Haskell FastCGI with Apache

By Thomas | Published: June 25, 2009

It’s pretty easy to get started with Haskell web-applications using the [cgi][hs-cgi] and [fastcgi][hs-fastcgi] packages, but a little bit of extra documentation never hurt anything. What follows is a brief run-down of getting a Haskell FastCGI program compiled and working under Apache with mod_fastcgi.

[hs-cgi]: [hs-fastcgi]:

Read More »

Posted in Haskell, Web | Tagged , , , | Leave a comment

Django form fields and templates

By Thomas | Published: June 22, 2009

I’ve been working with Django for the last little while (or long while) and something that stumped me for a while was a useful, generic approach to marking-up forms in HTML. In particular, making it possible to use CSS to style classes of fields (all checkboxes, for instance, or all date-pickers) effectively. Doing so requires being able to write a selector to pick such elements out, but I found it very difficult to do so.

The only way, as far as I (and the replies on django-users@), is to write a template filter to extract a such a value for you. Thankfully, this it pretty easy:

    @register.filter
    def field_type(field):
        """
        Get the name of the field class.
        """
        if hasattr(field, 'field'):
            field = field.field
        s = str(type(field.widget).__name__)
        s = s.rpartition('Input')[0]
        s = s.lower()
        return s

I can use the above filter to add a class to my form markup:

    {% for field in form %}
        {% if field.is_visible %}
            <div class="form-field form-{{ field|field_type }}">
                {{ field.label_tag}}
                {{ field.errors }}
                {{ field }}
            </div>
        {% else %}
                {{ field }}
        {% endif %}
    {% endfor %}

Which I can then use in my CSS to style particular widgets without having to do them one-by-one using ID’s:

.form-field label {
    display: block;
    width: 15%;
    float: left;
}
 
div.form-checkbox label {
    width: 85%;
    float: right;
    clear: right;
}
div.form-checkbox input {
    float: left;
    margin-left: 12%;
}
Posted in Web | Tagged , , , , , | 1 Comment

Specifying a UNIX socket using MySQL with Django

By Thomas | Published: April 16, 2009

It is sometimes necessary to specify a particular UNIX socket for [MySQL][mysql] [client libraries][mysqldb] to use (for example, when you have more than one MySQL server on the machine and wish to use one other than the default). The canonical way to specify a particular UNIX socket for [Django][django] is to give the full path as the DATABASE_HOST option in the project settings file1:

Read More »

  1. See, for example, the documentation for DATABASE_HOST 

Posted in Development, Web | Tagged , , , , | Leave a comment

Installing the Python Imaging Library on Mac OS X Leopard

By Thomas | Published: March 30, 2009

Like many other developers, I work on a variety of UNIX-like operating systems including Linuxen, BSDs, and Mac OS X. While it’s generally pretty easy to build and install new software on Linux and BSD-based systems, it can be something of a pain in the arse to get some things to build on OS X, particularly when the multiple-architectures stuff comes into play. The most recent trouble I’ve had is in installing Python Imaging Library (henceforth PIL).

Thankfully, it’s not too hard to figure out the problems and get it built, installed and passing the tests. This post provides a few pointers to getting PIL working on OS X 10.5.6 with the Python 2.6 package and a bunch of libraries installed using Macports.

Read More »

Posted in Development | Tagged , , , , , , , , , , , | 7 Comments

SPIP tags with multiple aliases

By Thomas | Published: March 27, 2009

This is yet another post about creating tags for use in SPIP templates. First I’ll describe how to create tags with multiple “names” (e.g. #INCLURE and #INCLUDE) and then I’ll build on this technique, my previous post Dynamic tags, fake arguments, and AST mangling in SPIP, and a pattern used in SPIP’s code to create suites of tags with multiple similar but slightly different functions.

As usual, you’ll need to know [PHP][], and the SPIP template language before this will make much sense, and I’d recommend reading my posts about creating static tags, dynamic tags, and faking tag arguments as well.

Read More »

Posted in Development, Web | Tagged , , , , , , , , , , | Leave a comment

Dynamic tags, fake arguments, and AST mangling in SPIP

By Thomas | Published: March 11, 2009

One occasion in which SPIP’s dynamic tag facilities is a little lacking is when you need to access details of the AST — perhaps the name of the template file, perhaps something else — to generate your content. In this post I’ll describe the obvious (but wrong) approach to passing values into a dynamic tag and another technique that actually works.

You should know about the SPIP, its template language, static tags, dynamic tags and be comfortable with PHP before reading this article.

Read More »

Posted in Development, Web, WoBloMo | Tagged , , , , , , , , , , | 2 Comments

Creating custom tags for SPIP - Dynamic Tags

By Thomas | Published: March 11, 2009

A lot of the content on modern web-sites is dynamic: from lists of “currently online” user and targeted advertising, to widgets full of live data, dynamism is as much the catch cry of the Web 2.0 as “user created content”. To add dynamic elements like these to your SPIP site, you’ll need to make use of it’s facility for dynamic tags (or break out into PHP, but then what’s the point of a template language?). In this article I’ll describe SPIP’s dynamic tags and how to create your own. I’ll also touch a little on SPIP plug-ins as they’ll make things a little easier.

If you haven’t already read Creating custom tags for SPIP — Static tags — the previous post in this little series — you probably should do or this might seem a bit confusing.

