See What I Mean?

Let me show you exactly what I’m talking about using some screen shots I took of my own application.

These first two screen shots show the index page and post page of my news application:

(At the moment, nothing is posted on the index page.)

(A typical form allows the user to post a new news article…)

When we post a new news article, the typical Cake method is to display a flash message on a separate page, forcing the user to temporally leave your application. This method is distracting for the user and makes your application feel broken up. (To return to the news index page, the user is forced to click the “Your post has been saved” message.)

Instead of the above method, let’s use the same messages in a Web 2.0 fashion. After a news article is posted, we can automatically redirect the user back to the index page AND display the message on the same page:

See what I mean? Allow me to show you how it’s done…

Configure Your Layout

In order to display the awesome-web-2.0-styled messages, we need to add a line of code to your app/views/layouts/default.thtml page, above the code which displays your layout content:

<?php
   if ($session->check('Message.flash')): $session->flash(); endif; // this line displays our flash messages
   echo $content_for_layout;
?>

Configure Your Controller

Next comes the line you must add to your app/controllers/news_controller.php controller to display your message and redirect your user to a particular page:

function add() {
...
   if ($this->News->save($this->data)) {
      $this->Session->setFlash('Your post has been saved.');
      $this->redirect('/news/index');
      //$this->flash('The News has been saved', '/news/index'); // this was the old way of doing things... yuck
   }
}

All Done!

Now when a flash message is displayed, it’ll be placed in a div (directly above the layout content) for easy style manipulation:

<div id="flashMessage" class="message">Your post has been saved.</div>

Easy as cake. If you have any questions or suggestions, please post.

If you're finding that executing this:
<?php echo $html->formTag('/' . $params['url']['url'], 'post', array('enctype' => 'multipart/form-data')); ?>
	<?php echo $html->input('Test/title'); ?>
	<?php echo $html->file('Test/file'); ?>
	<?php echo $html->submit('Save'); ?>
</form>

... returns something like this:
$this->data:Array
(
    [Test] => Array
        (
            [title] => Foo
            [file] => 4tmp/phpHGSjDA
        )
)

... instead of something like this:
$this->data:Array
(
    [Test] => Array
        (
            [title] => Foo
            [file] => Array
                (
                    [name] => aeo.jpg
                    [type] => image/jpeg
                    [tmp_name] => /tmp/phppM8tfc
                    [error] => 0
                    [size] => 45471
                )
        )
)

... then you must be as annoyed as I am.

The reason why the file form field is returning the tmp name is because CakePHP expects register_globals is OFF.

Solution One

Turn off register_globals via .htaccess:

#/app/webroot/.htaccess
php_flag register_globals off

Solution Two

Manually write your HTML form fields without using an input array:

-- do this --
<input type="file" name="file" />
-- not this --
<?php echo $html->file('Test/file'); ?> // will output: <input type="file" name="data[Test][test]" />

Solution two is a slight pain in the ass, because now that you’ve eliminated the array within the form input field, you need to do a little extra work in your CakePHP controller. (If there’s a demand, I’ll give some examples.)

Hopefully this’ll clear up Cake’s messhole.

The method most spammers use is called a “mail injection”, in that the spammer manipulats the PHP mail() function via a custom form post, etc. I won’t go into details, as a quick search on Google came up with over 225,000 pages describing this technique – here are a few.

Getting around these hacks requires detailed validation of your data.Thankfully I’ve done everything for you using the best PHP email class around, PHPMailer. My class is called SendMail and it’s an extension of the PHPMailer class. The result is a powerful script capable of sending email via SMTP or POP3, all without handing over your server to a toothless spammer.

The SendMail class has been updated. Please view the updates before commenting.

