Techy: PHP PSR code compliance

This is just a quick note to let you know of work we’ve just tried on the PublicWhip code base

We just attempted to make the PublicWhip code compatible with the PHP “Fig standards” in particular PSR-1-basic-coding-standard and PSR-2-coding-style-guide by utilising PHP Coding Standards Fixer. However, during testing it was quickly shown that due to the age of the PublicWhip code, it appears nearly impossible to automate the bringing of version 1 code up to standard (we even tried a reduced set of changes: in particular disabling the psr0 [“Classes must be in a path that matches their namespace”] and include [“Include and file path should be divided with single space”] fixes, but the site still errored).

Code rollout: Sunday 10th February 2013

This is another techy post – sorry guys!

Yesterday we rolled out a few more SQL injection fixes (we’ve moved the vast majority – if not all – of the public “used” SQL statements from mysql_* connection strings to parametrised PDO connections) and a number of XSS (Cross-Site-Scripting) vulnerability fixes to make the PublicWhip code even more secure. We’ve also tweaked import routines ever so slightly (to try and use “indexes” on table joins) and to provide a bit logging as to what is happening during the import. We also updated the code to move away from PHP short tags (such as “https://bitbucket.org/publicwhip/publicwhip-v1/ – the old GitHub repository will be maintained until at least April this year, but we urge people to move over to the BitBucket Git repository as soon as possible.