Recent Blog Posts
Blogs ยป Archive for March, 2006
PHP6 gets a COMEFROM statement
One of the more controversial additions to PHP6 is the GOTO. Some have argued it flys in the face of many years good programming sense but there are valid use cases, when running performance critical operations such as parsing, where the overhead of making PHP user function calls becomes significant.
Anyway GOTO seems to have opened the gates to some more radical language modifications and recent discussion a revolved around adding a COMEFROM statement to PHP, which led to an initial patch being applied to the PHP6 CVS branch here.
Precedent for COMEFROM can be found in INTERCAL, a language which, for various reasons, never hit mainstream but aimed at being a better LISP, as this code listing illustrates.
Like GOTO, COMEFROM could lead to spagetti if used unwisely, so the initial implementation places a sensible restriction on it’s use: you can only COMEFROM a PHP script which is not the script where COMEFROM was used. An example if I have some include file like;
<?php
// login.php – the script we want to COMEFROM
function login($username, $password) {
$auth = new Auth();
return $auth->isValidUser($username, $password);
}
I can step into this with COMEFROM like;
<?php
// index.php
require_once …
The importance of mentoring
It is a wise business strategy to mentor others and to find a mentor(s).
By mentoring others, you get a source of potential clients as your “mentees” develop and take on more responsibilities. And because mentees are typically younger (although not always as you’ll read in a moment), you keep yourself abreast of new trends, issues, and — sometimes — emerging technologies. You also keep your mind sharp, since a good mentee can challenge you with great questions and creativity.
By getting a mentor, you expose yourself to wisdom and new opportunities. I owe much of my financial success to mentors, and look for mentors in every business relationship. There is much to learn from just about anyone. At the same time, some people have been kind enough to take me under their wing. One has been an investment banker who has taught me a great deal about how true entrepreneurs think. And recently a Sitepoint reader half my age (just about) agreed to teach me a business model he has employed successfully. In the former case, the investment banker received my ideas and “sweat equity” — along with some unpaid labor — in exchange for his commitment. In the latter case, …
Zend_Filter Reviewed, Blacklist / Whitelist Filters
I like Zend Framework’s Zend_Filter class. It’s basically a set of methods for validating untrusted data. Although the two arguably most important features isEmail() and isUri() (the latter can be worked around with Zend_Uri) are still missing, the whole thing looks promising already. Here’s a few thoughts on the package:
- Remove isGreaterThan() and isLessThan(). That’s what we have “< " and ">” operators for. I can understand the designer’s intention to deliver a complete set of tests but these just bloat both Zend_Filter’s and the user’s code. There is no isEqualTo(), either.
- isDate() looks like a stub. This should be replaced by something more sophisticated.
- Clean up the code of isHostname().
- The method name isRegex() makes me think that it checks whether the argument is a valid regular expression. Since pattern matching is a special way of filtering anyway, I’d just abandon the “is” prefix and call it match().
- I don’t know if isName() works completely accurate on any exotic names. Besides, it can be easily left away as it’s a job for whitelist filtering. See below.
- International support for isPhone(). I can deliver a Swiss implementation for it, just let me know. By the way, apply self::getDigits() on on the input instead of …
Rails 1.1!
The final build of 1.1 is now out in the wild – go team! With over 500 changes, you’ll want to take this bad boy home to Mother. No, really. What’s new? See the official weblog for the whole skinny:
Upgrading is a fairly simple, two-step approach (the first updates Rails itself, and the second updates your JS files).
gem install rails –include-dependencies
rake rails:update
Please note:Some plugins may need an update for the new version, and you’ll want at least Ruby 1.8.4, so YMMV.
Welcome!
This is the first post to the Ruby on Rails weblog here on SitePoint, so I thought I’d take the time to introduce myself.
I’m Daniel, aka ‘waferbaby’, author of the recent Getting On Track with Ruby on Rails article. I’ve been in this web gig for over a decade now, and it still manages to surprise and delight. Sometimes.
And that’s about it! I’ll be covering new and interesting development in the RoR world. Feel free to say hello!
Internet Explorer public bug database
As hinted at last month, Microsoft has launched a public bug database for Internet Explorer 7, as well as subsequent releases of the browser. The site will not be used to track bugs in Internet Explorer 6 and earlier releases.
