Wade Arnold

 I was listening to the Weekly RIA Round Up last night while I was running and they mentioned Zend Amf Session support. That was pretty cool to “hear” about something that I was working on rather than a tweet or email. Thanks David Tucker for the shout out! If you are not listening to some podcasts they are starting to get pretty good. I listen to these three, let me know what is on your playlist.

Weekly RIA Round-Up
The Flex Show
Redmonk’s RIA Weekly… Follow these guys on twitter too!

The Weekly RIA Roundup for January 5

Flash Platform, Zend_Amf

I have had a tremendous education over the last year in getting to work on Flex 4 and the Zend Framework. Two exceptional open source projects that are growing daily in both contributers and community. They are also two projects that get a bad rap because they are supported by a “known” company. Some other open source favorites such as MySQL are getting this wrap too. The funny thing about both these projects is that the code is 90% driven and coded by the community and the remaining 10% is the types of additions that the community needs but Adobe and Zend do because they can’t get someone like me add them. By having a parent company back the open source initiative you have access to people that are paid to work on the project. This means that they know why decisions have been made over time, common mistakes, and best practices. They also make for the best projects to be your first open source project because of the support.  

So why should you help?

• Learn about software architecture from a HUGE project so you can use those concepts in your own projects.
• Understand who is really behind that code base that is powering your startup, enterprise, life’s work.
• Learn concepts and applications that are necessary for large teams that you can use in your own organization
• Receive a minimal of 50+ emails a weekend asking why you have yet to do XYZ and can you have that completed next week!
• Work on the project that you actually are using. 

But I am not that good of a programmer. 

• Ahh this is where you relize that you have to be a part of a large project to become a good programmer. 
• We need documentation, in the trunk of the project not on your blog.
• We need test cases for bugs. 
• We need people answering “bug” questions that are really just people that did not RTFM. But they distract the core from working on new features. And the manual probably sucks too.
• We need best practice documents. Most open source documentation is around getting started and not best practices. 
• We need real work examples to showcase how the application can be used.

Commit to adding something to the community that you are a part of in ‘09. If you are reading my blog you know how important open source is to you! My company and coding career will forever be changed because of all the support, best practices, and advice I received from Peter, Wil, Stas, and specifically Matthew. I hope you engage and learn in ‘09 too.

Happy New Year!

Flash Platform, Zend_Amf

PHP session support is now enabled through the Zend Amf. To get started you need to update your Zend_Amf_Server class from the repository. You will also need to make sure you have Zend_Session for those of you that are using the framework on as use-at-will bases.

Once you have updated your server you will need to also update your bootstrap/endpoint file to start using sessions and tell Zend Amf to use sessions.

$server = new Zend_Amf_Server();
Zend_Session::start(); 
$server->setSession();

You now have session support for all of your services.

A session example
We are going to create the following example in order to showcase how sessions can be used in an application.

Flex zend amf php session example

The flex application connects to this SessionTest a service that opens a session count variable that is incremented with the getCount method. There are also three utility methods to show how sessions are being handled. The method getSessionID returns the current php session id. The method updateSessionID tells php to regenerate the sessions id. Finally unregister destroys the count session variable to start the incrimination over on the next service call.

<?php
/**
 * Example class for sending a session back to ActionScript. 
 */
class SessionTest
{
	/** Check if the session is available or create it. */
	public function __construct() {
 
		if (!isset($_SESSION['count'])) { 
			$_SESSION['count'] = 0;
		}
	}
 
	/** increment the current count session variable and return it's value */
    public function getCount()
    {
    	$_SESSION['count']++;
    	return $_SESSION['count']; 
    }
 
    /** return the php session id value */
    public function getSessionID()
    {
    	return session_id();
    }
 
    /** Tell's php to generate a new session id */
    public function updateSessionID()
    {
    	session_regenerate_id(); 
    }
 
    /** clear the refrence to the count session variable */
    public function unregister() {
    	unset($_SESSION['count']);
    	return true;
     }
}

The flex code just consists of calls to the remote methods. There is nothing that you need to do special in your ActionScript in order to handle sessions. Note that there are just methods and handlers for all of the service calls.

