Slashdot Mirror

Michael J. Ross writes "The global accessibility of Web sites is a double-edged sword: At the same time that your online e-commerce site is open for business to anyone with an Internet connection, it is also open to malicious attack. Web sites based upon the popular language PHP, are no exception. Thus, it is both astonishing and worrisome that there are currently so few books devoted to PHP security — particularly ones that go beyond the handful of typical security countermeasures discussed in articles. Fortunately, Pro PHP Security, written by Chris Snyder and Michael Southwell, is intended to fill this critical need." Read the rest of Michael's review. Pro PHP Security author Chris Snyder and Michael Southwell pages 528 publisher Apress rating 9 reviewer Michael J. Ross ISBN 1590595084 summary A comprehensive guide to developing secure PHP-based Web sites.

Pro PHP Security spans 528 pages, consisting of 24 chapters organized into four major parts. The first part, comprising only one chapter, explains the nature and significance of computer security, and reasons as to why absolute security is an unattainable goal. Nonetheless, it is worthwhile to take all appropriate and reasonable security measures, and the authors provide a brief overview of the different types of attacks to which Web applications are vulnerable.

On their Web site, Apress has a page devoted to the book, where they offer the book's source code (in a Zip archive file), the table of contents, corrections to the book (i.e., errata), and a sample chapter (Chapter 12 - Preventing SQL Injection) in PDF format. In addition, there is a link for any reader who would like to purchase this title as an e-book.

One of the most laudable aspects of Pro PHP Security, is that the authors — both experienced software and Web site developers — go far beyond the standard PHP security advice of validating and escaping user input, etc. Those topics are covered in depth, but they are provided in the context of thorough discussions as to how to set up a secure environment in which to use those techniques. In addition, the authors present best practices that have evolved over time, as Web masters and system administrators have learned — often the hard way — the general types of attacks to which their Web sites and computer networks have been subjected.

In fact, Snyder and Southwell hold off on presenting the aforesaid specific PHP security techniques, until the third part of the book. Prior to that, they explain the characteristics of a secure online computing environment, such as using encryption, securing network connections via SSL and SSH, controlling access via authentication and permissions, and other important topics. Their coverage of the subject matter is complete, without being overwhelming. For instance, the material on encryption is helpfully divided into two separate chapters — devoted to theory and practice, respectively. Consequently, a PHP application developer or system administrator can immediately dive into the authors' recommended practices for encoding sensitive data, without getting bogged down in the theoretical underpinnings, if the reader is in a hurry to implement encryption on their own systems, or simply has no interest in the theory behind the methods.

As noted earlier, Part 3 of this monograph explains all of the well-known techniques that crackers use for attacking PHP-based Web sites, as well as the countermeasures that should be adopted by the developer or maintainer of the site. First up is validation of user input, which — though being essential to basic security — is still neglected on far too many Web sites. The attention to detail seen in this discussion is also reflected in the subsequent chapters, which cover SQL injection, cross-site scripting, remote execution, temporary files, and session hijacking. For each topic, the authors explain how the typical attack is attempted, and what needs to be done to prevent such attacks.

The fourth and last major part of the book covers vitally important topics that are usually glossed over in most PHP security books, or neglected altogether. Snyder and Southwell explain methods of limiting access to your Web site to humans (thus minimizing attacks that employ scripts), verifying the identities of those users, authorizing what those users can do on your system, and tracking their actions once they have logged in. The authors also explain how to reduce the chances of data loss, and how to execute system commands and make remote procedure calls without exposing your site to vulnerabilities. The last chapter covers the benefits to be gained from opening up your site and its source code to a review by your technical peers.

This book has much to recommend it: The discussions of security issues are more complete and thorough than in any other book that I have seen. The information chosen by the authors is detailed enough to be understandable and usable, but not so excessive as to prove daunting or discouraging to the reader who needs answers to their security questions, and does not have the time or inclination to slog through academic or pointless discussion. The information is well-organized, and presented in context, so the reader is not simply given a laundry list of security techniques, but instead better understands the rationale behind them. Lastly, because no technical topic can be covered in full in a single book, the authors provide a generous number of references to outside resources.

The content of this book appears to have only one noticeable weakness, and that is the poor quality of the comments in the sample source code. Not only are they few in number and lacking in detail, but they are written in all lowercase letters, with little to no punctuation. This coding style results in the comments visually blending in with the code itself, and makes reading both to be more difficult than is justifiable.

The physical book itself also has only one weakness, and that may only apply to a portion of the copies produced and distributed by the publisher. Specifically, the bottom and side edges of the book are cut cleanly, while the top edge is quite rough. As I was unable to find any mention within the book as to a possible reason or advantage for having the rough edging on top of the pages, I can only conclude that it was not intended on the part of Apress, and represents an error in production. I hope that the copy that I received — kindly given to me by the publisher — is not representative of all the copies produced and sold.

In spite of these minor complaints, I was quite pleased with this book. Pro PHP Security is arguably the most comprehensive PHP security book available, and is highly recommended to any developer or administrator of a PHP-based Web site.

Michael J. Ross is a freelance writer, computer consultant, and the editor of the free newsletter of PristinePlanet.com."

You can purchase Pro PHP Security from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "Given the current popularity of the Web development language PHP, it makes sense that newcomers to the language have a large number of introductory and reference volumes from which to choose. But for the more advanced PHP programmer, there are far fewer titles that explain how to make the most of the language, by applying it to solve relatively substantial problems. One such book is PHP Hacks: Tips & Tools for Creating Dynamic Websites, by Jack D. Herrington. Read the rest of Michael's review. PHP Hacks author Jack D. Herrington pages 468 publisher O'Reilly Media rating 8 reviewer Michael J. Ross ISBN 0596101392 summary Practical techniques and source code for improving PHP-based Web sites and applications.