Read More »

Posted in Web, WoBloMo | Tagged , , , , , , , , , , | Leave a comment

Hierarchical Rights in Drupal

By Thomas | Published: March 5, 2009

I discovered a blog post called More flexible rights management? by Larry Garfield at some point over the last three days (that being how long Safari has been running). Having a few thoughts about it and a pressing need to write a blog post for today, I’ll get them down “on paper” and call it a job done. Larry references Markus Wolff and his description (in a post called A pragmatic approach to rights management) of an permissions management system. Markus’ system (he in turn references a former boss, but I shall ascribe it to him anyway) looks like this:

  • Rights are denoted by dot-separated, reverse hierarchical names (e.g: ”Application.Component.Subcomponent.Right”).
  • Permissions can specify rights with wild-cards (e.g. ”Application.*”).
  • Rights can also be negated (e.g. ”-Application.Shutdown”).

Thus a user who can do anything except shut the application down might have a permissions list like:

    <?php
    $user->perm = array("Application.*", "-Application.Shutdown");

As such schemes go this one is adequate, but as a replacement for Drupal’s current system it’s not that crash hot. In fact, all it brings to the table is a little more convenience: it is no more expressive than the current system. Now convenience is a pretty cool thing and the Drupal permissions system could really, really, really do with some more convenience, but if there’s to be a new system, I’d much rather see something genuinely more powerful.

My suggestion is this: rather than have a single hierarchy of rights which jumbles variously the rights, the objects, and the implementers of both into one great big messy tree, why not have rights permissions be a tuple of a right and an object specifier. This will result in two smaller, less complicated trees the paths of which can be clearly and easily interpreted. With this scheme, many of the permissions seen on most Drupal sites would be replaced with a much smaller collection of rights and a similarly small number of object specifiers.

The current system includes five permissions (create, delete own, delete any, edit own, and edit any) for each and every content type. In my suggested system, these would be replaces with just those five rights which would, when granted, be applied to particular object specifiers. The “edit any story content” permission might become “(Core.EditAny, Node.Story)”, for example.

One advantage such a scheme would have is in breaking down some of the super permissions like the various “administer …” permissions. Rather than creating large numbers of new permissions, it would be possible to grant “Core.Administer” right to a particular group of settings. Again, this will reduce the large number of permissions (approaching one per module) and replace them with a single reusable permission applied to a range of domains. The “administer menu” permission might be replaced with “(Core.Administer, Menu)” or, more excitingly, with “(Core.Administer, Menu.PrimaryLinks)”.

Having written a little about this, I’m not entirely sure that it’s a good idea or a good fit for Drupal. Such a flexible system would certainly have a smaller UI (in terms of screen real-estate) than the current approach, but it would be more complex. It would make core more powerful, but it wouldn’t obviate the need for third-party modules to augment or replace the system when it can’t implement a required policy. In fact it’s a stupid idea, so forget about it and lets all just pretend that I didn’t say anything.

Posted in Development, Web, WoBloMo | Tagged , , , | 1 Comment

Content types and dispositions in PHP

By Thomas | Published: March 3, 2009

Originally published at thomas-sutton.id.au

This is more for myself than the world (I keep forgetting it and have to look it up every time I need it), but it’s a blog post and it’s on the Third so it counts for [World Blogging Month][woblomo].

Exporting data is an important feature for almost any web-application, but it’s one that many implement poorly or skip all together. Most of my day job is focused on creating static-ish web-sites, but every now and again I need to gather and process data in ways that my normal tools can’t handle. When I do, I inevitably reach for CSV when it comes time to export data. Producing CSV is a potentially complex and messy business: there are so many different conventions for quoting and escaping that the name “comma separated values” is really the least important aspect of the whole thing.

That said, I normally don’t bother with any of that and just (being, of necessity, a PHP user):

    <?php
    echo implode(",", $values), "\n";
    ?>

It’s probably just a bunch of integers anyway, so there won’t be any commas anyway.

After I’ve got that working, I need to force the browser to prompt the user to save the file other ways the clients — many not particularly computer literate — will get all confusified. Thankfully, the W3C have considered this (or the people who wrote the MIME RFCs, I’m not entirely sure which is the chicken and which the egg) and given us a mechanism to specify exactly this: the Content-Disposition header in HTTP/1.1.

A Content-Disposition header looks something like this (from RFC2183):

    Content-Disposition: attachment; filename=genome.jpeg;
      modification-date="Wed, 12 Feb 1997 16:29:51 -0500";

Like many headers, the value (the bit after the colon) can have several parts separated with a semicolon. The first part (attachment in the example above) tells the browser what to do with this content. “Attachment” indicates that this is an attachment, as opposed to content which ought to be displayed, and should be downloaded or indexed or whatever the client usually does with such things. The filename parameter tells the client the original filename associated with the content, generally so that the client can display the correct default in the whatever “save as” dialogue it displays to the user. The final parameter in the example specifies the date that the content was last modified, again so that the client can set the date on the file if it is saved.

Sending Content-Disposition is as easy as sending any other header with HTTP. In PHP, my code generally looks a little something like this (Notice that the filename parameter is quoted, as RFC2616 describes):

    <?php
    $filename = "thingo-". date('Y-m-d H:i') .".csv;
    header("Content-Type: text/csv");
    header("Content-Disposition: attachment; filename=\"$filename\""
    ?>

After which, I’m ready to loop and echo away.

Alternatively, pretty much every browser out there will prompt the user to save a file with the application/octet-stream MIME type. Sending such a MIME type instead of a Content-Disposition header will save you a few dozen bytes and a function call which could — conceivably — go wrong, but it doesn’t specify a filename, so you’re liable to wind up with your script’s name (often something like export.php).

It’s important to note that, while it is widely implemented, the Content-Disposition header is not part of the HTTP standard and does have security implications (though these generally boil down to: some users are stupid and trust things that come through the intertubes).

Posted in Development, Web, WoBloMo | Tagged , , , , , , , , | Leave a comment