Category Archives: My Thoughts and Rants

PHP Donts

Posted on by
3

The following is a non-comprehensive list (in no particular order) of things I often see people doing while using PHP that they probably shouldn’t. The purpose of this list is to inform; hopefully it will shed some light on what some people may be doing wrong and what they can do better. I doubt there is a PHP programmer out there that hasn’t been guilty of some of these things at some point, so if you find that you are doing several or even all of these things it is nothing to be ashamed of.

Continue reading

Amazon Should Step Up

Posted on by
Reply

In the aftermath of Amazon’s decision to drop California residents from their affiliate program I found some interesting discussion on the Associates board. Basically the poster is asking if anyone knows of any charities that California residents can swap their associate tags with while they either explore an alternative or wait to see how things play out. I am personally interested in finding such a charity, but I think Amazon should take it upon themselves to take this idea a step further. Amazon should donate the commission that would have been given to California residents to a charitable organization.

The thousands of affiliate links created by California residents are not going to go away over night. Many of them won’t even go away in the near future for various reasons. If Amazon isn’t going to pay California residents for the sales they generate they should at least give us a say in what happens to that money.

Edit
Just to clarify, I personally don’t think it is reasonable to place the blame for this situation entirely on either the California law or Amazon. However, I would feel a lot better about the role Amazon played if I knew they weren’t pocketing the money earned by California associates. Moreover, if Amazon were to implement this idea it might compel some former associates to leave their links up and continue to generate sales for Amazon.

Is SHA1 Still Viable?

Posted on by
10

Lately whenever I see discussion regarding SHA1 in the context of password hashing or user management it usually involves someone claiming that SHA1 has been ‘cracked’ or is otherwise not viable as a hashing algorithm. I think there is some degree of truth to these claims. In spite of this however, I think that many of these conclusions are based on a misinterpretation of the evidence.

Before I explain myself I want to say this: If you are reading this article because you intend to implement something that require a secure hashing algorithm stop thinking about SHA1. There are a lot of more collision resistant algorithms for you to chose from. You might be thinking that this fact defeats the purpose of discussing the viability of SHA1, but considering all of the existing system that rely on SHA1 I think the discussion is valid. Here we go:
Continue reading

Doing Things the Hard Way

Posted on by
2

Every now and then I discover something that makes me feel like I’ve been doing things the hard way. The feeling is an interesting combination of excitement and embarrassment. I experienced this today while browsing PHP documentation. I discovered two function that will make my life a lot easier in the future: debug_backtrace and debug_print_backtrace. As someone who has written his fair share of Java, I’m very accustomed to stack traces. The fact I’ve made it as far as I have with PHP without them leaves me feeling amazed. The fact that I’ve had access to them all along leaves me feeling ashamed.

I guess you learn something new everyday.

Comprehensive Guide to Posting on Forums

Posted on by
2

Creating Threads

Searching

When a rational person has a question or a topic to discuss on a forum that person might think “Maybe I should use the search feature to see if a thread regarding my topic already exists!”. This is generally a waste of time, however. The probability of two people on a forum consisting of thousands of members over the span of several years having the same question, idea, or thought turns out to be very low. In addition to this, using the search feature can be incredibly confusing to use and takes far too long (sometimes 2 whole page loads).

Here’s a tip: If you happen to find a thread that is slightly related to your topic, feel free to hijack borrow it.

Finding the Appropriate Forum

It is common for a board to have a separate forum for each distinct topic. However, you probably don’t have time to read the title and description of each one. The best way to choose a forum to post in is to chuck a piece of chewing gum, spit wad, or dart at your screen. Which ever forum it sticks to is the one you should post in. It is safe to do this because forums have these things called moderators. They are responsible for placing threads in the appropriate forum and can generally be thought of as your slaves.

Here’s a tip: If you can’t decide between several forums, either because your topic is related to both, or you can’t tell which your dart landed closer to, post in all of them. This will ensure your post gets maximum exposure.

Titling your Thread

Thinking of a clear, relevant title for your thread can be a difficult task. So don’t bother! The best way to create a thread that will draw the attention of others is to use lots of capital letters and lots of exclamation marks (!!!).