The book was published by O'Reilly Media in December of 2005. Despite its title, PHP Hacks: Tips & Tools for Creating Dynamic Websites is clearly intended to show how PHP's capabilities can be extended beyond its most common usage for creating dynamic and database-driven Web pages, and can be employed in such areas as graphics, reporting, Web site testing, code generation, and even fun purposes (for those few programmers who find the former topics less than entertaining). The author, assisted by six contributors listed in the Credits section, manages to pack an impressive number of general programming ideas and PHP-specific topics within this title's 468 pages. The material is grouped into 10 chapters, each of which contains a generous number of "hacks," each in its own section.

As with most if not all of the other titles published by O'Reilly, this book has a Web page that offers an overview of the book, its table of contents, all of the book's code (in both Zip and tar file format), and a list of confirmed and unconfirmed errata. In addition, the site hosts five sample hacks (in PDF format): accessing iPhoto pictures, generating Excel spreadsheets, avoiding the "double submit" problem, reading RSS feeds on your PSP, and creating custom Google Maps. Perusing these hacks would give the prospective buyer a clear sense as to the style of the book's other 95 hacks, as well as the (low) level of PHP expertise needed to understand them.

The book begins with a preface that describes the organization, conventions, and icons chosen for the book. Also, it covers the legality of the code samples, lists contact information, and mentions O'Reilly's Safari online book service, which contains this title among many other PHP resources. What is perhaps most unique about this book's preface is that the author identifies over half a dozen weaknesses commonly seen in PHP applications, and explains how his book addresses those problems. In addition, he makes explicit how some of the hacks can be used for jazzing up one's Web site or Web-based application.

The first chapter discusses how to install PHP on Windows, Mac OS X, and Linux, and then verify that the installation was done properly. Herrington then briefly explains how to install MySQL and perform some basic database management. The chapter concludes with coverage of installing the PEAR library on your local machine and on your Web host's server (which is incorrectly identified as your "ISP machine," apparently assuming that most developers choose their Internet service providers for hosting their sites, when in fact the opposite is true). Since the typical reader of a non-beginning book such as this no doubt has one or more introductory and/or reference PHP books at hand, it would seem superfluous to waste time and space explaining how to install these components. But few pages are taken up by the material.

The next chapter is devoted to hacks that help to jazz up the design of one's Web sites, including how to create a skinnable interface, build a breadcrumb trail, create HTML boxes, add tabs to your interface, and other valuable techniques. Subsequent chapters offer hacks in the areas of dynamic HTML (DHTML), graphics and digital pictures, databases and XML, application and e-commerce design, patterns and PHP object orientation, testing and documentation generation, and building alternative user interfaces. The 10th and final chapter covers some "fun stuff," such as creating dynamic playlists, developing a media upload/download center, and even putting Wikipedia on a Sony PlayStation Portable.

Rather than try to explain in detail all of the many topics covered in the book, I instead encourage the interested reader to visit the publisher's Web page, and scan through the table of contents provided, to get a better idea as to how much of the book would be of interest to the individual. Also, the five sample hacks listed on the site, would be well worth examining and trying out. Overall, the topics chosen reflect favorably upon the judgment of the lead author and the other contributors to the book. The typical PHP veteran would likely be interested in most of the applications covered, and would probably learn some new tricks, especially in the areas of patterns and code testing, regardless of their level of experience.

Like all books, this one is not perfect. As with the first printing of most technical books; particularly those chock-full of source code; the book contains a fair number of errata, likely even greater in number than those reported and listed on the publisher's Web site, as mentioned earlier. Consequently, any reader who chooses to test the sample code and he or she would be encouraged to do so; should keep one browser window or editor buffer open and devoted to those errata, so as to minimize the time spent trying to figure out why some sample code is not working as advertised.

Some readers posting in forums have complained that the sample code has evidently not been fully tested on all platforms, nor in all Web browsers. Since few if any reviewers would have the time, resources, or inclination to verify these claims, it should suffice to simply bear in mind that the script output and other behavior detailed in the book might not exactly match those experienced during one's own usage of the code.

The fact that there were several cooks in the kitchen brewing up this particular book, is obvious from the way that the code formatting is not consistent throughout the book, as well as the variety of problem-solving styles. Fortunately, neither weakness is of much consequence, and the latter might even be considered a "feature," as it allows the reader to see how a number of veteran PHP developers approach solving a problem.

Most technical works written by a team of authors, end up as excessive "doorstops" that are often frustrating to read as a result of the wildly inconsistent writing and coding styles, to say nothing of the material often being out of date as a result of the long production time needed by the publisher. The opposite case can be even worse, when a publisher releases a book that was clearly thrown together as quickly as possible to capitalize upon a hot new trend in technology. Thankfully, PHP Hacks keeps the style differences to a minimum, and benefits from having a lead author responsible for the book as a whole.

Some programming purists may take issue with the use of the term "hack" used as a synonym for a small PHP application or the use of such for solving a problem, since the majority of the PHP scripts in the book do not involve any programming or problem-solving that would be considered notably clever or elegant. Yet the misuse of the term seems to be spreading, and is not limited to this particular book ; another example of marketing overpowering stability of language. In the preface of PHP Hacks, the author explains that he uses the term in the positive sense of creative participation, to help reclaim it from its popular usage in place of the more traditional term "cracking," i.e., breaking into systems.

