Rapid Application Development Zend Framework

Students : Alexandru-Petronel Ilie Vlad Rusu Coordinator: Lenua Alboaie

1. General overview

What is a framework ? A framework defined in the web context is designed for developing web applications and web services, making it easier for developers to write the usual procedures (database access, template usage, etc.) that most of these applications need.

The Zend Framework (ZF) The main idea behind the ZF is simplicity, therefore the goal is the easing the application development process making it faster at the same time. ZF offers reliability and a high level of data security through a large set of APIs and libraries that are thoroughly documented. ZF is open-source and makes use of completely object-oriented code architecture. It requires PHP 5.2.4 in order to be used. Zend Technologies is the main sponsor, but the frameworks growth was highly supported by big companies such as Google or Microsoft by providing interfaces for web services and other technologies for the developers.

Why Zend Framework? Zend was designed as a loosely-coupled component library, thus providing interoperability and simplicity. These components provide the APIs that form a big part of every standard web application, leaving to the developers the steps regarding customization matching the clients specifications. The developers using this framework will diminish the time and resources spent for learning the technology due to the flexible architecture standing at the base of this successful project.

2.

Zend Technology

a. Architecture
The unique way of structuring the ZF components proved to grant the success of this technology. The components standing behind the ZF architecture are independent from one another, thus sparing the time spent on searching for extern functions. Although this architecture gives developers the chance of using the components individually, combining them will always come with better results. The structure of each component follows the tree pattern. One of the most common concepts introduced by frameworks is the MVC design pattern. Zend provides an implementation of this concept best described by robustness and high performance.

b. Components i. Zend ACL (Access control lists)

Zend_ACL offers a very simple and flexible version of Access Control Lists like the ones used on Linux systems. The use of these lists is to define what roles (request objects) can access which resources. Resources can be associated with files or objects from a database and the requests are mainly initiated by a client (such as a Web Browser). Resources and roles can be created by the use of user-friendly interfaces destined to ease the developers work on writing code. Once such a list is created, its use will be on administrating the privileges over executing certain functions based on requests made by a certain user. The method used for these verifications is named isAllowed().

ii.

MVC (Zend_Controller)
What is MVC ? MVC (Model-View-Controller) is a design pattern that easily became a standard in developing web applications. Most of the web application code can be structured in three big categories: presentation, business logic and data access. This design pattern serves for separation of these three components while maintaining the writing of an organized code.

Zend Controller Experienced web developers will always recommend keeping the controller code as simple as possible. Zend_Controller component uses a front controller that intercepts and interprets the requests like this : the first part of the URL is associated to a controller and the second part is associated to an action inside that controller. The default action (in case of undefined) is index. The component implements the Singleton design pattern. ZF is recommended to developers with a considerable background in building web applications using the MVC pattern, so the level of strictness that comes with this pattern is not as high as expected. One of the conventions defined by ZF is regarding the naming of the controllers and actions. The framework lowercases the class and actions names in order to avoid errors when accessing a URL. A quick and simple example for this convention: if we had defined SimpleExampleController::SimpleExampleAction, the right paths to access this function are either /simple-example/simple-action or /simple.example/simple.action.

iii. Zend Auth

This component is basically an API used for user authentication, one of the basic functionality of every web application. The simplest form of authentication known so far is by sending a username and a password in an HTML form. The component implements the Singleton pattern. Zend_Auth uses adapters in order to customize the authentication procedure of every application. The basic steps of an authentication are: getting the credentials, querying the resources and sending the results of the query. Adapters can be created by implementing the Zend_Auth_Adapter_Interface and simply overriding the authenticate() method. ZF also provides support for data persistence, using the

