Small hint about outputting UTF-8 characters using PHP. I have recently worked on an issue, that required comparing characters in UTF-8 and MacRoman encodings. Generating MacRoman content in PHP is pretty straightforward - with a little help of MacRoman character table, assuming we want to get the symbol Ä (”capital letter A with diaeresis”), we can do:

The corresponding UTF-8 character coding is C3 84. There are two ways to produce it in PHP:

or the one I like more:

Obviously using pack is a bit more readable and can be used to express longer sequences in a nice and compact form.

Something to remember: if you want to use Spring Security EL expression tags in your templates, you need to insert the use-expressions="true" attribute into the http element of the config file.

But that change may also require changing syntax of the access element contents in the intercept-url elements too. To illustrate:

Before the change:

After the change:

I spent half an hour wondering why Spring Security EL expressions produced no output when used on the main Sitemesh decorator. I’ve been using:

The answer was about the filters’ order in web.xml. Originally I had it like this:

and was getting no errors and no output either.

Turns out it’s all about putting the Spring Security filter configuration BEFORE the Sitemesh one:

That made the tags show up.

Hint: in case of problems with tags used in the ‘decorators’, it is always worthwhile to test them inside the included pages as well. If something works in-page but does not in the decorator, it’s very likely the problem lies in the Sitemesh (Tiles) configuration.

With this post, I am starting a series of short articles, where I will be revealing, step by step, how to create a complete two-way synchronization module for Openbravo, that will allow to reliably synchronize customer and inventory data from and to QuickBooks.

With the 85% retail market share QuickBooks (well, Intuit) is enjoying in the US, and with a raising popularity of solutions like SugarCRM and Openbravo, my bet is that integration between them will be becoming more and more important in the near future.

I will be using techniques learnt during the development of 247QuickBooks.com, a site and a service, that allows companies using QuickBooks to share their data in an easy and secure way between business owners, employees, customers and vendors. If you want to:

• allow your customers to check their invoices quickly,
• be able to create estimates and invoices on your mobile device and have them automatically imported into your QuickBooks,
• share selected company/customer/vendor information with your (remote) employees

you may want to check it out.

Stay tuned.

The task: implement a simple set of pages (register, login, my account, forgotten password) using the combo: Spring MVC, Acegi Security, Freemarker, iBatis, SiteMesh and JQuery, deployed on Tomcat. Pretty lightweight and flexible mixture but there was also one interesting requirement: to make the login (and registration) OpenID-compliant.

The question is - how to integrate OpenID with the site implemented with the above stack. Acegi Security supports OpenID out of the box now, but as I was looking for more information on the issue, I realized Acegi 1.0.6 is not the most recent version anymore. AND the successor - Spring Security 2.0 - contains both OpenID authentication plugin and also requires 1/10th of the XML compared to the 1.0.x branch. Since I’ve already used Acegi i several projects, it looked like it’s a good chance to check the newer version.

There are a few sites which show the minimal configuration for the Spring Security so I’m not going to repeat it; instead I will illustrate what configuration should be used to obtain the following goals:

• we have a ROLE_USER and possibly ROLE_ADMIN defined (and right now we don’t care much about the ROLE_ADMIN)
• everything under the /account/ location should require the ROLE_USER
• we want to have our own login page - /login.htm ; our own logout link - /logout.htm ( new version of Acegi provides defaults for both these URLs as well as a default renderer for the login form itself - which is not an option here),
• we want the /login.htm to require the https protocol,
• if somebody logs in successfully and there is no ‘protected resource’ to be redirected to, he should be taken to the
  protected /account/profile.htm page
• if an login attempt fails, we want to display the /login.htm location again with an error message
• user passwords are stored as MD5 hashes
• we have only one table - USERS - with columns: (id, username, password, enabled, authority). For now authority is a single field containing the primary ROLE for the given user (for now - ROLE_USER). By default, Spring Security requires a separate table (called AUTHORITIES with the columns: username, authority), which I don’t like at this very moment, I want to have the role defined in a single column of the USERS table.

The biggest problem (which makes things interesting as well) is that the new Spring Security 2.0 is still relatively new, and little info on the web is available, especially if it comes to detailed configuration examples for various scenarios; so I took (well - my favorite) source-code-based approach.

