Don’t you have sometimes the problem that you don’t know how to begin when you are programming a class or so?
You are thinking and thinking of how you could design the class or class hierachy (Polymorphism) that it is easy to understand, lightweight, not so much time consuming to implement it and so on…
Then after hours of thinking you have a solution but you are never sure if it’s really okay like that. You just implement the class and if something does not fit you have to change it.
But now think of it, is that really reasonable? You put so much time into designing a class or class hierachy but for what? That you can change everything in let’s say 200 files where you used that class? That shouldn’t be!

As an example we take a communication with a database. The standard in PHP is to use MySQL, that’s okay but what happens if you want to use PostgresSQL now? You maybe will have to change every query statement because it can be case that in this dialect something is written different than in the other. So it’s hard for use to change the database system just by replacing the connect call to a new one. We not only have the problem with the SQL statements, but you have to change the calls of the SQL statements too.

Here you can see a PHP example to know what I mean by that.

// Using PostgresSQL
$conString= "host=localhost port=5432 ".
                 "dbname=DATABASE ".
                 "user=USERNAME ".
                 "password=PASSWORD";
$connection = pg_connect($conString);

$sql = "SELECT field FROM table WHERE field = '$something' ";
$result = pg_query($connection, $sql);
$fetch = pg_fetch_row($result);

pg_close($connection);

// -------------------
// Using MySQL
$connection = mysql_connect("localhost", "USERNAME", "PASSWORD");
mysql_select_db ("DATABASE", $connection); 

$sql = "SELECT field FROM table WHERE field = '$something' ";
$result = mysql_query($sql, $connection);
$fetch = mysql_fetch_row($result);

mysql_close($connection);

Here we don’t have a problem with the SQL statement, but what happens if you use the function mysql_query for about 500 times in 200 different files? Try to change that! Somebody will probably say now that there are tools which you can use to make such mass operations, but that’s not the point! What do you want to do now if we have a SQL statement that is not compatible to other SQL systems? You have to change nearly everything in your application to correct that. It’s really time consuming, so we should try to get to find a solution.

First of all think about something like a DAO class. DAO (Data Access Object) is really nice and saves you a lot of time. In a DAO class you make methods which give you back objects as result. Let’s say you have something like showing news on a website. Then make a method getNews() and just use that method everywhere you need the news. You can define parameters for that method and so on but you always get let’s say an array of news objects from that method. That’s really nice because you don’t have to think about what the name of the column was and so on, your IDE will suggest the methods and variables. This kind of system is very simmilar in some points to an ORM (Object Relation Mapping) system which don’t has any foreign keys but the objects which is related to the foreign keys. Of course you still have to implement data classes for each table but this will help you a lot.

So now we have a DAO object which handles the connection to the database and provides methods which give us arrays of objects but we still have the compability problem to other systems, for this I suggest to use PDO (PHP Data Object) in PHP. In Java we have JDBC, in .NET Linq and so on. With PDO you have only one class which uses drivers to communicate with the database systems, you only have methods like query() and fetch() so we don’t have to rename the calls any more.

// Using PDO
$connectionString = "mysql:host=localhost;dbname=DATABASE";
$user = "USERNAME";
$pass = "PASSWORD";
$pdo = new PDO($connectionString, $user, $pass);

$sql = "SELECT field FROM table WHERE field = '$something' ";
$stmt= $pdo->query($sql);
$fetch = $stmt->fetch(PDO::FETCH_NUM);

$stmt->closeCursor();

As you can see, it’s easy and the best is, if you change the database system, you just have to change the connection string!

I hope you enjoyed this article and you will go on reading my texts about design patterns!

These calculation times are from PHP.NET so as you can see SHA512 takes twice as long as SHA256 for calculation but your applications will be more secure! SHA512 has 128 hex characters and I haven’t found any database yet which you can use to get the plaintext from a hash. The only way to crack a SHA512 is by using a password dictionary and for this I would recommend you to use a SALT.

The SALT should contain special characters like ‘$’, ‘%’, ‘&’ and so on. With the special characters it is much harder for a cracker to crack the hashes with dictionaries!

