Month: April 2016

Stardew Valley

Stardew Valley, or should I say the new Harvest Moon?

StardewModdingAPI 2016-04-14 18-26-02-39

When I first knew the game when I open twitch to watch some starcraft stream, I can’t help but get the familiar feeling with the Harvest Moon game that I play when I was a child. Well, at least without the RPG elements in Stardew Valley, I will think it is the new Harvest Moon game with the different name.

For you who never play Harvest Moon, you may don’t get any idea what this game is all about.

What Is This Game About?

Basically, this game is about farming. You can plant some plants, water them and harvest them after it matures. You can then sell, store or use them to cook some food.

You will be given basic tools at the start of the game like an axe to cut down a tree, hammer to destroy a rock, a hoe to make soil for your plant grow, a fishing rod to catch fish and a sword. You can upgrade them to increase tools effectiveness and some tree or rock can’t be cut or destroyed if your tools are not upgraded.

There are health and stamina the game. Basically, health represents your character life and can be damaged by the enemy in the game and there is stamina which will be used every time you use your tools.

If your health dropped to zero, you will pass out and after you woke up, you will lose some item in your inventory. So be careful when your health is low, you don’t want to lose some precious item don’t you?

If your stamina reaching zero, you can’t run or using any tools. This is not that bad compared to lose all your health.

To restore health and stamina, you can eat some food, rest at hot spring, or sleep. But since sleeping will advance the day, you may want to eat food or rest at hot spring instead.

But that not all you can do in this game you can craft equipment, build a building, or upgrade your house. Of course, you need to collect the resource it needs to do some crafting, build or upgrade.

And there are villagers in the game which you can interact, befriend with and even marry with some of them.

Character

Overall

I really love this game. It one solid game (not some early access buggy game), relaxing because there is no strict outcome you must reach and you can play whatever you want. There is no right way to play this game. You can waste all in-game day doing nothing or you can seriously plan and manage your activity to maximize profit. It’s up to you.

As far as I know, there is no game over in the game. So, you don’t have to be afraid of failing.

And I think it is quite balanced in the terms of activity. Since there is so much thing to do (either you choose to do it or not) each day and how long the day is.

I personally recommend you to try this game. I know the graphics are not that appealing but the game is pretty solid and if you like a simulation game, you may also like this game. And even if it already released, it still got updated and there is a future plan from the developer which will add multiplayer in the game.

And you can mod this game too.

I think this is all I can write about the game right now, don’t know what to write here since I really like the game. Thank you for reading.

Avoiding SQL Injection in PHP

Recently, I’m reviewing some web project that made using PHP. It nice website, responsive and can support both PC and mobile display. But, it seems that they didn’t keep security in mind when they develop that website.

By security, I didn’t mean that unauthorized people can access certain login-only page or something. But it seems that they still trust user input naively.

Of course, they still have some sort of validation, but it only work on username or password. I still can do some SQL injection as long as it wasn’t username and password. I can input thing like this:

And when I asked if they know that their website has this kind of vulnerability, they said they don’t know. Security is overrated huh.

But I’m amazed that they didn’t have any security issue to this day. I guess they are quite lucky.

So, how we avoid this kind of problem? I know some ways to fix this kind of issue, and they are pretty much easy to do.

Avoid Using SQL Special Char

This makes sense since the cause of this kind of issue is because user input contain SQL special char and it makes your SQL syntax bugged. You can use any validation to only allow some character to be passed like alphabet or number only. Maybe with some kind of regex validation like this:

The code above will only allow the username to be an alphabet, number, underscore or hyphen and must in 5 to 16 character length.

I think that this is what I do when I started doing web programming 7 years ago. I naturally thought that to avoid this, I just need the user to not input those problematic characters.

But even if I tell you can avoid SQL injection using this kind of method, I won’t recommend it for you to rely on it. Sometimes, you can’t really avoid inserting this special character to your database.

It’s better to use the next solution.

