Validating HTML with tidy

If you ever have to do HTML validation or parsing in PHP the tidy extension is the way to do it! This extension lets you use the abilities of tidy in some pretty powerful ways. The extension, written by John Coggeshall, has been around for several years now. I can see how if someone just took a quick glance at it they could think it was nice, but not really something they need. How wrong they would be! If you take a few minutes and look under the hood, tidy is an extremely powerful tool. Not only can it format html to standards (what most people use it for), it can also be a powerful parser and validation tool.

When I’m dealing with user inputted data where I want to allow HTML I have two concerns. First, I don’t want to allow XSS (some xml parsers think <p kkk=”></p>” closes the <p> tag). Second, the user frequently enters invalid html (e.g., doesn’t close the <a> tag). Fortunately tidy can easily deal with both. The second issue is the easiest to solve by running tidy->cleanRepair() on the html. The first is taken care of by looping through the tidy nodes and rebuilding the html using a whitelist. More about how to do this after the break. Read More…

Posted under PHP, Security, Tips & Tricks, Web Development

This post was written by Michael Tougeron on January 15, 2009

Tags: , , , , ,

Scaling MySQL powered Web Sites by Sharding and Replication – SF MySQL Meetup Nov 2008

Peter Zaitsev will be giving his excellent presentation “Scaling MySQL powered Web Sites by Sharding and Replication” to the upcoming SF MySQL 6:00pm on November 3rd @ the CBS Interactive (formerly CNET Networks) building in SOMA San Francisco (235 2nd St).

RSVP here: http://mysql.meetup.com/30/calendar/8912109/

Description from the 2008 Velocity conference:
When your application grows beyond capacity of a single MySQL server there are few ways to scale, with most typical being Replication and Sharding.

In this presentation you will learn how, depending on your application performance scalability and high availability goals, you can choose what proper scaling strategy will be good for you.

We also will speak about scalability limitations of replication of Replication and Sharding, implementation complexities, and aspects of operation.

Peter Zaitsev’s bio:
MySQL Performance Blog

Peter helped many companies ranging from one man startups to Fortune 500 companies with their Performance and Scaling problems on various stages starting from architecture design and down to queries and schema optimization.

Over cause of the years Peter has spoken on many International conferences focused on MySQL, Open Source, Databases or High Performance Web applications.

Before co-founding Percona Peter worked for MySQL AB as head of High Performance Group being involved in Support, Consulting, Development and working with vendors helping to optimize their software or hardware to perform well with MySQL.

Peter also was involved in number of Web Startups in the roles ranging from CTO to Consultant and has a lot of experience in MySQL and Web Applications Operations, Deployment, Quality Assurance and Development.
Please join us!

Map to CNET Networks, Inc.
When you arrive, please look for the PHP/MySQL Meetup sign pointing you to the conference room.

Look forward to seeing you there!

Posted under Events, Internet, mysql, Technology, Tips & Tricks, Web Development

This post was written by Michael Tougeron on October 23, 2008

Tags: , , , ,

Making frameworks suck less – SF PHP Meetup Nov 2008

Terry Chay will be returning to speak again!  Due to popular demand Terry has agreed to give his recent “Making frameworks suck less” talk that he gave to the ZendCon08 UnCon this year. Be sure to wear comfortable shoes ’cause Terry will pack the room!

RSVP here: http://php.meetup.com/139/calendar/8911737/

The blurb from ZendCon08:
Terry Chay, the original PHP Terrorist, is well known for his criticism and ridicule of the Ruby on Rails framework. He criticizes, mocks, and f-bombs his enemies into surrender. In this discussion, Terry will share his ideas and thoughts on making frameworks better.

Map to CNET Networks, Inc.
When you arrive, please look for the PHP Meetup sign pointing you to the conference room. Please RSVP if you are attending so that I can prepare enough snacks and beverages.

Look forward to seeing you there!

This event can be found at:
http://php.meetup.com/139/calendar/8911737/
http://www.facebook.com/event.php?eid=39294579201
http://upcoming.yahoo.com/event/1195581/

Posted under Events, Internet, PHP, Technology, Web Development

This post was written by Michael Tougeron on October 9, 2008

Tags: , ,

Aug PHP Meetup was a success!

Last Thursday’s SF PHP Meetup had a pretty good turnout; about 70 people by my count.  Joe Stump from Digg.com gave his talk titled “Deploying code with PEAR” to the group.  Thanks to Ray and Roger from zynga.com who contributed pizza & sodas for an opportunity to tell the developers about the job opportunities at zynga.  Digg.com & GameSpot.com are both hiring (Digg and GameSpot) as well.  Mariano Peterson and I both took pictures and posted them on Flickr at http://www.flickr.com/photos/marianopeterson/sets/72157606611446280/ and http://www.flickr.com/photos/michaeltougeron/sets/72157606635039807/ respectively.

I already have next month’s talk/speaker lined up.  Aaron Newton from Iminta.com (formerly CNET) will be giving us a preview of his Mootools talk titled “Mootools: An Overview” that he has planned for the upcoming AJAX Experience conference.  Aaron has a Mootools book coming out that’s available now via pre-order on Amazon.

Posted under Events, JavaScript, Technology, Web Development

This post was written by Michael Tougeron on August 10, 2008

Tags: , , , , ,

SF PHP Meetup July 2008 – PHP::$unicode->i18n()

Kudos to Mariano for taking the lead while I’m out on paternity leave (I’m going to write about that ones of these days) and setting up July’s PHP Meetup.  Thanks to an introduction from Terry, Mariano asked Andrei Zmievski to talk about the unicode updates to PHP 6.  Due to the 4th of July, we’ve moved the meetup from it’s normal date/time to Thursday July 10th @ 7pm.  It is still at CNET like usual (thanks to GameSpot.com funding the meetup).

Title: PHP::$unicode->i18n()

Description:
PHP 6 brings fully functional and mature Unicode support to the Web world. This talk will cover all the layers of the PHP (bread)/Unicode (butter)/i18n (jam) sandwich. Come and find out how to work with locales, use collation to compare and sort strings, and format numbers, currencies, and dates for any country in the world. Bring your appetite because the toasty goodness is waiting.

When: Thursday, July 10th, 2008 at 7pm
Where: CNET Networks: 235 2nd St, San Francisco, CA  94518

You can RSVP on the SF PHP Meetup’s site or just show up.  I always like it when people RSVP so that I know how much food to buy.  But it isn’t a prereq or anything.

EDIT: I just saw that Terry mentioned PB&J and I like the idea.  So PB&J it is; plus the usual chips, sodas, candy, etc. of course.  🙂

Posted under Events, PHP, Technology, Web Development

This post was written by Michael Tougeron on June 29, 2008

Tags: , , ,