Another UIUC talk

slides/intro/people10.xml

@@ -0,0 +1,57 @@
+<slide title="People Map">
+
+<break lines="1" />
+<blurb fontsize="6em">
+Login Javascript
+</blurb>
+
+<example result="0" marginright="1em" fontsize="1.5" type="javascript"><![CDATA[var logged_in = <?php echo $logged_in ? 'true' : 'false'?>;
+
+var setCookie = function(cookieName,cookieValue, expire) {
+  var today = new Date();
+  var expire = new Date();
+  if(expire) {
+    expire.setTime(today.getTime() + 3600000*24*7);
+    document.cookie = cookieName+"="+escape(cookieValue) + ";expires="+expire.toGMTString();
+  } else {
+    document.cookie = cookieName+"="+escape(cookieValue);
+  }
+}
+
+var getCookie = function(name) {
+  var start = document.cookie.indexOf( name + "=" );
+  var len = start + name.length + 1;
+  if ((!start) && (name != document.cookie.substring(0, name.length))) {
+    return null;
+  }
+  if (start == -1) return null;
+  var end = document.cookie.indexOf(";", len);
+  if (end==-1) end = document.cookie.length;
+  return unescape( document.cookie.substring( len, end ) );
+}
+
+var addToken = function(token) {
+  var t = document.createElement('input');
+  t.type ='hidden'; t.name='token'; t.value=token;
+  document.getElementById('addUserForm').appendChild(t);
+}
+
+var handleLoginSuccess = function(o) {
+  var resp = eval('(' + o.responseText + ')');
+  if(resp.status) {
+    setCookie('id', resp.id, 1);
+    setCookie('auth', resp.auth, 1);
+    setCookie('token', resp.token, 0);
+    addToken(resp.token);
+    oAdd.set("disabled", false); //enable Add
+    oLogin.set("disabled", true); //disable Login
+  } else {
+    alert("Login failed");
+  }
+};
+
+if(logged_in) {
+  addToken(getCookie('token'));
+}]]></example>
+
+</slide>

slides/intro/people9.xml

@@ -0,0 +1,62 @@
+<slide title="People Map">
+
+<break lines="1" />
+<blurb fontsize="6em">
+Backend code for login and XSRF prevention
+</blurb>
+
+<example result="0" marginright="1em" fontsize="1.5" type="javascript"><![CDATA[<?php
+$logged_in = session_check();
+
+$token = null;
+if(isset($_POST['token'])) $token = $_POST['token'];
+else if(isset($_GET['token'])) $token = $_GET['token'];
+
+function auth_check() {
+  global $token, $server_secret;
+  if(!$token || $_COOKIE['token'] != $token) {
+    echo "Token mismatch";
+    exit;
+  }
+  if(!$_COOKIE['auth'] || $_COOKIE['auth'] != sha1($server_secret.$_COOKIE['id'])) {
+    echo "Auth mismatch";
+    exit;
+  }
+}
+
+function session_check() {
+  global $server_secret;
+  if($_COOKIE['auth'] && $_COOKIE['id'] && $_COOKIE['auth'] == sha1($server_secret.$_COOKIE['id'])) {
+    SetCookie('token', sha1($auth.rand()));
+    return 1;
+  }
+  return 0;
+}
+?>]]></example>
+
+<example result="0" marginright="1em" fontsize="1.5" type="javascript"><![CDATA[<?php
+  case 'add':
+    auth_check();
+    $id = $people->insert($_REQUEST);
+    $record = $people->load($id);
+    echo json_encode(array('people'=>$record));
+    break;
+
+  case 'modify':
+    auth_check();
+    $people->modify($_REQUEST);
+    echo json_encode(array('status'=>'Modified'));
+    break;
+
+  case 'login':
+    if(!empty($users[$_POST['id']]) && $users[$_POST['id']]==sha1($_POST['pwd'])) {
+      $auth = sha1($server_secret.$_POST['id']);
+      $xsrf_token = sha1($auth.rand());
+      echo json_encode(array('status'=>1, 'id'=>$_POST['id'], 'auth'=>$auth, 'token'=>$xsrf_token));
+    } else {
+      echo json_encode(array('status'=>0));
+    }
+    break;
+?>]]></example>
+
+</slide>

uiuc2.xml

@@ -14,7 +14,7 @@ This talk will explore recent PHP development and apply it to the three key word
 -->
 
 <topic>PHP</topic>
-<title>Bigger and Faster</title>
+<title>Performance &amp; Security</title>
 <event>Yahoo! visit to UIUC</event>
 <location>Champaign, IL</location>
 <date>Oct 10, 2007</date>

uiuc3.xml

@@ -0,0 +1,54 @@
+<presentation 
+    template="php2" 
+    navmode="html"
+    titlecolor="#1111aa"
+    navbarbackground="url(images/trans-ffffff.png)"
+    logo1="images/php-med-trans-light.gif"
+    titlesize="2em"
+    navbarheight="4.1em"
+>
+
+<topic>PHP</topic>
+<title>PHP/YUI</title>
+<subtitle>You got Javascript in my PHP! And...</subtitle>
+<location>Champaign, IL</location>
+<date>Oct 10, 2007</date>
+<speaker>Rasmus Lerdorf</speaker>
+<url>http://talks.php.net/show/uiuc3</url>
+
+<slide>slides/intro/titlepage.xml</slide>
+
+<slide>slides/intro/php_yui1.xml</slide>
+<slide>slides/intro/phpjs_learn.xml</slide>
+<slide>slides/intro/sx.xml</slide>
+<slide>slides/intro/rss_flickr.xml</slide>
+
+<slide>slides/intro/php_js1.xml</slide>
+<slide>slides/intro/php_js2.xml</slide>
+
+<slide>slides/intro/php_yui2.xml</slide>
+<slide>slides/intro/php_yui3.xml</slide>
+<slide>slides/intro/php_yui4.xml</slide>
+<slide>slides/intro/php_yui5.xml</slide>
+
+<slide>slides/intro/yajax.xml</slide>
+
+<slide>slides/intro/people1.xml</slide>
+<slide>slides/intro/people2.xml</slide>
+<slide>slides/intro/people3.xml</slide>
+<slide>slides/intro/people4.xml</slide>
+<slide>slides/intro/people5.xml</slide>
+<slide>slides/intro/people6.xml</slide>
+<slide>slides/intro/people7.xml</slide>
+<slide>slides/intro/people8.xml</slide>
+<slide>slides/intro/people9.xml</slide>
+<slide>slides/intro/people10.xml</slide>
+<slide>slides/intro/db_layer1.xml</slide>
+<slide>slides/intro/db_layer2.xml</slide>
+<slide>slides/intro/db_layer3.xml</slide>
+<slide>slides/intro/db_layer4.xml</slide>
+<slide>slides/intro/db_layer5.xml</slide>
+
+<slide>slides/intro/uiucref.xml</slide>
+
+</presentation>