NCweb, serve static website content from Nextcloud

NCweb is a reasonably small (ish) PHP “application” that will allow you to expose a given folder of a Nextcloud instance and serve documents from it as if it would have been a regular website. The folder does not have to be shared in Nextcloud. You can serve .html (HTML) or .md (Markdown) files. NCweb can be configured to render Markdown files to HTML.

Get it from Github here:

WordPress Plugin Stopsign 1.0.0

Using the APIs over at can yield some quite useful results. I needed to be able to display the commute stop departure times for public transport in a given place, so I wrote this WordPress plugin called Stopsign. It uses the API. The plugin is free (GPLv2) and open source.

Knock yourself out:

SwiftMailer 5, PHP5, and ISO-8859-15

I’ve been using SwiftMailer for as long as I can remember because it’s, IMHO, a great library and far more logical than PHPMailer and “others”. While maintaining a PHP5 codebase for a rather large project, I ran into an issue while using ISO-8859-15 encoded data. Most people won’t care about ISO-8859-15 over ISO-8859-1 (“Latin1”), but since I live in Europe, I prefer to have support for the €uro character πŸ™‚

To make a long story short, if you need SwiftMailer 5 to properly handle ISO-8859-15, look for a line in “MimePart.php” that looks like this:

if (!in_array($charset, array('utf-8', 'iso-8859-1', ''))) {

and change it to this:

if (!in_array($charset, array('utf-8', 'iso-8859-15', 'iso-8859-1', ''))) {

(Yes, the project will move to a PHP7 codebase at some not so distant point in the future.)

Lightbox for Bootstrap 4 and jQuery

Lightbox (or “image preview”) functionality for Bootstrap 4 without additional libraries (apart from jQuery).

Written by Joaquim Homrighausen <>

Do as you wish with this πŸ™‚

This is the Javascript/jQuery code for the Bootstrap 4 modal. You don’t have to use jQuery to accomplish this obviously.

$(document).ready(function($) {

  $(".xslightbox").click(function () {
    if ($(this).attr("data-message") != "undefined") {
      document.getElementById("lightbox_target").src = "";
      document.getElementById("lightbox_target").src = $(this).attr("data-message");
    if ($(this).attr("data-title") != "undefined") {
      document.getElementById("lightbox_title").innerText = $(this).attr("data-title");
  /* This will focus the close button, but you don't really need to do this or
     have a close button for that matter since Bootstrap will close the modal
     if you click outside the modal or - in this case - press the Esc key */
  $("#xslightmodal").on("", function () {


This is the HTML for the Bootstrap 4 modal. You can style it any which way you want. The key to getting the image to behave as you want it (i.e. to make the image responsive) is adding the “img-fluid” class to the img tag.

You can add the “fade” class to the modal if you want it to be “animated”.

<div class="modal" id="xslightmodal" tabindex="-1" role="dialog" aria-hidden="true" data-keyboard="true">
  <div class="modal-dialog modal-dialog-centered" role="document">
    <div class="modal-content bg-light">
      <div class="modal-header">
        <div class="modal-title text-lowercase text-monospace small" id="lightbox_title">
      <div class="modal-body text-center">
        <img id="lightbox_target" class="img-fluid border border-secondary rounded" />
      <div class="modal-footer">
        <button type="button" tabindex="-1" id="lightbox_close" class="btn btn-primary btn-sm" data-dismiss="modal">'.

And then, to use the lightbox, you need:

<a class="xslightbox" title="Preview me"
   data-title="Name of image">Preview</a>

This is also available as a gist on GitHub. Knock yourself out πŸ™‚

Simple password construct validator for PHP

 * Simple password construct validator for PHP 
 * Joaquim Homrighausen <>
 * May 30, 2019 
 * Do whatever you want with this snippet :) 
 * This may not necessarily agree with the section
 * "Strength of Memorized Secrets" in the document
 * from NIST:
 * NIST Special Publication 800-63B 
 * Digital Identity Guidelines 
 * Authentication and Lifecycle Management 

function password_check_construct ($pstr, $min_length = 8)
  //Setup pattern and stuff minimum requested length into it
  if ($min_length < 4) {
    //We need at least four characters to satisfy our regexp
    $min_length = 4;

  $match_rules = '/^(?=.{'.(int)$min_length.',})(?=.*[a-z])(?=.*[0-9])(?=.*[A-Z])(?=.*[[:punct:]]).*$/';

  //Require at least one a-z, one A-z, one 0-9, and one punctuation/special character
  if (preg_match ($match_rules, $pstr) === 1) {
    return (true);
  return (false);

This is also available as a gist on GitHub. Knock yourself out πŸ™‚

Setting PHP.INI path (or file) for PHP CLI shell scripts

Running a PHP script from the command-line, or CLI, is quite useful at times and is often used to perform some automated task, like a CRON cleanup script, to send out reminders, etc.

It’s common that these CLI scripts need some, but possibly not all, settings that are similar to the main application’s. I may, for example want to include the database configuration settings shared with the main application. So I often create a separate php.ini file for this purpose.

Running /usr/bin/php -c /my/very/special/path cronScript.php is simple enough, but what if I want to be able to create an “executable” PHP shell script? The obvious answer would be something like:

#!/usr/bin/php -c /my/very/special/path

at the top of the .php file, followed by my PHP code, right? Except that may not do what you want. I could not get the PHP interpreter to load anything in /my/very/special/path by using the above construct, even if it works from the actual command-line. After banging my head against the wall for a while, this turns out to work for these “shell scripts”:

#!/usr/bin/php -c=/my/very/special/path

Note the use of the = (equal) sign between the -c and the path (or file).

