|
| PHP Obfuscator
|
| Hand over the code and still sleep well: POBS stands for
PHP Obfuscator/Obscurer. It is a free and open PHP program that
makes PHP sourcecode almost impossible to read and edit for normal
humans. It is a simple way to protect your PHP sourcecode from
people who would like to adjust it or who would like to know its
workings. Now you can deploy your application and feel pretty safe
about it.
Discuss (Join / Login first) Edit
permalink: #
|
| Using
XML-RPC with PHP |
| XML-RPC is a great enabler for distributed systems and system
interoperability, as it allows any XML-RPC enabled applications to
call the methods of other XML-RPC enabled applications, regardless
of what language either application is written in, or on what
machine either application is running on. This allows a perl
function to make a call to a Python method, or a Java Servlet to
call a PHP function, for example.
 PS: Happy 2002! - John Lim
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| Leon
Atkinson discusses caching |
| In English, cache is a word of French origin, pronounced
exactly like cash, meaning a secret hiding place for valuables or
provisions. Similar to words such as mouse and web, computer
scientists borrowed cache to refer to a programming technique. This
technique involves introducing a middle layer between the source and
destination of data flow. This middle layer is no secret, but it is
transparent to participants, and it does store data.
Pity Leon doesn't discuss PEAR
Cache.
 As the New Year is coming, the flow of articles will slow
down. I'll be posting regularly again in 2002. Best wishes for the
festive season! John
Discuss (Join / Login first) Edit
permalink: #
|
| How to Read W3C
Specs |
| When you seek answers, you're looking for a user manual or
user reference guide; you want to use the technology. That's not the
purpose of a W3C specification. The purpose of a “spec” is to tell
programmers who will implement the technology what features it must
have, and how they are to be implemented.
It's the difference between the owner's manual for your car and
the repair manuals. The owner's manual tells you how to replace the
windshield wiper blades. If you go to the repair manual, it will
tell you the dimensions of the blades and show the parts used to
attach them; you will have to use that information to piece together
how to replace them. -- J David Eisenberg
Discuss (Join / Login first) Edit
permalink: #
|
| Using
PHP and MySQL with Flash |
| This article helps explain how to use Macromedia Flash 5 in
conjunction with PHP and a MySQL database. This demonstration will
show you how to setup a simple login and registration form, then
allow users to save movie clip positions and various properties in
the database. When they log back in the movie clips are in the same
position. -- Jeffrey F Hill
Fascinating to learn that a Flash movie can communicate
with any server using HTTP. Such a simple and neat API too!
Discuss (Join / Login first) Edit
permalink: #
|
| XMLRPC-EPI
in PHP 4.1.0 |
| There was a note in the PHP 4.1.0 changelog that XML-RPC is now
included with the release. Here is the documentation that should
have come with it. This extension has been in use by epinions.com
for several months, so should be quite solid:
[The author says] key benefits of using this extension as
compared to other php xmlrpc solutions are:
- speed. Because it is in C, it is faster than
implementations written in php. Various iterations of this code
have been/are running at Epinions.com and are sufficiently fast
for the high traffic volume this site encounters, with several
xmlrpc type requests generated for each user http request. No
specific speed claims are made. Your mileage may vary.
- ease of use. All data is sent/received as native php
types, so there is no complicated new API to learn when dealing
with data types. Sample php scripts are in ./sample. The
best/quickest way to learn how to use the library is just to view
the source to these and load them in your browser.
- escaping and encoding support. Four different types of
xml character escaping are available, which means you can safely
send any sort of data, even non-printable and "illegal" xml
characters. all encodings supported by your operating system are
useable for both sending and receiving data.
- compatibility. This library has been demonstrated fully
compliant with the XMLRPC spec, having passed the test suite at http://validator.xmlrpc.com/.
It is the author's hope that this code will be found useful by
someone, and would like to hear about how and where it is being
used, or suggestions for improvement.
PS: Rob Lundy wants to announce a new open source website
that features news, in depth projects, and a place to chat about
whatever at http://www.simplecodes.com/
Best of luck!
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| Finally a
stable ISAPI for Windows: PHP 4.1.0 |
| 13 Dec 2001 It's worse than it appears...
Removed all external extensions today from php.ini. Only inbuilt
extensions compiled by the guys at php.net are used and the Access
Violations still happen with ISAPI.
12 Dec 2001 One bad apple makes the whole bunch bad...
I recently tested the assertion below on Windows 2000 with IIS 5
and unfortunately it seems that many extensions are still not fully
thread-safe. I was getting frequent Access Violations when I had
mysql, ibase, oci8, mssql, java, odbc, zlib extensions installed.
At 17:16 11/12/2001, Emanuel Dejanu wrote:
>Hi,
>
>Zeev Suraski [zeev at zend dot com] wrote:
> >- Revolutionary performance and stability improvements under Windows. The
> >multithreaded server modules under Windows (ISAPI, Apache, etc.) perform as
> >much as 30 times faster under load! We want to thank Brett Brewer and his
> >team in Microsoft for working with us to improve PHP for Windows.