A sub-site of Microsoft’s Microsoft Connect site, which it uses to manage its various public beta programs, the Internet Explorer Feedback site has launched with just the bug database, but Microsoft has pledged to extend the site with a regular blog. The bug database even includes the facility for web developers to log in and vote on bugs that they would like to see fixed, and track the status of bugs they are interested in.
Although the database currently requires a (free) Passport log-in to browse, this restriction will be removed in a future update to the site.
Is AJAX Cross-Browser?
There is a fascinating debate going on at Dojo developer Alex Russell’s blog. Sparked over the release of ajaxWrite, an in-browser Microsoft Word look-alike, the debate calls into question just what AJAX means (if anything) for cross-browser compatibility.
Rather than using cross-browser DHTML like Writely, ajaxWrite uses Extensible User Interface Language (XUL), which means it will only work on Mozilla browsers like Firefox. Alex Russell believes that advertising such an application using the AJAX name is both misleading and harmful.
On the one hand, AJAX stands for Asynchronous JavaScript And XML. If this is taken as a complete definition of the technology, then AJAX makes no mandate as to the technology used to present an interface to the user. Though typically written using DHTML (aka DOM Scripting), user interfaces written in Mozilla’s XUL would be perfectly allowable. It is already common and accepted practice to do away with the “X” in AJAX by using lighter data transfer formats like JSON (AJAJ?).
On the other hand, the biggest benefit of most AJAX applications over alternatives like ActiveX, Flash and Java Applets is that it will work across browsers regardless of available plug-ins or proprietary technologies. To corrupt this implied …
Why you should stop calling yourself a web designer
Why call yourself a web designer if you can make more money calling yourself something else? I suppose my business is web design and development, or at least that is a part of what I do. But I don’t call myself that. Nor do I structure my business arrangements like a typical web designer/developer.
There are only two ways I do business:
1. As a marketing consultant. Lots of what you do is marketing, right? Why not figure out a way to provide clients with a complete marketing solution? For instance, right now I’m working as a marketing consultant to a healthcare group. I write letters for them. I have created a marketing strategy for them. And I’ve developed a web site for them (at a pass-through cost of about $300). The website represents 1/35th of my total fees. Why? Because I’ve broadened my solution. You can do the same. As a marketing consultant, you can earn a lot more.
2. As a web publisher. For many professionals, I design their website for free. I even write books for them. In some cases, I hire a video professional to videotape them during lectures or demonstrating their expertise. I put up all of the …
If a hamburger can set itself apart so can you….
This weekend my wife, kids, and brother-in-law are driving 3 and a half hours across the state of Florida just to eat a hamburger.
Technically, we are also doing some siteseeing, but the catalyst for the trip was a hamburger.
We are fortunate to live in a state that boasts the best hamburger in the country, according to GQ Magazine and Oprah Winfrey. It’s at a place called Le Tub, in Hollywood Florida, in case you are interested. The service is supposed to be horrible, but the burgers are supposed to be incredible.
Why do you care? What does this have to do with web design and development?
Simple: If a hamburger joint can cause people (and my family is not alone in our quest) to travel 3 and 1/2 hours to buy its products, then web designers and developers can figure out ways to set their services apart to be equally tempting.
How? You have to become more than a commodity. You have to find, and then communicate, ways to set your services apart. You have to reach the top of the pyramid. You have to become the “go to” professional, or guru if you will.
Strangely enough, there is no absolute science to doing …
Evaluating PHP Applications
Following on from here, perhaps the two most common questions I’ve seen people ask, when it comes to evaluating PHP applications are;
- Does it loook good?
- Is it easy to install?
Now not everyone is a programmer or a system administrator – “normal human beings” rank these highly because they relate directly to the two most pressing problems they’re facing: they want a site which is visually attractive and, with limited technical expertise, installation can be a significant hurdle to overcome.
But when it comes to security or maintenance, those requirements rank pretty low down. So here’s some different things to think about, following on from this talk (PDF) on page 19, which I’d argue rank much higher when evaluating a project you plan to use (further suggestions appreciated).
Note that in an ideal world you’d have time and expertise on hand to do a full code review but in reality that’s not going to happen so what I’m suggesting here is meant as a reasonable compromise to help you build up a “ballpark” feeling for an application without making a huge effort.
What’s the security record like? The obvious place to find out is via Google with some searches like “appName exploit”, “appName …
