I’ve been researching how to best write a long running PHP script executed on the command-line, and whilst there are Linux commands you can use to daemonise a command, these can also be written into a php script as well.
The easiest way to daemonise a command on a posix system is to run:
nohup command < /dev/null > /dev/null 2>&1 &
Ibuildings, a PHP development company with offices in the Netherlands, UK and Italy, have been running a series of challenges, with prizes such as iPads and tickets to the Dutch PHP Conference (DPC, of which they host). The latest completed challenge, the Elephpant challenge, was in the form of a code contest to write the fastest, shortest and least complex algorithm in PHP to solve a Travelling Salesman problem.
I’m happy to say that I was one of the winners for this task, getting 30 points (10 in each scoring method), which was the maximum points possible, for the medium category (people with 2 to 4 years experience), and winning a ticket to the DPC.
Here I will describe the two solutions I researched and completed. I only submitted the one which I thought would give me the biggest chance of winning, but each had their own specialities.
Here are several techniques for creating a secure shared web server.
Update 2010-03-14 – Revised opinion about APC and eAccellerator, which possibly do use memory-mapped files, also added detail about mpm_worker not working with mod_apparmor.
There are times when a Subversion working copy can mess up. This is usually due to human error, for example due to permissions problems or moving files or folders incorrectly
These can usually be easily recoverable, although at times it can seem there’s no solution. Here are a few examples and their solutions.
The performance of a website is an important issue. Even fast responding dynamic pages can be hit with problems with sub-optimal static content such as high overhead on many HTTP requests and large javascript/css files. Tools like YSlow, and Google Page Speed help identify these problem areas.
Webtatic Optimizer is a tool that can be used to improve these areas, and can help get an almost perfect score.
Recently I have been handling the security of some sensitive data. I had originally been encrypting/decrypting data with a symmetric-key system using mcrypt for PHP. This was due to the web frontend and the backend existing on the same server. However for security purposes I am now separating the frontend and backend onto different servers, so that there is no way the web accessible frontend, whether compromised or not, can get at the data it inserts into the database.
In order to do this, a asymmetric-key system is needed, such as public-key cryptography. Googling for examples of this in PHP, there doesn’t seem to be any results of this other than the php OpenSSL extension documentation, and systems that try to reinvent the wheel with their own implementations.
Using the PHP OpenSSL extension it is fairly easy to sort out a secure system for encrypting data with one key that only can be decrypted with another.
Update 1st June 2009 – Added a note mentioning about case-insensitive comparisons in MySQL.
I’ve been looking at generating random identifiers in PHP, and making sure they are random enough. Looking at the PHP function uniqid(), and its suggested better token, I don’t think this is an adiquate enough way:
$better_token = md5(uniqid(mt_rand(), true));
I was looking into getting Google Sitemaps running today, and didn’t find much in the way of WordPress-MU compatible sitemap plugins. The only article I found was on a website that wasn’t responding, and looking at its Google Cache, it was a bit dated.
All of the plugins I could find seem to put the sitmap.xml file in the WordPress install directory. The problem with that is that the directory isn’t apache writeable, which means you have to touch and change the permissions of the files manually. Also with WordPress-MU, there may be more than one blog in use for that installation, so you can’t serve these multiple blogs’ sitemaps from a single location.
I took a few of the cached article’s ideas and made them easier to do. This guide will work on WordPress-MU 2.7 (the latest release).
Update 1st May 2009: Good news, Zend Framework 1.8 defaults to no longer suppressing errors in loading classes (not sure how much of their library has been converted to use this though)
A good article on the autoloader changes:
http://devzone.zend.com/article/4525
Several times during website development, I have come across scripts which die without errors, so I try and debug the pages, finding which functions/includes it is getting to before it dies, narrowing it down. The code I usually come across which causes this is in the Zend Framework in the form of:
@Zend_Loader::loadClass('My_Class');
Zend_Form, the latest and greatest addition to the Zend Framework in version 1.5, is an infusion of the best bits of Zend_Filter_Input, and the Zend_View_Helper system. At first glance it looks like the ideal system for setting up from the simplest to the most complex forms, and this is how most people will see it.
I recently delved into the use of it, and was instantly shocked at a fatal flaw in its design. Where am I supposed to put it?