Company - Blog

August 25, 2009

A Baton Rouge Tradition®, Pastime® Restaurant, Makes its Appearance on the Web with the Help of K-fx², Inc.

After 65 plus years in downtown Baton Rouge, the Pastime® Restaurant makes its presence known on the web at www.PastimeRestaurant.com.  The site tells the story of Pastime’s rich history and even has a photo gallery of past and present customers and friends.  In collaboration with K-fx², Inc., the Pastime® Restaurant web site was created to enable patrons to easily keep up with bands performing and other events happening at both Pastime Restaurants.  Fans of the restaurant can browse the Pastime menus, download them and even place orders online.  Most apparent throughout the site is the traditional Pastime motto…Good food, great atmosphere, good friends and great history.

In October of 2007, the Pastime was officially declared a Historical Landmark based upon the cultural contribution to the area.  In what began as a small grocery store in the 1920s, Pastime Restaurant has sustained its presence and grown into two successful locations.  The original Pastime Restaurant is located on South Blvd. in downtown Baton Rouge and Pastime Junior on Drusilla Lane in the Drusilla Shopping Center.

August 21, 2009

The Port of Greater Baton Rouge Enlists the Innovative Expertise of two Louisiana companies, K-fx², Inc. and Diane Allen and Associates

K-fx², Inc. and Diane Allen and Associates, a full service marketing and advertising agency, have teamed up with the Port of Greater Baton Rouge to improve the Port ‘s current site, www.PortGBR.com.  The Port of Greater Baton Rouge wants the new site to be a valuable source of information to its employees, partners, customers and the community.   As a leader among U.S. ports, the Port’s objective is to emphasize its importance to the economic development of Louisiana through its strategic location, versatile transportation offerings and shipping possibilities and excellent infrastructure. 

With a combination of innovative and creative design, the Port’s new site will be enhanced by providing a more user-friendly layout, quick informative links, current announcements and more interactive features, such as eNews for registered users.  The web site will also include improved features like aerial overviews of the facilities and current meteorological data.  The Port of Greater Baton Rouge is expected to unveil its new web site this Fall 2009.

 

 

August 18, 2009

Securing a URL with Zend Framework

Filed under: Web Development — Tags: , , , , , — Travis Boudreaux @ 9:14 am

We’ve been making a big push lately to standard a code base for our cms. One of the things I’ve been trying to tackle was an easy way to secure urls without having to make alot of modifications to our code. Here’s a perfect example:

Let’s assume we have a Zend Module for donations in our base, that allows a non-profit organization to accept donations via Authorize.net. Obviously we want the urls for the donations module to be secure. But what if our client also wanted to accept payments for event registrations. Do we want to hardcode certain urls with https://? No. Do we want to duplicate the code we use in php to redirect the donations module to a secure url? No.

So what’s the solution? A Custom Controller Plugin and the standard application.ini file in a Zend_Framework Application that allows us to define modules, controllers, and actions to require ssl.

An Example application.ini file

  modules.donations.require_ssl = true
  modules.events.registrations.require_ssl = true

The above example shows a snippet of our configuration file. There are three formats that we will use to enforce ssl :

modules.module_name.require_ssl = true

modules.module_name.controller_name.require_ssl = true

modules.module_name.controller_name.action_name.require_ssl = true

Now for the second part, we’ll load this Controller Plugin, that will check if any combination of module, controller and action require an ssl redirect. If we detect a redirect setting in the application.ini for any combination, we’ll rebuild the url with an https:// prefix, and redirect to that url and exit the execution stack.

Custom SSL Plugin

class Custom_Controller_Plugin_Ssl extends Zend_Controller_Plugin_Abstract {

	/**
	 * Check the application.ini file for security settings.
	 * If the url requires being secured, r ebuild a secure url
	 * and redirect.
	 *
	 * @param Zend_Controller_Request_Abstract $request
	 * @return void
	 * @author Travis Boudreaux
	 */
	public function preDispatch(Zend_Controller_Request_Abstract $request) {

		$shouldSecureUrl = false;

                $options = Zend_Registry::getInstance()->get('options');

		if (APPLICATION_ENVIRONMENT == ENV_PRODUCTION ) {

			//check configuration file for one of three require_ssl directives
			//secure an entire module with modules.module_name.require_ssl = true
			//secure an entire controller with modules.module_name.controller_name.require_ssl = true
			//secure an action with modules.module_name.controller_name.action_name.require_ssl = true
			if ($options['modules'][$request->module]['require_ssl'] ||
					$options['modules'][$request->module][$request->controller]['require_ssl'] ||
					$options['modules'][$request->module][$request->controller][$request->action]['require_ssl'] ){

				$shouldSecureUrl = true;

			}

			if ($shouldSecureUrl)	{

				$this->_secureUrl($request);

			}
		}
	}

	/**
	 * Check the request to see if it is secure.  If it isn't
	 * rebuild a secure url, redirect and exit.
	 *
	 * @param Zend_Controller_Request_Abstract $request
	 * @return void
	 * @author Travis Boudreaux
	 */
	protected function _secureUrl( Zend_Controller_Request_Abstract $request){

		$server = $request->getServer();
                $hostname = $server['HTTP_HOST'];

		if (!$request->isSecure()) {
			//url scheme is not secure so we rebuild url with secureScheme
			$url = Zend_Controller_Request_Http::SCHEME_HTTPS . "://" . $hostname . $request->getPathInfo();

			$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
	  	$redirector->setGoToUrl($url);
	  	$redirector->redirectAndExit();
	  }
	}
}

Hopefully this has been helpful. Feel free to reuse part or all of this code in your application, though we do not take any responsibilities of its use. We’d love to hear your comments and get some feedback.