CakePHP uses salted
sha1 hashes for passwords by default, and has for a while. There has been some talk on the mailing list lately of switching the default hashing to something more secure, such as bcrypt. I think this is a great idea, and will find its way into CakePHP in a future release. Providing a reasonanle upgrade experience is the biggest problem to solve, if the default hashing strategy was to change.
Things tagged with Web Development
Web development related topics
CakePHP uses salted
In case you were not able to attend CakeFest 2011. I’ve posted my slides up on slideshare. The event was a great success. Thanks to Graham for organizing the event and to all the attendees. Its great to meet the community and put faces and names to irc handles and mailing list email addresses.
Earlier today I saw the announcement that PHP5.4 will have a built-in web server . I mentioned on twitter that I wasn’t too happy about the server being added. In the discussion that followed, I feel like I wasn’t able to properly convey my thoughts through tweets.
This week I’ve been participating in the SQLServer Jump-in Camp. My focus for the workshops have been building out better support for IIS and SQL Server in CakePHP. As I generally develop on MacOS, I do development for other platforms through virtual machines. This has worked well with linux servers in the past.
About a month ago, I decided that I would try and switch to Vim as my only editor. I’ve been a pretty hard core Textmate for about 5 years now, and haven’t really had any issues. So why bother switching? My first reason is I spend a ton of time in SSH + terminals.
I’ve recently been working a fair bit on the new documentation for CakePHP and while sphinx is amazing, it doesn’t come with a built-in domain for generating PHP documentation.
In a previous article I covered how CakePHP would potentially be moving to using sphinx for the 2.0 documentation. Myself and some of the other CakePHP developers have been working on this option, and seeing if it has any legs. Turns out that sphinx is actually a pretty great tool.
Today, I tagged the 0.3 release for my AssetCompress plugin. A few new features have been added, and several issues resolved. You can get the code from github
The AssetCompress shell is now able to generate all the build files that are named in your project. This is great for integration with build/deployment scripts.
In the release announcement for 1.3.7, it was tentatively announced that CakePHP would be moving its documentation over to ReST, Git and sphinx. Having documentation in a git repo, and using sphinx to generate documentation has a few nice wins, that would be difficult to achieve with the current book application.
I recently had a fun idea, that I wanted to try and implement for PHPUnit. I really like coloured console output. PHPUnit already has the option for coloured output, but I wanted more. I wanted to get coloured text for
I that showed up in the test run progress.
This time last year, amid rumours that the end of CakePHP was nigh, CakePHP died and rose from the dead . The year that followed those events, has been a very exciting one. CakePHP continues to be a thriving project with huge popularity, and a growing community. This year has a number of milestones as well.
Previously I wrote about the changes that have been done for the request handling in CakePHP 2.0. Response handling is another subsystem that has received a significant facelift. As with request information and functionality, response related features were spread across several objects.
Dispatcher all had a slice of the pie.
A talk given at CakeFest 2010 about unit testing, mock objects and continuous integration.
Work on CakePHP 2.0 is moving along, and I wanted to take some time to discuss and explain one of the sizeable refactorings that has been done for 2.0. In previous versions request parameters were just a bunch of arrays that were copied to the various places they were needed in the framework.
Since PHP lacks a decimal type, it only has floats and integers. Arbitrary precision floating points are reasonable once you stop expecting them to be precise. I’ve learned to deal with PHP’s floats, and arbitrary precision floats in general. However, floats behaving totally different based on the current locale, was something I didn’t expect.
I’ve been playing around with Twig in the last few weeks. I was in need of a template parser and wanted to avoid Smarty as I’ve had unpleasant experiences with it in the past, which lead me to Twig.
Over the weekend I put some time into my AssetCompress plugin. A few remaining issues were fixed and a few new features have been added since the previous release.
As you may or may not know CakePHP is transitioning to PHPUnit and with this transition comes a totally new Mock object interface/implementation.
In the past I’ve used a variety of tools to deploy client sites, most often using version control. However, for my blog I’ve always used FTP. Its a pretty old-school approach, and something that I’ve been lacking the time to correct. Last weekend I finally took the plunge and figured out how to get Capistrano to deploy my site.
In the recent bakery article concerning the ongoing development of CakePHP 2.0. The already underway migration from SimpleTest to PHPUnit was introduced. I wanted to go into some of the reasons and motivations for that decision as well as explain some of the long term benefits.