has switched https site wide

Today we switched the whole domain to https. In recent years more and more web sites are switching to https (the secure http protocol). You probably won’t notice the difference. However it is remarkable for us. Because we have a modular web site design, there are not a lot of changes in the code. And best of all, we can switch back to normal http at any time.

We got a big server

We  just spend a few days to assemble a server for our company to use in the next 5 years. The old one is a 1U supermicro chasis. The tag on it reads “2005″. yes it has a floppy drive on it.

existing 1U server

We are not happy that the old server does not have vast storage capability, so we bough a Norco 4224 case that can hold 24 hard drives. If we put 2T drives into each bay, we will have a total storage of 48T bytes.

Norco 4224 24-bay case

Plenty of storage for us. We are going to migrate many services to this new server in the near future.

Now the contact information can encode Unicode characters with our free QR code business card maker. Previously characters outside ISO8859-1 are filtered. Now they show up correctly.

QR Business Card with Unicode

Resumable Download at

Recently we implemented resumable download feature at our web site. Through this feature user can pause a download, and resume at any time back. This feature also supports download accelerators.

Is this a big deal? Certainly not. We used to server trial downloads in a public accessible directory and web server automatically has this feature. However, we want to our user to get *versioned* filenames, as it will be easy for our users to tell which version they downloaded. Implementing resumable downloads in a scripting language is not a trivial task.

Resumable download in Firefox

Resumable download in Firefox

Resumable Download in Internet Explorer

Resumable Download in Internet Explorer

We are currently working on an OpenID consumer implementation. We looked into the Zend_OpenID - unfortunately it did not work. We are unable to get it work with Google. The remaining choice is the excellent JanRain library.

OK, the Jan rain library is not PHP 5.3 friendly. There are several warnings if you try included consumer test. The library also requires several extensions. To start you’d better read the README first and run the detect.php under its example directory. Fortunately, those warnings are easy to deal with and I won’t repeat them here.

$path = ini_get(’include_path’);
$path = APPLICATION_PATH . ‘/../library/openid-php’ . PATH_SEPARATOR . $path;
ini_set(’include_path’, $path);

require_once "Auth/OpenID/Consumer.php";
require_once "Auth/OpenID/FileStore.php";
require_once "Auth/OpenID/SReg.php";
require_once "Auth/OpenID/PAPE.php";

class OpenidController extends Zend_Controller_Action
  public function init()
    $this->session = new Zend_Session_Namespace(’openid’);
    $this->store = $this->getFileStore();
    $this->consumer = new Auth_OpenID_Consumer($this->store);
   /** for testing only. This is not necessary as openid_identifier
  *  is captured in the URL. */
  public function indexAction() 
  public function tryAction() 
    $this->openid = $_GET['openid_identifier'];
    try {
      // Make sure the user entered something.
      if(strlen($this->openid) == 0) {
        throw new Exception(’OpenID is empty.’);

      // Try to start an openid authentication.
      $auth_request = $this->consumer->begin($this->openid);

      if(!$auth_request) {
        throw new Exception("No Auth Request");
      $sreg_request = Auth_OpenID_SRegRequest::build(
           // Required
           // Optional
           array(’fullname’, ‘email’));
      if ($sreg_request) {

       $redirect_url = $auth_request

      if (Auth_OpenID::isFailure($redirect_url)) {
        throw new Exception("Could not redirect to server: "
          . $redirect_url->message);

    } catch (Exception $e) {
      $this->view->error = $e->getMessage();

  private $session;
  private $store;
  private $consumer;
  private $openid;

  public function getFileStore() 
     * This is where the example will store its OpenID information.
     * You should change this path if you want the example store to be
     * created elsewhere.  After you’re done playing with the example
     * script, you’ll have to remove this directory manually.
    $store_path = null;
    if (function_exists(’sys_get_temp_dir’)) {
      $store_path = sys_get_temp_dir();
    else {
      if (strpos(PHP_OS, ‘WIN’) === 0) {
        $store_path = $_ENV['TMP'];
        if (!isset($store_path)) {
          $dir = ‘C:\Windows\Temp’;
      else {
        $store_path = @$_ENV['TMPDIR'];
        if (!isset($store_path)) {
          $store_path = ‘/tmp’;
    $store_path .= DIRECTORY_SEPARATOR . ‘_atlantis_openid’;
    if (!file_exists($store_path) &&
      !mkdir($store_path)) {
      print "Could not create the FileStore directory ‘$store_path’. ".
        " Please check the effective permissions.";
    $r = new Auth_OpenID_FileStore($store_path);

