phpPaypalPro version 0.2.0 has been released under the revised BSD license. Their catch phrase is “So Easy Even A Caveman Can Use It”.

phpPaypalPro is an object-oriented framework developed in PHP5 to integrate easily with the Website Payments Pro SOAP 1.1 API from Paypal. The framework is very easy to deploy, allowing you to execute any of the operations in just a few lines. It deploys the built-in SOAP extension available natively in PHP5 to interact with the SoapServer from Paypal.

Current operations supported in version 0.2.0 includes:

• DoDirectPayment
• SetExpressCheckout
• GetExpressCheckoutDetails
• DoExpressCheckoutPayment
• TransactionSearch
• GetTransactionDetails

Link: phpPaypalPro – Website Payments Pro Made Easy

Looking for a good weather script to put up on your site?

Here’s a very good one from Collin Grady, which pulls weather data from the weather.com servers and caches it locally in a MySQL database. The image below is from an actual implementation of Collin’s PHP Weather which I setup to test it out.

Link: Collin Grady » PHP Weather

My-Bic is an Ajax framework for PHP. It allows you to easily integrate Ajax features into your PHP applications. Let’s see how to create a feedback form with My-Bic.

Installation and Setup:

Download the latest version of My-Bic (v0.6.3) from http://www.litfuel.net/mybic/index.html?page=download and copy the files over a folder under the webroot of your server.

You’ll need to change the following lines in the mybic_server.php file :

define("SERVER_ROOT", "d:/wamp/www/mybic/");
This defines the base path of the folder where this file exists.

define("INC_PATH", SERVER_ROOT);
This defines where your custom classes will be places. Let’s leave this as it is for this tutorial.

Client-Side
Let’s start with a basic form which you’ll need for feedback:

Feedback Form

[...]

Cleaning up your inputs from $_POST, $GET and $_REQUEST is an important task if you’re looking at security of your PHP applications. You can prevent most kinds on Cross Site Scripting (XSS) attacks if you know how to clean up the user inputs. Here’s how to do it using an Input filtering class from PHP Classes. To get started, head over to the PHP Classes page for the Input Filter Class by Daniel Morris and download the class file.

Once you get the class file, here’s how you can go about cleaning up your input variables.

< ?php
$before = $_REQUEST['before'];
$myFilter = new InputFilter();
$after = $myFilter->process($before);
echo $after;
?>


So if you pass the string “< script>alert(‘xss’);< /script> to the before in the code above, the input filter changes this to alert(‘xss’); after removing the script tags. All you have to do is to instantiate the InputFilter class with the following line:
$myFilter = new InputFilter();

and run your string to be processed using the process class:

$after = $myFilter->process($before);

You can also send entire arrays to be processed by the InputFilter class:

$_POST = $myFilter->process($_POST);
This class can also be used to remove specific HTML tags from your input string. Let’s say for example, you want to remove all the bold tags < b> and < strong> from your html string, all you need to do is :

< ?php
include 'class.inputfilter.php';
$before = $_REQUEST['before'];
$tags = array("b","strong");
$myFilter = new InputFilter($tags, array(),1, 1);
$after = $myFilter->process($before);
echo $after;
?>

If we pass the string “< strong> test< /strong> < em>hello world< /em>” the output of the script will be “test < em>hello world < /em>”

If you’d like to retain only the < b> and < strong> tags in the above example, change line 4 to read

$myFilter = new InputFilter($tags, array(),0, 1);

This will change the output to < strong>test < /strong> hello world
Let’s break up the constructor for the InputFilter class :

InputFilter($tagsArray, $attrArray, $tagsMethod , $attrMethod);

$tagsArray is an array of user defined tags
$arrtArray is an array of user defined attributes
$tagsMethod = 0 or 1 where 0 is used when only user defined tags should be allowed. 1 is used to strip the user defined tags.
Similarly $attrMethod is used to retain user defined attributes is it’s set as 0 and to strip user defined attributes if set to 1.

Let’s see the attribute filtering provided by this class in action. Let’s take the following html string as an example:

< img xsrc="test.jpg" mce_src="test.jpg" target="_blank" onclick="dosomething();" onmouseover="dosomethingelse();">

Let’s make an filter to just retain the src and target attributes in the html above

$tags = array("img","b");
$attr = array("src","target");
$myFilter = new InputFilter($tags, $attr,0, 0);
$after = $myFilter->process($before);


It’s as simple as that.

Here’s a piece of code which will force download a pdf instead of showing it inline in the browser.
< ?php
header('Pragma: public');
header('Last-Modified: '.gmdate('D, d M Y H:i:s') . ' GMT');
header('Cache-Control: no-store, no-cache, must-revalidate');
header('Cache-Control: pre-check=0, post-check=0, max-age=0');
header('Content-Transfer-Encoding: none');
header('Content-Type: application/pdf; name="$path->pdfname"');
header('Content-Disposition: inline; filename="$path->pdfname"');
readfile($path->pdfpath);
?>

This code can be modifed to allow other file formats to be downloaded by just changing the mime type in the Content-Type: tag to the correct type for the file you wish to send.

Here’s a quick reference to frequently used mime-types:

http://www.utoronto.ca/webdocs/HTMLdocs/Book/Book-3ed/appb/mimetype.html