Interesting PHP factoids

It’s times like these that I wish someone just told the reporter that PHP is a programming language for web development that has a larger marketshare than Java J2EE and Microsoft dotNet combined:

[Web 2.0 technologies] also mean applications can be built much more quickly, says Mr Boloker. He is a big fan of PHP, an open-source scripting language which makes building mashups even easier. Originating in Greenland, PHP is now managed by an Israeli company called Zend.
Sydney Morning Herald

I didn’t realize that Rasmus wasn’t in Canada when he wrote PHP and that Cupertino is now in Israel.

Good to know.

Oh yeah, it’s nice that they’re allowed to use Apple Macintoshes in IBM, I didn’t know they’re so generous. Will they be taking his away with the Intel switch?

Other than that hilarity, thank you Dave Boloker for plugging PHP. Now I can go around saying that the former chief of Java Technologies at IBM Software Group is a “big fan of PHP.”

Rock on.

The Zend Engine is my bitch

I don’t read php-internals anymore because I’m partial to getting work done, but there was an interesting question the dealmac developer posted. Basically dealmac, like my current employer, has a large array structure in a PHP file somewhere that is included on every page. It’s abusing memory.

Brian then notices that if you use var_export()(a function I keep forgetting exists), he was able to cut the memory usage from 5MB to 1.2MB. Storing it serialized reduced the memory usage to 20% but with double to load time performance penalty.

How could a 300K file use up so much space in memory?

The way you answer this is to use vld to make the Zend Engine your bitch.

[The answer after the jump.]Continue reading

A mile wide, an inch deep

When my brother was just starting out as an economist, he told me that economics was easy because it was “a mile wide and an inch deep” meaning that it was everywhere in social sciences, but analytical tools were so poorly applied and misused that you could strike gold anywhere you stuck them.

Books like Freakonomics [Revised and Expanded]: A Rogue Economist Explores the Hidden Side of Everything show that analytical tools are still misused: that book is a circular indictment on itself.

Nothing has changed in economics.

I read this today:

PHP Seen as a Popular Hacker Target

Looking at other e-commerce security trends for 2007, the report also expects the wildly popular PHP programming language to continue to provide a bounty of opportunities for hackers. PHP was invented more than a decade ago and has been used to create every type of software program needed to operate an online store, including shopping carts, payment systems, CRM and newsletter applications. Unfortunately, PHP developers to date have all too frequently emphasized functionality over security, according to ScanAlert, who reported that its security researchers had uncovered critical security flaws in several PHP programs.

<sarcasm>I bet that was a challenge to find all those security holes!</sarcasm>

PHP application-level security: a mile wide and an inch deep.
Continue reading

My data in a box

Warning. This post is too geeky for words.

The inspiration,


12:36:44 PM ed: I wrote a twitter client
12:36:51 PM me: Yes, I noticed
12:36:55 PM ed: that’s how I roll.
12:36:58 PM me: also changed some phpsecurity update thing
12:37:04 PM me: white and nerdy baby
12:37:31 PM ed: php security is for the squares, dude
12:37:50 PM ed: I roll with my globals registered and all that shit.
12:39:20 PM me: fuck that bitch, I say all ports open
12:40:09 PM ed: I ain’t afraid of yo buffer overflow!
12:42:16 PM me: Stick your buffer overflow in a box!

Which inspired me to rewrite this song in honor of Ilia’s new filter extension and all the hard work the PHP team in putting security fixes with the latest releases.

[The song after the jump]Continue reading