Carry on.

PHP is_numeric () fails WordPress version string check

This is, perhaps, obvious to most PHP developers. But it came somewhat as a surprise to me.

Using is_numeric () for validating a WordPress version string, such as ‘4.7’, does not seem to work very well when WordPress introduces minor releases such as ‘4.7.1’.

Since I cannot be bothered to figure out why it behaves in this (erratic, IMHO) way, I have since replaced the call to is_numeric () with a small function using a simple regular expression (regexp):

    function wpVersionStringCheck ($vs)                                                                                                 
        return (preg_match ('/^(\d+\.)+\d+$/', $vs));                                                                                   

I’m sure there is a hole in there somewhere, but on the following strings at least, it gives me the desired result:

1.0 is valid
1.0. is invalid
1.0.1 is valid
1.banana.0 is invalid

jQueryMobile or “Mobile site” selection sets

Using jQueryMobile for a fairly lightweight “mobile site”, I wonder what all you experts say about selection sets. A (long) list of countries for example. To prevent excessive delays, I now split country selection in two screens. The first one shows A-Γ– (A-Z for you English-speaking people), if I tap on B, the next screen shows a list of countries starting with B. Hitting the back button brings me back to A-Γ– (A-Z), selecting a country takes me to.

It feels right, and it doesn’t transfer massive amounts of data that a) isn’t used half of the time, and b) doesn’t take time to render on slower mobile devices.

I’m not too concerned with database performance on the server for this particular selection set since the SQL query is static and resides in the cache 99.5% of the time.

Application event tracker (or really simple debugging) for PHP

DISCLAIMER: There’s nothing revolutionary with what you are about to read, should you continue πŸ™‚ This is simply something I did to avoid having to use a debugger where using a debugger wasn’t practical; and also to avoid having to emit “debug output” throughout the application. There are a number of ways to accomplish this, and many people have done it before me. What I describe here works for me. If you break it, you own all the pieces, be it thirteen or four.

The problem, that I had, was to track the progress of an application that did some heavy data processing. During the processing, a number of things could go wrong. It didn’t necessarily have to terminate the application (I don’t like the good old tits up-method of ending a PHP-script, i.e. “die (‘Error’);”), but I needed to track a number of variables and states throughout the execution of the script.

Using “echo ‘The value of x=’.$x” constructs works for really small implementations. It’s a proven “debugging” method and has been used for a long time in the history of computer programming (well, something similar to that construct anyway, considering PHP hasn’t been along for that long).

I have a base class, upon which I base all other classes. If you don’t have one, simply derive the class you want to debug from the code that follows. Also, please note, this method can be extended in a zillion (possibly more) ways. My example doesn’t quite reflect my actual implementation, but it should give you an idea of where this is going.

The class (tested with PHP 5):

[php] class ezPHPdebug {
protected //We do this to avoid non-derived external modification
$__rBuf;//Recording buffer

function __construct ()
$this->rBufReset ();//Clear recording buffer

function __destruct ()
{ }

function rBufRecord ($s)
$this->__rBuf .= $s . “\n”;

function rBufReset ()
$this->__rBuf = ”;

function rBufRead ($forHtml)
if ($forHtml)
return (nl2br ($this->__rBuf));
return ($this->__rBuf);


Nothing to it, right? Alright, let’s say we create an example class that uses this “debugger”.

[php] class myClass extends ezPHPdebug {
function __construct ()
parent::__construct ();

function __destruct ()
parent::__destruct ();

function doSomethingImportant ($x)
$this->rBufRecord (‘{doSomethingImportant}’);
$this->rBufRecord (‘x=’.$x);
echo ‘Hello, this is a cool function, it does nothing.’;
echo ‘Oh yes, I forgot, $x is ‘.$x.’
$this->rBufRecord (‘{/doSomethingImportant}’);

function doSomethingElseImportant ($x)
$this->rBufRecord (‘{doSomethingElseImportant}’);
$this->rBufRecord (‘x=’.$x);
echo ‘Hello, this is an uncool function, it does something.’;
echo ‘Oh yes, I forgot, $x is ‘.$x.’
$this->rBufRecord (‘{/doSomethingElseImportant}’);


This is (obviously) a very simplified way of using the “debugger” class, but it’ll do the job for now.

Now, in the “application” or “main” script, we do something like:

[php] $r = new myClass ();
$r->doSomethingImportant (‘This is a string’);
$r->doSomethingElseImportant (1024);

What does this do? Nothing much .. it’ll call the two methods (in myClass), which outputs some data and that’s it. But, what if we wanted to know what happened inside the class (myClass).. well, do this:

[php] $r = new myClass ();
$r->doSomethingImportant (‘This is a string’);
$r->doSomethingElseImportant (1024);
echo ‘TRACKER: ‘.$r->rBufRead (true);

This will output the same thing as the first example, plus an additional debug output.

By “recording” entry and exit names, we clearly show that we’re in a function (and that we’re not).

One could add automated timestamping to this, by forcing a timestamp to be inserted each time a line is “recorded”.
Another possible extension is of course to do logging directly to a file or a database; but part of the beauty (IMHO) of the in-memory tracker is that I can output the debug output in one go, and determine when I want to see it.