Thanks For Your Votes

PHPClasses.org has just announced the winner of Innovation Award during the month of October 2006. As you can see on my badge here, Ngeblog was ranked in second position with 17.24% from total votes.

Big thanks to all of you who has voted for Ngeblog and helped me for quite some time in developing this class. Especially my geeky friends in Inarts for giving the vote :) .

Ngeblog 0.2 : Yes, You can Use AuthSub Now

As written in Google Code blog (err, yesterday), Ngeblog now supports AuthSub authentication. And it uses Zend Framework (Zend_Gdata) for abstracting the whole authentication process, including ClientLogin authentication.

Since Ngeblog 0.2 now uses the modified version of Zend_Gdata, the files is getting larger and it is hard for me to put Ngeblog 0.2 to phpclasses. So for now on you can download the source here or you can use svn to get the latest files on Google Code project hosting here.

Try out the demo here for ClientLogin authentication and here for AuthSub authentication. You can see the source code here and here for both demo respectively.

Alright, now let’s look what is new with Ngeblog.

(more…)

Ngeblog as Google Code Featured Project

I’ve just found out this morning that Ngeblog has been chosen as one of Google Code Featured Project.

Although it’s not really accurate, since i haven’t used Zend GData yet, and it hasn’t supported AuthSub, but thanks anyway. I take that as a suggestion.

:)

ClientLogin Authentication for Zend GData

As i mentioned in my previous post, i was going to add AuthSub authentication for Ngeblog when people at Google Code team announced that Zend framework now has GData support.

After played around with it for hours, i finally got into a decision to use Zend Gdata for abstracting Ngeblog connection to Blogger. Unfortunately, Zend GData class library only supports AuthSub authentication, while Ngeblog already uses ClientLogin authentication and works fine so far.

So, to make it available for both type of authentication, i finally sat down and wrote some codes myself to add ClientLogin support for Zend GData. You can download the bundle in .zip here or in .tgz here which contains both original Zend_Gdata bundle and my Zend_Gdata_ClientLogin class for ClientLogin authentication.

How it works

To understand how this class works, you must first understand how Google account authentication works. Please read the manual for that. But i try to explain it anyway.

Authentication is required to access any of Google Services such as Google Calendar, Google Base or Blogger. To do that, first you must provide username and password to log into your Google account. And then once your login is authorized, Google will give you a token to identify yourself for accessing the desired Google Service.

Currently there are two kind of authentication that Google uses. AuthSub authentication and ClientLogin authentication. As the manual said, AuthSub is used for web application that offers a service to access Google Service. While ClientLogin is used for installed application, such as desktop or handheld application.

But that doesn’t mean you can’t use ClientLogin for web application. It’s just that with ClientLogin authentication you must handle the authentication programmatically yourself to get the token. While with AuthSub you only need to redirect your web users to log into Google Account web site and grab the token as the result once they authorized.

Now, let’s get to the business. To use this class, you must first include Zend.php and load Zend_Gdata_ClientLogin class, like this:


  require_once 'Zend.php';
  Zend::loadClass('Zend_Gdata_ClientLogin');

Then use getClientLoginAuth method to get the token (authorization code), like this:

  $username     = 'yourusername';
  $password     = 'yourpassword';
  $service      = 'blogger';
  $source       = 'Ngoprekweb-Zend_Gdata-0.1.1'; // companyName-applicationName-versionID

  try {
    $resp = Zend_Gdata_ClientLogin::getClientLoginAuth($username,$password,$service,$source);
    print_r($resp);
  } catch ( Exception $e )  {
    echo $e->getMessage();
  }

As you can see, there are four parameters required for this method: username, password, service and source. You can read about these parameters here.

The results of this method will be in three possibilities:

First

, if the authentication is success (authorized by Google), the output will be something like this,

Array
(
    [response] => authorized
    [auth] => DQAAAGgA...dk3fA5N
)

Second, if the authentication is failed for some reasons, it throws exception. About the reason of this failure, the manual said:

Please note that ClientLogin does not differentiate between a failure due to an incorrect password or one due to an unrecognized user name (for example, if the user has not yet signed up for an account).

Third

, if Google requires you to solve CAPTCHA challenge, the output will be something like this,

Array
(
    [response] => captcha
    [captchatoken] => DQAAAGgA...dkI1LK9
    [captchaurl] => http://www.google.com/login/captchaALD$ALSJ4.png
)

About CAPTCHA challenge, the manual said,

ClientLogin uses standard security measures to protect user account information. To block bots and other entities from breaking user passwords, Google Accounts may add a visual CAPTCHA� to the authentication process when the server suspects an illegal intrusion, such as after too many incorrect login attempts. A CAPTCHA ensures that a real person is attempting login, and not a computer trying random strings (a dictionary attack).

