API Archives | portalZINE NMN | Development meets Creativity

17. June 2019

Keeping Development Credentials Secure

Development today relies on multiple teams, services, and environments all working in unison. A topic that always comes up, when setting up a new development environment: How do we secure important credentials, while not making it too complicated for the rest of the team?

The key when working with version control systems like Git, is to keep any type of credentials out of the versioning system. These can be API keys, database or email passwords.

Even if its a private repository, development environments might change. It can be a simple staging & live website setup you are maintaining.

.env Files for Environment Variables

DB_HOST=localhost
DB_USER=username
DB_PASS=password

DB_HOST=localhost

DB_USER=username

DB_PASS=password

The simplest way in PHP is to use .env files to store your credentials outside of the public accessible directory structure. So outside the public_html, but still within the reach of the executing environment to read it. Variables are accessible through $_ENV['yourVar'] or getenv("yourVar"), once included in your code.

To make it simple you can use the popular package vlucas/phpdotenv, which reads and imports the file automatically.

&lt;?php
require_once __DIR__.'/../vendor/autoload.php';

$dotenv = new Dotenv\Dotenv(__DIR__.'/../');
$dotenv->load();
?>

<?php

require_once __DIR__.'/../vendor/autoload.php';

$dotenv = new Dotenv\Dotenv(__DIR__.'/../');

$dotenv->load();

Don’t fool yourself, if an attacker finds a way into your system, these variables can be easily read. This is just hiding the file from public access and provides some convenience while developing or sharing code.

Encrypted .env files

Some people propose to encrypt / decrypt environment variables using a secret key. But if an attacker can access your data, he can also find the secret key.

There are some nice packages that offer just that. You have to decide if those fit your ammo.

The psecio/secure_dotenv library provides an easy way to handle the encryption and decryption of the information in your .envfile. @Github
johnathanmiller/secure-env-php – Env encryption and decryption library. Prevent committing and exposing vulnerable plain-text environment variables in production environments. The lib provides a nice guided interface to encrypt your .env file. @Github
beyondcode/laravel-credential – Add encrypted credentials to your Laravel production environment. You can edit and encrypt using php artisan credentials:edit. @Github

Apache Pull – setting environment variables

The Apache2 environment variables are set in the /etc/apache2/envvars file. These variables are not the same as the environment variables of your Linux system; they are stored and manipulated in an internal Apache structure.

The /etc/apache2/envvars file holds variable definitions such as APACHE_LOG_DIR (the location of Apache log files), APACHE_PID_FILE (the Apache process ID), APACHE_RUN_USERS (the user that run Apache, by defaultwww-data), etc.

You can open and modify this file in a text editor of your choice. This is nice, but far from simple and requires a server restart. This is something which helps you when hardening security on a live deployed setup.

There are dynamic approaches, but you can do some research for that yourself :) Skipped that rabbit hole for now …

Infrastructure Secret Management

Handling secrets completely detached is another possibility. This is surely an overkill for most cases, but using an Infrastructure Secret Management concept might be worth looking into, if you are working on bigger scale projects that involve multiple development teams and setups. These services also often deal with secret rotation.

HashiCorp Vault – “Vault is a tool for securely accessing secrets. A secret is anything that you want to tightly control access to, such as API keys, passwords, certificates, and more. Vault provides a unified interface to any secret, while providing tight access control and recording a detailed audit log.”

You can deploy your own vault on your own infrastructure or test out a hosted version, which is free for Open Source projects. HashiCorp Vault

You will find a bunch of Hashicorp related packages that will help you to integrate a vault into your project workflow (scmrus/php-vault-env , poc-webapp-vault).

While this is nice, you will need to cache / store credentials somewhere, as you don’t want to query the vault on every single access.

The Hashicorp Vault is not the only Infrastructure Secret Management solution. There is a nice Github Gist that lists other solutions and a nice feature matrix.

Amazon also provides a solution called AWS Secrets Manager, which makes a lot of sense, when you build and deploy on AWS already :)

What a rabbit hole, once you start researching solutions :)
Have fun …

30. May 2019

Have you heard of GatsbyJS?