If I didn’t have to customize the ‘authorities’, the configuration would be more than simple:

NOTE: dataSource has to be declared separately, it’s not included here as it is not specific to the Acegi layer - it’s the bean which contain the connection info to the database. In my case I use a custom class derived from org.springframework.jdbc.datasource. DriverManagerDataSource because I needed to incorporate some logic related to the location the connection parameters are read from (either properties of the bean defined in corresponding .xml in the .war archive, or from an external config file, located outside of the .war - if one is found at runtime).

To change the way Spring Security 2.0 reads the authorities for the user, we need to override the property ‘authoritiesByUsernameQuery’ of the jdbc-user-service ; unfortunately the XSD file does not allow us to do it. In any form - the jdbc-user-service element cannot contain any children.

I saw one suggestion, accompanied with a regular JIRA issue for extending the XSD rules to accommodate this need; in another place I saw somebody extending the default JdbcDaoImpl class - I chose the 3rd way and used the fact that it’s a Spring environment anyway, so it’s easy to customize beans by using indirect references and properties only:

This is it. Concise and simple. So simple that I don’t think I will go back to Acegi 1.0.x again.

Time to see if OpenID integration will work as smoothly as well.

Everyone knows TinyMCE, FCKeditor and friends (is Kupu still alive?), plus their commercial counterparts (as a matter of fact the TinyMCE is a default built-in editor for the WordPress). During past few days I had to pick one of them to be integrated as a WYSIWYG component in a bigger project I’ve been recently working on. At the beginning my candidates list contained 4 entries:

• TinyMCE (and the question: 2.x or 3.x and how are they different?)
• FCKEditor (stable or beta?)
• jwysiwyg
• WYMEditor

In the past I’ve been working with the first two, as for the other ones, it was/is jQuery which made me check if there are any new players built on top of this excellent library. And especially when I chose the jQuery as being the core js library for the whole project.

I gave a try to jwysiwyg and WYMEditor then - and I turned them down. They are described as simple and I like simple solutions - but in this particular context they are too simple and thus inappropriate. At least I tried - and will keep eye on them as I’m sure the functionality will be evolving (and hopefully in the right direction).

Two left, I tried with TinyMCE first. A short hesitation - should I pick the stable 2.1.x one or a development 3.x version? I’m a coder, so the answer lies in the code itself - downloaded both bundles, checked the code and my initial impression about the API was that the most recent version was the way to go. Bugs ? Moxiecode and the community are working on them, most of the plugins have been ported to the new API - let’s play with this one!

So I did, and I soon discovered an annoying thing - the nature of the project suggests that hyperlinks will be a frequently inserted element by the users. What should I do in order to insert a link in TinyMCE (and FCKEditor too) ?

• type in some text (will become a link label)
• select it
• click on the ‘anchor’ icon on the toolbar, firing the popup (or inline-popup, if the inlinepopups plugin is loaded),
• type-in the URL, review the label, possibly add extra attributes

Does it sound simple? In a way - yes, but… wouldn’t it be better, if the editor behaved more like the (in)famous MS Word? I type some text in, as soon as it resembles the hyperlink, it becomes one? So if I enter some URL - or paste some content which contains one or more URLs - they become hyperlinks automatically. No need to select and click - actually if I want to customize them - I can still use the anchor icon and tune them up. I can, I don’t have to, if all I want is to have URLs which will be saved as the hyperlinks. A ‘good enough’ default behavior is what I expect from a good interface, without using buzzwords like usability etc.

(Sidenote: Internet Explorer does underline the URL-like elements automatically - Firefox and Opera don’t though. And of course it is not about visual appearance only, it is about - technically speaking - converting selected parts of DOM text nodes into actual anchor elements)

And then - pushing things a bit more - wouldn’t it be yet better, if the editor could check whether the inserted / existing hyperlinks are reachable? With a little help of that nifty buzz-technology whose name starts with ‘A’, should be a simple stuff.

