Nich sent us a link to his project, Dr. Pic, an all AJAX image editor. Without using any Flash, the application allows you to upload an image, do simple draw and filter operations, place text, crop, resize, and save a finished copy. Javascript is used to draw preview material to the canvas, and then the user's commands are submitted back to a PHP backend which returns a new image to replace the previous version.

It doesn't pretend to be a Photoshop, but in a pinch it could come in handy as a quick tool for resizing or cropping an image. Aside from all that, it's a nice example of how you can leverage some server-side heavy lifting to support functionality that Javascript is lacking.

Dr. Pic - AJAX image editor

Assuming you're attempting to read and write standard text (Ie. not binary/graphic) data from Excel worksheets, this is actually fairly doable in PHP and Perl.

A recent article by Mike Diehl at Linux Journal peaked my interest in this. He shows off some of the features of the Spreadsheet::ParseExcel Perl module, which can be used to pull data and even formatting information from cells in an Excel worksheet. Once you have your hands on the data, you can do what you want with it: output it to XML, toss it in a database for subsequent querying, or even convert it into other Excel documents (oh, the shame).

Perl Excel Libraries and Information
Spreadsheet:ParseExcel - Read from Excel 95/97/2000 documents
Spreadsheet:WriteExcel - Write to Excel 97/2000/2002/2003 documents
Linux Journal - Reading Native Excel Files in Perl

There are libraries for dealing with native Excel files in PHP as well. The following two seem to be the only options for binary Excel documents.

PHP Excel Libraries
PHP Excel_Reader - Read Excel 95 and 97 documents
Spreadsheet_Excel_Writer - Write Excel 5.0 documents
Reading and Writing Spreadsheets with PHP

With the most recent version of Excel, there is an XML file format option that will allow you to read and write data in a worksheet by directly interacting with the saved file's DOM. IBM has a document that details doing this with PHP, and it would be straightforward to apply this technique to Perl as well.

Read/Write XML Excel Data in PHP

Finally, if all you need to do is output a document that can be read in Excel, a standard CSV-format file will usually do the trick. Escaping can be a bit tricky, however, and my preferred format has become a plain-old HTML table. Just create a file that contains a TABLE element (no BODY or HTML tags necessary), with any number of TR rows and html-escaped data in the TDs, and save it out. If you use the XLS file extension, it will open directly in Excel with a double-click and Excel never seems to mind reading in the data.

Do you have any other Excel programming hacks? Give us a shout in the comments.

As part of the NYU ITP "5in5" event this week, I created the Asterisk File Transfer Protocol. Using the CSound audio programming language, I wrote a PHP script that converts a binary file into an audio WAV file based on the "Kansas City standard", created in 1975, for transferring binary files via audio cassette. However, instead of a cassette, a user can dial my extension on an Asterisk VoIP PBX server and "retrieve" a file (an 8kb jpeg image) at 300 baud over POTS. You can access the file by dialing (212) 796-0729 ext. 160.

In reality, the audio quality of the GSM codec I was limited to by the server probably precludes one from ACTUALLY downloading the file, but it's still fun! If you want to hear a higher-fidelity version of the file you can access it at http://www.menscher.com/itp/blogmedia/aftp.mp3.

Corey posted the source he used to generate the encoded WAV from an image, so you can see the nuts and bolts of using CSound to generate audio data in PHP. It'd be neat to see the decoder half of this, but it's been left as an exercise for the reader.

I have fond memories of saving and loading files from a C64 datasette drive like this, so it's pretty cool to see this sort of thing done in PHP.

The Asterisk File Transfer Protocol

When you look at the analytics javascript code you see that it combines several sets of data into an image request. This image request sends the right data to Google (not the javascript). When you know what url you should use for the image, you can call the image directly and send the same data. Of course you need to be able to request the image url and that isn't easy from another image, rss feed or pdf. This is why we request it "server side".

You can add the code to the PHP that drives a blog site, for instance, and generate page views when your RSS feed is hit. You can even write a very simple script to proxy images and downloads, which will let you track hit data for all files on your site, not just the html pages viewed by a javascript enabled browser.

Taken a step further, you could even use this on the client side, triggering analytics views from standalone Flash apps or even desktop applications.

The one thing you need to keep in mind is that server-side analytics requests will appear to come from your server, not the client's machine. So while you can track page views and download events this way, you'll loose a lot of the information about your user base. Because of this, it would probably make sense to use a separate tracking ID for the server side events.

Google Analytics Without Javascript

SafeHTML is a lightweight PHP user input sanitizer that does just that. Just run any input field through the SafeHTML filter and any javascript, object tags, or layout breaking tags will be stripped from the supplied text. It also does a reasonable job of correcting any gnarly, malformed code, which is also a common problem with user-contributed data.

Using it is easy. Just instantiate the SafeHTML object and call its parse method:

require_once('classes/safehtml.php');

$safehtml =& new SafeHTML();

if ( isset( $_POST["inputfield"] ) )
{
  $inputfield=$_POST["inputfield"];
  $cleaninput = $safehtml->parse($inputfield);
}


This will take the posted "inputfield" parameter, strip any baddies, XHTMLify what's left, and the result will be stored in the $cleaninput variable. It's a simple addition to your code, and a lot more straightforward than trying to roll your own.

My only beef with the package is that it's written with a default allow policy, stripping out tags that are in its deleteTags array, but essentially allowing anything else through. If you'd rather only let through tags that you specifically want to allow, I'd recommend adding an allowTags array and adjusting the _openHandler method, adding the following after the deleteTags check:

if ( ! in_array($name, $this->allowTags)) {
  return true;
}

You'll need to fill allowTags with everything you know to be safe and welcome, and you may miss a few that people will end up wanting to legitimately use, but this is easily corrected and the default deny policy is much safer in the long run.

SafeHTML - an anti-XSS HTML parser, written in PHP

Telekinesis is a bundle of small web apps that you can run on your Mac to give the iPhone remote control. You can use it to stream media files to your iPhone, run scripts remotely, and capture images with the iSight.

You can also add your own features by dropping custom PHP applications beneath the Application Support library folder.

Telekinesis Project - Link
Create apps for Telekinesis - Link

With a few lines of code, his script will authenticate with Facebook account and update its status. It's a simple script you can incorporate into your own project to sync your status to anything - Link.

The profiler in Xdebug 2 outputs profiling information in the form of a cachegrind compatible file. This allows you to use the excellent KCacheGrind tool (Linux, KDE) to analyse your profiling data. Users of the Windows operating system can use WinCacheGrind.

Shown above is a screenshot of KCacheGrind, which is showing that the particular script is devoting a lot of its time to mysql_query calls. Once you know where your code is chewing up cycles, you'll have a better idea of where to focus any optimization efforts, either by cleaning up ineffecient code and database queries, or by employing a suitable caching strategy.

Faster PHP Apps--Profile Your Code with Xdebug - Link.

Resources:

• Xdebug
• KCacheGrind - analysis tool for KDE
• WinCacheGrind analysis tool for Windows
• How to use Xdebug's profiling tools with KCacheGrind