Gatsby is a free and open source framework based on React that helps developers build blazing fast websites and apps.

What they have to say …

Go Beyond Static Websites. Get all the benefits of static websites with none of the limitations. Gatsby sites are fully functional React apps so you can create high-quality, dynamic web apps, from blogs to e-commerce sites to user dashboards.
Use a Modern Stack for Every Site. No matter where the data comes from, Gatsby sites are built using React and GraphQL. Build a uniform workflow for you and your team, regardless of whether the data is coming from the same backend.
Load Data From Anywhere. Gatsby pulls in data from any data source, whether it’s Markdown files, a headless CMS like Contentful or WordPress, or a REST or GraphQL API. Use source plugins to load your data, then develop using Gatsby’s uniform GraphQL interface.
Performance Is Baked In. Ace your performance audits by default. Gatsby automates code splitting, image optimization, inlining critical styles, lazy-loading, and prefetching resources, and more to ensure your site is fast — no manual tuning required.
Host at Scale for Pennies. Gatsby sites don’t require servers so you can host your entire site on a CDN for a fraction of the cost of a server-rendered site. Many Gatsby sites can be hosted entirely free on services like GitHub Pages and Netlify.

What I have to say …

While researching some popular static site generation tools, GatsbyJS comes up often. I have played with NuxtJS and Hugo in the past, but what I REALLY like about GatsbyJS is the plugin / modular system. You can build your website with plain-old React and CSS styles, but make your development more efficient by adding node_modules.

Also being able to import any data source with ease, using GraphQL, is amazing. And when it comes to content management, you can easily hook a headless WordPress or Drupal setup into the mix and consume their REST APIs :)

I am not switching my own website to GatsbyJS anytime soon, but its another tool in my toolbox for future project consideration !

There are many tutorials on Youtube about getting started, maybe something to consider for the next freetime testdrive ;) Enjoy …

GatsbyJS @ Github

18. May 2019

Screenshot Service with Node.js

Manet is a REST API server which allows capturing screenshots of websites using various parameters.

The Node.js server can use SlimerJS or PhantomJS as headless browser engines.

I have build similar with CasperJS, but this is far better for those that want a simple straight solution.

@GitHub

7. June 2018

Youtube iFrame API and Cookieless Domain solution (GDPR / DSGVO)

GDPR / DSGVO REQUIREMENTS

The GDPR makes us jump through a lot of hoops to cleanup our websites and make all our code compliant. Many aspects of the GDPR are far from completely defined yet and there is a great uncertainty what is required, what can stay and what needs to be adjusted right now.

EMBED YOUTUBE VIDEOS

Embeding Youtube videos is one area, that many are afraid of. You need to mention the use of youtube in your data privacy policy.

Something like that :”Our website uses plugins from YouTube, which is operated by Google. The operator of the pages is YouTube LLC, 901 Cherry Ave., San Bruno, CA 94066, USA.

If you visit one of our pages featuring a YouTube plugin, a connection to the YouTube servers is established. Here the YouTube server is informed about which of our pages you have visited.

If you’re logged in to your YouTube account, YouTube allows you to associate your browsing behavior directly with your personal profile. You can prevent this by logging out of your YouTube account.

YouTube is used to help make our website appealing. This constitutes a justified interest pursuant to Art. 6 (1) (f) DSGVO.

Further information about handling user data, can be found in the data protection declaration of YouTube under https://www.google.de/intl/de/policies/privacy.”

IS THAT ENOUGH

The question remains, if that is actually enough?
Youtube allows you to switch to a cookieless embed on their website, that limits the data flowing to Google servers.

THE IFRAME API

But how do you use that programmatically, with the Youtube iFrame API?

The iFrame API documentation has not been updated since 2014 and does not mention any option to switch to the cookieless youtube host.