That was my semi-spec - I sat down and produced a plugin which I named autolink, which does exactly what I wanted. If you want to check it out, you can take a look at this sandbox page, containing a small demo. The page source code shows how to use the plugin too; right now I have not written too much documentation - if the plugin turns out to be useful for more people, I will be happy to exchange both implementation and usage thoughts.

If you can take a quick look into the code itself, this is the link to the actual js bundle.

As usual, apart from the results itself, it was interesting to discover / play with and solve browser incompatibilities - especially if it comes to the ‘Range object’ implementation. And finally I must admit that TinyMCE is some really very very good piece of code, its API, architecture and functionality, which comes with the editor itself (clases like DOM manipulation object, implementation of AJAX) make it a fully-functional javascript library/framework. From the outside - it looks like a WYSIWYG widget. But there is more to it - and tiny_mce_src.js shows why.

Getting back to evaluation task - it turns out it was not a real feature comparison - I did take a look at the FCKEditor API, and I still like TinyMCE more, but that’s very subjective. To be 99% sure, I’d have to implement the same thing in FCK - but if I found a tool which is good and can be customized within a matter of minutes or hours (it took me about 10 hours to implement the whole thing) - I guess it’s time to proceed with the actual target project itself.

Why to mention an IDE and a project management software together? They target different objectives, are developed in two different languages, one is a desktop tool, the other is a server-side component.

The answer is astoundingly simple, however it took me some time to spot it, with a little help of an ACM Queue magazine. The funny thing is that the article which described (or predicted) a fundamental principle which ties these two tools together appeared in the March 2005 issue - so it took me over 2 years to fully understand the implications. Or maybe it’s about the fact that I’m currently developing a module for Trac which I’m gonna use as an aid to the management of one of the projects WE (more people than just me on that particular one) are working on.

(Sidenote: when I was at the beginning of the switch from the ‘9-5′ to freelancing job model, I thought it might be a good idea to subscribe to a few magazines that were out there and had an established reputation. Living in Poland and spending most of the day at the desk in the office does not make one feel following up the trends and hot topics in the software dev industry - I had to catch-up. So I turned to the ACM, IEEE, Dr Dobb’s, The Perl Journal, C/C++ Journal, PHP Architect - and I’m reading them ever since except for those 2 which have disappeared).

The answer is:

plugin-oriented architecture

I’m not going to cite the article, especially that it’s available online. It is worthwhile reading since even if somebody knows the ‘plugin’ word (who doesn’t), it’s still good to be aware of the differences between an architecture/system which supports plugins and one which is plugin-oriented.

Why does it matter anyway?

Both Eclipse and Trac are built internally around the concept of extension points, furthermore, the extension points can be (and often should) written in such a way that they are extensible on their own. And if plugin creators are good enough at orthogonal thinking and familiar with concepts like Chain of Responsibility - it makes the whole system extendable and customizable without any limits.

A concept is interesting and the existing implementations (I’m sure there are more examples apart from Eclipse and Trac, the whole Spring framework looks like another one to me) prove it’s not just an interesting and useless theory. If you write a new system and the audience is likely to be both big and varied (which leads to an endless customization problem) - perhaps this approach will work well there as well.

And one beautiful thing is - having both Eclipse and Trac as proof-of-concepts shows clearly that software design matters more than using / sticking to any particular programming language. As long as our language of choice makes it easy to implement the Observer/Chain of Responsibility patterns. Interfaces help a lot here, but are not a must by any means.

I have been given an interesting opportunity - to participate in creation of a fresh startup-like venture, along with a person who currently lives in Silicon Valley and has successfully run own startup company for over 12 years.

The only problem I can see (except for the risk of spending the next X months on something which will eventually NOT create any benefits - but that’s not a problem, I KNOW it WILL WORK) is that I’m living on a different continent - Europe - and despite from having plans to relocate to California somewhere in 2008/2009, these plans are still pretty vague.

Is it possible to become a co-founder of a successful Silicon Valley-based startup while living in Warsaw, Poland?

Time will tell. For now I’m reading the famous Founders at Work book to get some understanding and to ‘feel the blues’.

If - by any chance - you either work in a SV startup or maybe even own one - and you find this site content interesting enough - please drop me a note , as I’m thriving for more data from people who ‘are really in it’ out there.