The Zend Engine is my bitch

I don’t read php-internals anymore because I’m partial to getting work done, but there was an interesting question the dealmac developer posted. Basically dealmac, like my current employer, has a large array structure in a PHP file somewhere that is included on every page. It’s abusing memory.

Brian then notices that if you use var_export()(a function I keep forgetting exists), he was able to cut the memory usage from 5MB to 1.2MB. Storing it serialized reduced the memory usage to 20% but with double to load time performance penalty.

How could a 300K file use up so much space in memory?

The way you answer this is to use vld to make the Zend Engine your bitch.

[The answer after the jump.]Continue reading

A mile wide, an inch deep

When my brother was just starting out as an economist, he told me that economics was easy because it was “a mile wide and an inch deep” meaning that it was everywhere in social sciences, but analytical tools were so poorly applied and misused that you could strike gold anywhere you stuck them.

Books like Freakonomics [Revised and Expanded]: A Rogue Economist Explores the Hidden Side of Everything show that analytical tools are still misused: that book is a circular indictment on itself.

Nothing has changed in economics.

I read this today:

PHP Seen as a Popular Hacker Target

Looking at other e-commerce security trends for 2007, the report also expects the wildly popular PHP programming language to continue to provide a bounty of opportunities for hackers. PHP was invented more than a decade ago and has been used to create every type of software program needed to operate an online store, including shopping carts, payment systems, CRM and newsletter applications. Unfortunately, PHP developers to date have all too frequently emphasized functionality over security, according to ScanAlert, who reported that its security researchers had uncovered critical security flaws in several PHP programs.

<sarcasm>I bet that was a challenge to find all those security holes!</sarcasm>

PHP application-level security: a mile wide and an inch deep.
Continue reading

My data in a box

Warning. This post is too geeky for words.

The inspiration,


12:36:44 PM ed: I wrote a twitter client
12:36:51 PM me: Yes, I noticed
12:36:55 PM ed: that’s how I roll.
12:36:58 PM me: also changed some phpsecurity update thing
12:37:04 PM me: white and nerdy baby
12:37:31 PM ed: php security is for the squares, dude
12:37:50 PM ed: I roll with my globals registered and all that shit.
12:39:20 PM me: fuck that bitch, I say all ports open
12:40:09 PM ed: I ain’t afraid of yo buffer overflow!
12:42:16 PM me: Stick your buffer overflow in a box!

Which inspired me to rewrite this song in honor of Ilia’s new filter extension and all the hard work the PHP team in putting security fixes with the latest releases.

[The song after the jump]Continue reading

Reading too much…

“Sara would read anything you handed her…She read upon waking, sitting on the toilet, stretched out in the backseat of the car…If there was nothing else she would consume all the magazines and newspapers in the house—reading, to her, was a kind of pyromania—and when these ran out she would reach for insurance brochures, hotel prospectuses and product warranties, advertising circulars, sheets of coupon. Once I had come upon the spectacle of Sara, finished with the volume of C. P. Snow while only partway through on of the long baths she took for her bad back, desperately scanning the label on a bottle of Listerine.”
—Michael Chabon, “Wonder Boys”

I can relate.

This leads to the famous line in the movie: “She was a junkie for the
printed word. Lucky for me, I manufactured her drug of choice.”