>
>This means that ISAPI is considered to be production quality?
Yes, even though quite a few modules inside PHP are not yet thread safe, so
if you use them, it'd crash.
Zeev
Discuss (2
responses) (Join
/ Login first) Edit
permalink: #
|
| PHP 4.1.0 Officially
Released |
After a lengthy QA process, PHP 4.1.0 is finally out.
Download at http://www.php.net/downloads.php !
PHP 4.1.0 includes several other key improvements:
- A new input interface for improved security (read below)
- Highly improved performance in general
- Revolutionary performance and stability improvements under
Windows. The multithreaded server modules under Windows (ISAPI,
Apache, etc.) perform as much as 30 times faster under load! We
want to thank Brett Brewer and his team in Microsoft for working
with us to improve PHP for Windows.
- Versioning support for extensions. Right now it's barely being
used, but the infrastructure was put in place to support separate
version numbers for different extensions. The negative side effect
is that loading extensions that were built against old versions of
PHP will now result in a crash, instead of in a nice clear message.
Make sure you only use extensions built with PHP 4.1.0.
- Turn-key output compression support
- *LOTS* of fixes and new functions
As some of you may notice, this version is quite historical, as it's
the first time in history we actually incremented the middle digit! :)
The two key reasons for this unprecedented change were the new input
interface, and the broken binary compatibility of modules due to the
versioning support.
Following is a description of the new input mechanism. For a full
list of changes in PHP 4.1.0, scroll down to the end of this section.
-----------------------------------
SECURITY: NEW INPUT MECHANISM
First and foremost, it's important to stress that regardless of
anything you may read in the following lines, PHP 4.1.0 *supports*
the old input mechanisms from older versions. Old applications
should go on working fine without modification!
Now that we have that behind us, let's move on :)
For various reasons, PHP setups which rely on register_globals
being on (i.e., on form, server and environment variables becoming
a part of the global namespace, automatically) are very often
exploitable to various degrees. For example, the piece of code:
<?php
if (authenticate_user()) {
$authenticated = true;
}
...
?>
May be exploitable, as remote users can simply pass on 'authenticated'
as a form variable, and then even if authenticate_user() returns false,
$authenticated will actually be set to true. While this looks like a
simple example, in reality, quite a few PHP applications ended up being
exploitable by things related to this misfeature.
While it is quite possible to write secure code in PHP, we felt that the
fact that PHP makes it too easy to write insecure code was bad, and we've
decided to attempt a far-reaching change, and deprecate register_globals.
Obviously, because the vast majority of the PHP code in the world relies
on the existence of this feature, we have no plans to actually remove it
from PHP anytime in the foreseeable future, but we've decided to encourage
people to shut it off whenever possible.
To help users build PHP applications with register_globals being off,
we've added several new special variables that can be used instead of the
old global variables. There are 7 new special arrays:
$_GET - contains form variables sent through GET
$_POST - contains form variables sent through POST
$_COOKIE - contains HTTP cookie variables
$_SERVER - contains server variables (e.g., REMOTE_ADDR)
$_ENV - contains the environment variables
$_REQUEST - a merge of the GET variables, POST variables and Cookie variables.
In other words - all the information that is coming from the user,
and that from a security point of view, cannot be trusted.
$_SESSION - contains HTTP variables registered by the session module
Now, other than the fact that these variables contain this special information,
they're also special in another way - they're automatically global in any
scope. This means that you can access them anywhere, without having to
'global' them first. For example:
function example1()
{
print $_GET["name"]; // works, 'global $_GET;' is not necessary!
}
would work fine! We hope that this fact would ease the pain in migrating
old code to new code a bit, and we're confident it's going to make writing
new code easier. Another neat trick is that creating new entries in the
$_SESSION array will automatically register them as session variables, as
if you called session_register(). This trick is limited to the session
module only - for example, setting new entries in $_ENV will *not* perform
an implicit putenv().
PHP 4.1.0 still defaults to have register_globals set to on. It's a
transitional version, and we encourage application authors, especially
public ones which are used by a wide audience, to change their applications
to work in an environment where register_globals is set to off. Of course,
they should take advantage of the new features supplied in PHP 4.1.0 that
make this transition much easier.
As of the next semi-major version of PHP, new installations of PHP will
default to having register_globals set to off. No worries! Existing
installations, which already have a php.ini file that has register_globals
set to on, will not be affected. Only when you install PHP on a brand new
machine (typically, if you're a brand new user), will this affect you, and
then too - you can turn it on if you choose to.
Note: Some of these arrays had old names, e.g. $HTTP_GET_VARS. These names
still work, but we encourage users to switch to the new shorter, and
auto-global versions.
Thanks go to Shaun Clowes (shaun@securereality.com.au) for pointing out this
problem and for analyzing it.
Discuss (Join / Login first) Edit
permalink: #
|
| Doc Javascript talks
about Web Services |
| Doc Javascript is great. He's always got something interesting
to write about on his favorite language, Javascript. What I like
about him is that he researches the area thoroughly, and comes up
with some amazing code every time. We need people like him in the
PHP community too!
