Tools of the trade
August 31st, 2007 by Aaron
I just thought I’d drop some useful links and tools your way for those beginning and non-tool-cist peoples:
http://getfirebug.com/
used for js/css/dom debugging - additionally, even Yahoo is building upon this. I’ve used this a lot for AJAX request debugging as well.
http://zend.com/pdt
Zend eclipse project - get the full package - this is a ton of PHP tools from Zend (the PHP company) built on top of Eclipse (for those Java tool lovers out there)
Aptana
useful for css/javascript editing in eclipse - or as a standalone
Mysql Gui Tools
a nice gui browser for mysql - I know I know - us diehards - we shouldn’t need this - but it is still nice (you can also get plugins for eclipse to do the same thing with jdbc)
Pietty + Putty
Pietty - a putty plugin - allows for true transparency of putty windows - amazingly cool - at first its in some oriental language - and when you first open it up - you can’t read the screen when you first ssh somewhere. Never fear: just goto the encoding menu option and choose utf-8 - otherwise works like a dream. SSH to your heart’s content.
Komodo
If you don’t like Eclipse or the long time it takes to load, you can use Komodo. Plus, version 4 brings some lovely things to the table. Thats right, Lovely (and thats not cuz they gave me a shirt either…)
PHPDoc
Phpdoc for windows - has a nice gui for using phpdoc - what we use for documentation because its easy to customize and launch. (I have been using an eclipse tool though lately that I wrote….)
Thats about it - if you know any other cool tools, post them in the comments!
Write Security Triggers Against SQL Injection
August 19th, 2007 by Aaron
An interesting idea that a colleague told me about was a ’security trigger’ in any application that has a SQL type storage engine. The trick is to make sure that your admin account is not ID #1 and that your administrative username isn’t one of the most common ones:
- admin
- root
- administrator
- webmaster
- company name / your name
Then, the next thing to do is to program a trigger in your mysql database to check against a select against ID #1 or against one of those names. This would only happen if there was some sort of sql injection being exploited on your site… (of course make sure that the ’search’ feature can’t search for those usernames either - otherwise you’ll get false positives!)
A very intriguing idea.
Friendly reminders about testing your PHP code
August 3rd, 2007 by Aaron
I was reading on a forum the other day about some benchmarks for PHP. The guy had posted some results in ms measurements, and was getting upset about his erratic results. There were some things that he was forgetting, however.
First, not all tests are built to be accurate up to the ms. Sometimes, they are ratio based. For example, the tests you run on your development machine aren’t going to perform the same as they would on the production machine (of course, in this example I’m assuming identical hardware and configuration). There is differences in processes running, memory, etc. The important thing to note is the ratio between a mean of tests in scenario 1 and scenario 2.
Next, if we want to be super picky, the code you’re inserting to test - or the extra modules (think xdebug) you’re loading to test performance - are going to actually lower your performance a small amount. And when dealing with ms, this is measurable!
Finally, I can’t believe how many people forget this: if your development machine is not an exact copy of your production server (which most of the time, it isn’t), your tests MUST be ratio based. There are so many differences here - including even the differences in performance on internal PHP functions (think windows + perl regular expressions…)
So, in summary: DO test. DON’T take the results verbatim as proof. Run many and use means and averages. Be smart about how you’re configuring your test environment.
ODBC for UDB and PHP - How I increased performance by 400%
August 2nd, 2007 by Aaron
In our current setup at (”the triangle”), we have to use odbc connections to access our db2-udb database - and I don’t like it. But we have to stick with it - and thats the way life is. The main reason I don’t like it is the immense overhead and time it takes to execute queries. Well, I did some research and found out some interesting things. The most important of which was a cursor setting that allowed me to gain up to 400% performance. Find out how:
Continue reading ODBC for UDB and PHP - How I increased performance by 400%
Subscribe