Zend_Auth_Storage_Session component as default. For customizing the way of storing the information, developers can create a class that implements Zend_Auth_Storage_Interface. The most common method for authentication implies storing information into a database. The adapter Zend_Auth_Adapter_DbTable offers support for handling this type of requests. Each instance of this adapter is bound to a particular database connection. Setting the parameters (tableName, identityColumn, credentialColumn and credentialTreatment) of this adapter can only be done through the constructor or the instance methods. Zend_Auth_Adapter_Digest is yet another adapter used for

authentication and is based upon HTTP authentication. It implies authenticating against a text file that stores information like username and a string representing the hashed or encrypted password. Every instance of this object takes the next parameters as input: filename, realm, username and password prior to calling the authenticate() method. The Zend_Auth_Adapter_Http supports both the Basic and the Digest version of HTTP authentication. An object of this type will receive a set of parameters as an array: accept_schemes decides whether basic or digest scheme will be used for authentication, realm, digest_domains provides a list of URIs for

which the same authentication information is valid, nonce_timeout decides the number of seconds of validity and proxy_auth will decide whether to permit proxy authentication.

c. Zend_Cache
The Zend_Cache component provides a simple way to cache data. ZF caches records through adapters that use tags, so operations like modifying or deleting any cached data will simply resume to querying on a tag. It uses the factory() method in order to create a frontend that will tie the items together. Once such an object is instantiated it can be used to cache any type of data. The goal would be the optimization of our application by saving important time like when querying the database. Zend_Cache relies on three concepts: the string that uniquely identifies every cached record, the lifetime of every record and the conditional execution that has a major influence on performance boosting. Cache records can easily be removed by id or tags.

d. Zend_Captcha
CAPTCHA consists as a challenge in order to separate the human users from the

automated users. The main goal of this concept is to prevent spamming. CAPTCHA typically comes within an HTML form submission but can also be customized (like presenting images, asking questions) and like any other Zend component can be used individually or together with the Zend_Form component. The Zend_Captcha has some default adapters defined:
-

Zend_Captcha_Word: it serves as basis for other adapters. It combines parameters such as word length, time to live, namespace object to use and session namespace class for data persistence. .

Zend_Captcha_Dumb: its the most naive version of CAPTCHA and is really not recommended to use in any application that wants spamming prevented.

Zend_Captcha_Figlet: it presents a Figlet to the user. Its flaw is the limitation to characters. The configuration parameters are passed along with the constructor.

Zend_Captcha_Image: perhaps the best adapter, it takes the generated word and renders it as an image hard for automated users to decipher. It extends the Zend_Captcha_Word and can generate only PNG images.

e. Zend_Console_Getopt
This class is specifically designed to help command-line applications in parsing arguments. The interpretation of these arguments must have consequences on the behavior of the application. We may consider an argument as a specification that tells the application on which resources to operate and an option as a specification regarding a change in an applications behavior. This component offers an interface to decide the flags that are valid, display messages and obtain the flags specified by the user.

f. Zend_Currency
This component is meant to handle all currency issues such as formatting and representation, providing additional information like regions in which a currency can be used, etc. It does not also include the value of a currency. The usage of an object of this type is realized through the simple call of the constructor without any parameter.

g. Zend_Date
The component is basically an API used for managing dates and times. It operates as an extension of PHP functions, giving the user a much larger set of choices regarding the type of information and features. It can be said that this component comes in contrast with the idea of simplicity that started ZF, but it is a fact that we need to work localized dates and times. For example, some people use the day of month as the first part from a date while others consider the name of the month as the first part of a date. The main reason for using this component in your application is that it provides some impressive features such as: Simplicity in using the API Internalization, supporting the date information for over 100 languages Alert sunrise and sunset at every location

h. Zend_DB
The component offers an interface for a simpler usage of SQL within Zend Framework. It uses an adapter in order to connect the application to a relational database management

system. For each RDBMS type a separate Adapter class was built. Some of the brands that ZF provides support for are:

MSSql MySql Oracle SQLite All of these adapters use PHP extension, so in order to be able to use them, the environment must be configured. The information needed for accessing a database must be provided as a set of parameters sent to the adapter:

The host of the database usually the hostname or IP address of the machine hosting the database The username that authenticates for accessing the database The password credentials sent by the user to be recognized Database name the name used by the database instance Other options such as: communication port, options, adapterNamespace, etc. ZF provides a management of inactive adapter instances. Creating an instance of an adapter does not necessarily mean connecting to the database. The framework actually creates the connection the first time we commit a query, so its safe to create an adapter even though we may not use it afterwards. The Zend_DB component provides some interesting methods for fetching data from a query. The data can be obtained in an array of values, an array of arrays or an array of objects. Also it provides the possibility to fetch just a single column or row in the output of a query.

i. Zend_DOM
The component offers tools for managing documents that follow the DOM structure. It also provides an interface for querying DOM documents using selectors (CSS and XPath).