Here’s a tip: It is best to keep things simple. The title: “Need help validating form data in PHP” can be reduced to “OMG HeLP!!1!”. Not only is it shorter, but it also conveys a sense of urgency.

Punctuation and Grammar

The great thing about forums is that they are informal. This means that punctuation and grammar are completely optional. In fact, including punctuation in your post is a waste of precious bytes in the forum’s database. In addition to this, readers will have to read through your post multiple times and think very hard in order determine what you are trying to say. In other words, leaving out punctuation is the easiest way to create a thought provoking post. If you do decide to use punctuation, you should use it in new and unique ways as a form of artistic expression.

Here’s a tip: the most efficient way to write your post is to pretend you’re in the 19th century sending a telegram. Leave out any words that aren’t absolutely necessary.

Spelling

If you’re writing your PhD dissertation in comparative literature then spelling is probably important. On a forum, however, don’t waste your time distinguishing between there, their, and they’re. Most modern browsers come with a spell check feature, but it is common knowledge that these features were created by grammar Nazis determined to hurt your feelings by pointing out your mistakes; Don’t give them the satisfaction!. Ideally it is best to use a browser that won’t bother you with little red lines such as IE6.

Here’s a tip: If your spelling is so bad that people think you’re not from an English speaking country just go with it.

Posting Code

Most forum software comes with built in features for displaying formatted code with syntax highlighting. However, unless you’re the one that designed these features figuring out how to use them is a lost cause. It is best to just copy and paste your code directly into your post. It is also important to post any and all code that could possibly be slightly related to your problem, even if it is hundreds of lines.

Don’t bother including any error messages with your code. They are almost always too cryptic to be useful. Also, most programmers enjoy the challenge of trying to determine what is wrong with your code based only on vague description. If you really want to give them a challenge, don’t even include the vague description. A post containing only the words “wuts wrong with this:” followed by a massive blob of code is a programmers dream.

Here’s a tip: Not mentioning the particular line that’s giving you a problem will force your readers to dig through your code to find it. This ensures you have their full attention.

Getting a Response

Response time varies from forum to forum, but any thing longer than thirty seconds should be considered unacceptable. If you find yourself waiting longer than this you should reply to your own thread demanding an immediate response. Remember: Just because the person helping you is not being paid doesn’t mean you can’t demand he devote himself completely to your problem.

Here’s a tip: The best way to get a response is to make sure your thread is always on the top of the page. If it ever falls below number one just reply “Bump” until it gets a response.

Replying to Threads

Your 2 cents

It is generally considered rude NOT to reply to a thread that you read, even if you have nothing of use to say. At the same time it is important to convey to everyone that you’re an expert… at something. If you don’t have any clue what you’re talking about, just say something vague. You can also try just stating your opinion as fact and backing it up with nothing (no one will notice).

Here’s a tip: Make sure never to come back to see replies to anything you’ve posted. This way people will learn not to question you because they know you won’t dignify them with a response. This is the forum equivalent of sticking your fingers in your ears and singing the Oscar Myer Weiner song, which as we all know is a very effective debate strategy.

Volume

Making lots of short, mindless posts is the same as making a few well thought out, well written posts. Only without all that headache-inducing thinking. Having a high post count will indicate to others that you’re an expert… at something.

Here’s a tip: Posting “I agree” or “Great topic” is a good way to increase your post count. You don’t even have to read the thread!

Reading

Reading the title of a thread is usually good enough to devise a perfectly good response. Reading the topic itself should be considered a courtesy. Reading each post in the thread is usually very time consuming and yields very little benefit.

Here’s a tip: If you recognize one of the words in the thread title, just regurgitate everything you know about that word.

Miscellaneous

Being an Expert

Some people think being an expert is about learning as much as possible about a given topic and being able to use that knowledge effectively. Clearly they’re not experts on being an expert. Being an expert is 50% claiming to be an expert, 50% pretending you know what you’re talking about it, and 1% actually knowing something. If you read the first paragraph of the Wikipedia page on a topic, then you’re ready to start telling people you’re an expert on that topic.

Here’s a tip: Learn as many buzz words regarding your topic as possible. If you can combine these words into a coherent sentence everyone will think you’re an expert.

