PHP Development Tools 2.0 –
Success Story.
Michael Spector,
Zend Technologies




                              Copyright ...
Overview


  •   PDT 1.0 history
  •   PDT NG goals
  •   Dynamic languages toolkit (DLTK)
  •   PDT 2.0 features
  •   Ex...
Project history


  • Project creation review in March 2006.
  • First release in September 2007.
  • Initial contribution...
PDT 1.0 requirements

  • Providing developers with PHP capabilities:
      Source editing:
        •   Code Assist
     ...
PDT 1.0 : initial design



          PHP Source Editing
                                                PHP Model

      ...
PDT next generation: goals

  • Performance & scalability improvements.
      Model memory management improvement.
     ...
Best practices: JDT

                              JDT




                          JDT Clones

        CDT        RDT   ...
What does DLTK provide?

      Core               UI            Debug                   Extra

     Indexer       Script E...
New design



      PHP Source Editing    PHP Enabler



    WST Source Editing     DLTK Core




                        ...
PHP Development Tools 2.0
Features




                            Copyright © 2007, Zend Technologies Inc.
Lighter & Faster

  • Utilizing proven DLTK (JDT) indexing mechanism.
      No more loading model into memory on startup....
Build Path configuration

  • Ability to separate application code from
    resources.




                               ...
Mark occurrences

  • Highlight all occurrences of the selected element:




  • Highlight all method exit points:


     ...
Override annotations

  • Triangle annotation indicates overridden or implemented method:




                            ...
Type Hierarchy

  • Makes easier understanding the hierarchy of class or
    interface.




                              ...
Smart Code Assist

  • Sophisticated code assist proposals using type inference.




                                     ...
PHP 5.3 support (PDT 2.1)

  •   Choose PHP 5.3 version when creating a project:




  •   Code Assist:




  •   PHP Expl...
Extending PHP
Development Tools 2.0




                        Copyright © 2007, Zend Technologies Inc.
XSS in PHP #1

  • What’s wrong with the following code?




  • Calling this script normally:




                       ...
XSS in PHP #2

  • What happens if the following URL is used?




  • Solution:




                                      ...
XSS protection plug-in example


  • Warn PHP developer when script parameters are
    accessed in a non-“safe” way.

  • ...
XSS protection plug-in example (step 1)

  • Step #1: Create new plug-in
  • Step #2: Add build participant extension:



...
XSS protection plug-in example (step 2)

 • Build participant factory




 • Implement build participant




             ...
AST search algorithm


  1. Process PHP script AST.           Module
                                                     ...
XSS protection plug-in example (step 3)

  • Determine the function call name:




                                       ...
XSS protection plug-in example

  • “Catch” unsafe references:




                                 Name of this section |...
XSS protection plug-in example (hooray!)

  • Final result:




                                    Name of this section |...
PDT Adopters


               Zend Studio for Eclipse
               http://www.zend.com/en/products/studio/



          ...
Additional Resources

  • PDT site:
        http://www.eclipse.org/pdt


  • PDT download:
        http://download.eclip...
Thank You




            Name of this section | 2-Apr-09 | 30
Upcoming SlideShare
Loading in...5
×

PHP Development Tools 2.0 - Success Story

2,531

Published on

PHP Development Tools 2.0 for users and adopters.

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
2,531
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
41
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