Yet aside from these complaints, PHP Hacks is a worthy title that offers explanations and source code for many valuable site-enhancing applications, testing and code generation techniques, and critical e-commerce safeguards. I recommend this book to any PHP developer who would like to add to their Web sites' capabilities, as well as their knowledge of what PHP can do.

Michael J. Ross is a freelance writer, computer consultant, and the editor of the free newsletter of PristinePlanet.com."

You can purchase PHP Hacks: Tips & Tools for Creating Dynamic Websites from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "Given the current popularity of the Web development language PHP, it makes sense that newcomers to the language have a large number of introductory and reference volumes from which to choose. But for the more advanced PHP programmer, there are far fewer titles that explain how to make the most of the language, by applying it to solve relatively substantial problems. One such book is PHP Hacks: Tips & Tools for Creating Dynamic Websites, by Jack D. Herrington. Read the rest of Michael's review. PHP Hacks author Jack D. Herrington pages 468 publisher O'Reilly Media rating 8 reviewer Michael J. Ross ISBN 0596101392 summary Practical techniques and source code for improving PHP-based Web sites and applications.

The book was published by O'Reilly Media in December of 2005. Despite its title, PHP Hacks: Tips & Tools for Creating Dynamic Websites is clearly intended to show how PHP's capabilities can be extended beyond its most common usage for creating dynamic and database-driven Web pages, and can be employed in such areas as graphics, reporting, Web site testing, code generation, and even fun purposes (for those few programmers who find the former topics less than entertaining). The author, assisted by six contributors listed in the Credits section, manages to pack an impressive number of general programming ideas and PHP-specific topics within this title's 468 pages. The material is grouped into 10 chapters, each of which contains a generous number of "hacks," each in its own section.

As with most if not all of the other titles published by O'Reilly, this book has a Web page that offers an overview of the book, its table of contents, all of the book's code (in both Zip and tar file format), and a list of confirmed and unconfirmed errata. In addition, the site hosts five sample hacks (in PDF format): accessing iPhoto pictures, generating Excel spreadsheets, avoiding the "double submit" problem, reading RSS feeds on your PSP, and creating custom Google Maps. Perusing these hacks would give the prospective buyer a clear sense as to the style of the book's other 95 hacks, as well as the (low) level of PHP expertise needed to understand them.

The book begins with a preface that describes the organization, conventions, and icons chosen for the book. Also, it covers the legality of the code samples, lists contact information, and mentions O'Reilly's Safari online book service, which contains this title among many other PHP resources. What is perhaps most unique about this book's preface is that the author identifies over half a dozen weaknesses commonly seen in PHP applications, and explains how his book addresses those problems. In addition, he makes explicit how some of the hacks can be used for jazzing up one's Web site or Web-based application.

The first chapter discusses how to install PHP on Windows, Mac OS X, and Linux, and then verify that the installation was done properly. Herrington then briefly explains how to install MySQL and perform some basic database management. The chapter concludes with coverage of installing the PEAR library on your local machine and on your Web host's server (which is incorrectly identified as your "ISP machine," apparently assuming that most developers choose their Internet service providers for hosting their sites, when in fact the opposite is true). Since the typical reader of a non-beginning book such as this no doubt has one or more introductory and/or reference PHP books at hand, it would seem superfluous to waste time and space explaining how to install these components. But few pages are taken up by the material.

The next chapter is devoted to hacks that help to jazz up the design of one's Web sites, including how to create a skinnable interface, build a breadcrumb trail, create HTML boxes, add tabs to your interface, and other valuable techniques. Subsequent chapters offer hacks in the areas of dynamic HTML (DHTML), graphics and digital pictures, databases and XML, application and e-commerce design, patterns and PHP object orientation, testing and documentation generation, and building alternative user interfaces. The 10th and final chapter covers some "fun stuff," such as creating dynamic playlists, developing a media upload/download center, and even putting Wikipedia on a Sony PlayStation Portable.

Rather than try to explain in detail all of the many topics covered in the book, I instead encourage the interested reader to visit the publisher's Web page, and scan through the table of contents provided, to get a better idea as to how much of the book would be of interest to the individual. Also, the five sample hacks listed on the site, would be well worth examining and trying out. Overall, the topics chosen reflect favorably upon the judgment of the lead author and the other contributors to the book. The typical PHP veteran would likely be interested in most of the applications covered, and would probably learn some new tricks, especially in the areas of patterns and code testing, regardless of their level of experience.

Like all books, this one is not perfect. As with the first printing of most technical books; particularly those chock-full of source code; the book contains a fair number of errata, likely even greater in number than those reported and listed on the publisher's Web site, as mentioned earlier. Consequently, any reader who chooses to test the sample code and he or she would be encouraged to do so; should keep one browser window or editor buffer open and devoted to those errata, so as to minimize the time spent trying to figure out why some sample code is not working as advertised.

Some readers posting in forums have complained that the sample code has evidently not been fully tested on all platforms, nor in all Web browsers. Since few if any reviewers would have the time, resources, or inclination to verify these claims, it should suffice to simply bear in mind that the script output and other behavior detailed in the book might not exactly match those experienced during one's own usage of the code.

The fact that there were several cooks in the kitchen brewing up this particular book, is obvious from the way that the code formatting is not consistent throughout the book, as well as the variety of problem-solving styles. Fortunately, neither weakness is of much consequence, and the latter might even be considered a "feature," as it allows the reader to see how a number of veteran PHP developers approach solving a problem.

