shuffle() or: How I Learned to Stop Worrying and Love PHP

March 15, 2009 — Leave a comment

I have said some not very nice things about PHP on this blog, and I’m sure over time I’ll be adding more such criticisms. This time I’d like to highlight a handy little feature in PHP, one that is a great deal easier to use than it’s Java counterpart.

Shuffling the elements in an array is probably a programming exercise in every single 1st year computer science textbook, it’s easy enough to do, but because it’s been done roughly 100 million times before, it feels moronic doing it again. So it’s nice when programming languages offer it as standard language functionality. PHP does by way of the shuffle() function and Java does by Collections.shuffle() static method. Seems simple enough, except that an array is not a collection in Java. So you can’t take your int[] and shuffle the elements quite so easily.

If you have an Integer[] in Java you can just pass it into Arrays.asList(array), get the collection and shuffle it. Uh oh, I said Integer[] which sadly is not the same as an int[]! So the difference between the two means I’m going to need to convert all the elements of the int[] into a Integer[] before I can shuffle it, geez, if I have to iterate the list once to convert type, I may as well just not put them back where I found them!

So this is me admitting there is an advantage to a dynamic language. I maintain I’d still rather pay the upfront cost of a few extra lines of code here-and-there for type safety, try getting a PHP IDE to reliably autocomplete instance methods for you, when it doesn’t know the type of a variable! Perhaps I need to start using Eiffel

In Language Design, PHP , , ,
permalink

Magento CSRF attack: A Simple Explanation

March 3, 2009 — Leave a comment

Everyone with a Magento store will recently have seen the notification that a possible CSRF attack against the Magento admin interface has surfaced. I thought I would take this opportunity to give a quick overview to CSRF(Cross-site request forgery) attacks, particularly how they work against web administration panels such as Magento and ways to protect Magento and other web applications from these sort of attacks.

The CSRF Basics

The easiest way to explain the attack is to think about what is happening under the hood when you are navigating a web page. You browser makes requests to the remote server for content, and to manipulate data stored on the server. In a strict RESTful approach to web applications, your browser will make GET requests when you are reading information and POST or PUT requests when you are creating or updating information.

Continue Reading…

In Magento, Web Development , , , ,
permalink

Google Checkout disabled – Not available with these items

February 28, 2009 — 14 Comments

I was recently asked for help on a Google Checkout problem where the Google Checkout Button on the Magento cart page was disabled with a message saying: “Not available with these items“.

I had a look at the Magento store in question and found a few clues to go on but a
Google search on the subject proved to be of little help unfortunately. The button looks like the one shown in the screenshot below:

The disabled Google Checkout button on the Magento cart/checkout screen. It looks like the normal one only greyed out.

The disabled Google Checkout button on the Magento cart/checkout screen. It looks like the normal one only greyed out.

The underlying URL for the button is:

 <img src="https://checkout.google.com/buttons/checkout.gif?merchant_id=5677186919&amp;w=180&amp;h=46&amp;style=white&amp;variant=disabled&amp;loc=en_US" alt="Fast checkout through Google" />

The big clue was the parameter on the Google Checkout button image URL on the problem store. It had variant=disabled which is generated server side, and so had to be coming from somewhere within Magento. A big fat grep over the code uncovered a variant=' string fragment in Link.php.

Continue Reading…

In Google Checkout, Magento, Magento Installation, Web Development , , , , ,
permalink

Magento Parade – A Magento Design Showcase

February 28, 2009 — Leave a comment

I have recently put together a simple little Magento review and design showcase site called Magento Parade. It’s a chance for Magento designers and developers to check out stunning stores and get inspiration. For designers and developers with innovative ecommerce stores it’s a great chance to get some feedback on your stores and see how they are rated by your peers.

Screenshot from Magento Parade

I’ll be periodically adding a review and seeking feedback from other developers and designers. If you have a magento store you think is pretty special then suggest your store for review in the showcase.

I’m also really keen to try and find some guest reviewers to offer their expert feedback on the showcase stores. If you have specialty knowledge in ecommerce SEO, or web marketing and would be keen to offer some tips or advice, please get in touch with me to discuss.

In Magento, Projects, Web Development , , , , , ,
permalink

5 Free Professional Magento Installations

February 24, 2009 — 10 Comments

The first 5 Magento Installations I do will be free! Whats the catch? You have to provide me a review of the work I do and my professional service in general that I can put on my blog for others to see. Simple eh?

I’ve decided to start offering Professional Magento Installations as a service, there is high demand for a well installed Magento. All too many people with not quite enough knowledge or skills are having a go at it then ending up with failed installations. I have helped a number of people on the Magento forums who for a small fee could have saved themselves hours of headaches and had the work done quickly by a professional.

My standard price will be $99, I see that Magento themselves charge $149 – so naturally I wanted to make my Magento Installation cheaper without cutting back on quality or timeliness. I will often be able to install same day, and usually install within 2 days.

Of course the price is ZERO right now for a limited time I’ll install your Magento for FREE, so if you are contemplating it, get in touch with me.

Because I haven’t offered any professional service on this blog before I thought I’d offer to do the first 5 Magento Installations free of charge to get some references from happy customers! So if you want your Magento installed for you by an expert, check out my professional services page. Be in quick, I’m sure this won’t last.

In Magento, Magento Installation, Services, Web Development , , , , , ,
permalink