Introduction

I’ve inherited this application built totally on Yii. It’s a administration site that handles the management of some of our tools and I’ve been tasked with setting up user management.

I just got user auth working with salted passwords. Which works wonders and was (looking back) easier then thought to implement. Now I’m tasked with setting up user role management.

My schema looks like:

User
--------------------------
UserID, Name, Email, Password

UserInRoles
-----------------
PK, userID, RoleID

Roles
-------------------
roleID, Name, AccessLevel

When you build out your models (I used Giix to generate it) you can override the default relations() function to create relations between tables. Great, I did that. Then I ran the CRUD for Giix. I got user in roles, and a few other junk tables I really didn’t need.

What I needed was to take the user from the user table, associate it with a role I select and post that into the userinroles table. Easy? So, I thought.

How to:

1. Setup relations in your models In terms of how things are laid out, this is your knowledge of your app comes in. My user stuff related to userinroles which related to roles. I defined these relations in each class

2. Run Giix to create the CRUD interface

3. Now go into the view you want to be the central entry point for managing all these relations, for me it was the _form.php user view.

3 a.  In the _form.php it generated.
<label>Tools Access</label> <?php echo $form->checkBoxList($model, 'toolaccesses', GxHtml::encodeEx(GxHtml::listDataEx(Toolaccess::model()->findAllAttributes(null, true)), false, true)); ?>
3 b. So this automatically generated one out of 3 of my relations for this view, so I duplicated it twice, updated Toolaccess:: to reflect the controllers Role & tool, and the , 'toolaccesses' to reflect the model I wanted to update and tested it. It renders the form correctly but post doesn’t work. Well you need to update the user controller ( the controller for this view )

4. That’s easy enough, in my user controller update, I check if the userinroles post has been defined, if so iterate over that array and create a new class, pass in my attributes and update the record.

if(isset($_POST['User']['userinroles'])){     foreach($_POST['User']['userinroles'] as $role){         $userInRoles = new Userinroles:         $userInRoles->setAttribute('userid', $id);         $userInRoles->setAttribute('roleid', $role);         $userInRoles->save();     } }  
4 A. Just duplicate for actionCreate() and actionDelete(), with some modifications but you now have a basic way to add roles to a user.

 It may be smart in the update method to check if the user already has this role, if so, don’t do an update, if the user has new roles but not old ones, delete the old ones. But this gives you the basic structure to get you going.               

Permalink | Leave a comment  »

I've been a professional web developer for just about a full year now, before that I was heavy into web consulting. I spent the last 5 years as a consultant, I got my start just before college. I love learning new technologies and playing with new tools, at my job my tool is Coldfusion. Here's why I love it. 

It's not like other languages
Java and PHP have their roots in C, from their syntax to how they look and behave, a C programmer wouldn't have much problem adapting to a language like java, nor would Java developers if they could understand pointers. There are many languages built that reflect the early days of programming with C such as operators like --, += ++ etc.. 

Coldfusion is unique, it's modeled after HTML. Coldfusion is simple yet complex, it's tag structure is familiar and powerful. It *feels* like HTML but its much more powerful. It's easy to learn and get started

Database integration is easy
It's really easy in Coldfusion to create a database query, all I need to do is call <cfquery> tell it what database to access, and give the query tag a name. Something like <cfquery datasource="myDatabase" name="MyQuery"> . Within the cfquery I can use regular SQL statements such as select, insert, update and delete. To access this datasource I just give my Coldfusion server access by using the admin tool and putting in the information. 

The really nice thing Coldfusion comes with is methods defined with the cfquery. For example if you wanted to return the size of the record set, just do myQueryName.RecordCount which returns the number of listings. Also, CFquery's have built in caching, just specify the time and Coldfusion will cache it for that amount of time, from 1 second to 1 year (or more!). This is a great feature if you need it. 

Queries are implicitly returned as a structure
This is the one thing I love about Coldfusion, it chooses the best way to store the data for you then it provides a really easy interface to access the data. So as in above, you do a cfquery with a name, then to iterate over that set, you just declare <cfloop query="myQuery">. From there just call a column defined in the cfquery. If you did a select * from a table with the column fullName you would simply call #fullName#.

Cross Site Scripting is a thing of the past
HTML is great, it's a wonderful tool, if used wisely. But HTML can become a dangerous tool to trick the user if used wisely, Cross Site Scripting is easily prevented by taking a variable and passing it into HTMLeditFormat() first. This escapes all HTML and makes it useless crap. 

Permalink | Leave a comment  »

Wordpress as a CMS

Wordpress is an excellent system to build your website, blog or even portfolio on. Almost all of my projects these days are for using Wordpress as a CMS. Not only can Wordpress do blogging very well, but it can also do content management really well. Today I'm going to introduce you to the custom field. 

The Custom Field 

The custom field has been around Wordpress since version 2. It allows you to customize posts & pages with content content that can exist in areas other then the primary post area. For example you can use it to display custom HTML in sidebars based on what page it is just by specifying the correct Custom Field name in your Post or Page. 

The Example 

A really good example of this is on a recent project I needed to have a unique background image with a default fallback image in place just incase we didn't set a new background image. There are many potential solutions to this problem: 

• Set an ID of the div relative to the page ID value & create a custom CSS stylesheet with each background image
• Setup a widget/sidebar area & insert a html style on the element 
• Setup a widget/sidebar area & under lay an image & use z-index for positioning

Those would have been very complex, non-user friendly & hard to maintain; so I opted for the more user friendly experience: use Custom Fields. Custom fields are great because you can define anything you want or need within that field that is specific to just that page or blog post. But it provides you with a nice interface for managing content. 

The Code

It's really, really easy to get going on Custom Fields in Wordpress. In your page file all you need to do is define a name & then call it in your page or post. 

Here's an example of my code: 

<?php

// Showing the custom image defined on the page on admin 

if(get_post_meta($post->ID, "backgroundImage", true) != "") {

$format = 'style="background:url(%s);background-repeat:no-repeat;"';

printf($format,get_post_meta($post->ID, "backgroundImage", true));

}

?>

Let me break it down for you: 

• Simple control structure to check for the existence of the get_post_meta data
• The get_post_meta returns the data found with the page/post ID of argument backgroundImage, if nothing's found it returns a false & terminates the statement. 
• $format is setting up a PHP format string, with the %s esentially a veriable we're going to use later
• the printf calls the $format & the backgroundImage and formats it into a string

Doing this ensures that:

1. I have a fall back for when something isn't defined. 
2. I override any css by placing this as an inline style vs a css stylesheet style, ex <div //PHPstatement> </div> 
3. The format string insures that I get the correct placement of the backgroundImage link every time the script is run when the page is built. 

Now to use this, all you need to go to is Post (Or Page) > Your page or Create New > Under the body of where you enter the content is a section for custom fields. Just plugin backgroundImages & the url, then you are golden! 

Resources

• Custom FIelds (Wordpress Codex)
• PHP Printf() Manual

Permalink | Leave a comment  »

Welcome to my blog!

I'm Adam Boug, I'm a web developer & I'll be bringing ideas to you about software development, web application development, Wordpress, Coldfusion, jQuery & a whole host of other sub topics that I'm interested in about technology & software engineering.

You can find me on the web:

Twitter: @adambourg

Facebook: www.facebook.com/AdamBoirg

Web: www.AdamBourg.com

Permalink | Leave a comment  »