Most technical works written by a team of authors, end up as excessive "doorstops" that are often frustrating to read as a result of the wildly inconsistent writing and coding styles, to say nothing of the material often being out of date as a result of the long production time needed by the publisher. The opposite case can be even worse, when a publisher releases a book that was clearly thrown together as quickly as possible to capitalize upon a hot new trend in technology. Thankfully, PHP Hacks keeps the style differences to a minimum, and benefits from having a lead author responsible for the book as a whole.

Some programming purists may take issue with the use of the term "hack" used as a synonym for a small PHP application or the use of such for solving a problem, since the majority of the PHP scripts in the book do not involve any programming or problem-solving that would be considered notably clever or elegant. Yet the misuse of the term seems to be spreading, and is not limited to this particular book ; another example of marketing overpowering stability of language. In the preface of PHP Hacks, the author explains that he uses the term in the positive sense of creative participation, to help reclaim it from its popular usage in place of the more traditional term "cracking," i.e., breaking into systems.

Yet aside from these complaints, PHP Hacks is a worthy title that offers explanations and source code for many valuable site-enhancing applications, testing and code generation techniques, and critical e-commerce safeguards. I recommend this book to any PHP developer who would like to add to their Web sites' capabilities, as well as their knowledge of what PHP can do.

Michael J. Ross is a freelance writer, computer consultant, and the editor of the free newsletter of PristinePlanet.com."

You can purchase PHP Hacks: Tips & Tools for Creating Dynamic Websites from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "Of all the popular programming languages now in use, Perl is perhaps the best suited for writing utilities — for several reasons, such as its text-processing capabilities, ease of addressing system resources, and minimal language overhead for input, output, list processing. It was designed to blend the rapid solution development of shell scripting with the powerful control constructs of third-generation languages. Consequently, Perl quickly became a favorite language for developing programs ranging from system administration utilities to CGI scripts that power Web sites. In fact, Perl has been called the glue that holds the Internet together. The tremendous flexibility and power of Perl is seen in Steve Oualline's book Wicked Cool Perl Scripts: Useful Perl Scripts That Solve Difficult Problems." Read the rest of Michael's review Wicked Cool Perl Scripts author Steve Oualline pages 336 publisher No Starch Press rating 8 reviewer Michael J. Ross ISBN 1593270623 summary 47 useful Perl scripts for Web site management or CGI, Linux or Unix system administration, managing pictures, etc.

Published by the cleverly named No Starch Press, Wicked Cool Perl Scripts comprises 336 pages, spanning 11 chapters, with a brief introduction, as well as an index. The book appeared in February 2006, and was published under the ISBN of 1593270623. No Starch Press maintains a Web page for the book, where readers can find a sample chapter (the third one, covering CGI debugging), in PDF format. There is a link for downloading all of the source code.

The book presents 47 scripts, grouped into 11 categories: general-purpose utilities, Web site management, CGI debugging, CGI programs, Internet data mining, Unix system administration, picture utilities, games and learning tools, development tools, mapping, and regular expression graphing. The scripts perform such functions as finding duplicate files on your PC, converting currencies, processing error logs, generating jokes randomly, getting stock quotes, and managing photos and other images. Some of the scripts play games, while others would be invaluable to any Linux or Unix system administrator. For readers with their own Web sites, the book offers scripts for verifying links, locating orphan files, detecting hackers, and locking them out. In addition, there is a script for counting the number of visitors to your site, and even one for presenting a guest book. Software developers will find the material valuable, as there are Perl scripts for generating code, locating dead code, and handling regular expressions — parsing and graphing them.

The scripts themselves are fairly wide ranging in complexity and size, with a few fitting on a single page of the book, while others require more than ten pages. Fortunately, the scripts generally contain enough comments to be clear in how they work to any programmer comfortable with the language. Nonetheless, the author explains how to run each script, what sort of results the reader should see, how the script works, and what modifications one might want to make to it ("hacking the script"). In addition, every one of the scripts contains a POD (Plain Old Documentation) section, though only in the downloadable version — not the version seen in the book, to save space.

It is doubtful that any beginning Perl programmer might mistake this book for a Perl primer or reference. The title alone makes clear that the focus is on the offered scripts themselves, and their ability to help the reader solve common problems. On the other hand, Perl programmers of any level of fluency with the language would benefit from reading through the scripts, as well as the author's explanation of how they address and solve each problem. I myself have been programming in Perl for ages, and yet I spotted CPAN modules that I can use in my own Perl scripts in the future.

The value of the scripts themselves to each individual reader, naturally depends upon what sort of tasks the reader would like to accomplish with Perl. The 11 categories of scripts are varied enough so as likely to be of use to just about anyone who would like to use the "Swiss Army knife of languages" for getting the job done on their computer, or that of their employer (as a system administrator). Personally I found most useful the scripts for detecting changed files, scanning Web sites for dead links, and parsing regular expressions.

There are other aspects to like about this book. It has a RepKover binding, to lay flat when open. The illustrations are clear and not excessive in number. Unlike some technical authors, whose weak attempts at humor simply make their obtuse material more annoying, Oualline is more subtle, such as his reference to the cost of Microsoft Windows CDs in a Hong Kong shop, or "Ingesting a Cheerio nasally." Well, perhaps not always subtle, but invariably welcome in what could otherwise be an extremely dry subject.

