Company - Blog

August 10, 2010

Secretary of State Jay Dardenne Enlists K-fx², inc. for Web Site Design, Aiding His Bid for Lieutenant Governor

Filed under: Featured Clients, Web Development — jenn @ 12:49 pm

BATON ROUGE, LA – K-fx², inc., a Baton Rouge-based new media design firm, created a new web site, http://www.jaydardenne2010.com, for Secretary of State Jay Dardenne in his bid to become the next Lieutenant Governor of Louisiana. K-fx², inc. provided Dardenne with innovative tools aimed at reaching out to his constituents and spreading his policy platform. The web site allows individuals to learn Dardenne’s history, stance on issues and recent policy actions.  The web site also contains venues for contacting and endorsing Dardenne while also registering for his newsletter.

August 18, 2009

Securing a URL with Zend Framework

Filed under: Web Development — Tags: , , , , , — Travis Boudreaux @ 9:14 am

We’ve been making a big push lately to standard a code base for our cms. One of the things I’ve been trying to tackle was an easy way to secure urls without having to make alot of modifications to our code. Here’s a perfect example:

Let’s assume we have a Zend Module for donations in our base, that allows a non-profit organization to accept donations via Authorize.net. Obviously we want the urls for the donations module to be secure. But what if our client also wanted to accept payments for event registrations. Do we want to hardcode certain urls with https://? No. Do we want to duplicate the code we use in php to redirect the donations module to a secure url? No.

So what’s the solution? A Custom Controller Plugin and the standard application.ini file in a Zend_Framework Application that allows us to define modules, controllers, and actions to require ssl.

An Example application.ini file

  modules.donations.require_ssl = true
  modules.events.registrations.require_ssl = true

The above example shows a snippet of our configuration file. There are three formats that we will use to enforce ssl :

modules.module_name.require_ssl = true

modules.module_name.controller_name.require_ssl = true

modules.module_name.controller_name.action_name.require_ssl = true

Now for the second part, we’ll load this Controller Plugin, that will check if any combination of module, controller and action require an ssl redirect. If we detect a redirect setting in the application.ini for any combination, we’ll rebuild the url with an https:// prefix, and redirect to that url and exit the execution stack.

Custom SSL Plugin

class Custom_Controller_Plugin_Ssl extends Zend_Controller_Plugin_Abstract {

	/**
	 * Check the application.ini file for security settings.
	 * If the url requires being secured, r ebuild a secure url
	 * and redirect.
	 *
	 * @param Zend_Controller_Request_Abstract $request
	 * @return void
	 * @author Travis Boudreaux
	 */
	public function preDispatch(Zend_Controller_Request_Abstract $request) {

		$shouldSecureUrl = false;

                $options = Zend_Registry::getInstance()->get('options');

		if (APPLICATION_ENVIRONMENT == ENV_PRODUCTION ) {

			//check configuration file for one of three require_ssl directives
			//secure an entire module with modules.module_name.require_ssl = true
			//secure an entire controller with modules.module_name.controller_name.require_ssl = true
			//secure an action with modules.module_name.controller_name.action_name.require_ssl = true
			if ($options['modules'][$request->module]['require_ssl'] ||
					$options['modules'][$request->module][$request->controller]['require_ssl'] ||
					$options['modules'][$request->module][$request->controller][$request->action]['require_ssl'] ){

				$shouldSecureUrl = true;

			}

			if ($shouldSecureUrl)	{

				$this->_secureUrl($request);

			}
		}
	}

	/**
	 * Check the request to see if it is secure.  If it isn't
	 * rebuild a secure url, redirect and exit.
	 *
	 * @param Zend_Controller_Request_Abstract $request
	 * @return void
	 * @author Travis Boudreaux
	 */
	protected function _secureUrl( Zend_Controller_Request_Abstract $request){

		$server = $request->getServer();
                $hostname = $server['HTTP_HOST'];

		if (!$request->isSecure()) {
			//url scheme is not secure so we rebuild url with secureScheme
			$url = Zend_Controller_Request_Http::SCHEME_HTTPS . "://" . $hostname . $request->getPathInfo();

			$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
	  	$redirector->setGoToUrl($url);
	  	$redirector->redirectAndExit();
	  }
	}
}

Hopefully this has been helpful. Feel free to reuse part or all of this code in your application, though we do not take any responsibilities of its use. We’d love to hear your comments and get some feedback.

June 4, 2009

Innovation is Obvious.

Filed under: Web Development — Lance @ 8:59 pm

Thought Tangents

It’s interesting how random comments throughout the day spark amazing avenues of thought.  Admittedly most of those thoughts lead off on tangents that may not be worthwhile (at the moment).  Occasionally however one of those seemingly blind alleys lead to the edge of new territory.  It’s at this edge that innovation can be found.  Today a random conversation between Wes and I led me off on a thought tangent that eventually centered on the concept of innovation and Copernicus.

Innovation & Copernicus

So what is innovation?  There are many definitions of innovation, however the concept I wish to convey can be summarized:  Innovation is a long journey to an obvious solution.  It may seem counter intuitive that innovative solutions are obvious, but that’s only because those solutions aren’t obvious to the majority of people until they gain in popularity (and therefore require people to study them).  In the time of Copernicus, for example, popular models of the universe were centered around the earth.  These theories are know generally as geocentrism.  And even today mathematical formulas based on geocentric principals are used by NASA to launch vehicles into space.  Geocentric models are complex and not obvious, therefore they are harder to understand.  Copernicus’ alternative theory, known as heliocentrism (sun centered universe) was an innovative model, and although it’s a simpler more intuitive model it was not widely adopted until after his death.  Today however heliocentrism is so widely accepted that even middle school children can build science fair models of our solar system based on it.

So what’s my point?  The point is that if we want to be ahead of the curve at Kfx2, if we want to out pace our competition, then we need to identify and implement innovative ideas before they become popular with the majority of our competitors.  If we can do this then we will force our competition to play catch up while we offer clients products that our competitors haven’t even attempted.

Moving Forward

The open source community has a number of hubs of innovative ideas.  Source Forge and Git Hub are two I can think of that have literally thousands of developers sharing open source ideas with the community at large.  There are English descriptions of most of the ideas/software.  I propose we not only use these hubs as sources of innovative ideas, but we actively contribute to open source solutions that we believe can be leveraged to our benefit for future projects.

It’s an idea,

~Lance