But there is an easy option, just add the host option “https://www.youtube-nocookie.com” to your calls :

var player;
var tag = document.createElement('script');
tag.src = "https://www.youtube.com/iframe_api";
      	var firstScriptTag = document.getElementsByTagName('script')[0];
      	firstScriptTag.parentNode.insertBefore(tag, firstScriptTag);

player = new YT.Player('player1', {
         
	    wmode: 'transparent',
            host: 'https://www.youtube-nocookie.com',
	    playerVars:{
		   wmode: 'transparent',
		   showinfo:0,
		   autohide:1,
            },
	  videoId: YOUR_VID_ID,
	  events: {
		  'onReady': onPlayerReady
		}
        });

var player;

var tag = document.createElement('script');

tag.src = "https://www.youtube.com/iframe_api";

var firstScriptTag = document.getElementsByTagName('script')[0];

firstScriptTag.parentNode.insertBefore(tag, firstScriptTag);

player = new YT.Player('player1', {

wmode: 'transparent',

host: 'https://www.youtube-nocookie.com',

playerVars:{

wmode: 'transparent',

showinfo:0,

autohide:1,

videoId: YOUR_VID_ID,

events: {

'onReady': onPlayerReady

}

});

There we go, so simple and painless :)

The GDPR is a good thing, as it helps to secure our privacy. Those that are complaining now, are those that waited until the GDPR went live and did not take the time to really prepare soon enough.

BTW the email spam sent by so many services, was so not required, but helped me to clean up / delete those dormant accounts ;)

Enjoy coding!

6. March 2018

WooCommerce Appointments Enhanced with an Availability Calendar

WordPress WooCommerce Appointments

WooCommerce Appointments is a commercial booking plugin that allows you to setup appointments with WooCommerce. It has full integration into Google calendar to track appointments of your staff.

Staff availability can be set globally or via each staff members profile. While this is nice, I was looking for an option to actually handle availability via another Google Calendar as well. That was a must have feature for a current project.

What do you do, if that feature is not available yet ? You poke the code!

The magic entry point for the staff availability is the user meta “_wc_appointment_availability“, which is made available through includes/class-wc-product-appointment-staff.php.

A couple of weeks ago I asked support for a simple filter hook to alter the availability on demand from the outside.

The development team added the feature in one of the latest releases, making wc_appointments_staff_availability the entry point for my custom availability changes.

The filter hook

add_filter( 'wc_appointments_staff_availability', 'availability_callback', 10, 3 );

function availability_callback($availability, $staff){
// Your changes here
return $availability;
}

add_filter( 'wc_appointments_staff_availability', 'availability_callback', 10, 3 );

function availability_callback($availability, $staff){

// Your changes here

return $availability;

}

Getting the data

You can either pull Google Calendar Events directly through the Google Calendar API or use the available iCal export option. In this quick example I will use the private calendar iCal export file.

The availability calendar

Lets setup a quick clean calendar, called “Availability”. So simple and catchy :)

Create a new calendar
Create some test events. WooCommerce Appointments supports multiple availability rules, but I am focusing on the time:range option and recurring events for this example. I might be extending on this a bit more in the future ! So for this example: Friday, timeframe 10:00 – 16:00 and repeating four times.
Go into settings and get the link to the privat ical export file

Parse iCal data

For this example I am using the PHP ICS Parser, but any other parser will do. Install it via composer: composer require johngrogg/ics-parser.

Lets create a quick little plugin to get us going and save it to /wp-content/plugins/CustomAvailability/smile.php

<?php
use ICal\ICal;

/*
Plugin Name: WooCommerce Appointments - Custom Availability
Plugin URI: https://portalzine.de
Description: Attach additional Google Calendar for staff availability
Version: 1.0
Author: portalZINE NMN
Author URI: https://portalzine.de
*/


require_once(PATH_TO_VENDOR_DIR."vendor/autoload.php");

class StaffCustomAvailability{
 
function __construct() {
  add_filter( 'wc_appointments_staff_availability', array($this, 'staffAvailability'), 10, 3 );
 }
 
function staffAvailability($availability, $staff){
// Your changes here
return $availability;
}

}

$StaffCustomAvailability = new StaffCustomAvailability();

<?php

use ICal\ICal;