Like any book, there are some areas for improvement, perhaps in future editions: In the illustrations that employ rays pointing from one node to the next, some of the curved rays are remarkably jagged, as if they were not computer-generated. Far more importantly, some of the scripts could benefit from more internal comments, as well as having the code broken up into smaller functions, which improves clarity and maintainability. Also, some of the variables and functions could use more descriptive names. For instance, using two examples from a randomly chosen page: $file_name would be more clear than $cur_file (is it the file's name, full path, or contents?). print_file_cell() would be better than do_file() (do what to the file?).

But aside from those weaknesses, Wicked Cool Perl Scripts is a fine book that would be of interest to any Perl programmer, regardless of their expertise. In fact, the administrator of a Web site or a Linux/Unix server, would not even have to know the language in order to download these Perl scripts, and use them to solve problems on the job.

Michael J. Ross is a freelance writer, computer consultant, and the editor of the free newsletter of PristinePlanet.com.

You can purchase Wicked Cool Perl Scripts from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "Of all the popular programming languages now in use, Perl is perhaps the best suited for writing utilities — for several reasons, such as its text-processing capabilities, ease of addressing system resources, and minimal language overhead for input, output, list processing. It was designed to blend the rapid solution development of shell scripting with the powerful control constructs of third-generation languages. Consequently, Perl quickly became a favorite language for developing programs ranging from system administration utilities to CGI scripts that power Web sites. In fact, Perl has been called the glue that holds the Internet together. The tremendous flexibility and power of Perl is seen in Steve Oualline's book Wicked Cool Perl Scripts: Useful Perl Scripts That Solve Difficult Problems." Read the rest of Michael's review Wicked Cool Perl Scripts author Steve Oualline pages 336 publisher No Starch Press rating 8 reviewer Michael J. Ross ISBN 1593270623 summary 47 useful Perl scripts for Web site management or CGI, Linux or Unix system administration, managing pictures, etc.

Published by the cleverly named No Starch Press, Wicked Cool Perl Scripts comprises 336 pages, spanning 11 chapters, with a brief introduction, as well as an index. The book appeared in February 2006, and was published under the ISBN of 1593270623. No Starch Press maintains a Web page for the book, where readers can find a sample chapter (the third one, covering CGI debugging), in PDF format. There is a link for downloading all of the source code.

The book presents 47 scripts, grouped into 11 categories: general-purpose utilities, Web site management, CGI debugging, CGI programs, Internet data mining, Unix system administration, picture utilities, games and learning tools, development tools, mapping, and regular expression graphing. The scripts perform such functions as finding duplicate files on your PC, converting currencies, processing error logs, generating jokes randomly, getting stock quotes, and managing photos and other images. Some of the scripts play games, while others would be invaluable to any Linux or Unix system administrator. For readers with their own Web sites, the book offers scripts for verifying links, locating orphan files, detecting hackers, and locking them out. In addition, there is a script for counting the number of visitors to your site, and even one for presenting a guest book. Software developers will find the material valuable, as there are Perl scripts for generating code, locating dead code, and handling regular expressions — parsing and graphing them.

The scripts themselves are fairly wide ranging in complexity and size, with a few fitting on a single page of the book, while others require more than ten pages. Fortunately, the scripts generally contain enough comments to be clear in how they work to any programmer comfortable with the language. Nonetheless, the author explains how to run each script, what sort of results the reader should see, how the script works, and what modifications one might want to make to it ("hacking the script"). In addition, every one of the scripts contains a POD (Plain Old Documentation) section, though only in the downloadable version — not the version seen in the book, to save space.

It is doubtful that any beginning Perl programmer might mistake this book for a Perl primer or reference. The title alone makes clear that the focus is on the offered scripts themselves, and their ability to help the reader solve common problems. On the other hand, Perl programmers of any level of fluency with the language would benefit from reading through the scripts, as well as the author's explanation of how they address and solve each problem. I myself have been programming in Perl for ages, and yet I spotted CPAN modules that I can use in my own Perl scripts in the future.

The value of the scripts themselves to each individual reader, naturally depends upon what sort of tasks the reader would like to accomplish with Perl. The 11 categories of scripts are varied enough so as likely to be of use to just about anyone who would like to use the "Swiss Army knife of languages" for getting the job done on their computer, or that of their employer (as a system administrator). Personally I found most useful the scripts for detecting changed files, scanning Web sites for dead links, and parsing regular expressions.

There are other aspects to like about this book. It has a RepKover binding, to lay flat when open. The illustrations are clear and not excessive in number. Unlike some technical authors, whose weak attempts at humor simply make their obtuse material more annoying, Oualline is more subtle, such as his reference to the cost of Microsoft Windows CDs in a Hong Kong shop, or "Ingesting a Cheerio nasally." Well, perhaps not always subtle, but invariably welcome in what could otherwise be an extremely dry subject.

Like any book, there are some areas for improvement, perhaps in future editions: In the illustrations that employ rays pointing from one node to the next, some of the curved rays are remarkably jagged, as if they were not computer-generated. Far more importantly, some of the scripts could benefit from more internal comments, as well as having the code broken up into smaller functions, which improves clarity and maintainability. Also, some of the variables and functions could use more descriptive names. For instance, using two examples from a randomly chosen page: $file_name would be more clear than $cur_file (is it the file's name, full path, or contents?). print_file_cell() would be better than do_file() (do what to the file?).

But aside from those weaknesses, Wicked Cool Perl Scripts is a fine book that would be of interest to any Perl programmer, regardless of their expertise. In fact, the administrator of a Web site or a Linux/Unix server, would not even have to know the language in order to download these Perl scripts, and use them to solve problems on the job.