The interface is useful for querying XML documents and is mostly used for rapid development of applications working with such files.

j. Zend_Feed
The component is used for consuming feeds and managing its elements and attributes offering an XML file as result. A practical example of using this component is retrieving a news feed, filter and save some elements into a PHP array and use it for later purposes. Zend_Feed is maybe the fastest free tool available for developers to retrieve feeds. The simple run of the method import(http://someurl.com). The contents of a feed can be saved by using a method like saveXml or send.

k. Zend_GData
Google APIs are meant to provide an easy to use interface for developers that are using Googles services. They allow applications to obtain data through a query. The Zend_GData works as an interface between PHP and Google Data. Through the services offering support for the Zend_GData component we encounter: Google Documents Lists Google Base Youtube Picasa Web Albums Google Calendar Others

The services provided by Google Data also require authentication against the Google Server. Zend_GData offers two possibilities for this step by using class interfaces for AuthSub and ClientLogin. You can also post your data to Google through a method named post that will automatically upload your xml to a Google server, or you can delete an entry.

l. Zend_HTTP
Its goal is providing an easy to use interface for HTTP requests. The default parameters are very simple to use, but for a better experience with the tool some configuration needs to be done. The URL and other parameters can be passed to the request object at instantiation or afterwards, through the default set methods. Once you have configured the basic parameters, you are set to proceed with the request by running the method with the same name. Another well-known functionality of HTTP requests consists of the GET/POST methods. Setting the parameters for these functions can either be done directly through URL or by calling the setParameterGet and setParameterPost actions. For advanced users, such as developers with background in web development, functionalities like HTTP Redirections, Cookies, File Uploads and HTTP Authentication are available.

m. Zend_OpenID
The OpenID protocol used for online authentication allows creating an online identity and using it on any other web application that also supports OpenID. The authentication procedure is usually realized through an URL. The Zend_OpenID is an API used for building web application supporting this technology.

There are yet more concepts that are being brought by ZF and they all can be found thoroughly documented on their website.
3.

Comparison between frameworks

A review made by a random user on the internet narrows PHP frameworks to Cake and Zend. Some of the features considered for the review are as follows:
-

License: at this chapter both frameworks present a good choice Documentation: both frameworks provide a good documentation, but the one provided by the Zend community seems to overcome the Cake documentation

Sample availability: Cake got a better rating than Zend MVC: the most significant difference between the two frameworks, Cake is very strict when using MVC while Zend offers some level of flexibility, making it more exposed to errors though

Configuration: while Cake can only be configured through PHP files, Zend also offers support for XML or INI files.

Security: both are ACL-based Caching: Zend seems to be more efficient at this chapter Session handling: both are excellent

A much more detailed comparison between PHP frameworks can be found on wikipedia. The results of the comparison also tend to promote either Cake or Zend, the main different features being the MVC flexibility, the conventions flexibility and the independency of inner modules.

4. Zend on personal web application

The personal application integrates two web services: Google Maps Flickr Photos The goal of the application is to estimate the duration and distance to go from point A to point B and at the same time displaying the path on a Google Map and the photos retrieved from Flickr API for tags A and B. The use of Zend technology on this application is related to the MVC design pattern, providing a good separation between the presentation part and the logic part and at the same time keeping the code organized. The results are combined in a mashup.

Bibliography
-

PHP architects guide to programming with Zend Framework, [Cal Evans]

Zend Framework in action, [Rob Allen, Nick Lo & Steve Brown] Programmers reference guide: Zend Framework, [Zend Technologies, 2008] Zend Framework and Access Control, [Darby Felton, 2007] Zend Enterprise PHP patterns, [John Coggeshall & Morgan Tocker, 2009] http://en.wikipedia.org/wiki/Zend_framework http://en.wikipedia.org/wiki/Comparison_of_web_application_frameworks