    return $r;
   * When the identity provider is done having their
   * moment with the user they get returned to this action.
   * Here we look at the response status codes to decide
   * to if they were authenticated or not.
  public function finishAction() 
      $return_to = $this->getReturnTo();
      $response = $this->consumer->complete($return_to);
      if($response->status == Auth_OpenID_CANCEL) {
        $this->view->error = ‘Verification cancelled.’;
      } else if ($response->status == Auth_OpenID_FAILURE) {
        $this->view->error = "OpenID authentication failed: "
          . $response->message;
      } else if ($response->status == Auth_OpenID_SUCCESS) {
        $this->view->error =  "Success";
        $auth = Zend_Auth::getInstance();
        $adapter = new Application_Model_Account_OpenIDAdapter($response->identity_url);
        $result = $auth->authenticate($adapter);
        if ($result->isValid()) {

  private function getScheme() 
    $scheme = ‘http’;
    if (isset($_SERVER['HTTPS']) and $_SERVER['HTTPS'] == ‘on’) {
      $scheme .= ’s’;
    return $scheme;

  private function getReturnTo() 
    return sprintf("%s://%s/openid/finish",
             $this->getScheme(), $_SERVER['SERVER_NAME']);

  private function getTrustRoot() 
    return sprintf("%s://%s/", $this->getScheme(),

The code starts with /openid/try action. It communicates with OpenID provider to obtain a URL that user will be redirected to. It also set the callback to /openid/finish. Note that I created class Application_Model_Account_OpenIDAdapter so that it fits Zend_Auth architecture. In reality, all it does is to write information to user account database and persist it to a storage in choice (such as session or cookie).

Overdesign case in Web UI

Today I went to a site that displays information on domains. I wanted to look at how we are doing so I entered Morovia in the search box. Quickly surprisingly I received a message

Morovia is an Invalid Extension.

difficult to understand uuuh? Obviously you have to put your full domain name - in this case, Otherwise it thinks morovia is the top domain name. But even so, why it is called “extension”? File names have extensions; while domain names have suffixes.


Nowadays smart phones are cheap. Android powered phones are around 100 dollars. It is not surprising that majority people now have smart phones - those with touch screen and have far more power than their predecessors. This phenomenon brings business opportunities that you as a business owner want to tap.

QR Code Image

QR Code Image

So what is QR Code?

A QR Code is a 2D barcode that can be scanned by smart phone’s camera. It is capable of encoding large amount of text; however most QR codes encode a few dozen characters. QR Code becomes increasingly popular because smart phones now have decoder programs that read the barcode and act on the content it reads.

So what is the big deal for that? It turns out that QR Code offers a convenient way to encode key information - such as your web site address, email and so on. A smart phone owner can capture the info to his phone by just scanning the QR Code.

You certainly want your web site gets more visits - but how? If you run a restaurant, you can print a QR Code at the bottom of receipt, or in news paper… people who are interest just scan the QR code and visit your web site.

Some more ideas:

1. QR Code on Business Card. There is a popular format called MECARD, which allows contact info to be encoded into a QR Code. A smart phone user scans the barcode and put your contact into his address book. Hey if you are in real estate agent, insurance broker or industry that you’d like everyone to remember you, QR Code is a must.

2. Product Label. If you are a manufacturer it is time to add a QR Code with your web site encoded on the product label. Customers who bought your stuff may scan the barcode and visit your web site. Even more, you can print something like - scan this QR code to get a 10% off coupon.

3. Promotions, Discounts and Coupons. The idea here is to get the user to visit your web site and receive the discount. If you just print a coupon barcode on the newspaper your web site won’t get visited. It is also easier to track users through your web site.

4. E-commerce. QR Code encodes a URL with extra parameters - and users can only see them when they scan the barcode. So you can easily offer different discounts to different audience.

QR code can encode many information: such as web site URL, E-mail address and contact info. This Morovia page lists the common usage in mobile industry. Even better, there is an online QR code generator that create QR codes for free.

If you are looking a solution to add QR Code to Word documents, we’d like to recommend Morovia’s excellent product QR Code Fonts & Encoder 5. With this word addin, creating a QRcode just takes two steps - highlight and convert; all can be done in 1 minute.

Morovia KB 10148 talks about how to use Barcode ActiveX to generate barcode images in PHP 5. Barcode ActiveX 3 has a long history in Morovia, as it was conceived in year 2003 and our first ActiveX control product.

In this article, barcode is generated first in a front end script and the image is saved to a disk file. In the backend script the image is loaded and sent to the browser. Sometimes an in-memory solution is preferred, as programers will not have to deal with file permission, clean up and possible privacy issues.