Michael J. Ross is a freelance writer, computer consultant, and the editor of the free newsletter of PristinePlanet.com.

You can purchase Wicked Cool Perl Scripts from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "To modify a digital image, most computer users turn to a GUI-based image processing application, such as Photoshop. However, while Photoshop and many other similar programs can process multiple images in batch mode, they still require manual usage, and thus typically are unable to process images via a command line or within a second application. Those capabilities call for a programmatic digital image manipulation tool such as ImageMagick, which is explored in a relatively new book, The Definitive Guide to ImageMagick." Read the rest of Michael's review. The Definitive Guide to ImageMagick author Michael Still pages 335 publisher Apress rating 7 reviewer Michael J. Ross ISBN 1590595904 summary An introduction to using ImageMagick for digital image manipulation.

The author of this title is Michael Still, a programmer who gained experience with ImageMagick during his eight years of working on imaging applications, as well as writing articles on ImageMagick for IBM DeveloperWorks. Apress maintains a Web page for the title, where a visitor can purchase the electronic version of the book, read its table of contents, or download its source code or a sample chapter (Chapter 4 — Using Other ImageMagick Tools) in PDF format. They also have a link where readers can submit errata — and apparently be the first to do so, as there are no existing errata listed on the Web page.

The book's 335 pages are organized into a dozen chapters, following an introduction and a few other standard sections, including a forward written by ImageMagick's principal architect, Christy, who briefly explains the product's 20 years of history, development, and lack of decent documentation. That is where this book is intended to fill the gap, and Christy notes that most future questions about ImageMagick will be answered by pointing people to this book, as is also noted on ImageMagick's homepage.

The first chapter of the book explains how to install and configure ImageMagick, for several Linux distros, as well as Microsoft Windows — using the precompiled versions, or by compiling from ImageMagick's source code. The chapter is wrapped up with a brief description of ImageMagick's online help, debug output, verbose output, and version information. The next ten chapters fall into two categories: ImageMagick usage as a standalone, and from within other applications. The first category of chapters covers basic image manipulation, compression, other metadata, ImageMagick tools, artistic transformations, other image transformations, and drawing commands. The second category discusses how to utilize ImageMagick from within programs written in Perl, C, Ruby, and PHP. The 12th and final chapter is quite brief, and describes where to find online help (Web sites, blogs, mailing lists, and forums) and where to report any apparent bug in ImageMagick.

For Windows users, the first chapter may begin badly, as the author fails to explain which precompiled version the reader should select if they wish to install ImageMagick on a Windows PC. For each version, there are four flavors to choose from. But which one is right for the reader? "static" vs. "dll?" "Q16" vs. "Q8?" What are the differences? The ImageMagick Web site and FTP file listings appear to have no README file or installation help file to explain which flavor you should download. The book should provide some assistance here, but does not. The former topic, static versus DLL, is mentioned only in reference to compiling ImageMagick from source — information which the reader will probably never see, should they choose to install the precompiled binaries and get started on ImageMagick as quickly as possible.

The latter topic is not covered at all — not even in the index, where a "quantum depth" entry would be useful. For those readers who are interested, "Q8" indicates 8 bits-per-pixel components, and "Q16" means 16 bits-per-pixel. The latter allows one to read or write 16-bit images without losing precision, but requires twice as much resources as Q8. Apparently Q16 is the best choice for medical or scientific images, or those with limited contrast. Otherwise, Q8 should be sufficient, and offers greater performance.

The material most likely to be read, referenced, and valued in this book, is the chapters devoted to explaining how to use ImageMagick for resizing, compressing, transforming, and drawing digital images. Most of these first-category chapters begin with a concise summary of the theory put into practice throughout the rest of the respective chapter — a wise inclusion in each case, since even the most experienced computer programmers and other users have had no instruction or experience in image theory. All of these chapters do a competent job of explaining what each ImageMagick command is used for, and then illustrating it with a straightforward example.

The most glaring deficiency in these chapters, and the book as a whole, is that far too many of the book's figures (digital images, naturally) fail to reflect what is intended to be conveyed by each figure. This is primarily because they are all in black-and-white, and in many cases do not offer the size and resolution necessary. In other words, there are many cases where the "before" and "after" images look almost identical. In the cases of color manipulation, most of those black-and-white images are of little value — occasionally laughably so.

The second-category chapters, covering ImageMagick usage with Perl, C, Ruby, and PHP, proved disappointing, primarily due to their narrow focus, and lack of tips, recommendations, and coverage of the APIs' capabilities. The details are presented in the form of a single example for each language. For instance, the Perl chapter devotes too many pages to source code listings of a Perl program written by the author, that few readers would probably download from the publisher's Web site, much less read.

Nonetheless, this book should be useful to any programmer interested in making the most of ImageMagick's capabilities, and that is not just because it is the only ImageMagick book on the market. Michael Still certainly had his work cut out for him when he agreed to document the bulk of what ImageMagick can do. It is unfortunate that the color images that he created for the book cannot be seen by the reader, and that the Windows binary versions and ImageMagick APIs, were given short shrift. We can hope that future editions of this book will be significantly strengthened, such as including color and higher resolution images where needed — even if it requires grouping them together within the book, if that reduces production costs.

Lastly, it should be mentioned that, as a smaller technical publisher, Apress is not resting on its laurels, and is not only scheduled to release an impressive variety of programming books this year, but their customer support — at least in my experience — was outstanding, as there was a problem with the shipping of this title, and they bent over backwards to make it right.

Michael J. Ross is a freelance writer, computer consultant, and the editor of the free newsletter of PristinePlanet.com."

You can purchase The Definitive Guide to ImageMagick from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "To modify a digital image, most computer users turn to a GUI-based image processing application, such as Photoshop. However, while Photoshop and many other similar programs can process multiple images in batch mode, they still require manual usage, and thus typically are unable to process images via a command line or within a second application. Those capabilities call for a programmatic digital image manipulation tool such as ImageMagick, which is explored in a relatively new book, The Definitive Guide to ImageMagick." Read the rest of Michael's review. The Definitive Guide to ImageMagick author Michael Still pages 335 publisher Apress rating 7 reviewer Michael J. Ross ISBN 1590595904 summary An introduction to using ImageMagick for digital image manipulation.

The author of this title is Michael Still, a programmer who gained experience with ImageMagick during his eight years of working on imaging applications, as well as writing articles on ImageMagick for IBM DeveloperWorks. Apress maintains a Web page for the title, where a visitor can purchase the electronic version of the book, read its table of contents, or download its source code or a sample chapter (Chapter 4 — Using Other ImageMagick Tools) in PDF format. They also have a link where readers can submit errata — and apparently be the first to do so, as there are no existing errata listed on the Web page.

The book's 335 pages are organized into a dozen chapters, following an introduction and a few other standard sections, including a forward written by ImageMagick's principal architect, Christy, who briefly explains the product's 20 years of history, development, and lack of decent documentation. That is where this book is intended to fill the gap, and Christy notes that most future questions about ImageMagick will be answered by pointing people to this book, as is also noted on ImageMagick's homepage.

The first chapter of the book explains how to install and configure ImageMagick, for several Linux distros, as well as Microsoft Windows — using the precompiled versions, or by compiling from ImageMagick's source code. The chapter is wrapped up with a brief description of ImageMagick's online help, debug output, verbose output, and version information. The next ten chapters fall into two categories: ImageMagick usage as a standalone, and from within other applications. The first category of chapters covers basic image manipulation, compression, other metadata, ImageMagick tools, artistic transformations, other image transformations, and drawing commands. The second category discusses how to utilize ImageMagick from within programs written in Perl, C, Ruby, and PHP. The 12th and final chapter is quite brief, and describes where to find online help (Web sites, blogs, mailing lists, and forums) and where to report any apparent bug in ImageMagick.

For Windows users, the first chapter may begin badly, as the author fails to explain which precompiled version the reader should select if they wish to install ImageMagick on a Windows PC. For each version, there are four flavors to choose from. But which one is right for the reader? "static" vs. "dll?" "Q16" vs. "Q8?" What are the differences? The ImageMagick Web site and FTP file listings appear to have no README file or installation help file to explain which flavor you should download. The book should provide some assistance here, but does not. The former topic, static versus DLL, is mentioned only in reference to compiling ImageMagick from source — information which the reader will probably never see, should they choose to install the precompiled binaries and get started on ImageMagick as quickly as possible.

The latter topic is not covered at all — not even in the index, where a "quantum depth" entry would be useful. For those readers who are interested, "Q8" indicates 8 bits-per-pixel components, and "Q16" means 16 bits-per-pixel. The latter allows one to read or write 16-bit images without losing precision, but requires twice as much resources as Q8. Apparently Q16 is the best choice for medical or scientific images, or those with limited contrast. Otherwise, Q8 should be sufficient, and offers greater performance.

The material most likely to be read, referenced, and valued in this book, is the chapters devoted to explaining how to use ImageMagick for resizing, compressing, transforming, and drawing digital images. Most of these first-category chapters begin with a concise summary of the theory put into practice throughout the rest of the respective chapter — a wise inclusion in each case, since even the most experienced computer programmers and other users have had no instruction or experience in image theory. All of these chapters do a competent job of explaining what each ImageMagick command is used for, and then illustrating it with a straightforward example.

The most glaring deficiency in these chapters, and the book as a whole, is that far too many of the book's figures (digital images, naturally) fail to reflect what is intended to be conveyed by each figure. This is primarily because they are all in black-and-white, and in many cases do not offer the size and resolution necessary. In other words, there are many cases where the "before" and "after" images look almost identical. In the cases of color manipulation, most of those black-and-white images are of little value — occasionally laughably so.

The second-category chapters, covering ImageMagick usage with Perl, C, Ruby, and PHP, proved disappointing, primarily due to their narrow focus, and lack of tips, recommendations, and coverage of the APIs' capabilities. The details are presented in the form of a single example for each language. For instance, the Perl chapter devotes too many pages to source code listings of a Perl program written by the author, that few readers would probably download from the publisher's Web site, much less read.

Nonetheless, this book should be useful to any programmer interested in making the most of ImageMagick's capabilities, and that is not just because it is the only ImageMagick book on the market. Michael Still certainly had his work cut out for him when he agreed to document the bulk of what ImageMagick can do. It is unfortunate that the color images that he created for the book cannot be seen by the reader, and that the Windows binary versions and ImageMagick APIs, were given short shrift. We can hope that future editions of this book will be significantly strengthened, such as including color and higher resolution images where needed — even if it requires grouping them together within the book, if that reduces production costs.

Lastly, it should be mentioned that, as a smaller technical publisher, Apress is not resting on its laurels, and is not only scheduled to release an impressive variety of programming books this year, but their customer support — at least in my experience — was outstanding, as there was a problem with the shipping of this title, and they bent over backwards to make it right.