PHP Development Tools 2.0 - Success Story

  1. 1. PHP Development Tools 2.0 – Success Story. Michael Spector, Zend Technologies Copyright © 2007, Zend Technologies Inc.
  2. 2. Overview • PDT 1.0 history • PDT NG goals • Dynamic languages toolkit (DLTK) • PDT 2.0 features • Extending PDT example • Q&A Project History | 2-Apr-09 | 2
  3. 3. Project history • Project creation review in March 2006. • First release in September 2007. • Initial contribution by IBM and Zend. Project History | 2-Apr-09 | 3
  4. 4. PDT 1.0 requirements • Providing developers with PHP capabilities:  Source editing: • Code Assist • Syntax coloring • Code folding • Open Declaration (CTRL + click) • Annotations (task, breakpoints, CVS)  Code Inspection & Navigation: • PHP Explorer View • Outline View • Open PHP Element  Debugging: • Local script debugging. • Remote application debugging. Project History | 2-Apr-09 | 4
  5. 5. PDT 1.0 : initial design PHP Source Editing PHP Model WST Source Editing PHP Debugger PHP Explorer Project Outline Outline Project History | 2-Apr-09 | 5
  6. 6. PDT next generation: goals • Performance & scalability improvements.  Model memory management improvement.  Model change notifications narrowing. • Create type binding infrastructure that can be reused for:  Better code assist.  Static analysis tool.  Refactoring. • Ability to separate resources from code. • More JDT-like features. Name of this section | 2-Apr-09 | 6
  7. 7. Best practices: JDT JDT JDT Clones CDT RDT DLTK JSDT … DLTK Extenders DLTK DLTK DLTK PDT … JavaScript Ruby TCL Name of this section | 2-Apr-09 | 7
  8. 8. What does DLTK provide? Core UI Debug Extra Indexer Script Explorer Interpreters Mylyn Search Engine Outline DBGP RSE Problems Type Hierarchy Debug UI Reporting Validation Call Hierarchy Build Path Open Element Type Inference Editor Type Hierarchy Actions … … Name of this section | 2-Apr-09 | 8
  9. 9. New design PHP Source Editing PHP Enabler WST Source Editing DLTK Core PHP Enabler PHP Debugger DLTK UI Name of this section | 2-Apr-09 | 9
  10. 10. PHP Development Tools 2.0 Features Copyright © 2007, Zend Technologies Inc.
  11. 11. Lighter & Faster • Utilizing proven DLTK (JDT) indexing mechanism.  No more loading model into memory on startup.  Granulated search mechanism. • Optimized memory management.  Limited memory usage by most recently used elements and AST. Name of this section | 2-Apr-09 | 11
  12. 12. Build Path configuration • Ability to separate application code from resources. Name of this section | 2-Apr-09 | 12
  13. 13. Mark occurrences • Highlight all occurrences of the selected element: • Highlight all method exit points: And more… Name of this section | 2-Apr-09 | 13
  14. 14. Override annotations • Triangle annotation indicates overridden or implemented method: Name of this section | 2-Apr-09 | 14
  15. 15. Type Hierarchy • Makes easier understanding the hierarchy of class or interface. Name of this section | 2-Apr-09 | 15
  16. 16. Smart Code Assist • Sophisticated code assist proposals using type inference. Name of this section | 2-Apr-09 | 16
  17. 17. PHP 5.3 support (PDT 2.1) • Choose PHP 5.3 version when creating a project: • Code Assist: • PHP Explorer & Outline: Name of this section | 2-Apr-09 | 17
  18. 18. Extending PHP Development Tools 2.0 Copyright © 2007, Zend Technologies Inc.
  19. 19. XSS in PHP #1 • What’s wrong with the following code? • Calling this script normally: Name of this section | 2-Apr-09 | 19
  20. 20. XSS in PHP #2 • What happens if the following URL is used? • Solution: Name of this section | 2-Apr-09 | 20
  21. 21. XSS protection plug-in example • Warn PHP developer when script parameters are accessed in a non-“safe” way. • Input is considered “safe” when it’s passed through htmlentities() PHP function. Name of this section | 2-Apr-09 | 21
  22. 22. XSS protection plug-in example (step 1) • Step #1: Create new plug-in • Step #2: Add build participant extension: Name of this section | 2-Apr-09 | 22
  23. 23. XSS protection plug-in example (step 2) • Build participant factory • Implement build participant Name of this section | 2-Apr-09 | 23
  24. 24. AST search algorithm 1. Process PHP script AST. Module (PHP script root node) Declaration 2. When function call node is ……… met, and it’s a htmlentities() call – remember this node. PHP (htmlentities()) Call 3. When special array variable is Expression met – verify that the parent was htmlentities() function Array call. ($_GET[“name”]) Variable Reference Name of this section | 2-Apr-09 | 24
  25. 25. XSS protection plug-in example (step 3) • Determine the function call name: Name of this section | 2-Apr-09 | 25
  26. 26. XSS protection plug-in example • “Catch” unsafe references: Name of this section | 2-Apr-09 | 26
  27. 27. XSS protection plug-in example (hooray!) • Final result: Name of this section | 2-Apr-09 | 27
  28. 28. PDT Adopters Zend Studio for Eclipse http://www.zend.com/en/products/studio/ IBM REST Development Framework http://www.projectzero.org/ Aspect PHP Development Tools http://code.google.com/p/apdt/ Smarty Support for PDT http://code.google.com/p/smartypdt/ Name of this section | 2-Apr-09 | 28
  29. 29. Additional Resources • PDT site:  http://www.eclipse.org/pdt • PDT download:  http://download.eclipse.org/tools/pdt/downloads • Extending PDT examples:  http://dev.eclipse.org/viewcvs/index.cgi/org.eclipse.pdt/examples/?root=Tools_ Project • PDT bundle with local debugger:  http://www.zend.com/en/community/pdt • PHP stack download:  http://www.zend.com/en/community/zend-server-ce Name of this section | 2-Apr-09 | 29
  30. 30. Thank You Name of this section | 2-Apr-09 | 30
  1. Gostou de algum slide específico?

    Recortar slides é uma maneira fácil de colecionar informações para acessar mais tarde.

×