Download The SendMail Class

Click the link to download the SendMail class and continue reading to learn how to use it.
Download the SendMail class

Setup

Setting up the SendMail class is easy-peezie. Simply include the required SendMail variables and call the send() function to send emails:

<?php
require("inc/class.sendmail.php");

if($_POST){
    $mail = new SendMail;

    $mail->authHosts = array("domain.com");

    $mail->addEmail("name@person.com","Name",);
    $mail->addEmail("name2@person.com","Name2");

    $mail->subject($_POST['subject']);
    $mail->body($_POST['body']);

    $mail->fromName($_POST['from_name']);
    $mail->fromEmail($_POST['from_email']);

    $result = $mail->send();

    if (!$result){
        if(!empty($mail->errors)) {
            $mail->displayErrors($mail->errors,'ol');
        }
    exit();
    }
}

echo "Message was sent successfully";
?>

<form method="post" action="<?=$_SERVER['PHP_SELF']?>">
    <input type="text" name="from_email" value="people@info.com" /><br />
    <input type="text" name="from_name" value="People" /><br />
    <input type="text" name="subject" value="This is a subject" />
    <input type="text" name="body" value="Email body goes here." />
    <input type="submit" value="Submit" />
</form>

For further security, you may implement the authHosts variable as highlighted above. The authHosts array specifies what domains are allowed to send $_POST data. Any domains not listed that attempted to contact the script via $_POST will get a 403 (permission denied) error.

Further Configuration

If you need to specify an SMTP host, username, and password, include each variable before calling the send() function. You may also specify the charset and select whether or not HTML should be used in the email by using the respective code below:

...
$mail = new SendMail;

if($_POST) {

    $mail = new SendMail;

    $mail->authHosts = array("domain.com");

    $mail->host = 'mail.domain.com';
    $mail->username = 'root';
    $mail->password = 'pass123';

    $mail->charset = 'utf-8';
    $mail->bodyHtml = "HTML goes in here";

    $mail->addEmail("name@person.com","Name");
    $mail->addEmail("name2@person.com","Name2");

    $mail->subject($_POST['subject']);
    $mail->body($_POST['body']);

    $mail->fromName($_POST['from_name']);
    $mail->fromEmail($_POST['from_email']);

    $mail->Mailer = 'mail';

    $result = $mail->send();

    if (!$result){
        if(!empty($mail->errors)) {
            $mail->displayErrors($mail->errors,'ol');
        }
    exit();
    }
}
...

When displaying errors via the displayErrors() function, you may choose to use <ul> or <ol> HTML. If you’d rather receive errors as an array, use $mail->errors only.

Fini, Cowboy

If you need further explanation or would like a better understanding of the code, dig into the inc/class.sendmail.php file. The code is well-commented and should guide you nicely. If it doesn’t, comment and I’ll help you myself. For further information on PHPMailer, go to the official website.

Updates

Nov 27, 2007: The entire SendMail class has been rewritten to better perform as OOP should. The domain security is now optional. All files have been updated for downloading.

Dec 21, 2007: Select between sending with PHP mail(), SMTP, or POP using Mailer as shown above. All files have been updated for downloading. Eat it up.

Jan 15, 2008: When sending HTML mail, alternative text sends accordingly.

I’ll walk you through creating custom error pages, both simple and complex.

Basic Errors

Creating typical custom error pages in Cake is super easy. Below is a list of files that can be created in the /app/views/errors/ folder in order to overwrite the generic error templates located in /cake/libs/view/templates/errors/:

# not found #
    error404.thtml

# missing files #
    missing_action.thtml
    missing_component_class.thtml
    missing_component_file.thtml
    missing_connection.thtml
    missing_controller.thtml
    missing_helper_class.thtml
    missing_helper_file.thtml
    missing_layout.thtml
    missing_model.thtml
    missing_scaffolddb.thtml
    missing_table.thtml
    missing_view.thtml

# private & scaffold related errors #
    private_action.thtml
    scaffold_error.thtml

The above errors are all fine and dandy, but what if you want to create a custom error to be displayed when a user is denied access to the super secret area of your website?

Custom Errors

Custom errors could be used for anything – to let users know an area is restricted, or perhaps to users know they need to pay you loads of cash in order to use your website. Whatever the reason, Cake can help.

Example:
Let’s say you want your users to donate before entering your website. For those who haven’t donated, you want to display an “error”.

First create your donation error page as you would any of the errors above, and place it in the typical errors folder:

/app/views/errors/donation_error.thtml

Next, in order to call your custom error, place the following in your controller of choice:

$this->viewPath = 'errors';
$this->render('donation_error');

Give yourself a pat on the back. You’ve done well.

Hopefully by the end of reading this article, you’ll be able to create a secure CakePHP application. The point is to allow only registered users access to restricted areas of your application without blocking access to all areas of your application.

Pretext

We’ll be creating three sections in order to achieve our goal of total security:

1: /app/app_controller.php
2: /app/controllers/users_controller.php
3: /app/views/users/
      -> add.thtml, edit.thtml, index.thtml, login.thtml, logout.thtml

As always, all of these sections can be downloaded so you can follow along.

1. The app_controller

Our app_controller.php file will hold the function checkSession which will check session data to make sure a user is logged in. Here’s the function in its entirety:

function checkSession(){

	// fill $username with session data
	$username = $this->Session->read('user');

	// if the $username is empty,
	// send user to login page
	if (!$username){
		$this->redirect('/users/login');
		exit();
	} else {
		// if $username is not empty,
		// check to make sure it's correct
		$results = $this->User->findByEmail($username);

		// if not correct, send to login page
		if(!$results){
			$this->Session->delete('user');
			$this->Session->setFlash('Incorrect session data.');
			$this->redirect('/users/login');
			exit();
		}

		// otherwise set $user variable as users email address
		$this->set('user', $results['User']['email']);
	}
}

The commenting throughout the above code is pretty self-explanatory – the session data is checked and validated. Score one for us.

2. The users_controller

Of the six functions in users_controller.php, we’ll cover the login function. It’s purpose is to check user-submitted data against a database, and either set a session (success) or redirect the user to the login page (failure) for another login attempt.

function login() {
	$this->set('error', false);
	if ($this->data) {
		// check submitted email address against database
		$results = $this->User->findByEmail($this->data['User']['email']);
		if ($results && $results['User']['password'] == md5($this->data['User']['password'])) {
			// set "user" session equal to email address
			$this->Session->write('user', $this->data['User']['email']);
			// set "last_login" session equal to users last login time
			$this->Session->write('last_login', $results['User']['last_login']);
			$results['User']['last_login'] = date("Y-m-d H:i:s");
			// save last_login date
			$this->User->save($results);
			$this->redirect('/');
		} else {
			// login data is wrong, redirect to login page
			$this->Session->setFlash('Wrong username / password. Please try again.');
			$this->redirect('/users/login');
		}
	}
}

The commented code above should be enough to grasp an understanding of how $this->Session works. It’s a simple CakePHP method of setting/deleting/reading sessions.

Secure Your Gear

Now that you’ve got the code to secure your Cake pages, you need to use it. Call the checkSession function to whenever you’d like to require a user to be logged in.

<?php
class ExampleController extends AppController  {
	var $name = "Example";
	var $helpers = array('Html');

	function index() {
		// make sure we're logged in
		$this->checkSession();

		// when viewing /app/views/examples/index.thtml
		// the user will be redirected to the login page
		// unless he's logged in, in which case he'll
		// see the page as normal
	}

	function example() {
		// when viewing /app/views/examples/example.thtml
		// everyone (logged in or not) will see this page
	}
}	

But what if you want to secure all the pages in a controller? Simple! Use Cake’s beforeFilter function:

<?php
class ExampleController extends AppController  {
	var $name = "Example";
	var $helpers = array('Html');

	function beforeFilter() {
		$this->checkSession();
	}

	function index() {
		// when viewing /app/views/examples/index.thtml
		// the user will be redirected to the login page
		// unless he's logged in, in which case he'll
		// see the page as normal
	}

	function example() {
		// when viewing /app/views/examples/example.thtml
		// the user will be redirected to the login page
		// unless he's logged in, in which case he'll
		// see the page as normal
	}
}	

Download The Package

Make sure you grab the complete package to see working examples of this article. A .sql file has been included for easy setup of the required MySQL users table.

Download the ‘Secure CakePHP via Sessions’ package and consider yourself cool.

There have been updates to this article. Please make sure you note any changes before commenting.

This article assumes you use the CakePHP image upload component I covered a while back. If you’re not using it, you should be.

The goal of this article is to explain how to upload multiple photos in CakePHP using a single MySQL table. The images will be uploaded into an uploads folder, while the image names will be stored in a single MySQL table.

Pretext

I’ll assume your upload form is placed in /app/views/images/upload.thtml and your images component sits at /app/controllers/images_controller.php. If you need an example of either file, download the complete package and follow along.

Configure Your View

In order to upload a single image via CakePHP, our view upload.thtml would consist of a single upload field:

<ul>
    <li>
        <?php echo $form->labelTag('Image/images', 'Image:' );?>
        <?php echo $html->file('Image/filedata');?>
    </li>
</ul>

But we want the ability to upload multiple images at once, so let’s adjust our view accordingly:

<ul>
    <li>
        <?php echo $form->labelTag('Image/images', 'Image 1:' );?>
        <?php echo $html->file('Image/filedata1');?>
    </li>
    <li>
        <?php echo $form->labelTag('Image/images', 'Image 2:' );?>
        <?php echo $html->file('Image/filedata2');?>
    </li>
    <li>
        <?php echo $form->labelTag('Image/images', 'Image 3:' );?>
        <?php echo $html->file('Image/filedata3');?>
    </li>
</ul>

All we’ve done is added more upload fields to our form. Of course we also named them accordingly: filedata followed by a number.

Dressing Up The Controller

Next we need to modify our controller (/app/controllers/images_controller.php) to handle the multiple files.

The tricky part comes when we need to store each file name in a single MySQL table called images. We’ll do this by creating an array of each file name, implode the array, then store the resulting string in MySQL. Sounds confusing, but it’s not. Read on.

// set the upload destination folder
$destination = realpath('../../app/webroot/img/uploads/') . '/';

// number of file form fields
$num = 3;

/* take care of image uploads */

$array = "";
// loop through each image field
for ($i=1; $i<=$num; $i++)
   {
	$file = $this->data['Image']['filedata'.$i];
	if (!$file['name']) continue;

	// upload image
	$result = $this->Upload->upload($file, $destination, null, array('type' => 'resizecrop', 'size' => array('100', '100'), 'output' => 'jpg'));

	// error check
	if($result || !empty($this->Upload->errors)) {

		// there's been an error, delete any uploaded images
		if(is_array($array) && count($array) >= 1) {
			foreach($array as $file) { // delete each file
				unlink($destination.$file);
			}
		}

           // display error
		$errors = $this->Upload->errors;

		// piece together errors
		if(is_array($errors)){ $errors = implode("<br />",$errors); }

		$this->Session->setFlash($errors);
		$this->redirect('/images/upload');
		exit();
	}

	// add the image filename to the $array
	if(!is_array($array)){
		$array = array();
		array_push($array, $this->Upload->result);
	} else {
		array_push($array, $this->Upload->result);
	}

}

The for loop above makes sure each form field is properly addressed. The script attempts to upload the data and displays a proper error message if it fails.

The above images_controller.php example is only partially complete. For a complete example, download the complete package below.

Download The Package

You can download a working CakePHP example of the files described in this article. The MySQL file needed to create the example images table is included.
Download the complete ‘Multiple Image Uploads (CakePHP)’ package here.

Let me know if I’ve missed anything, or if you need help.

Updates

Nov 8th, 2007: The uploads component (upload.php) has been fixed to correctly handle filetypes.

Note: In my examples I use each of the functions in a view file (/app/views/), rather than a controller (/app/controllers/) file. I suppose either one would work, though for these functions, it would probably make more sense to use them in a view.

Including the Flay class

In order to use the any one of the following functions in your views, you first need to make sure you include the Flay class. To do so, place the following at the top of the view you wish to use:

<?php
     uses('Flay');
     $flay = new Flay();
?>

1. fragment

Return a fragment of a text, up to $length characters long, with an ellipsis after it.

Code:
	$text = "<p>This is some example text.</p>";
	$text = $flay->fragment($text,7);
	echo $text;

Html Output:
	<p>This is...

The text is fragmented to closely match a character count of 7 without breaking up any words.

2. toHtml

Returns given text translated to HTML using the Flay syntax.

Code:
	$text = "<p>This is some example text.</p>";
	$text = $flay->toHtml($text,null,true);
	echo $text;

Html Output:
	<p><p>This is some example text.</p></p>

As you can see, the entire text field is surrounded in a p tag, and the HTML in the $text variable is used as actual HTML.

Code:
	$text = "<p>This is some example text.</p>";
	$text = $flay->toHtml($text,null,false);
	echo $text;

Html Output:
	<p>&lt;p&gt;This is some example text.&lt;/p&gt;</p>

The entire text field is surrounded in a p tag, but this time the HTML in the $text variable is converted to HTML entities.

3. colorMark

Returns string with EM elements with color classes added.

Code:
	$text = "<p>This is some example text.</p>";
	$text = $flay->colorMark(array('some','text'), $text);
	echo $text;

Html Output:
	<p>This is <em class="yl">some</em> example <em class="gr">text</em>.</p>

According to the above, all words equaling some will have an EM element with the class “yl”. Where as all words equaling text will have an EM element with the class “gr”.

Let me know if I’ve missed anything.

Thankfully there’s a really simple way around this crap.

Simply replace Cake’s /app/config/database.php file with the following:

<?php
class DATABASE_CONFIG {
	#localhost
	var $local = array('driver' => 'mysql',
		'connect' => 'mysql_connect',
		'host' => 'localhost',
		'login' => 'root',
		'password' => '',
		'database' => 'local',
		'prefix' => '');

	#dev server
	var $dev = array('driver' => 'mysql',
		'connect' => 'mysql_connect',
		'host' => 'mysql.dev.com',
		'login' => 'dev',
		'password' => 'password',
		'database' => 'dev',
		'prefix' => '');

	#live server
	var $live = array('driver' => 'mysql',
		'connect' => 'mysql_connect',
		'host' => 'mysql.live.com',
		'login' => 'live',
		'password' => 'password',
		'database' => 'live',
		'prefix' => '');

	#switch between configs
	var $default = array();
	var $test = array();
	function __construct() {

		#wildcard the subdomains
		$host_r = explode('.', $_SERVER['SERVER_NAME']);
		if(count($host_r)>2) while(count($host_r)>2)array_shift($host_r);
		$mainhost = implode('.', $host_r);

		#switch between servers
		switch(strtolower($mainhost)) {
			case 'localhost':
				$this->default = $this->local;
				break;
			case 'dev.com':
				$this->default = $this->dev;
				break;
			case 'live.com':
				$this->default = $this->live;
				break;
			default:
				$this->default = $this->local;
		}
	}

	#php 4 compatibility
	function DATABASE_CONFIG() {
		$this->__construct();
	}
}
?>

The highlighted code beginning with var $local = array('driver' => 'mysql', corresponds with the case 'localhost': at the bottom.

A Quick Example

So let’s say you have a Cake application running locally on localhost and remotely at mydomain.com, you’re database.php file would look something like this:

<?php
class DATABASE_CONFIG {
	#localhost
	var $local = array('driver' => 'mysql',
		'connect' => 'mysql_connect',
		'host' => 'localhost',
		'login' => 'root',
		'password' => '',
		'database' => 'local',
		'prefix' => '');

	#live server
	var $live = array('driver' => 'mysql',
		'connect' => 'mysql_connect',
		'host' => 'mysql.mydomain.com',
		'login' => 'live',
		'password' => 'password',
		'database' => 'live',
		'prefix' => '');

	#switch between configs
	var $default = array();
	var $test = array();
	function __construct() {

		#wildcard the subdomains
		$host_r = explode('.', $_SERVER['SERVER_NAME']);
		if(count($host_r)>2) while(count($host_r)>2)array_shift($host_r);
		$mainhost = implode('.', $host_r);

		#switch between servers
		switch(strtolower($mainhost)) {
			case 'localhost':
				$this->default = $this->local;
				break;
			case 'mydomain.com':
				$this->default = $this->live;
				break;
			default:
				$this->default = $this->local;
		}
	}

	#php 4 compatibility
	function DATABASE_CONFIG() {
		$this->__construct();
	}
}
?>

Now when you upload your CakePHP application from your localhost directory to mydomain.com, you won’t have to fiddle with the database.php file. It’ll recognize that Cake’s running on mydomain.com and will adjust the MySQL connection accordingly.

Rock on roll.

Learn how to use it, love it, code it.

There have been updates to this article. Please make sure you note any changes before commenting.

This article covers uploading one image at a time. To learn how to upload multiple images at once, see the Multiple Image Uploads Into Single MySQL Table (CakePHP) article.

Dropping The Knowledge (pretext)

Using the upload component is super simple and allows for optional input to customize the resulting image.

/*
  * upload
  * - handle uploads of any type
  *		@ file - a file (file to upload) $_FILES[FILE_NAME]
  *		@ path - string (where to upload to)
  *		@ name  [optional] - override the default file name
  *		@ rules [optional] - how to handle file types
  *			- rules['type'] = string ('resize','resizemin','resizecrop','crop')
  *			- rules['size'] = array (x, y) or single number
  *			- rules['output'] = string ('gif','png','jpg')
  *			- rules['quality'] = integer (quality of output image)
  *		@ allowed [optional] - allowed filetypes array
  *			- default: array ('jpg','jpeg','gif','png')
  *	ex:
  * 	$result = $this->Upload->upload($file, 'uploads', null, array('type' => 'resizecrop', 'size' => array('400', '300'), 'output' => 'jpg'));
  *
  */

Each value should be self explanatory. If you need further explanation, post a comment and we’ll go through it together.

1. Download Upload Component & Create Upload Dir

Download the following zip file, extract it, and place upload.php in your /app/controllers/components/ directory.
Download the complete image upload component here.

Now create an ‘uploads’ directory in /app/webroot/img/uploads/ and make sure to give the directory 777 (writable by all) permissions.

2. Prepare Your Controller

Next we’ll slap the necessary code in place to handle a single image upload. (To upload multiple images at once, check out this article.)

class ImagesController extends AppController {

	var $name = 'Images';
	var $helpers = array('Html', 'Form');
	var $components = array('Upload');

function upload() {

	if (empty($this->data)) {
		$this->render();
	} else {
		$this->cleanUpFields();

		// set the upload destination folder
		$destination = realpath('../../app/webroot/img/uploads/') . '/';

		// grab the file
		$file = $this->data['Image']['filedata'];

		// upload the image using the upload component
		$result = $this->Upload->upload($file, $destination, null, array('type' => 'resizecrop', 'size' => array('400', '300'), 'output' => 'jpg'));
		
		if (!$result){
			$this->data['Image']['filedata'] = $this->Upload->result;
		} else {
			// display error
			$errors = $this->Upload->errors;

			// piece together errors
			if(is_array($errors)){ $errors = implode("<br />",$errors); }

			$this->Session->setFlash($errors);
			$this->redirect('/images/upload');
			exit();
		}
		if ($this->Image->save($this->data)) {
			$this->Session->setFlash('Image has been added.');
			$this->redirect('/images/index');
		} else {
			$this->Session->setFlash('Please correct errors below.');
			unlink($destination.$this->Upload->result);
		}
	}
}

* Highlighted code represents things relating to the upload class. The rest is default Cake code.