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| Smarty Template
Engine 1.5.1 Released |
| Several feature enhancements were made to this version, most
notably the {foreach ...} command which is an alternative to
{section ...} with an easier syntax for looping through a single
array of values. Several functions were enhanced so that the output
can be automatically assigned to a template variable instead of
displayed (assign attribute). Cache files can now be controlled with
a custom function as an alternative to the built-in file based
method. Many code cleanups and bug fixed went into this release as
well. -- Monte
This is a great template engine if combine it with an PHP caching
product. Very flexible and powerful. Note that 1.5.1 fixes some
caching bugs found in 1.5.0.
Discuss (Join / Login first) Edit
permalink: #
|
| Using PHP to
Develop Three-Tier Architecture Applications |
| Designing your application in layers, or tiers, is useful for
many different reasons. In a multiple tier design, each tier can be
run a separate machine, or machines, allowing for improved
processing performance. Depending on your design, multiprocessor
machines, or many different independent computers can be used to
improve performance. Efficient layering can give structure to you
application, promote scalability, and ease long-term maintenance
requirements for your code. -- Jason E. Sweat
Discuss (Join / Login first) Edit
permalink: #
|
| XSL
Transformation With PHP And Sablotron |
| First, we showed you how to use PHP to develop cutting-edge
Web applications. Then we showed you how to impress your boss with
your XML and XSLT prowess. And finally, we gave you the skinny on
combining the two to capture the best of both worlds, and a hefty
paycheck to boot. -- Harish Kamath
I believe PHP 4.1.1 will replace the Sablotron extension with a
better technology, the XSLT extension. I hope the API still remains
the same, otherwise poor Harish just had "much ado about nothing".
Discuss (Join / Login first) Edit
permalink: #
|
| Ace's
Hardware Replaces PHP with Java |
| An interesting article that suggests some of the weaknesses of a
naive PHP implementation for heavy traffic sites.
Here's what they should have done with PHP:
- Switched to using 2 web servers. One server for graphics, with
Keep-Alives enabled, and another server for dynamic HTML using PHP
and Keep-Alives disabled. This is an issue that occurs with all
web servers, not merely PHP.
- Rewrite bits of their PHP using a HTML caching technology such
as Smarty templates or PEAR Cache. This preserves their
investment, and is a minor rewrite.
- Purchase Zend Accelerator.
You can read in the article that the main problem was the
hardware could not keep up with the load. The new Java application
performed poorly also the old hardware, and only when they upgraded
to faster hardware did performance improve.
There are also pointers to where PHP needs to improve in the
future: better resource pooling and multi-threaded support.
Discuss (2
responses) (Join
/ Login first) Edit
permalink: #
|
| XML-RPC
Client Tutorial |
| This tutorial teaches you, step-by-step, how to build an
XML-RPC client in PHP using the XML-RPC library written by Edd
Dumbill. It covers each of the PHP classes you will be using, and
how they fit together to form the final client. A primer is included
to introduce the basics of the XML-RPC specification. -- Benson
Wong
Discuss (Join / Login first) Edit
permalink: #
|
| BadBlue EE Web Server
released with PHP Encoder |
| At last: affordable PHP/CGI encoding! BadBlue Enterprise Edition
now includes an Encoding System... built-in!
The BadBlue Encoding System lets PHP and Perl developers protect
their scripts and their intellectual property. The encoding system
shields valuable source code with powerful, secure, symmetric
private-key encryption. Best of all, it's an affordable solution for
developers that don't have the budget for encoding solutions that
cost thousands of dollars.
Discuss (Join / Login first) Edit
permalink: #
|
| PHP 4.1.0
Released |
| Latest Warning: seems bugs
have been found in this release. The version below is no longer the
official 4.1.0. Wait for the php.net announcement!
I just downloaded and tested this release. Originally I
thought it was less stable that 4.0.6. Then I found out that
removing Zend Optimizer 1.1.0 fixed the problem...
PHP 4.1.0 is finally out after a long wait. Source code release
available at http://www.php.net/distributions/php-4.1.0.tar.gz
and a compiled Windows version at http://www.php4win.com/~daniel/php-4.1.0-Win32.zip
The major changes are the new $_GET and $_POST auto-global
arrays, and that you are now encouraged to set register_globals=off.
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| Lessons in
Scalability |
| For the past few weeks, my company has been preparing to setup
an extranet for a customer. This extranet will have hundreds of
users, run on multiple Apache web servers on Redhat Linux, and will
be connecting to an Oracle database with 50 Gb of data and indexes.
Naturally, scalability is a major problem, and I have had to think
long and hard about these issues. Here are some related articles:
Scaling
concepts is taken from a book on Oracle, but most of the key
ideas apply to web servers also. Further Oracle readings.
My article on tuning Apache
on Linux.
Securing
Apache on Linux.
Using phpLens
on a 50 Gb database.
Discuss (Join / Login first) Edit
permalink: #
|
| Free PHP4 Tools
are Maturing |
| Many times, I highlight beta PHP software on this web site. I do
this as a public service, to encourage the developers and get them
some feedback. But it doesn't mean that I would use it on a
production site.