Plugin Name: WooCommerce Appointments - Custom Availability

Plugin URI: https://portalzine.de

Description: Attach additional Google Calendar for staff availability

Version: 1.0

Author: portalZINE NMN

Author URI: https://portalzine.de

require_once(PATH_TO_VENDOR_DIR."vendor/autoload.php");

class StaffCustomAvailability{

function __construct() {

add_filter( 'wc_appointments_staff_availability', array($this, 'staffAvailability'), 10, 3 );

}

function staffAvailability($availability, $staff){

// Your changes here

return $availability;

}

$StaffCustomAvailability = new StaffCustomAvailability();

Set the availability

Its time to get the data into the system. I am only pulling and altering the availability for one single user in this example, the user with the USERID “3”. This should provide you with a good starting point.

function staffAvailability($availability, $staff){

// $staff holds the complete user data
// $availability is the current set of rules

// Only altering availability for  USERID 3

if($staff->data->ID == 3){
     $newSet = array();  
  try {
    // add the private ics file here
    $ical = new ICal('URL TO PRIVATE ICS FILE', array(
        'defaultSpan'                 => 2,     // Default value
        'defaultTimeZone'             => 'Europe/Berlin',
        'defaultWeekStart'            => 'MO',  // Default value
        'disableCharacterReplacement' => false, // Default value
        'skipRecurrence'              => false, // Default value
        'useTimeZoneWithRRules'       => false, // Default value
    ));

     } catch (\Exception $e) {
    die($e);
}

   $forceTimeZone = true;
        
   $events = $ical->sortEventsWithOrder($ical->events());
    // looping through all events
   foreach ($events as $event) {
        // Get Start and end date / time information
        $dtstart = $ical->iCalDateToDateTime($event->dtstart_array[3], $forceTimeZone);
        $dtend = $ical->iCalDateToDateTime($event->dtend_array[3], $forceTimeZone);
        
        // Define new time:range rule
        // Adding one rule per day 
       // Added Friday to the calendar + event recurring  4 times, which results in 4 new rules for staff member 3
        $newSet[] =  array(             
            'type' => "time:range",// rule type used for this example
            'appointable' => "yes",
            '[priority' => 10,
            'from' => $dtstart->format('H:i'), // start time 10:00
            'to' => $dtend->format('H:i'), // end time 16:00
            'from_date' => $dtstart->format('Y-m-d'), // start date -  Friday
            'to_date' => $dtend->format('Y-m-d') // end date - Friday
                       );
            $availability = $newSet;
          }
      
      
    }
return $availability;
}

function staffAvailability($availability, $staff){

// $staff holds the complete user data

// $availability is the current set of rules

// Only altering availability for USERID 3

if($staff->data->ID == 3){

$newSet = array();

try {

// add the private ics file here

$ical = new ICal('URL TO PRIVATE ICS FILE', array(

'defaultSpan' => 2, // Default value

'defaultTimeZone' => 'Europe/Berlin',

'defaultWeekStart' => 'MO', // Default value

'disableCharacterReplacement' => false, // Default value

'skipRecurrence' => false, // Default value

'useTimeZoneWithRRules' => false, // Default value

));

} catch (\Exception $e) {

die($e);

}

$forceTimeZone = true;

$events = $ical->sortEventsWithOrder($ical->events());

// looping through all events

foreach ($events as $event) {

// Get Start and end date / time information

$dtstart = $ical->iCalDateToDateTime($event->dtstart_array[3], $forceTimeZone);

$dtend = $ical->iCalDateToDateTime($event->dtend_array[3], $forceTimeZone);

// Define new time:range rule

// Adding one rule per day

// Added Friday to the calendar + event recurring 4 times, which results in 4 new rules for staff member 3

$newSet[] = array(

'type' => "time:range",// rule type used for this example

'appointable' => "yes",

'[priority' => 10,

'from' => $dtstart->format('H:i'), // start time 10:00

'to' => $dtend->format('H:i'), // end time 16:00

'from_date' => $dtstart->format('Y-m-d'), // start date - Friday

'to_date' => $dtend->format('Y-m-d') // end date - Friday

);

$availability = $newSet;

}

return $availability;

}

The example pulls and parses the ics file on every load, use a transient or REDIS to store data and only refresh in certain intervals.

