Karma's Nucleus DevBlog

When using the echo "function" to output a string which is combined of multiple parts, once could write:

echo 'foo' . htmlspecialvars($someVar) . 'bar'

The problem with this is that PHP will first concatenate the three strings (two concatenations) before using echo to dump it to the output. This means that two extra string objects will be created into memory.

The alternative is using comma's. It looks a little weird, but echo then behaves as a function that is taking multiple parameters and dumping all of them:

echo 'foo' , htmlspecialvars($someVar) , 'bar'

In this case, no concatenation is needed which means this code should be faster and more memory-efficient than the concatenating version.

I know the effect of this will be very limited, but I try to use this wherever I can.

If you're a plugin author, remember that a plugin option name can be no longer than 20 characters. While creating an option with a longer name won't fail, getting or setting the option value will.

This example won't work, e.g.

$this->createOption('ReadonlyNumericalTextOption1', '...); /succeeds
$this->setOption('ReadonlyNumericalTextOption1','foo'); // fails
$v = $this->getOption('ReadonlyNumericalTextOption1'); // fails

Knowing this could save you some time debugging a mysterious problem :)

Updated the Plugin API - Event List documentation on the developers version of the docs site. Newly listed events are FormExtra and ValidateForm. (At the bottom of the page)

I think it was immediately after the Nucleus v3.0 release that I was playing around with CafePress. One of the first days of June, to be exact. I set up a nucleuscms store with some products bearing the new Nucleus logo. Just for fun.

Curious about how such a t-shirt would look like, I ordered two. Shouldn't have done that. Really :) The expected two weeks for delivery turned out to be a whopping two and a halve months. The main delay was caused by the customs office, which seriously took its time to calculate the amount of taxes I had to pay. If you're ordering from Europe, shipping charges and taxes take up more than half of the total price. Be warned :)

Anyway, I finally received both and they look quite nice:

Some pictures:

• golf shirt: front & back
• ash grey tshirt: front & back (I think they made a mistake and printed the design of the "white tshirt" variant on an ash grey t-shirt, but I actually like it better this way.)

Sure, you can order products as well. If you really want to walk the streets wearing a Nucleus outfit, that is :) Just visit the Nucleus store. The products have a 0% profit margin, and it's not my intent to change that.

In order to understand some parts of the Nucleus core code, you need to know what references are, how they work, and how to use them. This article tries to explain the basics of references. If you're familiar with programming languages like C or C++, this will look trivial. But remember: PHP references are NOT the same as pointers in C, they're more like symbol table aliasses.

Knowing how references work will help you understand the Nucleus MANAGER class and the Nucleus Plugin API.

Here's a list of things about which I could write something in the "Inside Nucleus" series. Feel free to make additions. Also, tell me which of these topics are most important for you. With a little luck, writing about those topics will get a higher priority :)

Stuff to read: Sending XHTML as text/html Considered Harmful (Ian Hickson). The main issue is that lots of authors are using XHTML doctypes without actually knowing what they are doing.

The Nucleus admin area uses XHTML 1.0. When in debug mode, those pages are sent as application/xhtml+xml to browsers that accept it. The only advantage there is that "UAs will immediately catch well-formedness errors". When debug mode is off, the pages are always sent as text/html. I don't think this is a problem. We're expected to know what we're doing.

The default skin (grey) however, has a HTML 4.01 doctype. Main reason is that I think it's a bad idea to expect users to write well-formed and valid XHTML when editing skins/templates. Actually, we probably can't expect them to write valid HTML4 either :)

btw, the default skin doesn't validate because of the short closing tags (/>), which have a different meaning in SGML.

I've created a few bug entries. There free to take:

• 1008173 - <%active%> in category list
• 1008171 - cookie-prefix
• 1008175 - Move loadTemplate into MANAGER class
• 1008179 - (docs) Plugin events FormExtra / ValidateForm

Yet another addition in CVS: when on the admin area as a super-admin, the Nucleus version number in the top-right corner is now clickable, and points to a version check page.

The code for account activation has been committed to CVS. I need to do some more testing and tweaking, but it's starting to look fine.