Using Mysql Escape String

One of the fixes you can do is using mysql_escape_string or mysql_real_escape_string, or similar function on MySqli. As far as I know, this is the most common and most known way to avoiding SQL Injection. This will let you avoiding SQL special character like apostrophe (‘) and quotation (“) mark and you can use it like this:

Now you can avoid any kind of SQL special character in your SQL syntax. The downfall using this code is that you need connection to your database server first. This can be inconvenient if you are using this method before you have connection to your database server. I have this code snippet to mimic how

I have this code snippet to mimic how mysql_real_escape_string work and avoiding special character and you can use it on your project if you want:

You can make this as global function or static method or whatever method you prefer.

There is some important thing you should know, in the previous version of PHP I don’t know which version. There is a bug in mysql_real_escape_string escape routine and it become unreliable to escaping SQL special characters.

So I recommend you using the next method for avoiding SQL Injection.

Use SQL Binding

This one is my most recommend method to avoiding any issue like SQL injection. By using SQL Binding like mysqli_stmt_bind_param, rather than replacing, escaping and securing the input string, it let you bind your input to be passed when using mysqli_prepare. And it not really that complicated too, look at the code bellow:

You just need to prepare your SQL syntax statement using mysqli_prepare and then bind them to your input variable using mysqli_stmt_bind_param.

If you use any kind of class to warp database function, you may find this method to be unimplemented because mysqli_stmt_bind_param accept dynamic number arguments but you can’t really create a method that accepts dynamic number arguments.

Fortunately, there is some kind of workaround using ReflectionClass`. which you can do it like this example code:

With the code above, you can pass many arguments with an array. You just need to define your arguments order as if they are an array, and pass it using invokeArgs.

I think that all you need to know about how to secure your website from SQL injection. One tips I want to give is that don’t trust any kind of input that inputed by the user. You don’t want to learn this the hard way.

If you have any question or feedback, feel free to write them in the comment bellow. Don’t worry, it’s free. Thank you for reading.

Generate Your PHP Documentation

In my last post, I tell you to make your code well documented, for a reason. But sometimes, making your code documented wasn’t that much help at all.

I mean, to know what your code docs, you need at least code hinting that shows docs like IntelliSense, or you must open the source code. Of course, this can be inconvenient. Especially if your IDE/Editor doesn’t have that feature at all.

In a language like PHP, it seems that I can’t find proper/perfect code hinting that can be as good as IntelliSense for C# or C++. It not something that can’t be tolerated since it will be hard to know data type in variable especially a programming language like PHP. Look at the code bellow:

This code is for loading the class file and return the instance of that class. But in general, the variable $router can hold any value, like boolean, int, float or hold nothing (null).

You, the programmer may know what the data type is, but your computer can’t really know it at least until you run the code. Because of that, it will be hard to show code hint like method or property on $router var.

That why it better to get used to reading the documentation. It doesn’t have to be reading the docs on the source code, just look at any web documentation if available. It more friendly and easy to navigate. Look at this Amazon Web Service SDK.

You don’t have to make it manually, you can generate that. As long as your documentation is written correctly, you can generate your code docs easily.

You can use any docs generator you like, but in this post, I will show you an example how to generate docs using ApiGen. Don’t worry, it pretty easy.

apigen_website

Requirements

First thing first. You need any requirements and know how to run PHAR file. If you don’t know how you can read my other post on how to run .phar files.

You can also install it using composer, but I think the easiest way to do this is using the .phar version. That why, we will be using the .phar version.

Installation

You must download the ApiGen .phar file and can be downloaded from its github repository. If you feel lazy to search for it, you can click here. It will redirect you to ApiGen github repository download section. Download the .phar file and place it anywhere you like.

Running ApiGen

Now after you get the ApiGen .phar file, just run it with parameter generate with a path to your PHP project directory and output. Like this:

Parameter -s mean that you define the source directory where your code is and -d mean that you define the output directory.

