Wade Arnold

Working on optimizations for AMF serialization and I want to finalize on just using the default ord function or actually using one of the fancier libraries such as mbstring or iconv. However I am not able to find very much information on what is the preferred library to code against. Surfing google shows that “everyone” likes iconv as it is almost always there on linux but suggest that mbstring is more portable? However there does not seem to be any suggestion as to what new developers should code against. I really like the additional methods that iconv and mbstring provide and both suggest optimizations although I would have to write my own tests to prove any optimizations. Can anyone lead me to some more detailed information on what the community wants to adopt?

– Update: ICONV it is! –

“mbstring offers better support and more options. However, it’s not enabled in vanilla PHP installs — whereas iconv _is_. So, for that reason, we typically recommend utilizing iconv. (I actually switched from using mbstring to iconv in Zend_XmlRpc for this reason.)”

Matthew Weier O’Phinney
Software Architect
Zend Framework      

AMFPHP, Flash Platform, Zend_Amf

@ update Lee took this content and made it better

There are a lot of comments about how to secure amfphp. If you can do one thing and one thing only do the following.

1.) PLEASE remove the amfphp/browser/ folder from your project. This was designed as a debugging tool and has no access controls. Never place the browser on a production server.

2.) The more important file to remove rather than the browser directory is “f8v4/services/amfphp/services/amfphp/DiscoveryService.php” you can point any browser at a different gateway.php and it’ll bring up those services if the DiscoveryService.php is still there.  Its this file/service that tells the browser was services are available for calling.  For a complete kill of the browser you need to remove.

“f8v4/services/amfphp/services/amfphp/”  <– DiscoveryService.php in here.
“f8v4/services/amfphp/browser/”

3.) Change “public_html/f8v4/services/amfphp/gateway.php”
define(“PRODUCTION_SERVER”, false);
to
define(“PRODUCTION_SERVER”, true);

4.) You really need to run the application over SSL if you can. It really helps keep people from being able to see all the plain text data that you are sending to and from the server.

5.) Implement before filter and I will blog on this real soon.

This will at least make it so that you can not remotly inspect all fo the services that are avaialable. I will release an

AMFPHP, Flash Platform

I have been working with a couple well know technology companies on an open source project to bring two languages I love closer together. It will be very cool  Flex3 and PHP will soon be better friends than ever!

With that said; Yes I am busy! For now that is really all I can say about what I am doing. This post is to let everyone know that the AMFPHP project is alive and well!

Also we finally have a cover to the Essential Guide to Open Source Flash which features and artical on AMFPHP. Very cool!

Can anyone figure out why sourceforge hates the username wadearnold? Let me back in!  I can’t answer questions without access.

AMFPHP, ActionScript 3, Flash Platform

So my sourceforge account ha been blocked for about a month now. For some reason I get all my email add the account that I signed up with but my password no longer works and password recovery does not recognize my email address. How can I be getting email when they don’t know my password? ODD! I have opened several tickets but nobody seems to be able to do anything other than close my ticket. This seems to be a major issue because as a project lead I can’t just sign up a new account and then give myself rights to myself? FUN. Help if you can!

my sourceforge username is: wadearnold

AMFPHP, Flash Platform

Update: After three days of using the Flex Builder plugin i just relized that it does not support design view yet! Well that would be nice!

Running Ubuntu as my primary OS and AIR, Flex Builder Plugin, PDT, Charles, Vmware Workstation FileZilla, all work great. It took me longer to backup everything from my Vista install than it did to get everything back up and going. Vista was my first Windows OS since Windows ME when I switched to Linux. Post college (aka cash) I became a mac guy but purchased a Dell M90 about a year or more ago when the whole switching to the intel architecture thing was going on. I had two power macs in a row that the monitor stoped working and out of frustration moved to what seemed like a super powerful laptop. Although I liked OSX 10.0 – 10.3 the powerpc hardware left me with a lot to be desired and I still hope that other hardware vendors can someday install OSX. I decided this weekend that there was no way I was getting a new mac any time soon and with the change to Linux I may never go back. Unfortunately I still need Flash CS3 which requires windows so VMware it is until Flash looks a lot more like eclipse.

Flash Platform

Here are the files for the presentation that I am giving today at MN.swf Camp. Now that it is one in the morning and Minneapolis is 3.5 hours away I better head off to bed. I hope they have quality coffee!

Presentation in PDF, Database Creation, Examples
amfphp-swfcamp.zip

Speaking

Trying to find a way to test your sites compatible with the new Flash Player security model! The newest/test Flash Player is in Flex 3 Beta download called ‘Adobe Add-ons’ for Open Source Flex SDK bundle that is about 58MB. You can download here: http://opensource.adobe.com/wiki/display/flexsdk/Download+Flex+3

Download the latest nightly build as the milestone release has the released Flash Player 9.0.115.

Adobe Add-ons for Open Source Flex SDK – This package contains all of the items that are in the Adobe Flex SDK and not in the Open Source Flex SDK. Downloading this file will allow you to bring the Open Source Flex SDK to parity with the Adobe Flex SDK. This package includes the Adobe Flash Player, Adobe AIR, the advanced font encoding libraries, and the code that allows licensing of things like the Data Visualization components. All of these elements are licensed under the Adobe Flex SDK license.

