PayPal "cart upload" – much smoother than "Add to cart"

We have just finished some custom PayPal integration for Eaton Square Concerts (ESC). On the ESC booking page, you can now select all the tickets you want before heading to PayPal, thanks to the PayPal “cart upload” feature. Previously, the site was using the single-item “Add to cart” which is a bit clunky, and means the user heads back and forth between the ESC site and PayPal.

We handle the form submission on the ESC site, work out what the user want to buy, read their response to the optional questions, and then send the form off to PayPal. The intermediate step is needed because PayPal refuses to accept a zero-count for items, forcing us to check the item count before POSTing to PayPal.

Integrating Blogger and PHP

As part of my ’10 pages or less’ website framework, I needed to integrate Blogger with PHP. Blogger can publish to an FTP server (instead of BlogSpot, and so news and blog content can be included within a ‘real’ site, but the management overhead solved by Blogger.

Here is how to get Blogger working with PHP:

  1. Set up your blog to publish via FTP (on Publishing tab)
  2. Change the ‘Blog Filename’ to index.php
  3. Change ‘Archive Filename’ to archive.php (on Archiving tab)
  4. Finally, delete the old index.html file from the blog directory (otherwise it will probably take precedence over the new index.php)

You can then edit the blog Template to include all the standard PHP includes to match the rest of the site.

Asymmetry in PHP’s array_diff()

I have been working on my ueber-basic PHP-driven website engine, and ran into a really odd ‘feature’ of the array_diff() function in PHP 5.1.2: its results seem inconsistent.

Take two arrays, each with the same number of elements (say n). One of the arrays contains some string values, but the other contains all null/empty strings. array_diff($array1, $array2) returns all the elements in $array1, as expected; however, array_diff($array2, $array1) returns an array containing n empty elements. It should return just a single (empty) element.

This code demonstrates the behaviour:

// array_diff() weirdness
echo 'DEBUG - testing array_diff()';
$array1 = array('a', 'b', 'c'); // 3 entries, non-null
$array2 = array('', 'b', '');   // 3 entries, 1 non-null
$array3 = array('', '', '');    // 3 entries, all null
echo '$array1: ' . implode(',', $array1) . '.';
echo '$array2: ' . implode(',', $array2) . '.';
echo '$array3: ' . implode(',', $array3) . '.';
$diff12 = array_diff($array1, $array2); // diff array1 against array2
$diff21 = array_diff($array2, $array1); // diff array2 against array1
$diff13 = array_diff($array1, $array3); // etc.
$diff31 = array_diff($array3, $array1);
$diff23 = array_diff($array2, $array3);
$diff32 = array_diff($array3, $array2);
echo '$diff12: ' . implode(',', $diff12) . '.';
echo '$diff21: ' . implode(',', $diff21) . '.';
echo '$diff13: ' . implode(',', $diff13) . '.';
echo '$diff31: ' . implode(',', $diff31) . '.';
echo '$diff23: ' . implode(',', $diff23) . '.';
echo '$diff32: ' . implode(',', $diff32) . '.';

This returns the following:

DEBUG - testing array_diff()
$array1: a,b,c.
$array2: ,b,.
$array3: ,,.
$diff12: a,c.
$diff21: ,.
$diff13: a,b,c.
$diff31: ,,.
$diff23: b.
$diff32: .

Notice the result for $diff31, compared to that for $diff21. Why are there three elements in the result for $diff31? array_diff() should return an array of unique elements which exist in one array and not another. It seems that there are ‘special cases’ which depend on (what?) array size? nullness? element ordering? The documentation for array_diff() states:

Multiple occurrences in $array1 are all treated the same way.

The crucial question: Why are multiple occurances in $array2 not treated in the same way?

The context for this is here: html_simple_tidy()

What a shame there is no decent interactive PHP shell, like those for Python and Ruby.

Simple CMS Frameworks

I have some experience with using DotNetNuke as a CMS. It’s free, open-source, and has pretty good engineering. There are plenty of add-on modules available from sites like Snowcovered. Some of the UI elements are irritating: like a lot of early ASP.NET sites, there are too many postbacks, but it works well in general, and is easy to manage.

Community Server is targetted at a different market, and is ready-made for a typical portal site, with blogs, file downloads, forums etc.; whereas DNN is more like a toolbox, Community Server is one of those 5-in-1 screwdriver/drill combos. The site now runs Community Server, not surprising, since both are Microsoft-driven.

CMSs like PHP-Nuke are hopelessly out of date and riddled with bugs. In 2006 there is no excuse for having any SQL Injection vulns in web applications. Just do not execute raw SQL from the code: use Stored Procedures and parameters!

Joomla! is a fresh effort built on the base of Mambo, and is so far free of major bugs. It supports a flexible templating system, and has a bunch of nice features out of the can. It is, however, written in PHP, which is not very secure; PHP is seen by many as the scourge of the internet.