mattattui

Using Tiny (ID obfuscator) with Symfony2's ParamConverters

• Symfony's convenience methods for automatically fetching database entities from URL parameters are super-handy.
• Obfuscated/hash IDs are a great idea, especially in APIs (where you aren't concerned with SEO, but might be concerned about sequential numeric ids or exposing database information).
• Here's how to make them work together.

The stuff in this gist sets up a Twig filter (obfuscate) to create the obfuscated ids (for URLs), makes the obfuscator available as a service (id_obfuscator) so you can also generate obfuscated URLs in your controllers or whatever, and extends the DoctrineParamConverter to allow it to retrieve entities by their deobfuscated id.

Following Phil Sturgeon's excellent advice in Build APIs You Won't Hate, I've also added an option to allow multiple ids to be loaded at once, like /resources/id1,id2,id3,id4. It's really quite handy sometimes. Bewarned though; it won't

mattattui

<div id="bellend" class="bellend hidden">STOP THAT</div>

<style>
    .hidden {
        display:none;
    }
    .bellend {
        background: #000;
        color: #FFF;
        height: 100%;

mattattui

<?php
// This code shouldn't actually be *here*, obviously
$theme = filter_input(INPUT_POST, 'theme', FILTER_VALIDATE_REGEXP, [
    'options' => [
        'regexp' => '/^pink|blue|whatever$/',
    ],
]);

if ($theme) {
    // Persist the theme somehow (just session here, but could be cookie or user profile)

mattattui

<?php
/**
 * Doctrine DBAL server storage class for LEOP's OAuth2 server library
 * 
 * Why? Because the built-in one uses zetacomponents/database and the rest of
 * your app uses Doctrine2 ORM or DBAL. Using this DBAL implementation offers
 * no other advantages; zetacomponents/database and doctrine/dbal are roughly
 * equivalent.
 */
namespace Inanimatt\OAuth2\Server\Storage\DBAL;

mattattui

<?php
require_once __DIR__.'/vendor/autoload.php';

use Symfony\Component\HttpFoundation\Request;

$request = Request::createFromGlobals();

$dirty_html = $request->get('dirty_input');

$config = HTMLPurifier_Config::createDefault();

mattattui

<?php
namespace Acme\DemoBundle\Command;

use Symfony\Bundle\FrameworkBundle\Command\ContainerAwareCommand;
use Symfony\Component\Console\Input\InputArgument;
use Symfony\Component\Console\Input\InputInterface;
use Symfony\Component\Console\Input\InputOption;
use Symfony\Component\Console\Output\OutputInterface;

class ImportCSVCommand extends ContainerAwareCommand

mattattui

<?php
$dir = new DirectoryIterator('/Users/matt/Projects/Domain-Calendar');
$files = new RegexIterator($dir, '/^composer/');
foreach($files as $file) {
    echo $file->getPathName().PHP_EOL;
}

mattattui

<?php

class CSVIterator extends SPLFileObject
{
    protected $first_row = true;
    protected $columns;
    
    public function __construct ($filename, $delimiter = ',')
    {
        parent::__construct($filename);

mattattui

<?php

/**
 * Test if given file is a web image (gif/jpg/png)
 * 
 * Requires PHP 5.3 or newer (builtin) or the Fileinfo PECL extension.
 * 
 * @param  string $file Path to image
 * @return boolean      True if web image, or false if unreadable or not image
 */ 

mattattui

#!/bin/bash

# Will add --dry-run unless the --go option is set. All other arguments passed to rsync (e.g. --delete)
SOURCE=.
DEST=example.com:/var/www/mysite

DRYRUN="--dry-run"
args=()

for var in "$@"