If you want to get all parameter command you can do with ApiGen, you can enter CLI command like this:

To ease the process, you can create the .bat file if you are on windows or bash script if you are on Linux. I use this to generate PHP Docs using ApiGen and I just need to insert the path to my source code and docs title, like this:

Simple right? And the .bat file I’m using look like this:

You can copy my .bat source code if you want and use it whatever you want, it nothing special.

That it for now, thank you for reading. If you have any question or feedback, feel free to write them in the comment bellow. Don’t worry, it’s free.

Make Your Code Documented People

In the last couple years, while working on collaborations projects with some companies. Working with different frameworks, people, database, and APIs.

I notice several thing that doesn’t really suit me and I consider them as ineffective or bad practice. One of them is documentation.

DocCode
PHP Documentation

Some people I work with (not all), consider it as a waste of time, no one will read it. Well, it does make sense. Just like the user manual, no one bothers to read it.

But one thing I want you, who think like this, to know this one thing.

It not just for other people. It for you too.

Even if you work on a personal project, where you just work alone. Documentation can still be useful.

Yeah, you may know inside your code well. But how long you can say the same thing? 1 month? 3 month? 1 year?

I have several personal project and most of them are more than 4 years old. I develop them when I still in high school and still maintain some of them that I still have an interest in.

And, I can say for sure. I don’t remember my own code, application flow, or architecture I use on the project. Heck, I can’t even remember the project that I did 1 month ago.

Unfortunately for us (or maybe fortunate?), our memory is limited. We can forget things. Even things that we didn’t want to forget.

Documentation can help you remember. They can act like a note for you. It may useless for other people, but it can be useful for you.

I didn’t recognize the importance of the documentation until I enter college and got more busy. And when I open my own personal project after not open it after a while, maybe like 2 or 3 months. I feel alienated. I don’t know how to modify this or that in my own project.

This may sound funny, but it can be pretty painful because you must learn it again by reading the code you make.

You are lucky if your code is easy, you can re-learn it pretty fast. If it complex one, well, it may feel like it better to make it from scratch.

Maybe in the future, it will be open source project.

I have several personal project that I make when I was in high school. And when I work on them, I didn’t even think that my project will be developed with other people.

I just make them for fun. Seriously.

Unexpectedly, it did happen. Some people think that my project is a bit interesting, and want to expand it even further.

But then I remembered that my project didn’t have documentation. I can teach them directly, face to face. But they can’t learn it or explore it without my help. Maybe they can but it will be hard.

I mean, reading your own code that has been forgotten is a bit painful. Read other people without documentation is like exploring and make a map for a maze.

Conclusion

I hope that with this post, you can understand how important documentation is.

If you are in a rush because of deadline or something. Create note in the documentation place. Like this for example:

And you can search and create it later after the deadline. At least, that what I do.

Thank you for reading. If you have any question or feedback, you can write them in the comment bellow. Have a good day!

How to Run .phar Files

Couple days ago, when I working on a web project for some developer company. They ask me if I can tell them how to create API documentation like the one I use in my own framework. By API documentation, I mean like this one

MangaReadDocs
My personal project 🙂

They know that I use apigen to generate the documentation but they don’t know how to use it since it not an executable file like exe or bat which you can just run on click.

I know there is a documentation on how to use it. In the documentation, it says that there is 2 way to run which you can do with an ease, one with composer and one with .phar. But it seems that they are not clear enough for a people that aren’t familiar with it.

In this post, I will only write about how to use .phar since it mostly pretty simple. And it’s not specifically only for apigen but you can do this with other .phar file too.

What is .phar file?

PHAR (PHP Archive) as the name suggest is an archive file which contains PHP application in single file. Usually, PHP application always has multiple files which you must copy all of them if you want to run the application.

This can be inconvenient since missing one file mean your application can’t work properly or even won’t run at all. To fix this, we can use PHAR file to combine all our PHP files into one file with extension .phar.

Different from general archive file like .rar, .zip or .7z which you must extract the file first before you can run the file inside it, you can just run your PHP application without extracting the phar file.

So, in short it will make your life easier.