I'm glad to say that I can heartily recommend the DBG debugger. Works with IIS and
Apache, on Windows and Linux/Unix. Very very nice. And best of all,
it's free.
The APC Cache
1.1.0 has matured also. Although not the fastest, it now runs
correctly most PHP scripts, unlike other opcode caches which purport
to be faster but don't handle classes properly. The only problem is
that when some pages get modified, it doesn't detect the change
(even though check mod dates is enabled) and still executes the old
cached version. Of course Zend Accelerator is faster and better, but
for free software, it's great value.
Discuss (Join / Login first) Edit
permalink: #
|
| Accessing
PostgreSQL from PHP |
| ...we will explore various methods for accessing PostgreSQL
from PHP. PHP is a server-side, cross-platform scripting language
for writing web-based applications. It allows you to embed program
logic in HTML pages, which enables you to serve dynamic web pages.
PHP allows us to create web-based user interfaces that interact with
PostgreSQL...
Discuss (Join / Login first) Edit
permalink: #
|
| Microsoft
Determines the Web Services Landscape |
| It's interesting how Microsoft has captured the high ground in
innovation in Web services. Everyone else is scrambling to catch up
in terms of standards:
Not
Everyone’s Happy With Java Evolution.
DotGnu.
I'm not sure DotGNU has any clue on how to persuade Big Corporations
to adopt their standards, but I'm glad to see that PHP is going to a
be prominent part of their technology, thanks to PHPGroupWare.
Discuss (Join / Login first) Edit
permalink: #
|
| On
the Security of PHP, Part 2 |
| The way to secure PHP scripts is through a carefully selected
combination of configuration settings and safe programming
practices. Based on the vulnerabilities that we have studied so far,
we will now set forth to establish some rules that can help avoid
dangerous situations.
Discuss (Join / Login first) Edit
permalink: #
|
| APL
|
| APL is a PHP module written in C++ that brings an abstract class
model for application development to PHP. APL is based on the
Zend-Engine and extends the PHP language. Docs are in German.
- shorten your development time
- shorter and more readable PHP-Code
- real OOP development within PHP
- bullet proofed and ready to use powerfull objects like
Tree-Menus, Tabfolders and Grids
- Separation of Design and Application development
Discuss (Join / Login first) Edit
permalink: #
|
| Security through
obscurity never works |
| Microsoft seems well on the way to breaking last year's
record for the number of security patches issued. The 2000 total
managed to run into three figures, and it seems highly likely that
2001's total will be at least as high... Microsoft always used to
declare at the top of every security patch it issued that the
company "takes security very seriously indeed". That phrase is no
longer included. Perhaps we can draw our own conclusions as to why
it was removed.
And Netcraft estimates
that 1 in 9 of all IIS servers have already been hacked.
A history of Full
Disclosure by Bruce Schneier.
Discuss (Join / Login first) Edit
permalink: #
|
| APD is the Advanced PHP
Debugger. |
| The above URL has been fixed.
It was written to provide strace/truss capability for
profiling and debugging php code, as well as providing the ability
to print out a full stack backtrace. APD does not support
interactive debugging, but instead writes data to trace files. APD
provides event based logging, so that varying levels of information
(including function calls, arguments passed, timings, etc.) can be
turned on or off for individual scripts.
Discuss (Join / Login first) Edit
permalink: #
|
| FreeBSD
Versus Linux Revisited |
| Above URL should be fixed - john
In my October 29, 2001, Byte.com column I described the new VM
written by kernel hacker Andrea Arcangeli. In that article, I
promised I would come back to my FreeBSD versus Linux comparison
that I ran in my February 2001 column. Many people say FreeBSD has a
very good virtual memory manager. As it turns out, I pretty much
proved them right in that article. -- Moshe Bar
Discuss (Join / Login first) Edit
permalink: #
|
| Tuning
a Solaris System |
| Solaris is a multi-threaded, scalable UNIX(TM) operating
environment running on SPARC and Intel processors. It is
self-adjusting to system load and demands minimal tuning. In some
cases, however, tuning is necessary. This guide provides details
about the officially supported kernel tuning options available for
the Solaris environment.
Discuss (Join / Login first) Edit
permalink: #
|
| On
the Security of PHP |
| The most direct illustration of damage inflicted by
unvalidated user input is probably the execution of external
programs with user-specified names or arguments. -- Jordan Dimov
Discuss (Join / Login first) Edit
permalink: #
|
| SOAP:
Simple Object Access Protocol |
| Dynamically generated HTML content works fine in Web browsers,
but it presents a nightmare for anyone trying to utilize that data
with other programs. For example, you can easily view an auction
site in a browser, but an application would require a complex HTML
parser to read your bid's status from the same site. Worse, you
would need a different parser to track a different auction site, and
the simplest redesign of either site could throw off your program.
Web services solve this problem with a consistent and easy method
for accessing online information. Web services could potentially
create a whole new type of Web.