<?xml version="1.0" encoding="utf-8"?>
<Application  xmlns="http://ns.adobe.com/mxml/2009"  xmlns:custom="components.*" creationComplete="onCreationComplete()">
    <Declarations>
        <RemoteObject endpoint="http://wadearnold.com/zend/library/index.php" id="myservice" fault="faultHandler(event)" 
        	source="SessionTest" destination="zend">
        	<method name="getSessionID" result="sessionIDHandler(event)" />
        	<method name="getCount" result="countHandler(event)" />
        	<method name="updateSessionID" result="updateSessionIDHandler(event)" />
        	<method name="unregister" result="unregisterHandler(event)" />
        </RemoteObject>      
    </Declarations>
    <Script>
    	<![CDATA[
    		import mx.events.ResourceEvent;
    		import mx.rpc.events.FaultEvent;
    		import mx.rpc.events.ResultEvent;
 
    		public function onCreationComplete():void {
    			myservice.getCount();
    			myservice.getSessionID();
    		}
 
    		public function updateSessionID():void {
    			myservice.updateSessionID();
    		}
 
    		public function updatAll():void {
    			myservice.getCount();
    			myservice.getSessionID();
    			myservice.updateSessionID();
    		}
 
    		public function unregister():void {
    			myservice.unregister();
    		}
 
    		/**
    		 * Handle the successfull result from the remoting call
    		 */ 
    		private function sessionIDHandler(event:ResultEvent):void {
    			sessionID.text = event.result.toString();
    		}
 
    		private function countHandler(event:ResultEvent):void {
    			counter.text = event.result.toString();
    		}
 
    		private function updateSessionIDHandler(event:ResultEvent):void {
    			myservice.getSessionID();
    		}
 
    		private function unregisterHandler(event:ResultEvent):void {
    			onCreationComplete();
    		}
 
    		/**
    		 * Handle the failed remoting call
    		 */ 
    		private function faultHandler(event:FaultEvent):void {
    		}
    	]]>
    </Script>
 
<Canvas xmlns="http://ns.adobe.com/mxml/2009" width="100%" height="100%">
	<Label x="26" y="10" text="Session ID:"/>
	<Label x="155" y="10" width="200" textAlign="right" id="sessionID"/>
	<Label x="155" y="36" width="200" textAlign="right" id="counter"/>
	<Label x="26" y="36" text="Counter Value:"/>
	<FxButton x="221" y="62" label="Increment Count" width="134" id="increment" click="onCreationComplete();"/>
	<FxButton x="221" y="92" label="Update Session ID" width="134" id="updateID" click="updateSessionID();"/>
	<FxButton x="221" y="121" label="Increment &amp; Update " width="134" id="updateAll" click="updatAll();"/>
	<FxButton x="221" y="153" label="Unset Count " width="134" id="unregisterSession" click="unregister();"/>
</Canvas> 
</Application>

Sessions are used for state but Flex is state-full?
Using sessions is important for storing state on the server. This can be hard to wrap your head around when to store state in the client and sync that state with the server. My recommendation is that you should use sessions when you don’t trust the client or that the data is so important that you shouldn’t ever trust the client. Using sessions with Zend_ACL and Zend_Auth are great examples of when you want to keep state in client and validate that state in the server. If something changes that was not intentional invalidate the state and log the customer out.

Session Identifiers

This is import to do as frequently as you can in you application. A new session ID can decrease the ability for a cross site scripting attack to take over your session and become a logged in user. In this example I have used a php call but make sure that you check out the documentation on Zend Session and specifically Zend_Session::regenerateId()

A primary difference between an RIA written in Flex, ajax, etc is that it does not reload the browser. This means that the user can aggressively click on a button and the RIA does not have the new session id returned. You can start “loosing” data as the new call is being sent with an old session id. If you application has aggressive click make sure you test regeneration speeds with slow connections. A proxy tools such as charles can really help debug slow connections.

At a minimal regenerate an id on massive state changes of the application! Login, logout, privilege escalation, etc.

Click around on the demo below to see what I mean!

Session Example

Finally
Give me your feedback. Sessions will be in the next minor so there is still time to change things, document better, and make more examples. Have fun!

Flash Platform, Zend_Amf

Keigth Craigo created a great blog post on integrating Zend Auth and Zend ACL for doing authentication and access control on your Zend Amf service calls. Make sure you check it out. I used a similar setup to connect to OpenID and it took less than a day because of all that is in Zend Auth.

There is something that Keith is missing that I should have updated into SVN today so he can take advantage of it for another blog post. Keith thanks so much for putting this tutorial together. I greatly appreciate it!

