Redditor troelskn made an interesting observation about my recent blog post about Singletons, pointing out that static variables defined within a method behave completely differently to regular static properties. I use static method variables often but still found this behaviour surprising. I decided this was a good opportunity to find out exactly how static methods, properties and variables work in PHP. Read more.
Why would I be showing you how implement singletons in PHP? Don’t I know that the singleton pattern suffers from obvious shortcomings? Of course I do, but I have an ulterior motive. Singletons are a simple way to show off some of the features of PHP you probably don’t get to see and use too often. Now we’ve got that covered let’s see some code. If you haven’t seen a Singleton before the premise is simple: there should only ever be one instance of our class. Read more.
Should I or shouldn’t I? Should I ditch my well-worn PHP and the frameworks I know so well to go with this new-fangled (silent-d)Jango thingy I hear the cool kids talking about? It’s a big decision, as this project is going to be the big one (you know, the one that will change the world and all that).
I’ve worked with PHP for over six years. It has it’s warts (and how) but it’s very much a known quantity at this point. On the other hand, when I have used Python it’s been a much more pleasant experience. The fact that this is a personal project makes the decision easier: let’s ditch old mate LAMPhp go with LAMPy. It’s almost dinner time and the latter sounds like it’d go well with an ale anyway. So, starting with a brand new dev box, where do I begin? Read more.
Today I stumbled across an unused working folder in a dark and dusty corner of one of our development servers. The directory had a couple of dozen un-checked in changes. Some were from barely a month ago while others dated back years. Not wanting to discard any important modifirations I cobbled together a bash command to show me when each file was last modified (the file’s mtime). Read more.
I was recently looking for a simple RSS reader for PHP. There are a few out there, like Magpie RSS. These seem like adequate projects, but much too high level for the scripts I was throwing together. I need to read a couple of different feed formats: namely WordPress’ RSS feed and Flickr’s Atom feeds. I decided to put together a single-class implementation which didn’t do anything more than the bare minimum.
So I’ve been looking at and using Python recently. I thought I’d share some of my thoughts for those who haven’t had a chance to play with the language yet. I’ll try to avoid a preachy OMG-I’ve-just-discovered-the-best-thing-ever post, or to simply write another Python tutorial. I’ll look at the good and bad points of the language.I first looked at Python a month or two ago. The guy and girls over at programming.reddit.com push it as the language to end all languages, so I decided to grab a copy of the (free!) Dive Into Python book. I started putting together a smallish personal project, but with no external pressure it petered out. When a discussion came up at work (a PHP shop) on how to quickly write a reliable server daemon I pushed the idea of Python. It took a little convincing, but the results speak for themselves.
SQL injection is a well trodden topic so I won’t go into too much detail.
For those who don’t know, the problem occurs when you fail to properly escape variables being placed into your strings. For example the SQL statement
"SELECT * FROM users WHERE name = '$name'" will fail if $name is set to
' or '1' = '1. The string will be expanded to produce
SELECT * FROM users WHERE name = '' or '1' = '1'. This is obviously not what you wanted, and could lead to very bad results when coupled with DELETE or UPDATE queries.
When protecting your server environment you’ll want to ensure that two things happen. Firstly, you’ll want to keep your scripts from prying eyes; you want to make sure that you don’t accept input that will break your code. Secondly, and most importantly, you want to stop anyone from executing their own code on your servers.