Here an example of hashing with SHA512 and a SALT.

	$Algo = "sha512";
	$Salt = "!§$%&/()=?";
	$Password = "Hello";

	echo $Password;
	echo hash($Algo, $Salt.$Password.$Salt);

This will give you the following output…

Hello
009afe8d638e00b1b51fbe33666b337d57d9bc3819ec6ceba3e5dc5e984390cd95979994a02cb…

Nice heh? 128 hex characters! =D
I hope you enjoyed this article and you will try to use SHA512 instead of MD5, SHA1 or SHA256!

Here a short description about what TAPI is.
The Telephony Application Programming Interface (TAPI) is a Microsoft Windows API, which provides computer telephony integration and enables PCs running Microsoft Windows to use telephone services.
With it you can control a telephone which uses this TAPI. You can listen for calls, make calls and many other things.

For this project I only needed to make a call by clicking on a number in the browser, of course it should work in every browser.
First of all we will check how to get the number from the browser to the telephone. A client has installed the telephone so we need a client solution. So what can we do on the client to pass a number as parameter via TAPI to a telephone? Probably via desktop command line application which is using the TAPI-Library.
Okay now we know how will communicate with the telephone, but how will that application get the number from browser?
On way could be via Javascript, which is probably not realizable. The other choice and I think that’s the last option we have is to register a new protocol, like HTTP. So we have for example something like “phone:0123456789″ instead of “http://…”.

How can we register such a protocol now?
I don’t know how to do that on UNIX Systems but on Windows we just need a registry entry!

REGEDIT4

[HKEY_CLASSES_ROOT\PROTOCOL_NAME]
@=”URL:PROTOCOL_NAME Protocol”
“URL Protocol”=”"

[HKEY_CLASSES_ROOT\PROTOCOL_NAME\shell]
[HKEY_CLASSES_ROOT\PROTOCOL_NAME\shell\open]
[HKEY_CLASSES_ROOT\PROTOCOL_NAME\shell\open\command]
@=”\”PATH_TO_EXE\” \”%1\”"

By replacing the PROTOCOL_NAME with your own protocol and the PATH_TO_EXE with the absolute path to your exe file you can pass parameters to the program.

tapi.reg

REGEDIT4

[HKEY_CLASSES_ROOT\phone]
@=”URL:phone Protocol”
“URL Protocol”=”"

[HKEY_CLASSES_ROOT\phone\shell]
[HKEY_CLASSES_ROOT\phone\shell\open]
[HKEY_CLASSES_ROOT\phone\shell\open\command]
@=”\”C:\\TAPI\\TapiCall.exe\” \”%1\”"

The %1 is for a parameter, you will get that parameter through the arguments in the main method.
I have made a batch file which installs the the whole thing…

install.bat

mkdir “C:\TAPI”
copy Interop.TAPI3Lib.dll “C:\TAPI”
copy TapiCall.exe “C:\TAPI”
tapi.reg

This batch file creates the directory TAPI on C: and copies the files which are needed and finally executes the regedit file.
Now we just need the program which sends the number to the TAPI-Device.
I decided to use C# because I found a TAPI Library for C# and of course because I know C# really good.
It is easy to make programs with C#, you can be really fast and the community is really big.
I used an example from Codeprojects to test the dialing process and the final solution look like that…

Here you can see the main method which takes the main parameters and parses it.
Don’t forget to include the TAPI-Library.

Finally the call method which takes the number as string. Here i use the line which name contains “Agfeo” because the TAPI devices are from Agfeo.

When you click on a link now which has the value phone:123456 in the href attribute the program sends the number 123456 to the TAPI device to and starts the call.
This is a browser independent solution of using your own protocol on a windows machine via browsers.
I hope this helped you a bit if you try to make something like that.

The Visual Studio Project is in the source files which you can download here.

TAPI Project Files

In this article I will explain how to create a PHP Class to encrypt end decrypt any data with a given password. It is object oriented programmed and uses in PHP existing algorithms.

Read through the whole Tutorial at Nettuts