Hope this gets you started! I build a simple interface around it, with a lot of more rule options. This makes the setup for each staff member a brise. Now each of them can setup a calendar easily and provide me with the ics link :) WooCommerce Appointments rocks …

Enjoy coding ….

10. February 2018

IMAP Wrapper client for PHP & Default IMAP Search Criteria

There are many variations of these out there, SSilence/php-imap-client is a lib with a nice set of methods, clean integration and pretty good documentation.
Adding it to my goto essentials !

$mailbox = 'my.imapserver.com';
$username = 'username';
$password = 'secret';
$encryption = Imap::ENCRYPT_SSL;

// Open connection
try{
    $imap = new Imap($mailbox, $username, $password, $encryption);
    // You can also check out example-connect.php for more connection options

}catch (ImapClientException $error){
    echo $error->getMessage().PHP_EOL;
    die(); // Oh no :( we failed
}

// Get all folders as array of strings
$folders = $imap->getFolders();
foreach($folders as $folder) {
    echo $folder;
}

// Select the folder Inbox
$imap->selectFolder('INBOX');

// Count the messages in current folder
$overallMessages = $imap->countMessages();
$unreadMessages = $imap->countUnreadMessages();

$mailbox = 'my.imapserver.com';

$username = 'username';

$password = 'secret';

$encryption = Imap::ENCRYPT_SSL;

// Open connection

try{

$imap = new Imap($mailbox, $username, $password, $encryption);

// You can also check out example-connect.php for more connection options

}catch (ImapClientException $error){

echo $error->getMessage().PHP_EOL;

die(); // Oh no :( we failed

}

// Get all folders as array of strings

$folders = $imap->getFolders();

foreach($folders as $folder) {

echo $folder;

}

// Select the folder Inbox

$imap->selectFolder('INBOX');

// Count the messages in current folder

$overallMessages = $imap->countMessages();

$unreadMessages = $imap->countUnreadMessages();

GitHub

Enjoy coding …

Default IMAP Search Criteria

ALL
      All messages in the mailbox; the default initial key for
	ANDing.

ANSWERED
	Messages with the \Answered flag set.

BCC 
	Messages that contain the specified string in the envelope
	structure's BCC field.

BEFORE 
	Messages whose internal date (disregarding time and timezone)
	is earlier than the specified date.

BODY 
	Messages that contain the specified string in the body of the
	message.

CC 
	Messages that contain the specified string in the envelope
	structure's CC field.

DELETED
	Messages with the \Deleted flag set.

DRAFT
	Messages with the \Draft flag set.

FLAGGED
	Messages with the \Flagged flag set.

FROM 
	Messages that contain the specified string in the envelope
	structure's FROM field.

HEADER  
	Messages that have a header with the specified field-name (as
	defined in [RFC-2822]) and that contains the specified string
	in the text of the header (what comes after the colon).  If the
	string to search is zero-length, this matches all messages that
	have a header line with the specified field-name regardless of
	the contents.

KEYWORD 
	Messages with the specified keyword flag set.

LARGER 
	Messages with an [RFC-2822] size larger than the specified
	number of octets.

NEW
	Messages that have the \Recent flag set but not the \Seen flag.
	This is functionally equivalent to "(RECENT UNSEEN)".

NOT 
	Messages that do not match the specified search key.

OLD
	Messages that do not have the \Recent flag set.  This is
	functionally equivalent to "NOT RECENT" (as opposed to "NOT
	NEW").

ON 
	Messages whose internal date (disregarding time and timezone)
	is within the specified date.

OR  
	Messages that match either search key.

RECENT
	Messages that have the \Recent flag set.

SEEN
	Messages that have the \Seen flag set.

SENTBEFORE 
	Messages whose [RFC-2822] Date: header (disregarding time and
	timezone) is earlier than the specified date.

SENTON 
	Messages whose [RFC-2822] Date: header (disregarding time and
	timezone) is within the specified date.

SENTSINCE 
	Messages whose [RFC-2822] Date: header (disregarding time and
	timezone) is within or later than the specified date.