A protocol created by Microsoft, DevelopMentor, and Userland
Software and backed by companies that include IBM, Lotus, and Compaq
gives a big push toward that vision. Simple Object Access Protocol
(SOAP) exchanges application data over HTTP in XML encoding.
The above article on CNET covers SOAP using Perl. Get the
PHP SOAPx4 and phpXMLP
implementations of SOAP.
Other SOAP
implementations
Discuss (Join / Login first) Edit
permalink: #
|
| Maguma Previews
Beta of PHP4EE |
| Bozen, November 5, 2001 - At the PHP-Conference from Nov. 5th
to Nov 7th in Frankfurt (Germany) Maguma AG with it's headquarter in
Bozen, Italy, presents a prototype of their product PHP4 Enterprise
Edition (PHP4EE). With this a professional, commercial development-
and runtime-environment is presented for the first time. Maguma
PHP4EE supports the easy and rapid creation of complex, dynamic
web-sites and in that way makes it possible to deploy PHP
economically. The market introduction of the version 1.0 of the
Maguma PHP4 Enterprise Edition is planned for March 2002.
Zend release their commercial Accelerator
too. I have been beta testing it and it is really really fast.
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| Sun to
Blame for the Death of Java? |
| Microsoft's C# Language Might Be the Death of Java, but
Sun's the One to Blame: It is easy to criticize Microsoft. Heck,
I've made a career of it. Yes, they are bullies and their technology
tends to be derivative and uninspired, but what bothers most of
Microsoft's competitors is none of that. Microsoft's competitors are
bothered by Microsoft's success, which is to say by Microsoft's lack
of a credible competitor. And that's one thing (maybe the only
thing) that isn't Microsoft's fault. -- Robert X. Cringely
I don't take this article seriously; but still good for a
laugh...
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| Resources at
php.weblogs.com |
| Today, I'd like to point you to some resources on this web site
that I have rarely highlighted, but which I use frequently myself.
The reason why there are so many links on this web site is not
because I'm link crazy, but because this site is my personal
notebook on PHP technology, and I am constantly updating the
material behind the scenes.
Tuning
Apache on Unix is my personal favorite article of all time,
listing all the ways you can tune PHP and Apache. I just updated it
because I'm now writing the Optimizing PHP chapter in the PHP
Handbook which will be out next year. The book will have twice
as many tips as this article, and will cover IIS too!
There are many SQL tips at SQL Tutorials and
Resources.
Discuss (Join / Login first) Edit
permalink: #
|
| phpcron
|
| Phpcron is a PHP command line utility which allows you to
schedule programs to run at certain specified times. Phpcron Admin
allows a user to remotely schedule programs and change Phpcron
options in a user friendly way without having to deal with console
based sessions using ssh, telnet, or arcane text editors. Unlike
cron, this software works on both Unix and Windows.
Discuss (Join / Login first) Edit
permalink: #
|
| Practical
PostgreSQL |
| This is a book on PostgreSQL available on the Internet written
by John Worsley and Joshua Drake.
These authors obviously love PostgreSQL, but the book focuses on
what PostgreSQL is (which is only of interest to a minority), and
not about what PostgreSQL can do for you (what everyone else is
interested in).
In my mind, Paul DuBois' MySQL book still sets the standard for
database books - half of that book is about using MySQL with Perl,
PHP, and other related stuff.
Discuss (Join / Login first) Edit
permalink: #
|
| SQL Relay: persistent
database connection pooling |
| When using Apache::DBI or PHP's persistent connections, a
connection is opened to the database for every web server process.
Frequently, web sites need to run large numbers of processes to
provide adequate response. As the number of database connections
grows, resources get strained and a lot of database connections go
unused most of the time.
SQL Relay makes more efficient use of resources by maintaining
fewer persistent connections to the database and funnelling all
database requests through those connections. When the number of
database session requests exceeds the number of persistent
connections, the session requests are queued. This ultimately causes
delayed response to the client, but keeps the database running
smoothly. In most cases, the delay is negligable and the tradeoff is
acceptable.
SQL Relay looks impressive and scalable. Wonder whether any
reader has experience using it?
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| New CHM format of the PHP
Manual |
| The goal here is to make the best Help format for Windows
programmers to use while programming. You can help much with your
opinion, reports, or offered help.
- Completely new design.
- Manual notes included in downloadable manual. This is a
greatly requested feature.
- New function page formats (purpose, usage and availability now
separated, and can be seen at a glance
- Online functions, preferences and "help on help" accessible
from any page with a click.
Discuss (Join / Login first) Edit
permalink: #
|
| Applying
design patterns to PHP |
| This month, I'm introducing design patterns. Popular among
fans of Java and C++, design patterns are not a topic often
discussed among PHP programmers. Yet, they are an important part of
computer science. Furthermore, they apply to all programming
languages, even PHP. -- Leon Atkinson
Many people have said to me that they find the concept of design
patterns useful. I read the Design Pattern book around 1995, but
have never opened it since. Here's an example why...
To implement the "strategy pattern", you must define a shared
interface for all algorithms. You may then proceed with various
implementations of this interface...
