Security Alerts for the Week Ending 8/29/2010

I should have posted these yesterday, going by my usual schedule. Being on hiatus from the podcast is disrupting my usual force of habit though.

feeds | grep links > PHP on Android, Shoring Up 4th Amendment Protection of Email, and More

Quick Security Alerts for Week Ending 6/6/2010

Facebook Releases More PHP Enhancements

According to Jolie O’Dell at ReadWriteWeb, their latest release, XHP, is aimed more at the templating end of the stack. I haven’t yet delved into the realm of PHP template systems so cannot compare it to them. When I saw the sample code, it did not look as different from plain PHP as I had anticipated. It sure looks a bit more streamlined in terms of switching between procedural code and static HTML chunks.

I guess I’ll need to see a more complex example before I believe the testimonials in the article. Either that or the people quoted find plain old PHP so bad that even a slight improvement seems gargantuan.

Regardless, with HipHop aimed at improving performance and XHP at improving developer productivity, it seems like the language that its creator, Rasmus Lerdorf, was content calling a glue language has grown a nice set of legs–and maybe some gills and wings, too.

PHP IDE Round-Up

I recently volunteered to work on the code my employer offers with its product for integrating with the free software learning management system, Moodle. Moodle is PHP based, a language I’ve only used sparingly, mostly in the form of WordPress hacking. A coworker recommended PHPEclipse as a free tool to make the Moodle hacking more tolerable.

I wish I had seen this comprehensive round-up of PHP tools on Slashdot sooner though. I have a strong bias towards Eclipse born out of laziness–I’ve used Eclipse for Java hacking for years and also recently installed PyDev to ease my Python hacking activities. I’ll probably stay with Eclipse, though I may check out the Eclipse PHP Development Tools (PDT) as I have been impressed by similar bundling efforts around enterprise Java in recent years.

If you are looking for tools, or hadn’t realized how many were on offer, I’d recommend taking a look at the Infoworld article. At a minimum it may support the choice you already made but it is always good to occasionally check to see if you might be missing something better.

Optimizing PHP

Listener Marc tweeted a link to a post by Rasmus Lerdorf himself, creator of PHP, explaining his view on optimizing the technology. In short, Rasmus still sees PHP as more of a way to glue more powerful components together.

This isn’t about server costs. It is about choosing the right tool for the right part of the job. A Javascript library for the client-side frontend, PHP for the server-side frontend, C/C++ for your middle-layer and an appropriate datastore behind it all and you can build amazing things with PHP. The largest destinations on the Web today are written exactly like this.

In my experience, because PHP has this glue-like aspect, it seems to make Maslow’s Hammer far worse than with more specialized tools. Rasmus puts his finger exactly on the balance PHP developers need to strike to not only make the most effective use of the tool but to realize the kind of performance that is increasingly a concern.

Well worth the read whether you use PHP or not, just to get you thinking about appropriate use of all of the tools in your belt.