The classic ASP example, which is included in the installer package, is an in-memory solution. It utilizes ADODB.Stream object. It exports barcode images to ADODB.Stream object, then calls Response.BinaryWrite to write all the bytes out. While it looks simple, the ADODB.Stream object’s Read method does not give back a sequence of bytes as defined in PHP. It is actually a COM SafeArray packaged in VARIANT type.

try {
$objBarcode = new COM("Morovia.BarcodeActiveX");
$objBarcode->RasterImageResolution = 96; //Set the resolution to 96 dpi (screen)
$objBarcode->NarrowBarWidth = 15; //Default NarrowBarWidth 15 mils
$objBarcode->BorderStyle = 0; //No border
$objBarcode->ShowComment = false; //No comment
$objBarcode->ShowHRText = false; //No human readable text
// By default the Barcode ActiveX creates margins around the symbol. The margins are around 100 mils
// You can increase or decrease the margins by setting 4 SymbolMargin properties like
$objBarcode->SymbolMarginTop = 100;

// Retrieve input parameters through the URL query string
$objBarcode->Rotation = $_GET["rotation"];
$objBarcode->ShowHRText = (strlen($_GET["showhrtext"])==0 || $_GET['showhrtext']==0) ? 0 : 1;
$objBarcode->Symbology = $_GET["symbology"];
$objBarcode->NarrowBarWidth = $_GET['narrowbarwidth'];

$objBarcode->BarHeight = $_GET['barheight'];
$objBarcode->Message = $_GET['message'];

$objBarcode->Font->Name = “MRV OCRB I”;
$objBarcode->Font->Bold = false;
$objBarcode->ShowComment = false;

// The Stream object is available in MDAC 2.5 and above versions. You can download the most
// recent MDAC at
$objStream = new COM(”ADODB.Stream”);
$objStream->Type = adTypeBinary;

// Export the Image to Stream object.
// After transfer completes, the Position must set to 0 before Calling Response.BinaryWrite
// otherwise an “unknown type” is reported.
$objBarcode->ExportImage($objStream, imgTypePNG);

// BinaryWrite the image data to the client browser, in PHP use echo
$objStream->Position = 0;

// until we figured out how to convert a byte array in COM to PHP,
// we have to save it to a file first, then read it back to PHP.
header(’Content-Type: image/png’);
$buffer = $objStream->Read();

// Note: this does not work!

$objStream = null;
$objBarcode = null;
} catch(Exception $ex) {
header('Content-Type: text/plain');

It turns out that the solution is pretty simple - although PHP does not provide direct way to convert a COM safe array to string, it provides a way to iterate the content. Thus, we can write:

foreach ($buffer as $byte) echo chr($byte);

In the place of echo($buffer) statement. It worked.

Today I am testing the IDispatch of a COM object. The method has the following fingerprint:

[id(6)] HRESULT DataMatrixEncodeSet(
        [in] BSTR strDateToEncode,
        [in] LONG sizeID,
        [out,retval] LONG* chunks);

I was quite surprise that I got an “type mistach” error from Invoke function. My code is as below:

args[0].vt = VT_BSTR;
args[0].bstrVal = SysAllocString(L"this is data to encodeencodeencodeencodeencode");
args[1].vt = VT_I4;
args[1].lVal = 0;

dp.cArgs  = 2;   
dp.rgvarg = args;   
dp.cNamedArgs = 0;   
dp.rgdispidNamedArgs = NULL;

unsigned int uErr;
hr = disp->Invoke(dispID[0], IID_NULL, LCID_NEUTRAL,
        DISPATCH_METHOD, &dp, &vaRet, &exInfo, &uErr);

After some search, I finally found the cause: the arguments packed in DISPPARAMS must be in reverse order. In other words, the args[] array must be reversed. After I changed that, the error disappeared.

With Morovia Barcode ActiveX 3, it is easy to bulk generate barcode images. The following 10 lines of perl code just demonstrate how easy it is.

use Win32::OLE;
my $object = Win32::OLE->new(’Morovia.BarcodeActivex’, ”);
$object->{”Symbology”} = 8; #UPC-A symbology
$object->{”ShowComment”} = 0;

for(my $number=0; $number<=999; $number++)
my $text_number = sprintf(”%03d”, $number);
$object->{”message”} = “81058201″ . $text_number;

print(”exporting image $text_number.\n”);

$object->ExportImage($object->{”message”} . “.jpg”, 1);

my $result = `zip *.jpg`;

The code above generates UPC-A barcode images for numbers 81058201xxx where xxx is from 000 to 999. At the end, the code calls zip command to zip all the images files into zip.