Handling CAPTCHA Challenge

As i mentioned above, when Google requires you to answer CAPTCHA challenge (when she suspects you as an intruder :) ), you’ll get both captchatoken for identifying which CAPTCHA image you received, and captchaurl that shows you the location of the image you have to answer (to tell miss Google you are human, not bot).

To answer that challenge, you use the same getClientLoginAuth method, only now with two additional parameters: captchatoken and captchaanswer.

  $username     = 'yourusername';
  $password     = 'yourpassword';
  $service      = 'blogger';
  $source       = 'Ngoprekweb-Zend_Gdata-0.1.1'; // companyName-applicationName-versionID
  $captchatoken = 'DQAAAGgA...dkI1LK9';
  $captchaanswer= 'brinmar';

  try {
    $resp = Zend_Gdata_ClientLogin::getClientLoginAuth($username,$password,$service,$source,$captchatoken,$captchaanswer);
    print_r($resp);
  } catch ( Exception $e )  {
    echo $e->getMessage();
  }

If you ARE really human, then most likely you’ll get something like this as the result,

Array
(
    [response] => authorized
    [auth] => DQAAAGgA...dk3fA5N
)

which means you’re now authorized to use Google Service you requested, in this case is Blogger. Use $resp['auth'] as your token (authorization code) to do the rest of operation (query, add, edit or delete posts in your Blogger).

In Action: Reading Blogger

This far, some of you might said, “what in Google Earth is this guy talking about?!”. :)

Alright kids, grab your emacs or UltraEdit, here comes the example. What we’re going to do here is to get the entries of your Blogger, for comparing purpose with what Zend does using AuthSub (see my previous post here).

<?php
/**
 * Testing Zend_Gdata_ClientLogin for getting list of Blogger entries
 *
 * written by: Eris Ristemena (http://www.ngoprekweb.com/tags/php)
 *
 */

  set_include_path(dirname(__FILE__) . '/Zend_Gdata');
  require_once 'Zend.php';
  Zend::loadClass('Zend_Gdata_ClientLogin');
  Zend::loadClass('Zend_Gdata');
  Zend::loadClass('Zend_Feed');

  $username     = 'yourusername';
  $password     = 'yourpassword';
  $service      = 'blogger';
  $source       = 'Ngoprekweb-Zend_Gdata-0.1.1'; // companyName-applicationName-versionID
  $logintoken   = $_GET['captchatoken'];
  $logincaptcha = $_GET['captchaanswer'];

  try {
    $resp = Zend_Gdata_ClientLogin::getClientLoginAuth($username,$password,$service,$source,$logintoken,$logincaptcha);

    if ( $resp['response']=='authorized' )
    {
      $client = Zend_Gdata_ClientLogin::getHttpClient($resp['auth']);
      $gdata = new Zend_Gdata($client);
      $feed = $gdata->getFeed("http://www.blogger.com/feeds/default/blogs");

      foreach ($feed as $item) {
        echo '<h3><a href="'.$item->link("alternate").'">' . $item->title() . '</a></h3>';
        $_id = explode("/",(string) $item->id());
        $blogid = $_id[count($_id)-1];
        $feed1 = $gdata->getFeed("http://www.blogger.com/feeds/$blogid/posts/summary");

        echo "<ul>";
        foreach ($feed1 as $item1) {
          echo "<li>";
          echo "<a href=\"{$item1->link('alternate')}\">{$item1->title()}</a><br />";
          echo "{$item1->summary()}<br />";
          echo "</li>";
        }
        echo "</ul>";
      }
    }
    elseif ( $resp['response']=='captcha' )
    {
      echo 'Google requires you to solve this CAPTCHA image <br />';
      echo '<img src="'.$resp['captchaurl'].'" /><br />';
      echo '<form action="'.$_SERVER['PHP_SELF'].'" method="GET">';
      echo 'Answer : <input type="text" name="captchaanswer" size="10" />';
      echo '<input type="hidden" name="captchatoken" value="'.$resp['captchatoken'].'" />';
      echo '<input type="submit" />';
      echo '</form>';
      exit;
    }
    else
    {
      // there is no way you can go here, some exceptions must have been thrown
    }

  } catch ( Exception $e )  {
    echo $e->getMessage();
  }

?>

Have fun. And please be kind to drop some comments below or report any bugs you find to my email (eristemena at ngoprekweb dot you know what).