SINCE 
	Messages whose internal date (disregarding time and timezone)
	is within or later than the specified date.

SMALLER 
	Messages with an [RFC-2822] size smaller than the specified
	number of octets.

SUBJECT 
	Messages that contain the specified string in the envelope
	structure's SUBJECT field.

TEXT 
	Messages that contain the specified string in the header or
	body of the message.

TO 
	Messages that contain the specified string in the envelope
	structure's TO field.

UID 
	Messages with unique identifiers corresponding to the specified
	unique identifier set.  Sequence set ranges are permitted.

UNANSWERED
	Messages that do not have the \Answered flag set.

UNDELETED
	Messages that do not have the \Deleted flag set.

UNDRAFT
	Messages that do not have the \Draft flag set.

UNFLAGGED
	Messages that do not have the \Flagged flag set.

UNKEYWORD 
	Messages that do not have the specified keyword flag set.

UNSEEN
	Messages that do not have the \Seen flag set.

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

ALL

All messages in the mailbox; the default initial key for

ANDing.

ANSWERED

Messages with the \Answered flag set.

BCC

Messages that contain the specified string in the envelope

structure's BCC field.

BEFORE

Messages whose internal date (disregarding time and timezone)

is earlier than the specified date.

BODY

Messages that contain the specified string in the body of the

message.

Messages that contain the specified string in the envelope

structure's CC field.

DELETED

Messages with the \Deleted flag set.

DRAFT

Messages with the \Draft flag set.

FLAGGED

Messages with the \Flagged flag set.

FROM

Messages that contain the specified string in the envelope

structure's FROM field.

HEADER

Messages that have a header with the specified field-name (as

defined in [RFC-2822]) and that contains the specified string

in the text of the header (what comes after the colon). If the

string to search is zero-length, this matches all messages that

have a header line with the specified field-name regardless of

the contents.

KEYWORD

Messages with the specified keyword flag set.

LARGER

Messages with an [RFC-2822] size larger than the specified

number of octets.

NEW

Messages that have the \Recent flag set but not the \Seen flag.

This is functionally equivalent to "(RECENT UNSEEN)".

NOT

Messages that do not match the specified search key.

OLD

Messages that do not have the \Recent flag set. This is

functionally equivalent to "NOT RECENT" (as opposed to "NOT

NEW").

Messages whose internal date (disregarding time and timezone)

is within the specified date.

Messages that match either search key.

RECENT

Messages that have the \Recent flag set.

SEEN

Messages that have the \Seen flag set.

SENTBEFORE

Messages whose [RFC-2822] Date: header (disregarding time and

timezone) is earlier than the specified date.

SENTON

Messages whose [RFC-2822] Date: header (disregarding time and

timezone) is within the specified date.

SENTSINCE

Messages whose [RFC-2822] Date: header (disregarding time and

timezone) is within or later than the specified date.

SINCE

Messages whose internal date (disregarding time and timezone)

is within or later than the specified date.

SMALLER

Messages with an [RFC-2822] size smaller than the specified

number of octets.

SUBJECT

Messages that contain the specified string in the envelope

structure's SUBJECT field.

TEXT

Messages that contain the specified string in the header or

body of the message.

Messages that contain the specified string in the envelope

structure's TO field.

UID

Messages with unique identifiers corresponding to the specified

unique identifier set. Sequence set ranges are permitted.

UNANSWERED

Messages that do not have the \Answered flag set.

UNDELETED

Messages that do not have the \Deleted flag set.

UNDRAFT

Messages that do not have the \Draft flag set.

UNFLAGGED

Messages that do not have the \Flagged flag set.

UNKEYWORD

Messages that do not have the specified keyword flag set.

UNSEEN

Messages that do not have the \Seen flag set.

10. February 2018

Screen Scraping with Goutte

We all have been in situations were we need content or information from a connected website, but have no access to a REST Api or any other backend feed.

In these cases screen scraping is the only option to get needed information to finalize an integration. You can do that directly in CURL, but that can be tedious. Far easier to use a nicely packaged solution that combines a component that simulates web browser behavior and a component that eases DOM navigation for HTML and XML documents. Meet Goutte!