This is just a fancy way of saying we need an API so that we can
hide or switch implementation details; calling it the strategy
pattern makes me think of those slick management books you see like
"The Art of War Applied to Business". I can just imagine a group of
Harvard MBAs in suits hunkering down to do some heavy coding to the
battle-cry "strategy pattern".
Don't get me wrong; of course there are benefits to using these
techniques when brainstorming for ideas, because it can help you see
things in a different way. But design patterns are not for every
one, and will not help solve every design problem. There is no
silver bullet.
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| Hailstorm
in Hand |
| Latest from InfoWorld
Once customers start deploying their applications, Microsoft will
then start collecting money. At the low end of the scale, Muglia
said Microsoft will charge small-scale developers $1,000 a year to
use .NET My Services and $250 for each application they create with
the technology. Most companies developing with the technology will
end up paying $10,000 per year, and $1,500 for each application that
is built based on .NET My Services, Muglia said.
My Services is the new name for Hailstorm, a web services
initiative by Microsoft announced in March to supply several
building blocks for developers to create user-centric Web
applications. A early beta will be available at the Microsoft
Professional Developers Conference in LA this week.
The Passport part of My Services sounds like a pretty
invasive piece of technology. Would I implement it on a web site I
was developing? Probably, if it made business sense.
Would I use it - yes if it were as safe and as widely used as my
credit cards (which is not very safe - in 1998 I got a mysterious
card transaction for US $4000 from Spain but luckily it was
recognized as fraudalent by my issuing bank).
Ultimately it's a question of trust - and that has still got to
be earned by Microsoft.
Discuss (Join / Login first) Edit
permalink: #
|
| Web
Services Specifications |
| Today, Microsoft released for preview the first set of
specifications in the Global XML Web Services Architecture on
routing, referral, security, and licensing that build on the
baseline XML, SOAP, WSDL, and UDDI specifications. -- MSDN
These appear to be jointly developed with IBM. I don't know
whether it will be submitted to a standards organisation in the
future, though IBM being in the picture might suggest that is
the case.
I had a look at the specs: WS-Routing and WS-Referer provides for
the basics of workflow messaging - who is responsible for what part
of a SOAP message, and then you can forward it to the next person -
very interesting to me because my company provides workflow
solutions.
Discuss (Join / Login first) Edit
permalink: #
|
| Sun:
Tuning Your Apache Web Server |
| Setting up and configuring your Web server is a reasonably
simple process for which most installations provide scripts.
Optimization involves tweaking your server to achieve maximum
performance. This is not well documented and is anything but
automated. This article provides some simple tactics you can employ
to improve your Web server's performance, and where appropriate it
points to tools and information sources that will help you achieve
even greater performance gains.
Discuss (Join / Login first) Edit
permalink: #
|
| ADODB, PEAR DB, PhpLib and
Metabase Shoot-out |
| The cowpokes and city slickers gathered around the edges of
main street, waiting. A dog howled in the distance and horses sighed
nervously in the chill morning air. Suddenly the first of the
gunslingers raced out, six-shooters blazing, then another, and
another, and another. Smoke steamed from heated guns, frightened
horses whinnied, bodies moaned in the dust. The surviving gunmen
looked at each other, holstered their guns, mounted their horses and
without a word, rode into the heat of the rising sun.
Revised 24 Oct 2001.
The benchmark was to select 82 rows from the products table 200 times.
The tests were repeated 5 times. Connection times were excluded
from the benchmark. Values are in seconds.
MySQL 1.12 1.12 1.17 1.15 1.14
ADODB 1.43 1.47 1.47 1.44 1.45
PhpLib 1.53 1.62 1.64 1.64 1.57
PEAR 2.91 2.90 2.85 2.83 2.84 (fetchInto)
PEAR 3.14 3.13 3.22 3.12 3.16 (fetchRow)
M'base 4.51 4.55 4.46 4.54 4.52 (numeric columns)
M'base 4.99 4.72 4.71 4.71 4.72 (named columns)
Average Overhead
MySQL 1.14 -
ADODB 1.45 27%
PHPLib 1.60 40%
PEAR 2.87 152% (fetchInto)
PEAR 3.15 176% (fetchRow)
M'base 4.52 296% (numeric cols)
M'base 4.77 318% (named cols)
I was still surprised at how slow some of the libraries were, even
though a code inspection had already given strong hints on the expected
performance of the class libraries.
Methodology
Results on Pentium 800 Mhz running Win 2000, PHP 4.0.6 ISAPI on IIS5
with MySQL 3.23, all on the same machine. PEAR DB from PHP 4.0.6,
ADODB 1.40 and Metabase 1.57 were used.