Build a better Login with Adobe Flex, Zend_Amf, Zend_Auth, and Zend_Acl 

Zend_Amf

Check out Richard Bates article on Integrated PHP and Flex development with Zend Studio and Flex Builder it is a good read! If you don’t have these two ide’s put together you are wasting a lot of time in your workflow. Thanks RIchard for putting this article together! Richard is one of the first bloggers who ever started releasing tutorials for Zend Amf. This was fantastic for me as I was heads down trying to add features and fix bugs and he was creating getting started documentation. THANKS! If you have not seen his CRUDdy Buddy application you really need to check it out. It is a slick code generator written in Adobe Air and of course can stub out classes for Zend Amf. Keep watching Richard’s blog flexandair.com as he is always releasing good stuff for those that are reading my blog!

Zend_Amf

In a constant balance between new features and documentation I am releasing the first ‘examples’ today. This is a long way from being full blown best practices or tuturials but I hope it is a starting point. In this first release I have added a Flash and Flex Hello World example and a class mapping example for Flex that shows how to get ContactVO’s from the server and bind them in Flex. Please let me know what you want next. 

Example files

Zend_Amf

I have been cleaning up some code and test cases in Zend Amf before some more real development starts. If you had issues with class and method collision, ByteArray’s, array’s loosing there keys, documents, or not getting the errors that you wanted please check out the latest build. Also if you have any feature request or bugs please make sure you let me know! 

Zend Framework Issue Tracker for AMF

Next up is optimizing ArrayCollection and proxy object support. 

If you used returning native resources in AMFPHP can you please let me know which ones. 

One of the most impressive features of Flash remoting is the ease at which you can send back resultsets. AMFPHP is preloaded with a set of adapters for a variety of databases and database drivers, in particular:

• MySQL
• PostgreSQL
• SQLite
• MySQLi
• MsSQL
• ADODB
• ODBC
• Oracle (oci8 for PHP5)
• PDO
• PEAR::DB

AMFPHP, Zend_Amf

Flash Platform, Speaking, Zend_Amf

Support has been added to Zend Amf to return php objects of type DOMDocument and SimpleXML and receive an XML object in Flex ready for E4X. Note that you can already send an XML object from the flash player that results in a SimpleXML object in PHP.

Here is an example of the PHP service.

<?php
/**
 * Simple example class for sending XML data back to flex. 
 *
 */
class XmlTest
{
	public $doc;
    /**
     * Instantiates the class and sets up the xml dom
     *
     */
	public function __construct()
	{
		$sXML = '<root><element><key>a</key><value>b</value></element></root>';
		$this->doc = new DOMDocument();
		$this->doc->preserveWhiteSpace = false;
		$this->doc->loadXML($sXML);
	}
 
 
 	public function getDom()
    {
    	return $this->doc;
    }
 
    public function getSimpleXml()
    {
    	$simpleXml = simplexml_import_dom($this->doc);
    	return $simpleXml; 
    }
}

AMFPHP, Flash Platform, Zend_Amf

If you just received a copy of Flex 4 Gumbo like me you may have some issues getting something simple started. The following code shows how to make a simple remoteobject call inside flex builder 4. A couple gotchas that fooled me. First notice that you have to wrap your remoteobject call inside of the new declarations tag. Second you should notice that the MX namespace has been dropped for all components. This too took me a bit! 

Check out the ScreenCast and of course the code

<?xml version="1.0" encoding="utf-8"?>
<Application xmlns="http://ns.adobe.com/mxml/2009">
    <Declarations>
        <RemoteObject endpoint="http://localhost:8888/" id="myservice" fault="faultHandler(event)" 
        	source="HelloWorld" destination="zend">
        	<method name="say" result="responseHandler(event)" />
        </RemoteObject>      
    </Declarations>
    <Script>
    	<![CDATA[
    		import mx.rpc.events.FaultEvent;
    		import mx.rpc.events.ResultEvent;
 
    		/**
    		 * Make the call to the server
    		 */ 
    		public function sendHello():void {
    			myservice.say(input.text);
    		}
 
    		/**
    		 * Handle the successfull result from the remoting call
    		 */ 
    		private function responseHandler(event:ResultEvent):void {
    			result.text = event.result.toString();
    		}
 
    		/**
    		 * Handle the failed remoting call
    		 */ 
    		private function faultHandler(event:FaultEvent):void {
    			result.text = event.message.toString();
    		}
    	]]>
    </Script>
 
    <VGroup horizontalCenter="0" verticalCenter="0">
    	<TextInput id="input" text="I like coffee"/>
        <Button id="btn" click="sendHello()" label="Send" />
        <TextArea id="result"/>
    </VGroup>
 
</Application>

AMFPHP, ActionScript 3, Flash Platform, Uncategorized, Zend_Amf