STEP 0

Install via composer.

composer require fabpot/goutte

1	composer require fabpot/goutte

STEP 1

$client = new Client();
$crawler = $client->request('GET', 'https://www.page/login.php');

// select the form and fill in some values
$form = $crawler->selectButton('Login')->form();
$form['f_loginname'] = 'HelloMe';
$form['f_loginpass'] = 'securepass';

// submit that form
$crawler = $client->submit($form);

// go to next page    
$crawler = $client->request('GET', 'https://www.page.de/overview.php');

$client = new Client();

$crawler = $client->request('GET', 'https://www.page/login.php');

// select the form and fill in some values

$form = $crawler->selectButton('Login')->form();

$form['f_loginname'] = 'HelloMe';

$form['f_loginpass'] = 'securepass';

// submit that form

$crawler = $client->submit($form);

// go to next page

$crawler = $client->request('GET', 'https://www.page.de/overview.php');

STEP 2

Get the data you need.

// loop over html and filter out what you need

$crawler->filter('table.clients tr')->each(function ($node) {

  $node->filter('td')->each(function ($sub_node) {
    echo $sub_node->html();
  }
}

// loop over html and filter out what you need

$crawler->filter('table.clients tr')->each(function ($node) {

$node->filter('td')->each(function ($sub_node) {

echo $sub_node->html();

}

Goutte @ Github
BrowserKit Documentation
DOM Crawler Documentation

Enjoy coding …

1. February 2018

Map Icons to customize your Google Map Icons

An icon font to use with the Google Maps API and Google Places API, using SVG markers and icon labels.

Map Icons makes Google Maps Markers dynamic with control over shape, color, size, and icon easily changed using options in the marker object as well as simple SVG Notation and CSS.

GitHub / Preview

27. January 2018

Audiomanager for text-to-speech cloud services

I have been working on a project , that relies on text-to-speech cloud services for a lot of things.

Audiomanager abstracts access to popular text-to-speech cloud services like Google, Ivona, Amazon Polly… Really a timesaver, when evaluating different services.

Polly Example

$adapter = new \AudioManager\Adapter\Polly();
$adapter->getOptions()->initialize()
    ->setVersion('latest')
    ->setRegion('us-west-2')
    ->setCredentials()
        ->setKey('...')
        ->setSecret('...');

$adapter->getOptions()->setOutputFormat('...'); //Default 'mp3'
$adapter->getOptions()->setLexiconNames('...');
$adapter->getOptions()->setSampleRate('...'); //Default '16000'
$adapter->getOptions()->setTextType('...'); //Default 'text'
$adapter->getOptions()->setVoiceId('...'); //Default 'Salli'

$adapter = new \AudioManager\Adapter\Polly();

$adapter->getOptions()->initialize()

->setVersion('latest')

->setRegion('us-west-2')

->setCredentials()

->setKey('...')

->setSecret('...');

$adapter->getOptions()->setOutputFormat('...'); //Default 'mp3'

$adapter->getOptions()->setLexiconNames('...');

$adapter->getOptions()->setSampleRate('...'); //Default '16000'

$adapter->getOptions()->setTextType('...'); //Default 'text'

$adapter->getOptions()->setVoiceId('...'); //Default 'Salli'

GitHub

Enjoy coding ….

23. January 2018

Cleaning up the WordPress Feed (Validation)

When using your main content feed to share posts via buffer or other services, it is crucial that your feed validates cleanly.

There are always things in the generated WordPress content that can break your feed validation. Here some things to cleanup or alter your delivered feed content.

CONDITIONAL TAGS

is_feed()
Check for syndication request. This tag is not typically used by users; it is used internally by WordPress and is available for Plugin Developers.

