Archive for July, 2008

Interface translation in symfony - tool for teams

Wednesday, July 16th, 2008

I mentioned in my previous post how we decouple the translation dictionary completely from the source so that a change in any text does not affect the templates. That has helped us a lot in several large projects.

Another issue which we frequently encountered when multiple people worked on the same project is conflicting and merging of the dictionary files. Since these files have sequential numbers in each <trans-unit> block, if multiple people want to add translations, these suquential numbers almost overlap and have to be rewritten manually while checking in.

So we decided to generate these symfony interface translation dictionary files using a script. So here’s what we do:

  •  put the translations in a properties file: Create one properties file for each language. So for English we create “translations.en.properties”. This has translations like:

USERNAME_LABEL=Username
PASSWORD_LABEL=Password

This ensures that even when multiple people add translations to these files (using a source control like CVS or SVN) there are no issues.

  • Also put the following file createXML.php in the same i18b folder.   
  • Now you can simply call this script from the command prompt to generate the xml dictionary.

php createXML.php > messages.en.xml

That was pretty simple to do. There are some enhancements this requires, like it should by itself generate all translation files based on the properties files available. But thats for when i get more time to work on it.

Posted in symfony, Tech Tips | No Comments »

Passwords in clear text

Friday, July 4th, 2008

I just received a newsletter from a social network site (brijj.com) and was surprised how they had embedded my username and password in clear text. It speaks volumes on how seriously they take security. I think when storing passwords all sites should go by few rules:

  • Do not store passwords in cleartext. Never ever.
  • Use any encryption technology, preferable a 1-way hash so that nobody can decipher the password.
  • If you break the above rules, which several sites do, at least do not send out passwords in emails without being asked for. That’s the worst you can do.

Everyone should realize that people tend to use same passwords for several sites and accounts so sending out passwords in clear text not only compromises the user’s account at your site but possibly at other places as well.

Posted in software, Tech Tips | No Comments »