I downloaded the nightly build from and traversed the extracted zip for my windows computer to

flex_sdk_3.0.1.1092_add-on\runtimes\player\win\Install Flash Player 9 Plugin.exe

ran the installer and was up and running with Flash player 9.0.124 installed in Mozilla.

Preparing for the Flash Player 9 April 2008 Security Update
Read this post for how to make changes for amfphp:

Updated: crossdomain.xml fixes amfphp for april flash player release

Thanks Peter Kehl for getting me an updated link!

Check Out Flash Switcher a firefox plugin that allows you to run lots of flash player versions. This way you can use this for testing but keep your debug player installed as the default for Flex Builder!

AMFPHP, ActionScript 3, Flash Platform

The Service Browser uses the remoting gateway to present a list of service classes and their methods. By selecting one of your methods, you will be presented with a page that allows you to call it; by entering arguments and observing the output in the “results” tab below, you can test remoting methods here.

The text inputs for arguments accept arguments in JSON (JavaScript Object Notation) or “object literal” format; essentially, valid ECMAScript (JavaScript/ActionScript) syntax.

String arguments can be entered directly without requiring quote marks, and number arguments can be entered directly as well.

To pass an array as an argument, use the JSON/ECMAScript array literal syntax – comma-separated values between square brackets. For example, if the parameter expects an array of numbers, you would enter it something like:

[1, 3, 5.5, 44]

A two-dimensional array in JSON format is entered as an array of arrays like this:

[[1, 2, 3], [5, 7, 15], [1, 7, 2]] .

Objects (such as VOs) can also be input here, using JSON/ ECMAScript object literal syntax like this:

{id: 1, label: ‘A label’, notes: ‘Some notes’}.

Objects and arrays can also be nested inside each other:

[{id: 1, label: ‘first object’}, {id: 99, label: ‘object with an array in it’, numbers: [13, 44, 97]}, {id: 34, label: ‘object with another object in it’, thing: {‘things’: 14, ‘gadgets’: 6, ‘tchockies’: 0}}]

In addition to numbers and strings, these are all valid types of arguments an AMFPHP remoting method can accept.

For more about JavaScript/ActionScript array-literal syntax and the object/associative-array duality of ECMAScript, consult your friendly neighborhood Internet.

Note that for some reason the service browser does not much care for double-quotes, so when entering object arguments, use the single-quote format for strings.

Also note that currently, although PHP supports optional arguments to a method by specifying a default value in the method signature, the service browser does not have a way to “skip” entering an argument. If you leave an input box blank, the parameter will receive an empty string.

AMFPHP, Flash Platform

An AMFPHP user gave me a run for my money on debugging an error on a new server. Come to find out mod_security can play a little havoc on AMFPHP and even though the gateway.php file executes correctly. When you open up the amfphp/browser you will get the following error which will also be your fault event in your application.

(mx.rpc::Fault)#0  errorID = 0faultCode = "Client.Error.MessageSend"faultDetail = "Channel.Connect.Failed error NetConnection.Call.Failed: HTTP: Failed"faultString = "Send failed"message = "faultCode:Client.Error.MessageSend faultString:'Send failed' faultDetail:'Channel.Connect.Failed error NetConnection.Call.Failed: HTTP: Failed'"name = "Error"rootCause = (Object)#1code = "NetConnection.Call.Failed"

description = "HTTP: Failed"

details = "http://somedomain.com/amfphp/gateway.php"

level = "error"

when you call a service it gives the following error.

403 Forbidden

Forbidden

You don't have permission to access /amfphp/gateway.php on this server.

Additionally, a 404 Not Found

error was encountered while trying to use an ErrorDocument to handle the request.

Apache/1.3.39 Server at domainname.com Port 80

So if you are seeing this error when you try and connect to your gateway in charles / service capture look at a phpinfo page and see if mod_security is installed. If it is then in order to fix this error you need to create an .htaccess file in the amfphp/gateway.php directory and place the following content in it.

<ifmodule>SecFilterInheritance Off </ifmodule>

Hope that helps. If anyone knows more about this module please let me know what really is going on as I would love to understand why a security module is stopping amfphp.

AMFPHP, Flash Platform

This updated crossdomain.xml example fixes all of the issues that people were having with the last post that I had. Please update your server with the following file. Remember that you need to remove any spaces as this has to be well formated xml! Make sure that you place the file in your web root directory of the top level domain of the site. This is commonly the public_html or www directory in the server so that you can access the file at www.yourdomain.com/crossdomain.xml

If you do not add this file you will get a Error #2044: Unhandled SecurityErrorEvent:. text=Error #2048: Security sandbox violation:
Which will toss an error that looks something like this out of the player.

crossdomain.xml

Again the purpose of a crossdomain.xml file is to allow external domains to access your content. What has changed in the new release is that we can not change the header anymore even if its on the same domain name. This means that you need to add a crossdomain file even if you are not accessing your amfphp installation from an external domain name. More information on policy files!

Policy file Syntax

Preparing for the Flash Player 9 April 2008 Security Update

AMFPHP, ActionScript 3, Flash Platform