$jj];
return true;
break;

}
}//end for
}//end if
}//end for
} else { //could not bind, so display an error message and the login form
// We could not bind with our default resource account, so let’s exit and not waste any time with the users credentials
$displayForm=true;
}

}///close connect IF
//Unbind from our resource account
ldap_unbind($ldapconn);

//*************************************

}//end function

?>
[/php]

And, our login page, which we will call login.php, and which will be located in the same directory as resourceBind.php:
[php] //Disable error messages
error_reporting(0);
?>

if ($_POST) {

//Handy function to remove specific special characters from user provided input. ALWAYS validate user input. In this case, we are removing characters that are not allowed in usernames and passwords.
function cleanTxt($text)
{
$code_entities_match =

array(‘–’,'>’,'"’,'!’,'#’,'$’,'%’,'^’,'&’,'*’,'(‘,’)',’{‘,’}',’|',’:',’"’,'<’,’[',']‘,’\\’,';’,"’",’,',’/',’*',’~',’`');
$code_entities_replace = array(‘-’,'-’,”,”,”,”,”,”,”,”,”,”,”,”,”,”,”,”,”);
$text = str_replace($code_entities_match, $code_entities_replace, $text);
return $text;
}
//Set form variables
$Username=stripslashes(cleanTxt($_POST['ssoname']));
$SSO_Password=stripslashes($_POST['ssopass']);

//Get Ip Address and User Agent information. This is useful info to store in sessions, or a database table, especially if you need to track timestamps and access
$userIP = $_SERVER['REMOTE_ADDR'];
//Get Timestamp
$myDate = date("Y-m-d H:i:s");//Date in easy-to-read format

$displayForm=false;

if(UMldap($Username,$SSO_Password)){
//set complex string in case there is no ‘whencreated’ field for the username

//User has valid credentials. We are creating a new session variable with the user name. This is also a good place to effectively double up your authentication security by checking to see if the user name exists in another medium, such as a MySQL or Oracle table.
$_SESSION['USERCMS'] = $Username;

//The login is a smashing success, so redirect the user to the protected page.
$MM_redirectWithSuccess = "Successful_login.php";
header("Location: ". $MM_redirectWithSuccess );

} else {
/We can’t log the user in, so display the login form again
$displayForm=true;
}

//unbind
ldap_unbind($ldapconn);

//*************************************
}//end POST check

?>
PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

LDAP Login Form

Login

//—————————————————————————-
//Form variables to display previously filled out fields
$displayForm=true;
$ssoname=”;
$ssopass=”;
//—————————————————————————-

//Display the login form
if ($displayForm){//Display the request form
?>

}
?>

[/php]

To figure out how everything works, please read the comments within the code. If you are interested in learning more, please check out Hugh’s excellent book:

Serving css to iPhones and other mobile devices

Fri, 15 May 2009 13:42:19 +0000

Do you need to send iPhones and other mobile devices to a separate stylesheet for your phone? You can use the following code: