fake_rest_server – REST server in PHP

fake_rest_server” is a simple and easy-to-configure REST server made in PHP.

I made it just to create different REST servers very fast for testing purposes. It was made on 12th May 2016 (approximately).

It can be found on GitHub: https://github.com/jalbam/fake_rest_server

Configuring the server

To add new paths (routes) and methods, the developer just needs to create a new folder structure (folder and subfolders if needed) which represents the route and inside one file per method named [method_desired].php (for example, put.php).

To start developing your REST server, you will only need to download the files inside the src/ folder.

You may want to take a look at the src/_code/functions.php file (the engine will include it automatically) as it provides some basic but useful functions. There you can also add new functions or modify the existing ones.

If you want to add data, you can use the src/_code/data/data.php file (automatically included by the engine).

If you want to add configuration data, you can use the src/_code/config.php file (automatically included by the engine).

As the engine defines the USING_REST_SERVER constant, you can protect any of the files with the following line at the beginning:

<?php if (!defined("USING_REST_SERVER") || !USING_REST_SERVER) { return; } ?>

Note: this authorization code above is also defined in the AUTHORIZATION_CODE constant (inside the the src/_code/config.php file).


1) In the root folder (where the src/_code/ folder and the src/index.php file are placed), create a folder called myRESTService/.

2) Inside the myRESTService/ folder we have just created, create another folder called user/ and inside of it create two files: index.php and get.php.

3) Inside the myRESTService/user/index.php file, place the following code:

  //Users info (this could be in the "src/_code/config.php" file, but it is just an example):
  $usersData = Array
    //User IDs:
    "1" =>
        "name" => "John Doe",
        "favouriteFood" => "meat"
    "2" =>
        "name" => "Joan Alba Maldonado",
        "favouriteFood" => "pizza"
  //Gets the data needed which has been sent through the REST client:
  $userId = getVariable("id"); //"getVariable" and other functions available in the "src/_code/functions.php" file.

4) Inside the myRESTService/user/get.php file put the following code:

  if ($userId === "") { echo "No id sent!"; }
  else if (array_key_exists($userId, $usersData))
    echo $usersData[$userId]["name"] . " likes eating " . $usersData[$userId]["favouriteFood"];
  else { echo "User cannot be found! (id=" . $userId . ")"; }

5) With this, we will have our REST server configured with the myRESTService/user/ route, accepting the GET method with the id parameter. This example can be found in the example_easy/ folder.

Testing the server

If you do not have a REST client, the server can be tested on any web browser by adding the debug=1 parameter to the URL as well as the method parameter with the method desired (not needed if the method is GET), as for example: http://localhost/fake_rest_server/src/index.php/route_1/subroute?method=post&debug=1&username=Joan

Following the example above, you can use a web browser to visit the following links:

http://localhost/route_to_the_REST_server/index.php/myRESTService/user/?method=get&debug=1&id=1 (it should show “John Doe likes eating meat”)

http://localhost/route_to_the_REST_server/index.php/myRESTService/user/?method=get&debug=1&id=2 (it should show “Joan Alba Maldonado likes eating pizza”)

http://localhost/route_to_the_REST_server/index.php/myRESTService/user/?method=get&debug=1&id=3 (it should show “User cannot be found! (id=3)”)

http://localhost/route_to_the_REST_server/index.php/myRESTService/user/?method=get&debug=1 (it should show “No id sent!”)

Note that the “/” character at the end of the route is optional.

Final comments

It is very easy to extend using PHP language. The project already includes some examples with routes, methods, functions and data as user accounts, etc. as examples (in both the example/ and the example_easy/ folder) but they can be deleted.

The only really-needed code is located in the src/ folder. Inside of it, the route_1/ folder and all of its content can also be deleted since it is just an example.


This project can be used, reproduced, distributed and modified freely for any non-commercial purposes but always keeping the author’s name and copyright clauses. Other than that, just use this project as you wish but never sell it!

EASPM123 – Get rid of spam emails!

EASPM123 (Email Anti-Spam 123) is an Easy-to-use JavaScript API that protects any email address you want to use in your website from spambots. First version (1.0) was released in November 2015.

It works in any browser with JavaScript support, even old ones (including Internet Explorer 5.0), offers different security options (very configurable) and it is just 2.57 KiB minified. If you want, you can easily configure it to be used with many languages at the same time.

Despite of this, this script should consider as a way to improve safety against spambots but not the unique method. A good anti-spam for your email (server or client) is still always recommended.

It can be found on GitHub: https://github.com/jalbam/easpm123

Basic idea

The basic idea is to disguise the email address by modifying it using a text that will be removed by the script when the desired JavaScript events are fired (or, if desired, automatically when the document is loaded).

Most spambots will not fire those JavaScript events or, even if they did it, many of the times will not catch the email address after doing it but the previously-shown email address (so they will end with a non-valid email address which includes the text that should have been removed).

The text to be removed should be human-understandable so that a human being could figure out the real email in the case that JavaScript was disabled or something failed. Under these circumstances, to help any human-being to figure out the real email address, this script uses the so-called “without-no-spam” elements which are elements containing the instructions that the human-being should follow to get the real email address. These “without-no-spam” elements will be removed automatically by the script if JavaScript is available.

As nowadays many spambots can already translate “AT” and “DOT” to “@” and “.” respetively, to improve safety this script provides a way to translate any desired text to the AT (@) symbol. The key here is to use a non-so-famous text that no spambot will understand at all.

There are different ways to use this script detailed below, some safer than others. Please, continue reading.


You can download the project from GitHub directly to include it in your project or you can also use one of the following commands while you are in your project:


bower install easpm123


yarn add easpm123

npm (it will need a package.json):

npm i easpm123

The behaviour can be configured easily through the main (and unique) object the script uses (for more information, you can read the instructions in README.htm). But if you are lazy, although it would be less safe, you just need to include the .js file in your website and change the class name (or add to the current classes a new one) of the elements containing the links to the emails (the class name should be “easpm123” by default).

In order to start using this API, the “.js” file you choose (for example, easpm123_min.js which is already minified) must be included in your document. The most common way to do this is by using a tag:

<!-- NOTE: Edit the "src" property to point to the right location of the .js file: -->
<script src="easpm123_min.js" type="text/javascript" language="javascript"></script>

If we decide to use the main (and unique) object, this is how it looks like:

    //Next values can be set to null to force using default ones or use
    //an empty array if you do not want any value at all:

The parameters accepted are the following ones:

Parameter Type Default value Mandatory? Description
autoLoad boolean true No If it is set to true, the script will be loaded automatically (the run method will not be needed to be called) when the document is ready. If it is set to false, all the rest of parameters will be ignored and they will need to be used in the run method instead.
linkClasses array of strings [“easpm123”] No Class names used by the tags (which contain a link to an email address) that will be affected.
withoutNoSpamElementClasses array of strings [“easpm123_label”] No Class names of the “without-no-spam” elements that will be removed.
linkIDs array of strings [“easpm123”] No IDs used by the tags (which contain a link to an email address) that will be affected.
withoutNoSpamElementIDs array of strings [“easpm123_label”] No IDs used by the “without-no-spam” elements that will be removed.
textsToClear array of strings [“NO_SPAM_WELCOME”] No Texts to be removed (case sensitive) from the email address.
atSymbolAliases array of strings [“{AT_HERE}”] No Texts that will be replaced by the AT (@) symbol.
eventNames array of strings [“mouseover”, “click”, “touchstart”] No Events that will fire the script. Those events will be attached to all affected tags (which contain a link to an email address) and also to all the affected “without-no-spam” elements. Use an empty array to run the script automatically without events.

Note that, except for the first parameter (autoLoad), all the rest of the parameters can accept the null value if we want to use their default value or can also accept an empty array (as for example the [] value) in the case that we do not want any value at all. In the case of the last parameter (eventNames), using an empty array will force the script to run its magic automatically without having to fire any event (not recommended as the safety would be decreased).

If the autoLoad parameter is set to false (not recommended), the rest of parameters will be ignored and the run method will have to be called manually when desired (always after the document has been loaded!). This method accepts the same parameters as the main object except the first one (it does not need the autoLoad parameter). Read below to see an example showing how to use it.

Have in mind that, as soon as the script is included, it will run itself once with the default options. We can run it again (through either the main object or the run method), if desired, after that.

The main object can only be used before the onload event of the window object is fired. If we want to run the script after that, we need to use the run method instead. In fact, the run method can only be used after the onload event of the window object is fired.

See the examples below for more information.

Example #1 – Easiest way for the developer (not so safe), with just HTML:

Note that, after the script is included, it immediately modifies the onload event of the window object (keeping any previous event, so it will not override anything) to execute itself after some milliseconds (it does not do it immediately to get rid of some spambots which will not have this into account). If, during the time between the inclusion of the script and the milliseconds (100 by default) before its executed itself, the onload event of the window object is overrided, this example will simply not work.

This way, any tag whose id is easpm123 or class property contains the easpm123 class, will be affected. The default text to remove from the email will be “NO_SPAM_WELCOME” and the “{AT_HERE}” text will be replaced by the AT (@) symbol.

The text inside of the elements whose id is easpm123_label or class property contains the easpm123_label class will be removed automatically when the page loads. These elements are called “without-no-spam” elements and are useful for the users when JavaScript is not available.

The real email address will be shown when the user is over or clicks or taps the email link (the tag described above).


<!-- Using ID: -->
<a id="easpm123" href="mailto:email{*AT_HERE*}NO_SPAM_WELCOMEexample.com">email{*AT_HERE*}<del style="text-decoration:line-through;"><s>NO_SPAM_WELCOME</s></del>example.com</a>
<span id="easpm123_label">(without NO_SPAM_WELCOME)</span>
<br />
<!-- Using class: -->
<a class="easpm123" href="mailto:email{*AT_HERE*}NO_SPAM_WELCOMEexample.com">email{*AT_HERE*}<del style="text-decoration:line-through;"><s>NO_SPAM_WELCOME</s></del>example.com</a>
<span class="easpm123_label">(without NO_SPAM_WELCOME)</span>

Example #2 – Easiest way for the user (very unsafe), with a bit of JavaScript and HTML:

This methods needs a little bit of JavaScript (using an empty array as the eventNames parameter) but will not need any event fired by the user. The script and its magic will be performed automatically. The users can be happier this way but some spambots will be too. Safety wise, this method is not recommended.

As we are using the main object, this must be run before the onload event of the window object is fired.


EASPM123(true, null, null, null, null, null, null, [] /* eventNames */);


Use the same HTML code from the Example #1.

Example #3 – Second easiest way for the user (still unsafe), with a bit of JavaScript and HTML:

This will be little bit safer than the Example #2 as we change default values by the desired ones. Different IDs and class names have been used just to show how it works.

As we are using the main object, this must be run before the onload event of the window object is fired.


    true, //autoLoad.
    ["class_email_link", "class_email_link2"], //linkClasses.
    ["class_without_no_spam_label", "class_without_no_spam_label2"], //withoutNoSpamElementClasses.
    ["id_email_link", "id_email_link2"], //linkIDs.
    ["id_without_no_spam_label", "id_without_no_spam_label2"], //withoutNoSpamElementIDs.
    ["WITHOUT_THIS_TEXT", "TAKE_THIS_OUT"], //textsToClear
    ["[PUT_AT_HERE]", "{HERE_AN_AT_SYMBOL}"], //atSymbolAliases.
    [] //eventNames.


<!-- Using ID: -->
<a id="id_email_link" href="mailto:email[PUT_AT_HERE]WITHOUT_THIS_TEXTexample.com">email[PUT_AT_HERE]<del style="text-decoration:line-through;"><s>WITHOUT_THIS_TEXT</s></del>example.com</a>
<span id="id_without_no_spam_label">(without NO_SPAM_WELCOME)</span>
<br />
<a id="id_email_link2" href="mailto:email[PUT_AT_HERE]WITHOUT_THIS_TEXTexample.com">email[PUT_AT_HERE]<del style="text-decoration:line-through;"><s>WITHOUT_THIS_TEXT</s></del>example.com</a>
<span id="id_without_no_spam_label2">(without NO_SPAM_WELCOME)</span>
<br />
<!-- Using class: -->
<a class="class_email_link" href="mailto:email{HERE_AN_AT_SYMBOL}TAKE_THIS_OUTexample.com">email{HERE_AN_AT_SYMBOL}<del style="text-decoration:line-through;"><s>TAKE_THIS_OUT</s></del>example.com</a>
<span class="class_without_no_spam_label">(without NO_SPAM_WELCOME)</span>
<br />
<a class="class_email_link2" href="mailto:email{HERE_AN_AT_SYMBOL}TAKE_THIS_OUTexample.com">email{HERE_AN_AT_SYMBOL}<del style="text-decoration:line-through;"><s>TAKE_THIS_OUT</s></del>example.com</a>
<span class="class_without_no_spam_label2">(without NO_SPAM_WELCOME)</span>

Example #4 – Not-so-easy way for the user (safer), with a bit more of JavaScript and HTML:

This is like the Example #3 but only firing the script under the default events (onmouseover, onclick and ontouchstart) and not automatically.

As we are using the main object, this must be run before the onload event of the window object is fired.


    true, //autoLoad.
    ["class_email_link", "class_email_link2"], //linkClasses.
    ["class_without_no_spam_label", "class_without_no_spam_label2"], //withoutNoSpamElementClasses.
    ["id_email_link", "id_email_link2"], //linkIDs.
    ["id_without_no_spam_label", "id_without_no_spam_label2"], //withoutNoSpamElementIDs.
    ["WITHOUT_THIS_TEXT", "TAKE_THIS_OUT"], //textsToClear
    ["[PUT_AT_HERE]", "{HERE_AN_AT_SYMBOL}"], //atSymbolAliases.


Use the same HTML code from the Example #3.

Example #5 – A little-bit-more-difficult way (a bit safer), with more JavaScript and HTML:

This is like the Example #4 but using the run method instead of the main object. So instead of running the script automatically we will do it manually.

Note that the main object must be used before the onload event of the window object is fired but the run method must be run after that.

For safety purposes, the main object waits by default 100 milliseconds before it runs the script automatically. In this example we will wait a little bit more to add even more safety.


            ["class_email_link", "class_email_link2"], //linkClasses.
            ["class_without_no_spam_label", "class_without_no_spam_label2"], //withoutNoSpamElementClasses.
            ["id_email_link", "id_email_link2"], //linkIDs.
            ["id_without_no_spam_label", "id_without_no_spam_label2"], //withoutNoSpamElementIDs.
            ["WITHOUT_THIS_TEXT", "TAKE_THIS_OUT"], //textsToClear
            ["[PUT_AT_HERE]", "{HERE_AN_AT_SYMBOL}"], //atSymbolAliases.


Use the same HTML code from the Example #3.

Improving safety

To improve the safety and get rid of as many spambots as possible I recommend the following:

  1. Do not fire the script automatically (without needing events). So, do not do as the Example #2 or Example #3.
  2. Do not use the default values for the text which replaces the AT (@) symbol. Use your imagination to invent new ones. Look at the Example #4.
  3. Do not use the default values for the text which should be removed from the email address. Use your imagination to invent new ones. Look at the Example #4.
  4. Do not use the default values for the classes or IDs (for both, elements and the “without-no-spam” elements) and use your own ones. Look at the Example #4.
  5. Use the run method instead of the main object and call it some milliseconds after the onload event of the window object is fired. Look at the Example #5.
  6. Images or other elements instead of text can be used inside the “without-no-spam” elements to make it harder for the spambots to figure out the email address. Have in mind that some browsers can have images disabled or even some people could not see them properly.
  7. You can consider about using other events instead of the default ones to fire the script. That could, maybe, improve safety.
  8. If you are paranoid enough, you can consider using different ways to obfuscate the strings in the arrays used in the optional parameters and also use other ways of obfuscating. Again, use your own imagination.

Final comments

Following the instructions and some guidelines (included inside the package), the email addresses should be human-understandable even when JavaScript is disabled.

If you are tired of being spammed, you should try this little script (with an email address which spambots do not know yet!).

Live example: http://htmlpreview.github.io/?https://github.com/jalbam/easpm123/blob/master/test_min_eval.htm


Forbidden to use without keeping the author’s name and copyright clauses. Other than that, just use this script freely but never sell it!

Super Queue – queue and lottery viral game in PHP and JavaScript (November 2014)

I made this game for a Chinese software company whose final client was a chain of jewelry stores that wanted a Weixin (aka WeChat) game to promote themselves by giving the players some prizes and coupons just during a week (to celebrate the Chinese Single’s day, the 11th of November). Weixin (WeChat) is the most used instant messaging client for mobile devices in China, made by Tencent (the same company that also owns QQ). It was finished on 7th November 2014 (approximately).


The graphics are made by 乔安 (Qiao An) and Chinese translation is done by 董双丽 (Dong Shuangli). The development took almost one month.

The game consists of two levels. In the first level, you are waiting in a queue and your mission is to jump the queue until you can enter the door. Once you enter through the door, the second level consists in waiting for a partner of the opposite gender (it can be either a real player or a fake one if the game is configured to use fake players or the admin force it) and, when you get a partner, then each of you have to spin a roulette wheel with zodiac symbols and both will win a prize if you both get the same zodiac symbol. If you get a different symbol, you get a discount coupon instead.

It is a viral game because players have to share the game to others in order to jump the queue they are waiting in. Every time someone registers through your invitation, you will jump two places. But others will also be able to jump and move in front of you so it becomes a kind of fight.

Players do not need to have the game open all the time. So they can close the game and open it again later whenever they want to. If any progress has been made or any thing new has happened, the game will show it.

There is a maximum number of people per queue, so the game creates a “new world” with a new queue every time a person joins the game for the first time if all other queues are full. The game also fills the queue with fake people in order to increase level difficulty and to avoid looking empty. All of that is configurable through variables.

The way to log in, prizes, maximum people per queue, chances to win, and many other things can be configured through the configuration file.

The game already includes Chinese and English languages. There is also a localization file that allows to translate the game into many more languages easily. The game will try to detect automatically the user’s language.

The company wanted to run the game just for a week. During this week, the game was a complete success and had more than 50,000 players. All prizes were given out.

The game was running on Weixin (WeChat) and uses some of its functions, but it can be configured without effort to be used in any other app or platform (as for example in QQ, Facebook or any web browser with JavaScript and CSS enabled).

There is a debug mode which can be accessed through a password. That debug mode shows useful information about the game in real time and it also provides an admin control panel (similar to a God mode panel) with many options to cheat, control other players, etc.

It also includes an overload test page to check server limits.

This game was made using technologies as HTML, CSS / CSS 3, JavaScript, JSON, XHR (AJAX), PHP, mySQL, RPC (Remote Procedure Call), OpenID, OAuth, Weixin API (WeChat API) / WeixinJSBridge, etc.

You can try the game by yourself just creating the database needed (a SQL file with the required tables is included) and editing the configuration file to use that database. Basically, you just need a web server that supports PHP and mySQL.

It can be found on GitHub: https://github.com/jalbam/super_queue

TetrisDAI – Tetris in Java (May 2008)

“TetrisDAI” is an open source Tetris clone (highly modular) written in Java 1.6 (aka Java SE 6) with NetBeans.


It is my first Java game and was made in mid 2008.

The code is extremely modular and is ready to be modified and configured pretty easily by anyone. For instance, you can change control keys, their delay, add new pieces with different shapes or change the current ones or even delete them, change the colour of the whole game (including the pieces), change game visual aspect and sizes (width and height of the cells and of the map, text aspect, margins), decide whether to use images or just simple computer-generated graphics for cells and background, decide language (game is already translated into Spanish, Catalan and English and just needs to change a variable to choose one among those languages) or add new languages easily, change menu items, change initial speed and speed increase when next level is reached, change needed lines to finish a level, modify score system (score for piece placed, score for each line and exponential score increase for multiple lines), enable or disable sound and so on.

Official language is English but the code also includes Spanish and Catalan translations (as stated before, just by changing a variable, all the game will use the desired language).

This game has been tested under Linux, NetBSD, OpenBSD, FreeBSD, Windows, Mac OS X, Haiku OS and others.

Official web site: http://tetrisdai.tuxfamily.org/ (mirror at http://www.dhtmlgames.com/tetrisdai/).

It can also be found on GitHub: https://github.com/jalbam/tetrisdai

Gamoliyas – Game of Life in JavaScript (August 2007)

“Gamoliyas” is an open source Conway’s Game of Life version (highly configurable) totally written in DHTML (HTML, CSS and JavaScript).


It is my ninth DHTML game and was made in mid 2007.

Players can configure the game with many options, as changing the world size, choosing between spherical and limited world, using colours that change depending on the number of neighbours, changing speed, saving a world or opening a previously stored one, drawing cells yourself or generating them randomly, etc.

The game is specially designed to allow to be used inside any other web site (by using an IFRAME, for example). We just need to get the URL (which will be used in the SRC parameter of the IFRAME tag) generated by the “save world” option with the desired behaviour we have decided in the options that the game will ask us (world size, auto-play, spherical world, multicolour, hide top menu, hide bottom controls, hide bottom information panel, do not allow to draw, speed, size of the cells and space between cells). The game accessed through that URL will start containing the cells which were present when we pressed the “save world” option. You can see a live example using this game with an IFRAME in my personal portfolio: http://www.joanalbamaldonado.com/portfolio/

You can also change the game behaviour easily by editing many of the configuration variables which are at the beginning of the script. To change the game images you just need to replace them with others.

This game only uses a few images which are not necessary to make it work if we are using the game with the panels and such hidden. So all the rest you can see has been made using just pure HTML and CSS.

Official languages are Spanish and English.

You can find other modified and adapted versions of this game on the Internet, including one Opera widget.

This game has been tested under BeOS, Linux, NetBSD, OpenBSD, FreeBSD, Windows, Mac OS X, BlackBerry Tablet OS, Android, iOS and others.

Play online in English: http://gamoliyas.tuxfamily.org/gamoliyas_english/

Play online in English (mirror): http://www.dhtmlgames.com/gamoliyas/gamoliyas_english/

Play online in Spanish: http://gamoliyas.tuxfamily.org/gamoliyas_spanish/

Play online in Spanish (mirror): http://www.dhtmlgames.com/gamoliyas/gamoliyas_spanish/

Official web site: http://gamoliyas.tuxfamily.org/ (mirror at http://www.dhtmlgames.com/gamoliyas/).

It can also be found on GitHub: https://github.com/jalbam/gamoliyas