Check for feed syndication in your themes functions.php

if (is_feed()) {
    /.. tweaks go here ../
}

if (is_feed()) {

/.. tweaks go here ../

}

REMOVE IFRAMES

function rss_noiframe($content) {
        
    $content = preg_replace( '/<iframe(.*)\/iframe>/is', '', $content );

    return $content;
}

add_filter('the_excerpt_rss', 'rss_noiframe');
add_filter('the_content_feed', 'rss_noiframe');

function rss_noiframe($content) {

$content = preg_replace( '/<iframe(.*)\/iframe>/is', '', $content );

return $content;

}

add_filter('the_excerpt_rss', 'rss_noiframe');

add_filter('the_content_feed', 'rss_noiframe');

REMOVE / DISABLE COMMENTS

function rss_nocomments($content) {
    
     global $post;
      $post->comment_status="closed";
   
  
}

add_filter('the_excerpt_rss', 'rss_nocomments');
add_filter('the_content_feed', 'rss_nocomments');

function rss_nocomments($content) {

global $post;

$post->comment_status="closed";

}

add_filter('the_excerpt_rss', 'rss_nocomments');

add_filter('the_content_feed', 'rss_nocomments');

REMOVE RESPONSIVE IMAGES

The sizes attribute breaks feed validation, here how to clean it up.

function no_responsive_image_feeds() {
    add_filter( 'max_srcset_image_width', function() {
       return 1;
    } );
}

add_action('rss2_head', 'no_responsive_image_feeds' );
add_action('atom_head', 'no_responsive_image_feeds' );
add_action('rss_head', 'no_responsive_image_feeds' );

function no_responsive_image_feeds() {

add_filter( 'max_srcset_image_width', function() {

return 1;

} );

}

add_action('rss2_head', 'no_responsive_image_feeds' );

add_action('atom_head', 'no_responsive_image_feeds' );

add_action('rss_head', 'no_responsive_image_feeds' );

INCLUDE PAGES IN POST FEED

if (is_feed()) {
function feedFilter($query) {
	if ($query->is_feed) {
		$query->set('post_type','any');
		}
	return $query;
}
add_filter('pre_get_posts','feedFilter');
}

if (is_feed()) {

function feedFilter($query) {

if ($query->is_feed) {

$query->set('post_type','any');

}

return $query;

}

add_filter('pre_get_posts','feedFilter');

}

ADJUST AMOUNT OF POSTS

if (is_feed()) {

function feedFilter($query) {
	if ($query->is_feed) {
		$query->set('posts_per_page','11');
	}
 
	return $query;
}
add_filter('pre_get_posts','feedFilter');

}

if (is_feed()) {

function feedFilter($query) {

if ($query->is_feed) {

$query->set('posts_per_page','11');

}

return $query;

}

add_filter('pre_get_posts','feedFilter');

}

LIMIT BY CATEGORY

if (is_feed()) {
function feedFilter($query) {
	if ($query->is_feed) {
		$query->set('category_name', 'my-special-cat');
	}
 
	return $query;
}
add_filter('pre_get_posts','feedFilter');
}

if (is_feed()) {

function feedFilter($query) {

if ($query->is_feed) {

$query->set('category_name', 'my-special-cat');

}

return $query;

}

add_filter('pre_get_posts','feedFilter');

}

.env Files for Environment Variables

Encrypted .env files

Apache Pull – setting environment variables

Infrastructure Secret Management

What a rabbit hole, once you start researching solutions :) Have fun …

What they have to say …

What I have to say …

GDPR / DSGVO REQUIREMENTS

EMBED YOUTUBE VIDEOS

IS THAT ENOUGH

THE IFRAME API

Enjoy coding!

WordPress WooCommerce Appointments

The filter hook

Getting the data

The availability calendar

Parse iCal data

Set the availability

Enjoy coding ….

Enjoy coding …

Default IMAP Search Criteria

STEP 0

STEP 1

STEP 2

Enjoy coding …

Polly Example

Enjoy coding ….

CONDITIONAL TAGS

REMOVE IFRAMES

REMOVE / DISABLE COMMENTS

REMOVE RESPONSIVE IMAGES

INCLUDE PAGES IN POST FEED

ADJUST AMOUNT OF POSTS

LIMIT BY CATEGORY

Enjoy coding …

What a rabbit hole, once you start researching solutions :)
Have fun …