Extending and scripting PDT
Upcoming SlideShare
Loading in...5

Extending and scripting PDT






Total Views
Views on SlideShare
Embed Views



5 Embeds 292

http://linuxogrenmekistiyorum.com 215
http://www.slideshare.net 73
http://www.google.az 2
https://duckduckgo.com 1
http://www.google.com.tr 1



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

Extending and scripting PDT Extending and scripting PDT Presentation Transcript

  • Extending and Scripting PDT William Candillon {wcandillon@elv.telecom-lille1.eu} PHP London meeting, June 2009
  • Who am I ? • Engineering student at Telecom Lille 1 • ETH Zurich: XQuery runtime in C++ • Aspect PHP Development Toolkit: http://apdt.googlecode.com
  • Who are you ? • What is your favorite IDE? • VIM? • Netbeans? • Komodo? • PHPEd? • PDT / Zend Studio?
  • The Long Tail Support PHP XDebug PEAR How to scale? PHP Unit Zend framework frameworks Business libraries test/build systems Development rules General Specific
  • Eclipse galaxy Frameworks Languages and modeling ECF GEF OCL ALF EMF DTK WTP UML GMF DTP PDE MTJ RCP Eclipse EPF SVN J2EE Applications JDT MAVEN TPTP CDT ANT PDT MYLYN Development tasks Programming RDT AJDT languages APDT Plug-ins ecosystem (+ 1000)
  • Architecture Un autre Eclipse Platform Help Outil Java Workbench Development Tools JFace (JDT) Team SWT Votre Outil Debug Plug-in Workspace Development Environment (PDE) Update Notre Equinox (OSGI) Outil JVM
  • PHP Development Toolkit • Developped by Zend and IBM since 2006 • December 2008: version 2.0 • Second most popular project on eclipse.org • 100% under the EPL (Eclipse Public License) • Build on top of DLTK (Dynamic Language Toolkit)
  • Objectives • De-facto standard for PHP developments • Providing extension points and APIs to support PHP tools... • ...from the last hot PHP framework to the best practices of your company!
  • Architecture
  • Why extending ? • Integrate your own extension or framework • DLTK/PDT define more than 30 extension points!
  • What is extensible ? (1/3) Launcher Syntax highlighting Explorer tree Builder Outline
  • What is extensible ? (2/3) Wizard pages
  • What is extensible ? (3/3) Search semantic
  • Code refactoring • Abstract model of a PHP program • AST representation of source code • Tree walking and manipulation • Extensible type inference engine
  • What’s wrong ?
  • Use case • Objective: ensuring a simple development rule • Never trust your inputs! • Finding and fixing the bug... • ...in the coolest manner
  • Step 1 • Strategy: extending PDT building process with our own build participant • Registering the contribution
  • Step 2 • Build participant factory public class BuildParticipantFactory implements IBuildParticipantFactory { public IBuildParticipant createBuildParticipant(IScriptProject project){ return new XSSProtectionParticipant(); } } • Build participant public void build(IBuildContext context) throws CoreException{ ISourceModule sourceModule = context.getSourceModule(); ModuleDeclaration moduleDeclaration = SourceParserUtil.getModuleDeclaration(sourceModule); Traverse the PHP AST try { moduleDeclaration.traverse(new XSSValidationVisitor(context)); } catch (Exception e) { throw new CoreException(new Status(IStatus.ERROR, ExamplePlugin.PLUGIN_ID, quot;An error has occurred while invoking XSS validatorquot;, e)); } }
  • Step 3 Module Declaration • Trasverse the AST ........ • If the node is safe, don’t visit child nodes public boolean visit(PHPCallExpression node) throws Exception { if (node.getReceiver() == null) { // if this is a function call, not method String funcName = node.getName(); if (quot;issetquot;.equalsIgnoreCase(funcName)) { Call } return false; Expression return false; } ........ • Check variable references of globals protected boolean isURLParemeterVariable(VariableReference s) { String name = s.getName(); return (quot;$_GETquot;.equals(name) || quot;$_POSTquot;.equals(name)); Variable } Reference public boolean visit(ArrayVariableReference s) throws Exception { if(isURLParemeterVariable(s)) { context.getProblemReporter().reportProblem(new DefaultProblem(context.getFile().getName(), quot;Unsafe use of quot; + s.getName() + quot;: possible XSS attackquot;, XSSProblem.UNSAFE_GLOBAL_REFERENCE.ordinal(), new String[0], ProblemSeverities.Error, s.sourceStart(), s.sourceEnd(), context.getLineTracker().getLineNumberOfOffset(s.sourceStart())) );
  • Result • Invalid PHP project • Mission accomplished!
  • Let’s digg it • PHP Quick Fix • Quick Fix proposal interface public interface IQuickFixProcessor { boolean hasCorrections(ISourceModule, int problemId); IScriptCompletionProposal[] getCorrections(IInvocationContext, IProblemLocation[]); }
  • Result • hasCorrection() checks if correction are availables • getCorrection() returns a collection of corrections • apply(document), performs the AST rewriting
  • Programming is hard... • ...Go scripting! • PHP Developpers need to extend Eclipse • Without getting close to Java • In a dynamic manner • Eclipse e4, the next generation of Eclipse • Provides support for JavaScript bundles • Dynamic execution and deployment model • Usage: Task automation, glue between plugins, scripting workflows, etc.
  • The recipie • Extension Registry • JavaScript source and Java bridge function helloworld() { var object = { run: function (action){ Packages.org.eclipse.jface.dialogs.MessageDialog.openInformation( this.window.getShell(), 'TestJavascriptPlugin', 'Hello, Eclipse world'); }, dispose: function(){}, init: function(window) { this.window = window }, selectionChanged: function(action, selection){} }; return new JavaAdapter(Packages.org.eclipse.ui.IWorkbenchWindowActionDelegate, o); }
  • Dynamic deployment • JavaScript Plug-in Development Environment (http://jspde.googlecode.com) • Support JavaScript Plugins • Dynamic deployment
  • Conclusion • Extension mechanisms to integrate: • PHP frameworks and tools • Development workflows • PHP 5.3 support • Towards customized PDT distribution • Writing PHP plugins with PHP ?
  • Resources • PDT website • Extending and Scripting PDT tutorial • Eclipse e4, JavaScript support • PDT adopter’s • Aspect PHP Development Toolkit • Smarty
  • Thank you