Source code for these tests is available from
http://phplens.com/lens/adodb/
Also see Designing Fast
Software Architectures in PHP
Discuss (3
responses) (Join
/ Login first) Edit
permalink: #
|
| Creating CSS
Buttons |
| Using CSS, you can create buttons with just a few lines of
plain text HTML and CSS tags! (To learn more about CSS, be sure to
check out these links.) The downside of using CSS to generate
buttons is that ... they can only be rendered on CSS-compliant
browsers. --Scott Mitchell
Discuss (Join / Login first) Edit
permalink: #
|
| Making
the World a Happier Place, One Web Site at a Time
|
| We frequently watch those VPs and directors of marketing in a
user test situation or field study where they see a person having a
hard time and they walk away saying, "Oh, what a stupid user."
Another Jakob Nielsen piece: he isn't too popular among
some people since he dissed Linux - such is life.
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| PostgreSQL
in shadows of MySQL? |
From the Postgres 7.2 TODO:
http://developer.postgresql.org/cvsweb.cgi/~checkout~/pgsql/HISTORY?rev=1.125&content-type=text/plain
A dump/restore using pg_dump is required for those wishing to migrate
data from any previous release. One significant change is that
SELECT ... LIMIT 10,20 now uses the 10 as the OFFSET and the 20 as
the LIMIT. Previous versions had this reversed. This change was
made for MySQL compatibility.
The postgres style of SELECT LIMIT is more logical and consistent
than MySQL's. To me, this reflects poorly on the postgres team in
terms of backward compatibility and shows a copycat mentality.
I hope there is a backward compatible patch for the old style of
SELECT LIMITs. I also think a poll should have been made before the
decision was made (was there one?)
Lastly, postgres is supposed to be the most advanced open source
database - they need to shed the copycat mentality and inferiority
complex (ridiculous but true) with respect to MySQL.
My compatibility suggestion is to have an alternative syntax
(SELECT TOP) that keeps the same ordering of parameters; this makes
it easy to patch with a simple search and replace.
eg. SELECT * FROM table LIMIT 20,10 in the MySQL syntax would be
SELECT * FROM table TOP 10, 20 in PostgreSQL. Then we would just
need to do a search and replace of LIMIT to TOP in our code.
Thanks to John Huong for alerting me to this change --
John
Discuss (2
responses) (Join
/ Login first) Edit
permalink: #
|
| Do You Have a
Perverted Health Problem? |
Here are some of the things PHP could stand for:
- Personal Home Page
- PHP Hypertext Processor
- Personal Hygiene Problem (A typical programmer?)
- Practically Hopeless Person (Mr Bean)
- Philandering Heterosexual Professional (Just a gigolo)
Now let's have fun! Post your most amusing abbreviations
here...
Here's another twist: Think of a famous person, then come
up with a PHP that applies to the person.
Oscar
Wilde? Profoundly Homosexual Playwright.
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| Making
Forms Object-Oriented |
| Object-oriented programming is an efficient and powerful
technique. It allows one to create reusable, easily adjustable
components that make programming process fast and, honestly, very
much fun, too. I hope, my little experience that I presented here
will inspire you to build your own libraries of classes that would
be a basement for complex and sophisticated web applications. --
Yuri Makasjuk
There is a class framework called WildWeb that supports
object-oriented forms.
Discuss (Join / Login first) Edit
permalink: #
|
| MySQL 4.0 Alpha is
Out |
| The long awaited (alpha) version 4.0 of the MySQL database is
now available for download at the MySQL website. The new version is
intended as a platform for building mission critical, heavy load
database solutions, and much effort has been put into providing a
solid foundation for planned enhancements, some of which are
included from the start.
Discuss (Join / Login first) Edit
permalink: #
|
| How Apple
blew it, how Linux will blow it, and the Next Big
|
| Will Linux desktops innovate? No. I don't think of that as
being the solution: because it's open source. It doesn't lend itself
to coming up with new paradigms. The one thing it's very good thing
at is designing software for other hackers, for other nerds, really.
That's their skill and that's their strength - there's a thousand
nerds to look at it. If something doesn't work it's going to be a
debate on the mailing lists and it's going to be fixed.
But that's a bad method for complex decision management or
business professionals or this next generation of home users,
because that requires a very different project management approach,
a clear vision.
They're great programmers and that's very nice, and it generates
good stuff for that environment, but it's a little sandbox. --
Jakob Nielsen
Discuss (4
responses) (Join
/ Login first) Edit
permalink: #
|
| Project Phoenix and
Msession |
| Project Phoenix is a library kludged together from bits
and pieces of many independent projects that Mohawk Software had
done in the past. Nothing particularly noteworthy, particularly well
written, nor documented, just (hopefully) useful. Growing day by
day, Phoenix is becomming quite a bit of code.
Msession is a stand-alone multi-threaded daemon which
provides session management for a cluster of web servers. Msession
has a C/C++ API, as well as a PHP extension. A PostgreSQL extension
is also in the works.
The recent Abdul Basit
benchmarks suggest that session management could be improved in
PHP. Msession is one such endeavor.
Discuss (Join / Login first) Edit
permalink: #
|
| PEAR
Cache Tutorial |
| Caching is currently a hot topic in the PHP world. Because
PHP produces dynamic web pages, scripts must be run and results must
be calculated each time a web page is requested, regardless if the
results are the same each time... --Sebastian Bergmann
Discuss (Join / Login first) Edit
permalink: #
|
| Apache 1.3.22
Out |
| This version of Apache is principally a security fix release
which closes some problems where a directory listing could be
obtained instead of the default index page.
