Havard Eide has a recent post to his blog that looks at a part of the Standard PHP Library (SPL) that can be used with objects to store them for later use - SplObjectStorage.
In this post I will look at SplObjectStorage: a container that allows to store objects uniquely without the need to compare them one by one.
He lets the code to most of the talking, showing how to do the standard operations for a data store - adding objects (both unique and the same), updating objects in the store, checking to see if an object is already added and removing an object from storage.
Brian Moon had a problem - one of his cron jobs was lasting for much longer (hours!) than it should have been. He tweaked, tested and debugged the script and finally came down to a call to in_array, something he comments on as being "quite slow".
See, this job is importing data from a huge XML file into MySQL. After it is done, we want to compare the data we just added/updated to the data in the table so we can deactivate any data we did not update. [...] We then compared the two arrays by looping one array and using in_array() to check if the value was in the second array. [...] So, that was running for hours with about 400k items. Our data did not contain the value as the key, but it could as the value was unique.
He method, replacing the in_array call that had to do a full array scan for each time through the loop with an isset/unset combo on the unique key, changed the execution time down from about 4 hours to 0.8 seconds.
On the Internet Super Hero blog, there's a post that looks at how PDO is implemented in PHP and wonders if the PDO::FETCH_UNIQUE constant is broken (as something to fix before even considering the move to PDO2).
I spent quite a lot of time comparing the different behaviours of the various drivers in the hope I could find out how PDO drivers are supposed to work. The PDO documentation and the specification do not cover each and every detail. PDO really needs some love...
He picks out the FETCH_UNIQUE constant as one that needs a little work and tries to track down exactly what it's doing. One issue he found was that it requires combination with other flags to make the unique part of it work correctly (like FETCH_OBJ or FETCH_COLUMN). He works through several examples, both ones that apply the unique call and others that don't, comparing the results.
One of the new features in the upcoming PHPUnit 3.1 release is the support for distributed testing through the ability to log test result and code coverage data to a database. This way, the same test suite can be run on different platforms with the results being aggregated in the database. For this to work, however, we need a key in the database that identifies test runs from different machines as being related. A Subversion revision number is a perfect candidate for this.
He includes a sample script that helps with the storage of the results in the database by grabbing a unique id for the machine pushing the updates in.
If you've ever had the frustration of working with Ajax in Internet Explorer and have noticed it caching the requests/results, you might want to check out this new post on the JSLabs blog for a helpful hint.
While working on an AJAX project over the weekend, I ran into the following issue: (through a GET request), every time I tried to call a certain function, It was returning the same data (which was supposed to be different each time)
First, he tried just changing the headers (via PHP's header function) to see if IE would understand the new message, but to no avail. He finally figured out that, despite whatever headers were sent or how much the content changed, what he really needed to do was to provide the script some kind of unique identifier with each request (just appended to the url) so that IE knew the request was different. His weapon of choice was a date/time value.
On The Bakery, there's a new expanded tutorial (from this) that talks about how to check for duplicate records in your CakePHP model.
[Here's how to] validate a form field (such as a user name field), both in add and edit form and make sure that the selected user name does not already exist in the database [via a] function repeated only once (in app/app_model.php).
The example model they give defines an isUnique method that essentially runs an automatic check (a count() call) on the table to see if the given information exists. The example Model, View, and Controller are all given.
A new tutorial has been posted to the WebCheatSheet.com website demonstrating a method for secure file uploads with PHP.
In spite of security issues that should be addressed before enabling file uploads, the actual mechanisms to allow this are straight forward. In this tutorial we will consider how to upload files to some directory on your Web server. We will also discuss security issues concerned with the file uploading.
They break it up into the two key parts - the HTML form and the PHP script that handles the resulting upload request. The "secure" part comes in with the validation of the upload. In this case, making sure it's a JPEG file, that its size is less than 350 KB, and that a file by that name doesn't already exist.
On the ThinkingPHP Blog today, there's a look at how to handle inline links to dynamic resources - specifically allowing users to create links in their own content to dynamic content elsewhere on the site.
I thought of something that would be both, easy to implement and easy to use. What I finally came up with is tightly coupled to my new url system that I'm using, so make sure to check it out in case you've missed it.
The basic idea of the system is that the URL of the page (made up partly of the title) would be the unique identifier for the page. For example, "[page 12]" would be expanded out to "/pages/12:my-title". Felix takes this idea and runs with it, showing how to implement it in a CakePHP project inside of a Model and a Component. The sample usage code is, of course, also included in the post.
In his quest for a secure method of server-side security in addition to PHP, Ben Ramsey stumbled across Peruser MPM, an Apache security module, seemingly with PHP in mind. In this latest blog post he details what lead him there.
A while back, when I was doing some research for a talk on server-side security for PHP, I looked into various "secure" methods for setting up a server for multiple users. Despite my search, I couldn't find a simple and effective solution for managing a server with a large (and untrusted) user base (as is the case with many virtual hosting companies).
Sure, there's PHP's safe_mode, but its "safety" is misleading at best. There's also open_basedir, which helps a little, but it's not quite enough. For my research, I also looked at and tested mod_security, and the Hardened PHP Project's Hardening Patch.
Eventually, through this comment, he found Peruser MPM, a module that runs each Apache process with its own user/group combination. He notes a few issues that it still has (breaking mod_ssl and making Apache less scalable), but overall, it does sound pretty cool...
