FlashApe

There is a weird bug in AMFPHP regarding sending negative integers. If you try and send a number such as -87, it shows up as 4294967209 in php. I did some digging and found on the amfphp forums that it has to do with amfphp's readAmf3Int() method in AMFDeserialzer.php. Here is the updated function that was posted on the forum:

Ran into an issue today with AMFPHP trying to send an ArrayCollection...it kept choking when trying to decode the collection. I knew this was already possible, but forgot I had installed the php extension AMFEXT, which handles the encoding/decoding for amfphp when it is installed. Turns out that it doesn't like incoming arraycollections. Disabling the extension fixed my problem, but I would sure like find a way to get them working together.

If you're spending a decent amount of time manipulating images in php using GD or command-line ImageMagick, you should check out the Imagick php extension. Imagick provides an object-oriented interface to the ImageMagick API.

As far as I can tell, this extension was left for dead a while ago but revitalized over the last year or so and is now rockin pretty hard. The developer is pretty responsive on the Imagick board at the ImageMagick forums as well, and he's got lots of nice code tidbits on his own blog.

There is also the MagickWand For PHP extension, but I found the syntax pretty odd to deal with, it probably relates more to the way GD works than the OO style of Imagick.

Finally getting back into using Flex again, and was trying out the Remote Object tutorial here. Everything went fine for the Hello World tutorial, but I kept getting 'Client.Error.DeliveryInDoubt' messages from the PersonService. I read a couple of places that there had been issues with charset handling in amfphp, so spent a bunch of time with that, but still no luck. Then I remembered that I created the php file for HelloWorld in TextMate, and create the 2 php files for the PersonService in Flex Builder. Sure enough, after recreating the php files in TextMate everything worked. I'm not sure if it was an encoding issue, since it seems like both TextMate and FlexBuilder default to utf-8. I did notice that in FB, the preference for 'New Text File Line Delimiter' (under General/Workspace) was set to default, so I changed it to Unix to line up with TextMate.

Then I went out and installed PDT to set up a PHP perspective within FB.

Here's my take on downloading the flv's directly from youtube and google to stream into flash. It's made up of two parts - an AS 2 class called FLVFetcher and a php script.

As of right now, to get the path to the flv file you simply add and event listener for the ON_URL event, then all you need to do is pass the video id of the file you wish to load.

For youtube videos, its that is the value of the 'v' variable in a url like:
http://www.youtube.com/watch?v=Tkq2Kq-LmJg,

and for google video, its the value of the docid variable in a url like:
http://video.google.com/videoplay?docid=-988708193861222512.

FLVFetcher.fetchByID(id:String, videoType:String);

The class has two constants you can use for the video type, either FLVFetcher.YOU_TUBE or FLVFetcher.GOOGLE.

On the php side, it uses a custom HTTPRequest class to get around server configurations where remote file access is disabled.

You can check it out here and download a zip of the source here.

Some example code:

import com.f1fd.flv.FLVFetcher;
import com.f1fd.flv.FLVFetchEvent;

import mx.utils.Delegate;

// for google, you jsut need the 'docid' variable from the url
var googleID = "-4329042477720699378";

// for youtube vids, all you need is the 'v' variable
var youTubeID="J0TiFPynBgI";

var fetcher = FLVFetcher.getInstance();

this.onEnterFrame = function(){
	init();
	delete this.onEnterFrame;
}

function init(){

	FLVFetcher.PHP_PATH = 'get_video.php';

	fetcher.addEventListener(FLVFetchEvent.ON_URL, Delegate.create(this, onURL));
	fetcher.addEventListener(FLVFetchEvent.ON_ERROR, Delegate.create(this, onError));

	google_button.addEventListener ('click', Delegate.create(this, onGetGoogleClick));

	youtube_button.addEventListener ('click', Delegate.create(this, onGetYouTubeClick));
}

function onGetGoogleClick(){
	fetcher.fetchByID(googleID, FLVFetcher.GOOGLE)
}

// change second param to FLVFetcher.GOOGLE for google videos
function onGetYouTubeClick(){
	fetcher.fetchByID(youTubeID, FLVFetcher.YOU_TUBE)
}

function onURL(evt){
	message_txt.text = 'The URL is : '+newline+evt.data;

	my_vid.contentPath = evt.data;
}

function onError(evt){

}

While trying to figure out how to copy an entire directory to a new location (on the same web server) in php, I came across this function. I took that as a base and modified it to handle premissons better:

just wanted to point out phpClasses.org, a repository for php classes (surprise). Although their site is pretty hideously ugly, it looks like they have a ton of useful classes to choose from, divided up into 60 or so categories.

It got me thinking, is there anything like this available for actionscript? I can't recall seeing it anywhere.

found this via boyzoid's blog. dBug what looks to be like a realyl cool variable debuggin class. From the dBug homepage:

It's a class that displays structured information about a variable in a colored tabular format. Simply put, it's PHP's var_dump function on steroids.

It says it's the equivalent of cold fusions's cfdump (never used cf so that's lost on me). But checking out the output of a dBug call, it looks really cool, it's almost weird to see it look so nice after using crap like print_r and var_dump in php.

Just finished reading the book Essential PHP Security, the O'Relly book by Chris Shiflett. It's short, only about 100 pages or so, but it hits the mark really well.
Often with web apps you will hear the terms "sql injection", "cross-site scripting(XSS)", "spoofing", "session hijacking" and a bunch of other stuff that doesn't sound so good. The other of this book doens't just talk abou them, he offers examples of how these area done, in the hopes of showing the readers how simple these attacks are to pull off, and how easy it is to offer up some defenses against these kinds of attacks.
The main defenses the author pounds into your head when reading this book is to "filter input", and "escape output":
� filter input - All data coming in to your app from a remote source (a web form, a database, even session data) should be considered tainted. In his book, the author creates a new array and holds all filtered data in the array, and uses that in his scripts instead of any raw data being sent in.
� escape output - using functions such as htmlentities() and mysql_real_escape_string() to escape any characters that a browser may interpret as html. Example: someone could add a javascript directly into a comment box in someones blog that does soemthing nasty. If that script is not escaped when the the comment is dispalyed on the page, it will run as html and cause some damage.
There are other points he makes about "defense in depth", which is basically redunt checking of data in a php script, not using register globals etc. and shows you many poins in a web app that have a potential for huge security risks.
For me, the book shed a huge light on a subject that is often talked about, but most of the time not really understood, and often delibrately and completely ignored. Now if you'll excuse me, I've got some glaring security holes to fix.

Ok, probably not. but I did run across this interesting article over on DevShed that discusses the possiblites. Make sure to read the comments after the article.