In this post I will look at SplObjectStorage: a container that allows to store objects uniquely without the need to compare them one by one.

He lets the code to most of the talking, showing how to do the standard operations for a data store - adding objects (both unique and the same), updating objects in the store, checking to see if an object is already added and removing an object from storage.

See, this job is importing data from a huge XML file into MySQL. After it is done, we want to compare the data we just added/updated to the data in the table so we can deactivate any data we did not update. [...] We then compared the two arrays by looping one array and using in_array() to check if the value was in the second array. [...] So, that was running for hours with about 400k items. Our data did not contain the value as the key, but it could as the value was unique.

He method, replacing the in_array call that had to do a full array scan for each time through the loop with an isset/unset combo on the unique key, changed the execution time down from about 4 hours to 0.8 seconds.

I spent quite a lot of time comparing the different behaviours of the various drivers in the hope I could find out how PDO drivers are supposed to work. The PDO documentation and the specification do not cover each and every detail. PDO really needs some love...

He picks out the FETCH_UNIQUE constant as one that needs a little work and tries to track down exactly what it's doing. One issue he found was that it requires combination with other flags to make the unique part of it work correctly (like FETCH_OBJ or FETCH_COLUMN). He works through several examples, both ones that apply the unique call and others that don't, comparing the results.

One of the new features in the upcoming PHPUnit 3.1 release is the support for distributed testing through the ability to log test result and code coverage data to a database. This way, the same test suite can be run on different platforms with the results being aggregated in the database. For this to work, however, we need a key in the database that identifies test runs from different machines as being related. A Subversion revision number is a perfect candidate for this.

He includes a sample script that helps with the storage of the results in the database by grabbing a unique id for the machine pushing the updates in.

While working on an AJAX project over the weekend, I ran into the following issue: (through a GET request), every time I tried to call a certain function, It was returning the same data (which was supposed to be different each time)

First, he tried just changing the headers (via PHP's header function) to see if IE would understand the new message, but to no avail. He finally figured out that, despite whatever headers were sent or how much the content changed, what he really needed to do was to provide the script some kind of unique identifier with each request (just appended to the url) so that IE knew the request was different. His weapon of choice was a date/time value.

[Here's how to] validate a form field (such as a user name field), both in add and edit form and make sure that the selected user name does not already exist in the database [via a] function repeated only once (in app/app_model.php).

The example model they give defines an isUnique method that essentially runs an automatic check (a count() call) on the table to see if the given information exists. The example Model, View, and Controller are all given.

In spite of security issues that should be addressed before enabling file uploads, the actual mechanisms to allow this are straight forward. In this tutorial we will consider how to upload files to some directory on your Web server. We will also discuss security issues concerned with the file uploading.

They break it up into the two key parts - the HTML form and the PHP script that handles the resulting upload request. The "secure" part comes in with the validation of the upload. In this case, making sure it's a JPEG file, that its size is less than 350 KB, and that a file by that name doesn't already exist.

I thought of something that would be both, easy to implement and easy to use. What I finally came up with is tightly coupled to my new url system that I'm using, so make sure to check it out in case you've missed it.

The basic idea of the system is that the URL of the page (made up partly of the title) would be the unique identifier for the page. For example, "[page 12]" would be expanded out to "/pages/12:my-title". Felix takes this idea and runs with it, showing how to implement it in a CakePHP project inside of a Model and a Component. The sample usage code is, of course, also included in the post.

The author suggests that numbers can be more memorable than just named functions and can even help to seperate them into a kind of namespace within the application. There's a bit of code that shows how to, with his naming convention ("tying the knot"), check to see if a module implements a hook.

He also notes how using a system like this can help run your code of those pesky conflicts between function names that can happen when integrating 3rd party applications.

A while back, when I was doing some research for a talk on server-side security for PHP, I looked into various "secure" methods for setting up a server for multiple users. Despite my search, I couldn't find a simple and effective solution for managing a server with a large (and untrusted) user base (as is the case with many virtual hosting companies).

Sure, there's PHP's safe_mode, but its "safety" is misleading at best. There's also open_basedir, which helps a little, but it's not quite enough. For my research, I also looked at and tested mod_security, and the Hardened PHP Project's Hardening Patch.

Eventually, through this comment, he found Peruser MPM, a module that runs each Apache process with its own user/group combination. He notes a few issues that it still has (breaking mod_ssl and making Apache less scalable), but overall, it does sound pretty cool... ]]> Thu, 01 Dec 2005 07:12:35 -0600