Requirements

PHP

First, you must have PHP installed on your PC. If you are on windows, you can use web server package like xampp or wamp. Either way, you must have it installed and it can be used to run a PHP website.

But be careful, some people tell me that some web server can’t work or can’t recognize a .phar file.

And that all the requirement as far as I’m aware. You don’t even need the web server, as long as you can run PHP.

Running PHAR file

It’s simple, really. You just need to run your .phar file using PHP. Like this:

Yeah, just like that. Easy right?

That it for now. If you have any question or suggestion, you can ask me in the comment bellow. Have a good day!

Basic Game Math: Vector Length

In the last couple post, I write about basic Vector operation addition, subtraction, multiplication, and division. Not only that, but I also give an example of how to use them in game development. Now, in this post, I will write about Length on Vector.

Vector, as far as I know, mostly used to represent a position of some point or some object, relative to one point or another object. That mean because of how vector work, a vector has a length that you can use for calculating the distance between a point to another point for example.

But first, we need to know how to calculate vector length. It’s quite easy, really. If you know how to calculate the hypotenuse of a triangle, then this shouldn’t be that hard. See this Vector:

Vector

If you look closely, when you draw a straight line from Vector A head (head is in the arrow) to axis-x, you can get a right triangle. And with that in mind, you can calculate the hypotenuse side of the triangle which is:

length = Sqrt(a.x^2 + a.y^2)

Simple right? And you know what? You can do this for 3-dimensional vector, only add one more axis to it.

length = Sqrt(a.x^2 + a.y^2 + a.z^2)

That it?

Of course. But we don’t stop here. With that knowledge, we can calculate point distance too.

Vector Distance

You may already know this. An object in the game usually or will always have a Vector, in XY (2D) or XYZ (3D). Usually, it used to determine it’s size or position relative to center (0,0) or to the object parent. Since it has a point position, you may need to calculate the distance between 2 of them.

If you read my previous post which is about vector subtraction, you may already get the idea how to achieve this.

First, you need to calculate vector direction between two points/object, just subtract them. Second, you just need to calculate it’s length. In short:

length = Sqrt((a.x-b.x)^2 + (a.y-b.y)^2)

Small note, it doesn’t matter if the direction you calculate is from a to b or b to a, the result will still be the same because the distance is still the same even if the direction change. And you can do the same equation with 3-dimensional vector too, like this:

length = Sqrt((a.x-b.x)^2 + (a.y-b.y)^2 + (a.z-b.z)^2)

Normalized Vector

If you do a game development in unity or any public engine out here, you may already know this or at least see this, normalized vector. So what is it?

Have you ever want to move your object to some direction with a vector direction, but you want to control the distance it’s move.

Let’s say, you have this vector as direction: direction = Vector2(9, 12)

And want to move your character at position = Vector2(0, 0), you will do it like this:position = Vector2(0, 0) , you will do it like this:

position = position + direction

But since the direction length is too big which is around 15 unit in this scenario, your object will move too fast which is you probably don’t want. You need to control how much the distance it will move. For example, a car will move at 15 unit per seconds but a bicycle will only move 3 unit per seconds.

To do that, you need your direction length to grow or shrink depend on what speed you want to achieve. The easiest way is to normalize your direction and multiply it by some number.

By normalizing your vector direction, its length will change to 1 except if your direction is 0. To do that, you just need to divide your vector with its length, like this:

normalized = direction / length

And with that, you just need to multiply your direction with some number to determine it’s speed. Like this:

position = position + (normalized * speed)

If your object moves 13 unit per seconds, then set your speed to 13. If your object moves 2 unit per seconds, then set your speed to 2.

But in game, usually, you want to move it per frame to make its movement smooth. To do this you just have to change speed, instead per second, set it to per frame.

speedPerFrame = speedPerSeconds * deltaTime

Where deltaTime is your frame time. If your application runs on stable 60 fps, your deltaTime probably around 0.01666666666666666666666666666667.

In short, your equation will look like this when you want to move your object per frame:

position = position + (normalizedDirection * speed * deltaTime)

This way, your object position suppose to change smoothly.

