PHP: Generate XLS (Excell Spreadsheet)

If you ever need to generate an XLS (Excell Spreadsheet) from PHP, the following function will let you easily accomplish this. This is adapted from code I found online, but I think my function is a lot easier to use since you just pass in an associative array of data. The aforementioned site did not cite any source, so if you are the author of the original xls functions leave a comment and I’ll give you a cookie.

function arrayToXls($input) {
    // BoF
    $ret = pack('ssssss', 0x809, 0x8, 0x0, 0x10, 0x0, 0x0);

    // array_values is used to ensure that the array is numerically indexed
    foreach (array_values($input) as $lineNumber => $row) {
        foreach (array_values($row) as $colNumber => $data) {
            if (is_numeric($data)) {
                // number, store as such
                $ret .= pack('sssssd', 0x203, 14, $lineNumber, $colNumber, 0x0, $data);
            } else {
                // everything else store as string
                $len = strlen($data);
                $ret .= pack('ssssss', 0x204, 8 + $len, $lineNumber, $colNumber, 0x0, $len) . $data;
            }
        }
    }

    //EoF
    $ret .= pack('ss', 0x0A, 0x00);

    return $ret;
}

A quick example of how to use it:

$input = array(
    array('Step', 'Action'),
    array(1, 'Collect Underpants'),
    array(2, '?'),
    array(3, 'Profit')
);

file_put_contents('lawl.xls', arrayToXls($input));

Some Common Courtesy Please

While eating at CiCi’s Buffet the other day, I decided to finish off my meal with a cinnamon roll. Since there were not any out on the buffet at the moment, I waited patiently, knowing that they were probably in the process of preparing more. Lowe and behold, a few minutes later, a fresh pile of delicious rolls was added to the buffet.

Before they had even put the tongs back on the buffet, a line of people had formed, waiting to get their fresh dessert. Not being a fan of crowds, lines, or people in general, I again waited for the line to dissipate. To my horror, when the crowd was gone, so were the rolls! Looking at the plates of the people walking back to their tables, I saw no less than 6 cinnamon rolls on each plate.

WTF

Haven’t these people heard of diabetes? Forget their health, that’s their problem. What ever happened to common courtesy? If there is a line of people there, waiting to get some why would you overindulge like that? It was downright rude. I don’t know if all the people who were even in line got a piece, much less myself, who was calmly waiting my turn. Instead of enjoying my dessert, I had to sit there and wait–staring longingly at the empty serving plate–for like 8 minutes, a long time to just sit there and stare at nothing.

Determined not to be deterred next time, I joined the line of people waiting when the next batch was near readiness. I took two rolls. Some of the same people went back up to the buffet, and came away again with large piles of diabetes; no wonder type 2 diabetes has quadrupled in the last decade (https://www.caremark.com/wps/portal/HEALTH_RESOURCES?topic=type2kids).

Health concerns aside, at least have some common courtesy when you visit a buffet. If there is an item in demand on the buffet, don’t take them all for yourself. It is not a race, and I promise that a new batch will be ready again before you know it.

Law, Order, and the Criminals

After years of watching Law & Order, CSI, and dozens of other crime dramas, my perception of anyone who has been in prison has been skewed. Each week, after the most evil of offenders is finally brought to justice, my stereotype of those below the law grows darker. Everybody in prison is an evil, heartless person who deserves to be locked up with the key thrown away.

A recent news item has brought me out of Hollywood (or Cable-Drama-Production-World; Hollywood is more for movies) and back into real life, if only for a moment. A surveillance camera captured a prisoner attacking a guard (watch it here). What makes this story special is the fact that the guard was saved by other inmates.

As you can see in the video, one person of incarcerated nature attacks the guard and puts him in a choke-hold. After a few seconds, another inmate comes flying into the scene, busting the attacker in the side of the head. Several more orange jumpsuits swarm the scene, pulling the attacker off of the guard while one grabs a radio and calls for help

After watching this (and talking about it around the water cooler (not literally) at work) I came to the conclusion that prisoners are people the same as you and I. And some of them might even have morals and a conscience, too. Perhaps they were faced with situations I have never had to face, and have had to make tough decisions. I have never been in a gang, but I also never grew up in a gang territory.

This doesn’t excuse the decisions that they have made, and it does not mean that their environment is completely responsible for the way they turned out in life. What it does mean is that prison should be more than a place where people are sent to be punished – it should be a place that rehabilitates people. When an inmate leaves prison, he/she should have learned the error of their way and emerge a changed person. And after this transformation takes place, they should be welcomed back into society.

Now that’s not to say that everybody will change. And I don’t even know what the best way to accomplish this change – it is easy for me to stand up on my soap box and say that this is the way it should work, but not actually provide a plan for accomplishing it. But for me, at least, next time I meet a former inmate I hope to do it with as little bias and mistrust as possible. As small a gesture as that is, perhaps it will mean something to someone trying to find their place in society.

Give Me My Passwords Back

While filling out my wife’s FAFSA, I was asked to enter a password in case I decided to save my progress and come back later. However, beside the password entry box was the dreaded limitation: 4 to 8 characters.

This limitation of 4 to 8 characters eliminates all of the passwords I routinely use, which means that once again I would have to come up with a new password for a new web account. Now, FAFSA is probably not the best example, since it should probably have its own password anyway – financial institutions should always have a unique, strong password.

Most other websites I visit, however, do not warrant a unique password; I have neither the memory to remember them all nor the will to try. When a website comes up that demands I create an account but impose password limits that eliminate my common passwords, I facepalm. Then I usually just leave the site.

The biggest reason for my annoyance at this is the face that it is completely unnecessary – when a password is entered into a website it should always be stored as a hash. For those of you who are not programmers, ‘hashing’ a password is a method of turning your password into a series of letters and numbers. You can go from a password to a hash, but you cannot reverse the process – once you create a hash of a password you can not (easily) get the original password back.

This is an excellent security measure – if the database containing user names / passwords is ever compromised, the attacker will not have a simple list of usernames and the corresponding password. More relevant to this rant is the fact that hashes are the same length, no matter what the password is – so why limit how long my password can be?

If you limit my password length, I assume that the password is not being hashed. If it was, why impose a limit, since you will have to store the same amount of data no matter what the password is? Just let me use one of my ‘throw-away’ passwords – passwords I use for the accounts I would not be terribly hurt if they were compromised. Honestly, I’m not going to make up a new password for every account on every website that I visit. It would be nice if more websites used a common authentication service, but thats an article for another time.

---

Technical Note: What I said above about hash functions being one-way is true; there is no method you can apply to a hash to get the original data (in this case, password) back. However, there are techniques for finding this out anyway. Hash functions can be brute-forced – that is, you can generate the hash for every possible password, and when you find a hash that matches you have a possible password match.

Hash functions are many-to-one functions; that means that many passwords will give you the same hash. Brute force methods could just give you a ‘collision’ – it may or may not be the original data, but it has the same hash and thus can be used as a substitute for the original data.