3. Create Your View

In the appropriate view controller (in this case, /app/views/images/upload.thtml), use the following code to insert a file upload field:

<?php echo $form->labelTag('Image/images', 'Image:' );?>
<?php echo $html->file('Image/filedata');?>

This will create the following HTML:

<label for="Image">Image:</label>
<input type="file" name="data[Image][filedata]" id="ImageFiledata" />	

Complete The Package

To make things easy, I’ve included all the above files in a single download. Get the complete CakePHP image upload package here.

If you have issues, comment. I’m happy to help.

Updates

Nov 8th, 2007: The uploads component (upload.php) has been modified to correctly handle filetypes.

Nov 6th, 2007: Errors are now gracefully displayed. An allowed variable has been added to the upload component regarding allowed filetypes. A .sql file has been included for easy setup of the images MySQL table.

Jan 16th, 2008: Thanks to Ruben, a small $fileType glitch was discovered… and fixed. Thanks Ruben! Jeff correctly pointed out that Ruben’s “fix” was actually an unneeded glitch. The component has been reverted to working form.

Allowing your loyal, web-savvy fans to download iCal files (enabling them to instantly add events to their iCal program), or subscribing to iCal feeds (allowing their iCal program to update the users calendar whenever they chose – much like RSS) can bring a smile to even the pickiest of web surfers.

Here’s the guts of a typical iCal file we’ll call theevent.vcs:

BEGIN:VCALENDAR
VERSION:2.0
BEGIN:VEVENT
DURATION:PT1H
SEQUENCE:4
URL;VALUE=URI:http://www.thehotfreaks.com/
DTSTART;TZID=US/Pacific:20070914T210000
DTEND;TZID=US/Pacific:20070914T210000
SUMMARY: Art
DESCRIPTION: Crazy Sexy Rainbow
END:VEVENT
END:VCALENDAR

I’ll let you figure out what every variable means. For now, let’s cut the crap and dive into the good stuff.

CREATE DOWNLOADABLE ICAL EVENTS VIA CAKEPHP WITH THREE FILES:

To create a file based on a particular event, open the CakePHP controller associated with your needs. Since I’m creating an iCal file based off an event, my controller is called events_controller.php – your controller might vary.

In the controller, create a function called ical, like so:

function ical($id = null) {
   // use ical layout
   $this->layout = "ical";

   if (!$id || !$this->Event->read(null,$id)) {
      $this->Session->setFlash('Invalid id for Event.');
      $this->redirect('/events/index');
      exit();
   }

   $this->set('theEvent', $this->Event->read(null,$id));
}

Then create a new layout (in your views/layouts/ folder) called ical.thtml. Place the following junk inside it:

<?php
   $Filename = "TheEvent.vcs";
   header("Content-Type: text/x-vCalendar");
   header("Content-Disposition: inline; filename=$Filename");
   echo $content_for_layout;
?>

The $Filename variable above can be changed to whatever you like as long as it maintains a .vcs ending.

Then in your views/events/ folder, add the ical.thtml view:

BEGIN:VCALENDAR
VERSION:1.0
BEGIN:VEVENT
DURATION:PT1H
SEQUENCE:4
URL;VALUE=URI:< ? php echo $theEvent['Event']['website']. "\n"; ?>
DTSTART;TZID=US/Pacific:< ? php echo date("Ymd\THi00", strtotime($theEvent['Event']['event_date']))."\n"; ?>
DTEND;TZID=US/Pacific:< ? php echo date("Ymd\THi00", strtotime($theEvent['Event']['event_date']))."\n"; ?>
SUMMARY:< ? php echo $theEvent['Event']['summary']."\n"; ?>
DESCRIPTION:< ? php echo $theEvent['Event']['description']."\n" ?>
END:VEVENT
END:VCALENDAR

DONE. Now surf to /events/ical/[id-of-event]/ and you should have a magical iCal file begin downloading. Life is good.