And that it for now. If you have any question or suggestion to make, write it in the comment section bellow. Have a good day!

Basic Game Math: Vector Multiplying or Dividing

In the 2 previous post, which is about vector addition and subtraction. Right now, I will write about how to multiply or divide vector with some number (scalar). I combine them both since they are pretty easy and quite similar in the calculation and in the practical use.

By multiplying a vector with some number, you will make it’s growing or shrinking depend on how big the number is. So, if you multiply it vector with 2, then it will be twice bigger or if you divide it with 2, then it will shrink to half of it original size.Vector-Mult-Div

To multiply or divide vector with a scalar number, you just need to multiply/divide each number with your scalar number.

scaled = vector * scalar

Which can be expanded to:

scaled.x = vector.x * scalar scaled.y = vector.y * scalar

Or for dividing:

scaled = \dfrac{vector}{scalar}

Which can be expanded to:

scaled.x = \dfrac{vector.x}{scalar} scaled.y = \dfrac{vector.y}{scalar}

It will change it vector length but not the direction. So if you use you use a vector for direction only, Vector(3,4) have same direction value with Vector(9,12) since you just need the direction, not it length. But if you use your vector and it’s length like position or scale, then this definitely change the value, so be careful.Vector(9,12) since you just need the direction, not it length. But if you use your vector and it’s length like position or scale, then this definitely change the value, so be careful.

Vector For Size

Since the vector behaves like that, it can used for object size (scale), vector.x is for object width and vector.y is for object height.vector.y is for object height.

This way, you can easily change your object size, just multiply or divide it by any number you want. If you want your object to be twice as big, just multiply them with 2. If you want your object to be half size like before, just divide them with 2.

That it for vector multiplying and dividing. If you have any question or suggestion, you can write them in the comment bellow. Have a good day!

Basic Game Math: Vector Subtraction

Substracting vector, like addition vector, is basic and easy equation to do. Since you just need to subtract each axis from both vector.

c = a - b

This can be expanded to:

c.x = a.x - b.x c.y = a.y - b.y c.z = a.z - b.z

By subtracting a vector with vector, the result you get is vector direction from vec2 to vec1. See image:

Vector-Subtracts

So if you do this equation:

c = a - b

In vector c, you can get vector direction form vector B to the vector A.

And if you want to do subtraction on a 2-dimensional vector, you can do with the same equation. Except with less axis. See bellow:

c.x = a.x - b.x c.y = a.y - b.y

And one last thing. Just like usual subtraction, you can’t switch between A and B.

a - b \neq b - a

So be careful when doing a vector subtraction.

And that it for now. If you have any further question or suggestion, you can write them on the comment section bellow.

Basic Game Math: Vector Addition

Usually, this is used to move object position to other position by some vector that represents directions in game object movement. Like if you want to move the object to some direction using vector or push object to the x-axis or anything.

To do this, you just need to add both vector and the result is final position. Here’s the equation:

vec3 = vec1 + vec2

Which can be expanded to:

vec3.x = vec1.x + vec2.x vec3.y = vec1.y + vec2.y

Adding a vector is like put the tail of the second vector on the head of the first vector without changing both vector direction. See image bellow:

Vector-Additions

An easy example for that is when you want to move a game object from one vector location to another vector location. For example, you have an object that has position in vector a, let’s say Vector2(3,4). You want to move it to the right direction following a x-axis by one point (Vector2(1,0)).

finalPosition = position + direction finalPosition = Vector2(3,4) + Vector2(1,0) finalPosition = Vector2(4,4)

Easy right? And just like normal addition. There is no difference between (a+b) or (b+a).

And just like normal addition. There is no difference between (a+b) or (b+a).

For 3 dimensional vector, you can use the same equation but with an additional axis.

vec3 = vec1 + vec2 vec3.x = vec1.x + vec2.x vec3.y = vec1.y + vec2.y vec3.z = vec1.z + vec2.z

And that it for vector addition. If you have any question, you can ask on the comment bellow. Have a great day.