If you're tracking CVS, you'll notice the addition of an upgrade3.2.php file. This does not mean that the next Nucleus version will be v3.2. I just needed something larger than v3.1. The actual version number will be decided based on the number of changes made. The reason for including an upgrade script now, is that you'll need it to create the new nucleus_activation table.

I'm currently working on account activation links instead of sending a "your password is..." e-mail. The puzzle-pieces are falling together, and here's how I think I'm going to implement things:

• Main idea is to only allow members to log in only if we are sure they have a valid e-mail address.
• Activation links remain valid for two days (48 hours). After that, they are deleted.
• The form where the password can be set will have a plugin hook, so things like captcha images can be added there.

On the PHP website, there's a list of backwards incompatible changes made in PHP5. There's not much to worry about: apart from the fixes already applied to Nucleus, there are no new issues.

For those using PuTTY to connect to CVS (project members with write CVS access), it might be interesting to upgrade to PuTTY v0.55, since it "fixes a serious security hole".

The same goes for users of FileZilla. Since FileZilla uses PuTTY when connecting to SFTP servers, it was affected too. Therefore, FileZilla 2.2.8 was released.

Update: it appears that FileZilla 2.2.8 has been replaced by FileZilla 2.2.8a. Changelog is the same, though.

I've been able to move the captcha functionality into a plugin, NP_Captcha. It's not complete yet. It needs some more work, but it's in the plugins project CVS repository as of now.

Captchas are now also present on the member info pages, when non-members are allowed to send e-mail messages to members.

The changes to the core are now also in CVS. I'll highlight the changes in this post.

In a local code repository (not in CVS yet), I'm working on better handling of errors when submitting comments, as well as on the addition of captcha images for anonymous commenting.

I've applied the changes I currently made to this blog, in order to test things a little. The captcha code is largely based on hn_captcha (GPL) from Horst Nogajski, but using a database table and generating image dynamically (created a generic CAPTCHA class for that purpose). The font I used is Dustismo (GPL) from Dustin Norlander. The captcha only shows up for users that are not logged in.

The changes to the error system are that the error is no longer displayed on a separate page, but rather above the comment form itself, with the previous values filled out in the comment form again. To do this, I had to make it possible for a page to send an action such as 'addcomment' to itself, rather than through action.php.

Let me know what you think.

Does anyone know where I can find some GPL licensed TrueType (.ttf) fonts? (to be used with the PHP function ImageTTFText)

Learned something new today: When $Id$ is present in a file, CVS replaces it by Aa standard header containing the name, revision number and date (UTC) of the file. I've added it in most of the Nucleus core files.

I've been moving some hardcoded string over to the language files. The changes are only in english.php. In order to avoid partially updated language files, I don't think it's wise to start updating other language files right away. New constants might still be added.

Some weeks before the final release of the next version, we'll mark the language file version as final and let the translators do their magic. Ideally, updated versions for all language files would then be able at the time of release.

If you come across hardcoded text, feel free to let one of the developers know. I know some pages like the bookmarklet page are entirely hardcoded in english. Didn't quite know what to do with that...

In this post, I'll try to explain what the showlist function in ADMIN.php is for, and how it works. Next to that, I'll also explain what the ENCAPSULATE, BATCH and NAVLIST are for. I'm not exactly sure if I did a good job explaining this in a clear way, but at least I tried :)

How batch operations work, is a topic for a future article.

Did some work on the family of Nucleus sites today.

• Created placeholders for the documentation, skins and wiki sites, with pointers to the current location of these sites.
• Replaced the plugins website by a similar placeholder. The old plugins site is way outdated and apparently not the best way to handle things. As for the future: either this site will redirect to the plugins section of the Wiki, or this site will become a showcase site.
• Made forums.nucleuscms.org redirect to forum.nucleuscms.org.
• Re-organized the forum according to this forum topic.
• Added a navigation bar on all sites (still missing on nucleuscms.org, though) and on the forum. It's an unordered list, controlled by a single stylesheet. This way, when styles need change, only one CSS file needs to be edited. Where possible, sites should also use an include to insert the HTML for the navbar, rather than copy-pasting the HTML code. Same reason: less files to change when something is added/removed.

In order to make sure Nucleus runs on as much servers as possible, my PHP setup (php.ini) is set up in a way to make the environment as hard as possible to work with. TeRanEX requested an overview, so here it is: