RegExp: Matching Balanced Parenthesis and Quotes (greedy, non-recursive)


I need to match all the text within balanced parens, single quotes, or double quotes, but don’t snag on the content within, i.e. be greedy! “Balanced” means there should be a corresponding single or double quote, but not mix them, or there should be a closing paren for each opening paren.


The match will be in capturing group #3.

In short, this regular expression uses a positive lookahead (?=...)  within the lookaround conditional  (?...)  and the backreference \2  to match the initiating character. If it is a single quote or double quote, it was contained within \2 , but if it was an open paren ( , it is not contained in a capture group and therefore it should match a close paren. In retrospect, this could be enhanced, and also needs some tweaks for JavaScript compatibility since lookaround conditionals are not supported.

Do note that this matches the beginning and ending of the string ^$ , so may require tweaking for other applications.

Test Cases

regex101 link:


These will match hello , hello world , or in some cases 'hello world  for the last test case.

Doesn’t Match:

Basic PHP Class Serialization

Just a quick brain dump regarding serializing classes in PHP. There is nothing advanced about this, and TBH I haven’t even read up on the caveats of serializing classes in PHP – perhaps a task for another day.

Judging from the string output after serializing the class, it appears that it is simply a named object. When unserializing, the class must be defined to unserialize completely, otherwise you’re stuck with an instance of __PHP_Incomplete_class. Hint: when in the same file, class definitions work just like function definitions, i.e. you can put them anywhere, before or after target code.

Notice the Fatal Error above. This example didn’t follow my instructions of having the class “X” defined. To remedy this, simply:

And now, with both PHP snippets merged into a single file, this is what the output looks like:


“Falsy” vs “Falsey” – I’m Making the Call

This is probably the most asinine blog post I’ll write, but for my sanity, it must be done.

It is spelled falsy.

Without the “e” between the “s” and the “y” – priod, th nd.

Okay. So what is Falsy anyway?

In loose-typed languages like PHP or JavaScript values can be considered Boolean false if they are '' (empty strings), the number 0 (zero), NULL, and most obviously Boolean false itself, just to name a few (in PHP an empty array is considered false, while in JavaScript it is not). It is important to note that this is only in the context of non-strict comparison, i.e. == and not  ===, and when type casting to Boolean (see PHP’s type juggling reference).

When describing a false-like value it is easier/faster to type “falsy” (or the now incorrect way of “falsey”) since it has less keystrokes, and it is easier to read due to the lack of character bloat; incidentally it also fits nicely as a variable because there is no hyphen (devil’s advocate: camelCase) and it is not a reserved word. It is important that the developer does not simply describe the value as “false” since this implies a variable of type Boolean, however using “falsy” implies a false-like value of any data type which, albeit more ambiguous in its definition, is more descriptive in its context.

Supporting Data

Let’s let the data speak for a moment. After analyzing a Google Trends chart of “falsy” vs “falsey,” the results are initially a bit misleading. “Falsey” is the clear winner at first glance, only to find that there is a name and published articles with the name “Falsey.” Considering that “falsy” is not trailing by many datapoints provides the confidence that it is in use and very applicable. Most importantly in regards to the related searches, “falsy” prevails over “falsey” which does “not [have] enough search volume to show results”: “javascript falsy” and “falsy values.”

Addition: Douglas Crockford even uses “falsy” in his writing, “The Elements of JavaScript Style.” Perhaps I didn’t need to write this post after all, but I sure hope it solidifies the answer indefinitely and provides a resource for any other concerned developers out there.

Spelling Review

I am by no means an English major, or anywhere near one, but I do have a knack for research and comprehension.

With regard to the suffixation of the letter “y” (vowel) when transforming a word, the “e” is dropped per the rules:

In the word “false,” the word ends with the vowel “e,” is preceded by the consonant “s,” and none of the exceptions are applicable.

F – A – L – S – Y

Playing Around with PHP Namespaces, Classes, and Variable Instantiation

Just needed to do some sanity checks, figure out some syntactical sugar (i.e. tricks), and test certain scenarios. I figured I’d share my findings with the world. Explanations are very light (brain dump) and embedded in the code; output follows directly. Oh, and this is a single stand-alone file.


Well, this really isn’t php://stdin, but the headline looks cool.


Yes, this time it really is stdout:


PHP + OpenSSL = RSA Shared Key Generation

OK, so I’m super excited and wanted to jot down a note about RSA shared key generation.

Drama Mama

First, I wanted to generate some PEM formatted RSA public and private key pairs. I was going to do it the risky/hard way and exec openssl commands. Using exec is not a good idea if avoidable, but I was desperate. Just to put my mind at ease, I did some quick googling and found out it is possible to do this natively in PHP if you have the openssl extension installed and configured. FANTASTIC!

Then I got the curve ball. Using openssl_pkey_get_public doesn’t work as expected: it wouldn’t take a pkey resource handler and get the public key – how deceiving! I thought the thrill was over and I’d have to resort back to exec until the all mighty Brad shed his light upon us… four years ago (doh).


Here’s the code that generates the RSA shared key and fetched the public and private keys.


Alternatively, one could call the openssl commands directly:


Chaining in PHP (Like jQuery)

This may be well known, but I found it interesting while reading this stackoverflow question. I may have read the OP incorrectly in retrospect.

Anyways, in order to chain methods like what is done in JavaScript’s jQuery each method in the class definition must return an instance of the class:

It can then be called in this fashion:

Which will output something like:

I’m sure some abstract classes and wrappers could be designed to easily integrate this as a flexible library. It would do the same thing for PHP as jQuery did for JavaScript.

ECMA-262: Breaking Out of Nested Loop Control Structures

PHP: Optional Numeric Argument for break

My first dynamic language was PHP and with that came the break statement which ends the execution of a control structure (e.g. for, while or case). It also “accepts an optional numeric argument which tells it how many nested enclosing structures are to be broken out of.” This optional argument is beneficial when there are nested loops that need to be terminated prematurely without adding extra logic and without halting the entire script execution (e.g. exit).

In the following example the second/nested for loop will be terminated during the first iteration, but the outer-most loop will execute tens times.

…but in the next example it will break out of both for loops resulting in $i never incrementing from 0 to 1.

JS/AS: LabelledStatement (TL;DR)

What about ECMAScript Languages (ECMA-262)? I struggled with the absence of this feature for languages based on the ECMA-262 standard like JavaScript and ActionScript. These languages (as far as I knew) have the break statement which works just like it does in PHP, but without the optional numeric argument. This made stopping nested control structures a PITA.

Well, maybe if I RTFM I would’ve been acquainted with the LabelledStatement Statement and saved myself the heartache. This can be observed in section 12 of the ECMA-262 Langauge Specification, Edition 5.1. Basically the syntax goes something like this:

Note “theLabelName” on lines 1 and 3. This is the bread’n’butter. All that needs to happen is to label the control structure using the standard variable naming convention and post-fix it with a semicolon (:). This becomes the “calling card” of that specific construct. Lastly, the break statement has an optional argument where the previously established label can be applied.

Further Reading

See ECMA-262 5.1 Edition ECMAScript Language Specification, §12, p86.

JSMin, Important Comments, PHP Port

I’ll make this quick.

JSMIN is a minification engine for JavaScript. It condenses the script by removing unecessary white space and comments. Well therein lies the problem: it strips out comments. Comments are important for licensing and when they’re removed, this is illegal.

After doing a split second of research I found the article “JSMin, Important Comments, and Copyright Violations” by Zoompf which talked about this issue and how to resolve it. Turns out there are “important comments” that have an added exclamation point at the beginning, e.g.:

Notice the “/*!” – that “!” is what makes it important. So the solution is to write an exception in the JSMIN lib to include the comment into the standard output. The previously mentioned article had source code showing the  change, but it wasn’t in PHP (I use the JSMIN port to PHP called “jsmin-php”). So I took a few minutes and wrote the replacement for the protected “next” function.

OK, so here’s the code. Lines of interest are 17 through 35, and don’t forget line 50. Lines 37 through 49 include the original code.

CentOS 5.8 + Apache 2.2 + PHP 5.3 + suPHP 0.7.1

So I’m a bit of a purist when it comes to CentOS administration. CentOS is built on the idea of stability and sustainability. Without the addition of extra 3rd-party repositories, it provides the bare necessities to run a reliable and secure server. Don’t get me wrong though, there are plenty of great packages out of the box (from OpenSSL, Apache, PHP to OpenLDAP, PostgreSQL and then some), but sometimes you need some heavy-duty next-gen power tools like ffmpeg, nginx, OpenVPN or suPHP. Most of these packages are not available from the “CentOS Certified” base, extras and updates repositories; in fact, you can’t get them via yum without adding a third-party repo like RPMForge.

With that said, I need suPHP for a PHP staging environment. I’m not going to talk about what suPHP is, you can read about it on your own time. Going back to me being a purist, I don’t use RPMForge repos or anything similar. I like to stick to base and extras only and since there isn’t a suPHP RPM available – I’ll have to build it myself. The proper way to do this is to build it as an RPM (Red Hat Package Manager) and install via yum from the locally built RPM, but for whatever reason I can never get myself to do it this way.

Reminder, suPHP can only use PHP CGI, not PHP CLI (so look for a php-cgi binary, not just a php one)

Download & Building suPHP from Source

Before we start, make sure you have dev tools:

We’ll also need development packages for httpd (Apache 2.2), php53 (PHP 5.3), and apr (Apache Runtime Libraries and Utilities):

Now create a working directory, download the suPHP src, configure it and build (make). Note that you need to figure out where the apr config is located, mine is at /usr/bin/apr-1-config

Configure Apache + PHP to use suPHP

I’ll admit, I relied heavily on the suPHP docs, but even then it was not 100% complete. That, and sites like this one didn’t provide any useful information – I’m mainly aggravated that they used RPMForge and did not use php53 packages. But, after some re-reading, reinterpreting and trial & error, I’m up and running… and this is how it went (starting to get tired of writing this post, this will be short and sweet):

Important Files

  • /usr/local/etc/suphp.conf (this is the core suPHP configuration)
  • /etc/httpd/conf.d/suphp.conf (this is the Apache mod_suphp configuration… needed to create this)
  • /etc/httpd/conf.d/php.conf (this is the php configuration that I had to disable)
  • /etc/httpd/conf/httpd.conf (for some of the primary virtual hosts… all my other vhosts are in separate files)

suPHP Core Configuration

/usr/local/etc/suphp.conf, I based it off of the suphp.conf-example file located in the source code’s doc directory. This is an ini-style configuration:

mod_suphp Configuration


PHP Configuration

/etc/httpd/conf.d/php.conf, just comment everything out, you don’t need it

Apache Virtual Host (vhost) Configuration

This can be set in each individual vhost if you want to override. For example:

Almost Done…

Now restart httpd:

Refresh a php page and check. If it didn’t work, re-read this post or email me (contact info in my resume) and I won’t help, but i’ll refine this post and provide more information.

MaxMind GeoIP + PHP PECL


Getting around to writing a geo IP look-up script and needed to leverage maxmind’s geoip database. First things first, get the geoip lib installed and ready to go or else the dat file isn’t going to do me any good.

Initial Setup: First Try

At first I went with the PEAR route just because it wouldn’t require make installing’ing any dynamic PHP extensions (.so). Went to do a pear update-channels for the first time and got a boat load of eregi errors – off to a great start. Turns out CentOS 5.7 php53 (php 5.3.3) package w/ php-pear is not compatible – bastards! RedHat has an update available but is only available to their customers which doesn’t include me (since i go the free route of  centos). Did some extra googling and found this: php-pear-1.4.9-8.el5.noarch.rpm.html (version 8.el5 versus centos 5.7’s native version 6.el5). Did a little wget magic followed by a yum install <path to package> and ta-da, no more eregi errors. Did a pear install Net_GeoIP and it worked too.

After all that hard work and fidgeting around, I read this little line on MaxMind’s website:

PHP Extension on PECL
Download a PHP extension that allows you to embed the GeoIP C Library inside PHP for improved performance. There is a new fork with a more complete implementation.

Crap! I love good performance and I’d take a compiled lib over an interpreted one any day. PEAR headache: all for naught. Proceeded with a pear uninstall Net_GeoIP, then cried for a half an hour since i just wasted 15 minutes (for a total of 45 man minutes wasted, yes).

Next stop, PECL.

Initial Setup: Second Try (start tl;dr)

  1. Started with a pecl update-channels, and all went well. That’s a first.
  2. pecl search geoip – got results, sweet.
  3. pecl install geoip… got through maybe 40 lines of the ./configure and it bombed, can’t find a valid compiler
  4. no worries, do a little yum groupinstall “Development Tools” and now I’ve got a C compiler (as well as automake and a few other required tools)
  5. pecl install geoip… configure bombs again, this time I’m missing the geoip linux packages, and at this point i’m thinking, “how many friggin dependencies are there?” holy overhead batman.
  6. yum install geoip-devel, wait, no,yum install GeoIP-devel since yum is case sensitive – this gets me everything i need.
  7. 3rd times a charm: pecl install geoip – install completes, tells me to add “” so I do like the robot I am, doing what a linux prompt tells me to do.
  8. service httpd restart – cycling apache allows for the geoip section to appear in the phpinfo() call, not sure why this is (more mysteries!)

OK, I got the libs installed and the commands are asking for me to call them.

Installing the MaxMind database

  1. mkdir /usr/share/geoip
  2. wget and extract geoip db to /usr/share/geoip (
  3. chmod -R 755 /usr/share/geoip
  4. nano /etc/php.ini
  5. add a [geoip] config section:

  1. service httpd restart
  2. check the phpinfo() for custom_directory
Let the scripting begin. I’ll stop writing now; from this point forward it’s all about RTFM (link below…)