Category: PHP

Stuff about PHP (Personal Home Page or PHP Hypertext Processor), an open-source language for developing websites and web applications. And one of the few things out there with more market share than a Microsoft product.

The Zend Engine is my bitch

I don’t read php-internals anymore because I’m partial to getting work done, but there was an interesting question the dealmac developer posted. Basically dealmac, like my current employer, has a large array structure in a PHP file somewhere that is included on every page. It’s abusing memory.

Brian then notices that if you use var_export()(a function I keep forgetting exists), he was able to cut the memory usage from 5MB to 1.2MB. Storing it serialized reduced the memory usage to 20% but with double to load time performance penalty.

How could a 300K file use up so much space in memory?

The way you answer this is to use vld to make the Zend Engine your bitch.

[The answer after the jump.]Continue reading

Posted on by tychay 9

A mile wide, an inch deep

When my brother was just starting out as an economist, he told me that economics was easy because it was “a mile wide and an inch deep” meaning that it was everywhere in social sciences, but analytical tools were so poorly applied and misused that you could strike gold anywhere you stuck them.

Books like Freakonomics [Revised and Expanded]: A Rogue Economist Explores the Hidden Side of Everything show that analytical tools are still misused: that book is a circular indictment on itself.

Nothing has changed in economics.

I read this today:

PHP Seen as a Popular Hacker Target

Looking at other e-commerce security trends for 2007, the report also expects the wildly popular PHP programming language to continue to provide a bounty of opportunities for hackers. PHP was invented more than a decade ago and has been used to create every type of software program needed to operate an online store, including shopping carts, payment systems, CRM and newsletter applications. Unfortunately, PHP developers to date have all too frequently emphasized functionality over security, according to ScanAlert, who reported that its security researchers had uncovered critical security flaws in several PHP programs.

<sarcasm>I bet that was a challenge to find all those security holes!</sarcasm>

PHP application-level security: a mile wide and an inch deep.
Continue reading

Posted on by tychay 0

My data in a box

Warning. This post is too geeky for words.

The inspiration,


12:36:44 PM ed: I wrote a twitter client
12:36:51 PM me: Yes, I noticed
12:36:55 PM ed: that’s how I roll.
12:36:58 PM me: also changed some phpsecurity update thing
12:37:04 PM me: white and nerdy baby
12:37:31 PM ed: php security is for the squares, dude
12:37:50 PM ed: I roll with my globals registered and all that shit.
12:39:20 PM me: fuck that bitch, I say all ports open
12:40:09 PM ed: I ain’t afraid of yo buffer overflow!
12:42:16 PM me: Stick your buffer overflow in a box!

Which inspired me to rewrite this song in honor of Ilia’s new filter extension and all the hard work the PHP team in putting security fixes with the latest releases.

[The song after the jump]Continue reading

Posted on by tychay 4

I’m a simple guy

Because I haven’t moved in yet, there is a dearth of good books at my place. In light of that, I finally picked up a Redbook. No, I don’t mean I’m interested in how to find my inner sex goddess, I mean I wanted to see what IBM’s developer tech support has to say.

This one is called Developing PHP Applications for IBM Data Servers. And that’s a tad ironic because I’m using Oracle. As Chris is fond of saying: people are born with either an I or and O stamped on their foreheads.

I was born with “cheap ass” stamped on my forehead since I’ve tried to stick to MySQL, PostgreSQL, and SQLite. But flipping through the book makes me make an observation from the cheap ass camp.

[Getting me to switch after the jump.]Continue reading

Posted on by tychay 4

Clever HTTP

I was looking at FirePHP today, trying to figure out what the point is, because the screenshots they keep directing me to are a joke.

Here is a better summary:

Basically it is allows PHP scripts to send debugging (or profiling) information to Firefox’s Firebug without having the write to the page itself.

How it does this is quite clever.

[More on FirePHP after the jump]Continue reading

Posted on by tychay 12

POW makes Ajaxian

Dave told me his website was getting stumbled.

The reason is he made Ajaxian:

FirefoxScreenSnapz001

Congrats. I love Ajaxian even if you have to wonder with all the Web 2.0 koolaid they drink there what’s going to happen when they have a James Jones moment.

Dave, as your first user ever, you have to convince me why I need to use it. I’m sure one of these ajaxnauts can figure out something useful to do with the extension.

[Personal stuff after the jump.]Continue reading

Posted on by tychay 1

Creative abuse of the OSCON submission system

OSCON proposals are due in 20 minutes. I submitted something just now. That’s like 10 minutes sooner than last time. I am improving. 🙂

The last talk new talk I gave was at OSCON so I had to come up with something new. Since I just changed jobs and actually spent the afternoon B.S.ing one of Dave’s submissions (in exchange, he was the one who reminded me (multiple times) that proposals are due), I had to keep things sort of vague but possibly interesting at the same time.

That was a challenge.

[My proposal after the jump.]Continue reading

Posted on by tychay 5

On PHP Debuggers

[The views expressed in this blog are definitely my own and not those of anyone I work for, have worked for, or even get drunk with.]

I’m used to Xdebug. We use Zend Platform. Am I going to have to have a Rodney King moment?

Here is Derek’s take on it, and here is some guy from Eclipse PHP IDE’s response.

I don’t care.

I want the developers here to use the development environment they want and me to use the debugger/profiler I want. Anyone know a solution? Currently it seems that if I use Zend Platform, we have to use Zend Studio or Eclipse PDT to debug. If I use DBGp, we can use ActiveState Komodo, NuSphere PhpED, or PHPeclipse.

Am I wrong? Are there other editors that support DBGp? Which should I use (in particular I want have valgrind for profiling output and I like the built in error system in XDebug, but I haven’t had a chance to delve into Zend Platform so you can try to sell me on that).

[Other rants after the jump]Continue reading

Posted on by tychay 2

Using a photo

I got an e-mail today in which someone asked to use a photo of mine for a Christmas prayer.

A photo of mine

This use is well within my creative commons license, but it’s always a nice touch when I’m shown how my photos are used. Besides, I always had a soft spot for Episcopalians. 🙂

I noticed they’re using Joomla as their CMS. That’s interesting. Their template seems to be missing deep links, though.

[More of photo usage after the jump]
Continue reading

Posted on by tychay 1