PHP Programming Innovation Award

logo

I received an email from PHPClasses.org this evening,

This is a notification message to let you know that your package Ngeblog was nominated to the PHP Programming Innovation Award among all the classes approved for publishing in the PHP Classes site during the month of October of 2006.

The class was nominated by Manuel Lemos that submitted the following comment:

“Blogger is a very popular blog Web site owned by Google. Nowadays it provides a Web services API named GData API. It makes possible to manipulate articles posted in Blogger blog from an external site. This class makes use of the GData API to manipulate Blogger posts from any PHP Web site.”

Well, when i started this project about two weeks ago, i never planned it to be nominated to any award. Like any other open source projects, it all just started with “i wanna do this, and i wanna do it now” motivation.

But then i looked at the prize and i thought why not. :)

So please be kind to vote it for me.

Ngeblog Host and Mailing List

Working on Ngeblog for the past two weeks has been a great time for me. Credits, suggestions and bugs report from many people are the main reason why i keep working on this class.

That’s why i’m asking you to promote this class, so that many people will be able to use it, take advantage of it, and hopefully that will bring more improvement to this class.

Beside on phpclasses, i have submitted Ngeblog to Google Code Project Hosting here :

http://code.google.com/p/ngeblog/

You can also find Ngeblog on Hotscripts here:

http://www.hotscripts.com/Detailed/64472.html

unfortunately it is hard for me to keep updating Ngeblog on hotscripts, since it takes awhile for any updates to be approved.

I’m also inviting you to join developing this class together by subscribing to Ngeblog-devel mailing list here:

http://groups.google.com/group/ngeblog-devel

Ngeblog 0.1 (Now support ClientLogin Authentication for both versions of Blogger)

Good news for Blogger Beta users, now Ngeblog can be used to manipulate your blog entry. :)

If you’re using previous version of Ngeblog, don’t worry, you still can use all the methods as before, only now you can do more. Especially if you’re using Blogger in beta version.

As usual, i’m going to blab on a bit about this newest version, so if you can’t wait any longer to play around with it (i know some of you are like that) just go here and try it out yourself.

Ok, here are some additional features in Ngeblog 0.1 :

ClientLogin Authentication

As clearly stated in Blogger Data API documentation, now ClientLogin authentication can be used for both versions of Blogger. That surely makes our lives easier.

Unfortunately, previous version of Ngeblog still used BasicAuth for its authentication method, which is only valid for current version of Blogger, not for Blogger currently in beta . That’s why you need to download Ngeblog ver. 0.1 to be able to access Blogger in Beta version.

In implementation case, there’s nothing new in Ngeblog. You put some parameters (username and password) in constructor to connect to Blogger, like this:

<?php

  $username = "yourusername";
  $password = "yourpassword";

  $myblog = new Ngeblog($username,$password);
  $bloginfo = $myblog->getBlogInfo();
  print_r($bloginfo);

?>

Only now, Ngeblog will try to detect whether you’re trying to connect to current version of Blogger or beta version. And all authentication is done using Google ClientLogin method.

Multiple Blogs Shorthand

As i mentioned in previous post, Blogger allows you to have more than one blog per account, and each blog has its own Blog ID. Ngeblog supports multiple blogs access by defining which blog ID are you trying to access.

Thanks to Bill, now you don’t have to carry Blog ID in all methods like before, you just need to define it once in constructor, like this:

  $username = "yourusername";
  $password = "yourpassword";
  $blogid   = "81928938";

  $myblog = new Ngeblog($username,$password,$blogid);

then the rest of methods will assume you’re manipulating blog ID 81928938 without having to define it in all methods. For example to add new post, you just have to write something like this,

  $title   = "My Title";
  $content = "My content for this blog";

  $myblog->newPost($title,$content);

If you need to switch to another blog in the middle of your scripts, use setActiveBlog() method, like this:

  $anotherblogid  = "84748478";
  $anothertitle   = "My Title for another blog";
  $anothercontent = "My content for another blog";

  $myblog->setActiveBlog($anotherblogid);
  $myblog->newPost($anothertitle,$anothercontent);

Tester

Enough talks, if you still can’t understand what i’m talking about here, check out the tester here, i build it with Ngeblog 0.1. Just enter your username and password whether for current version or beta version of Blogger.