Signature Links

I read somewhere on the Internet that signature links are one of the best ways to promote your website. Naturally I now tell everyone this is true.

Here’s a tip: Some forums, for no particular reason, have rules that prevent members from having signature links until they have a certain number of posts. You can get around this by just adding the link to the bottom of your post. No one will notice.

Rules and Reprimands

Believe it or not, some forums have rules. Usually, however, they are difficult to find and too time consuming to read. This being the case it is perfectly acceptable to just ignore the rules and trust your judgment. If a moderator happens to reprimand you, you should remember one thing: Moderators are generally rude people and tend to overreact. Anything they say can usually be taken as a suggestion.

Here’s a tip: The only practical way to learn the rules is through trial and error. Have lots of extra email accounts on hand, that way you are free to “test the waters”. If you get banned just register a new account.

Done with the BS

Posted on by
3

I have been using various shared hosting providers for several years now. In that time I have never renewed a hosting plan with any single provider; instead moving from one to another for various reasons. Before I go any further let me describe my needs with regard to hosting:

  1. Obviously one of my needs is to host this blog. I don’t get a huge amount of visitors (150 on an average day at the time of this posting) so this isn’t much to ask for.
  2. I have a few other sites that are in development, most of them will never see the light of day. Their impact on server load is pretty much negligible.
  3. I develop PHP scripts on my local windows machine, but I often upload and run them on my host to make sure they’ll work in a linux production server.
  4. If I develop something for a client I usually demo it on my host.

That’s it. Nothing is mission critical and I don’t get a lot of traffic. This being the case you may be wondering why I move from host to host. After all, my needs aren’t very demanding. To be honest one of the reasons is that a renewal is almost always more expensive than switching to a new provider. You don’t have to look hard to find a discount, the catch is you have to pay full price when it is time to renew.  I wouldn’t mind paying a bit more though, if it weren’t for one thing: there is almost always something that I find dissatisfying: poor customer service, lack of features, lack of freedom, etc.

One thing that up until my last host was never an issue was server performance. As I mentioned my needs are fairly small, and I don’t mind a little downtime. The fact that I can pay a company money and not have them meet my relatively small amount of demand has scared me away from shared hosting forever. This is where the horror story portion of this article begins:

Up until my recent host switch I had been hosting with a company called MochaHost. The reason I chose them in the first place was related to one of my complaints about a previous host: lack of features. On paper MochaHost had everything I needed, and like virtually every shared hosting provider they had an uptime guarantee. In general these guarantees have a ton of loopholes and are not to be trusted, but in this particular case the guarantee was an outright lie. The quality of service I experienced was beyond terrible. I experienced frequent downtime usually lasting only for a short period (but long enough to be extremely annoying when you are trying to get something done). Half the time when my service wasn’t down it was very slow, often to the point where you might as well consider it to be downtime. This graph illustrates my point:

The graph is from Google Webmaster Tools and shows the amount of time spent download a page. It should be fairly easy to tell at which point I switched hosts. The site performance tool in Webmaster Tools also consistently rated this site as being slower than 90+ percent of other sites prior to the switch.

When I reported this downtime usually the response completely ignored the underlying issue. Generally some person would reply that it seems to be working now, without addressing the problem that IT WAS down and that this wasn’t the first time. The only thing good I can say about MochaHost was that their customer service was very responsive and helpful, provided they weren’t dodging questions about uptime and performance.

MochaHost was only the worst part of what was ultimately a bad trip through shared hosting land. In spite of not needing much in terms of performance, I was constantly disappointed with the features and level of flexibility of shared hosting. This led me to switch to VPS (Virtual Private Server). In case you are unaware, a VPS is somewhere between a shared host and a dedicated server. A server is divided between multiple user, but this is transparent to the user; the environment is effectively the same as that of a dedicated server.

This comes at a cost however, I’m paying twice as much as I did for shared hosting. What I get in exchange, however, is well worth it. In addition to getting better performance than you could hope for in a shared host, I have absolute freedom: I have root access and I can configure my server anyway I please, and I can install which ever software I choose. I was even given the choice of server location (I chose one in California). Of course the downside to absolute freedom is absolute freedom: I’m free to screw up anything I can and when I do there is no one to hold my hand. Having had plenty of experience screwing up my own machine I think I’m up to the challenge.