Discuss (Join / Login first) Edit
permalink: #
|
| An
Anonymous Mouse Roars |
| The author is very misinformed. In addition to errors in
interpretation, there are several glaring factual errors in his
analysis. My reply to each of his points is in Blue below. Note
also, that ASP.NET blows away both, PHP and ASP on every one of the
points he raises. -- Anonymous Mouse
Dear Anonymous,
My name is on this article you criticize because I am willing to
enter into debate with anyone over the merits of PHP and ASP. I have
had dozens of criticisms of this article, but every person before
you has given a real name or valid email address.
I will not talk to someone who pretends to be the voice of pure
reason but hides anonymously like you do - this is too much like a
poison pen letter.
Yours sincerely, John Lim
Our great readers respond: Jason
Gan, Michael
Kimsal, John
Huong.
Discuss (1
response) (Join /
Login first) Edit
permalink: #
|
| First
Look at Microsoft J#.NET Beta |
| Theoretically, any Java application that doesn't make use of
Java APIs can be migrated into J# and compiled to the CLR.
Applications that use Java APIs such as RMI or JNI are not
supported. Microsoft only explicitly supports the Java 1.1.4
specification. Further, the resulting binaries do not support any
JVM—they will only compile to the .NET framework.
Discuss (Join / Login first) Edit
permalink: #
|
| Migrating MySQL to
PostgreSQL |
| I continued to use MySQL and attributed the MySQL failures
and crashes to the incompetence of my hosting service, which I
couldn't change at the time. As soon as I was able to, I changed Web
hosts. This new host's service and philosophy was very different
from my previous one, as they had a higher commitment to security
and stability than did my old host. -- Nathan Matias
This has not been my experience with MySQL, but everyone is
entitled to their own opinion.
Also see Part
2 of the story.
Discuss (Join / Login first) Edit
permalink: #
|
| Java.NET
|
| As first reported by UK-based news outlet The Register, an
early preview of Microsoft's version of Java intended to run in
tandem with .NET headed out of the stables at Redmond. Although the
7 megabyte file as pulled from Microsoft's download site almost as
soon as it make its brief appearance, enough time elapsed for a
small number of fortunate souls to get their hands on it. --
Beta News
Discuss (Join / Login first) Edit
permalink: #
|
| Dirty Minds
Again: PEAR DB and ADODB |
I must be mad after all the dirty talking last week. Mohan
posted a message in php-pear-general and I had to respond: Mohan <saradiya@ameba6.com> wrote in message
mailto:news:200110080226.f982Qhk05006@antaraconsolidated.com...
> Hi guys,
>
> I am currently working on a php project and was seriously considering DB
over
> ADODB. This was mainly due to the fact that
>
> 1.THere has been rumbles that they are porting DB to C ?
> 2.DB is used by all the other PEAR classes
> 3.ADODB seems a tad complex , since we will mainly be using only
postgresql
> and might need support for oracle/mssql
>
> Why would I choose ADODB over DB ? Is there someway to abstract it such
that
> we could enjoy the best of both world ? Maybe use some Factory patterns ?
>
> Mohan
Hello Mohan
If you know oracle/mssql/postgresql, they are all very different beasts. We
use MySQL and Oracle everyday at work and I know you will need a good
wrapper then.
Oracle is the most complicated rdbms of all, but a quick scan of the source
of PEAR DB's oci8 vs mysql implementation will show you that the oci8 is far
less complete (16K) than mysql's (22K). Ditto for mssql (13K). That will
tell you something.
You will see the reverse in ADODB, where the oci8 implementation is one of
the larger files.
Parts of ADODB will probably be ported to C eventually, and I can tell you
that startup time will decrease significantly then (well maybe not if u use
the Zend Accelerator), but I do not really expect that much speed
improvement - the bottleneck is the SQL execution - of course I might be
wrong...
If you need power, ADODB has more functionality, particularly for oci8.
ADODB can simulate SELECT ...LIMIT and PEAR DB currently doesn't. If your
needs are simple, stop worrying about which one to use - start coding - it
doesn't matter!
John Lim
Discuss (Join / Login first) Edit
permalink: #
|
| The Abdul Basit
Benchmarks: PHP, ASP and JSP |
| The results are getting monotonous and the winner is obvious -
it shows you what an amazing programming team we PHP developers
have!
A .NET benchmark would be more interesting. Some informal
claims have been made that the beta(!) is at least 20% faster than
ASP, making it very close in speed to PHP.
Michael Kimsal as usual is the voice of reason and has pointed out a
boo-boo. PHP only wins the simple "hello world" and "DB Engine"
tests. ASP wins the session tests, which I presume means cookies.
What i don't understand is how dynamic web page throughput can
outperform static HTML throughput? Has the tortoise figured out how
to beat the hare?
Discuss (4
responses) (Join
/ Login first) Edit
permalink: #
| |