Another benefit of VPS is the dramatic decline in bullshit. Some shared hosts give you unlimited everything, which is bullshit for ‘we’ll decide when you’ve used too much bandwidth or storage’. Still others promise you more than they would ever let you use. The caps on my bandwidth and storage are both real and reasonable. In case you’re interested (Warning: Imminent blatant affiliate link drop) I’m using Linode. I paid about $220 for a year of service and so far I couldn’t be happier. A word of caution though: If you don’t know how to configure and manage a server, or don’t want to take the time and effort to learn, it may not be for you.

Update: A perfect example of what I mean by being free to screw up anything I can: When I was configuring this site in apache I forgot to set the server alias www.tinsology.net for the domain tinsology.net. For whatever reason all of the traffic from www.tinsology.net was getting redirected to a completely different domain: errordatabase.info, which is another site of mine hosted on the same server.

PHP Overloading

Posted on by
Reply

The lack of function overloading is one of my biggest complaints about PHP. If you’re not familiar with overloading, its a feature of some languages that allows you to defined multiple methods (or functions) with the same name, but taking different paramenters. In Java, for instance, methods are not identified solely by their name. Instead, functions are distinguished by their signature: their name, return type, number of parameters and their types. This allows you to do things like define multiple constructors for a class.

PHP not being a typed language, using parameter types and return types as part of a method or function signature is out of the question. You could, however, use the number of parameters. In my opinion, you should be able to do something like this:

class Foo {
	function __construct()
	{
		//constructor that takes no parameters
	}
	function __construct($param1)
	{
		//constructor that takes 1 parameter
	}
	function __construct($param1, $param2)
	{
		//constructor that takes 2 parameters
	}
}

If you did this, however, you would get an error message reading something like this: Fatal error: Cannot redeclare Foo::__construct. As unfortunate as this is, it is possible to devise a simple workaround, due to the fact that a method can be written to take an arbitrary number of parameters. The solution is to create a method that can take any number of parameters and have that method delegate to ‘helper’ methods:

class Foo {
	public function __construct()
	{
		$args = func_get_args(); //any function that calls this method can take an arbitrary number of parameters
		switch(func_num_args())
		{
			//delegate to helper methods
		case 0:
			$this->construct0();
		break;
		case 1:
			$this->construct1($args[0]);
		break;
		case 2:
			$this->construct2($args[0], $args[1]);
		break;
		default:
			trigger_error('Incorrect number of arguments for Foo::__construct', E_USER_WARNING);
		}
	}
	private function construct0()
	{
		//constructor that takes no parameters
	}
	private function construct1($param1)
	{
		//constructor that takes 1 parameter
	}
	private function construct2($param1, $param2)
	{
		//constructor that takes 2 parameters
	}
}

It might not be pretty, but using this method you will be able to call the constructor of Foo as if it were actually overloaded:

$x = new Foo();
$y = new Foo(1);
$z = new Foo(1, 2);

An alternative to this would be to use default parameters to determine what action to perform, but this method gets increasingly clumsy as the number of arguments grows.

Resurrecting a Laptop for Development

Posted on by
Reply

I have an old single core laptop that doesn’t get a whole lot of use anymore, partially because it is dated (purchased in 2006) and partially I’ve never really adapted to using a laptop as a general purpose computer. Increasingly, however, I find myself in need of a laptop either when I want to get some work done when I’m away from home, or when I need to take my work with me. This being the case I decided to re-purpose my old laptop as a dedicated development machine.

I could have just put a fresh copy of Windows XP on it and gone from there, but given the circumstances that might not have been the best route. All I needed to run was apache, MySQL, PHP, subversion, and something to write code in. Clearly something more lightweight than Windows could accomplish this. In addition to this I wanted something that would mirror my production server, which is running ubuntu. I ended up installing lubuntu, a lightweight distribution based on ubuntu (if you plan on trying lubuntu bear in mind that it is still in beta). Other than some very minor bugs, lubuntu seems to be perfect for my needs: I could configure it to be almost identical to my production server, it is easy on resources (even on my ancient laptop), and I immediately noticed a big improvement with regard to battery life.