Michael J. Ross is a freelance writer, computer consultant, and the editor of the free newsletter of PristinePlanet.com."

You can purchase The Definitive Guide to ImageMagick from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "Given the remarkable popularity of PHP for developing dynamic Web sites, as well as the ever-increasing need for security on those same sites, one would think that there would be great demand for — and comparable supply of — books that explain how to create secure sites using PHP. However, such is not the case, and even the most extensive general purpose PHP books may only devote a single chapter to this critical topic, if that much. Essential PHP Security, written by PHP expert Chris Shiflett, aims to fill the gap." Read the rest of Michael's review. Essential PHP Security author Chris Shiflett pages 109 publisher O'Reilly Media rating 7 reviewer Michael J. Ross ISBN 059600656X summary A concise introduction to PHP security principles and practices.

O'Reilly has a Web page for the book, where they offer a sample chapter (Chapter 4: Sessions and Cookies), in PDF format, as well as the book's table of contents, index, errata, and links to the online version of the book, in O'Reilly's Safari service. As of the writing of this review, the confirmed errata is reassuringly sparse, and the unconfirmed errata is nonexistent, which speaks well of the author keeping on top of reader feedback — a worthy quality not shared by all technical writers. The author also has his own Web site dedicated to the book, where he has posted a table of contents, brief reader reviews, and two free chapters in PDF format: Chapters 2 (Forms and URLs) and 4.

In the book's forward, Andi Gutmans briefly explains how increasing Internet usage has resulted in a corresponding increase in security risks, for individuals and businesses operating online. He also notes that most of the security problems related to PHP-based applications, are not the result of weaknesses in the language itself, but rather in the way that developers have used the language in creating those applications. The intent of the book is to bring together the guidelines and lessons learned for writing secure PHP code, into a single volume. He concludes by noting that most of the principles presented in the book apply equally well to other Web development languages.

The bulk of the book's material is organized into seven chapters, focusing on the following topics: forms and URLs, databases and SQL, sessions and cookies, includes, files and commands, authentication and authorization, and shared hosting. These are preceded by an introduction, which oddly is labeled as a chapter. The true chapters are succeeded by three appendices, which cover the topics of configuration directives, functions, and cryptography. A short index rounds out the volume.

In the introduction, Shiflett presents the security-related PHP features, principles, and best practices that he uses as a foundation throughout the rest of the book, when focusing on the specific PHP topics covered by all of the subsequent chapters. The two features of PHP discussed are: register globals, of which most experienced PHP developers know the dangers, and PHP's error reporting capabilities. The four principles espoused by the author for writing secure PHP systems are: safeguard redundancy, minimum privileges, clarity through simplicity, and minimizing data exposure. The heart of the book appears to be his four recommended practices: tempering usability with security, tracking input and output data, filtering all input, and escaping or encoding output to preserve its meaning.

The seven topic chapters that follow the introduction provide fairly terse coverage of how those principles and practices are put to use, when designing and implementing forms, URLs, SQL commands, sessions, cookies, etc. Each subtopic within them is discussed briefly, and illustrated with code snippets.

If anyone is well-suited to writing such a work, it is Chris Shiflett, a well-known authority on PHP security, a respected contributor to the PHP community, founder and spokesman of the PHP Security Consortium, and founder and President of Brain Bulb, a PHP consulting firm.

In light of the author's expertise, one would presume that he would make every effort to write the definitive volume on PHP security — covering every conceivable topic, including: execution of system commands, verification of user IDs and authorization, e-mail spamming via Web forms, (the related topic of) exclusion of bots, and remote procedure calls. However, Essential PHP Security does not discuss those critical matters specifically. Moreover, the topics chosen are discussed in a rather cursory manner. The code samples throughout the book are generally quite minimal, with little to no explanation as to how they work. In addition, many of the techniques presented are but variations on the theme of "filter user input." These weaknesses may be why the book clocks in at only 109 pages. In fact, the seven core chapters comprise only 71 pages, leaving the reader to wonder how PHP security could possibly be adequately plumbed by such a short treatment.

On the other hand, there is something to be said for terse writing, as wizened fans of Kernighan and Richie's C language classic can attest. In agreement would be any developer who has purchased one of the many 700+ page technical tomes that turn out to be padded with excessive margins, poorly-tested code, and pointless appendices lifted from the respective products' documentation. Perhaps Shiflett intended his book to be more a primer on PHP security, rather than a comprehensive coverage — and hence the title of the book. As such, it would primarily be of value to PHP developers unfamiliar with basic security pitfalls and defenses. Regardless, any PHP developer would be wise to begin with this book as a first step towards PHP security mastery, but even wiser if they were to follow it up with more substantial works, as well as keeping current by reading security-focused Web sites and other current publications.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter."

You can purchase Essential PHP Security from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "Given the remarkable popularity of PHP for developing dynamic Web sites, as well as the ever-increasing need for security on those same sites, one would think that there would be great demand for — and comparable supply of — books that explain how to create secure sites using PHP. However, such is not the case, and even the most extensive general purpose PHP books may only devote a single chapter to this critical topic, if that much. Essential PHP Security, written by PHP expert Chris Shiflett, aims to fill the gap." Read the rest of Michael's review. Essential PHP Security author Chris Shiflett pages 109 publisher O'Reilly Media rating 7 reviewer Michael J. Ross ISBN 059600656X summary A concise introduction to PHP security principles and practices.

O'Reilly has a Web page for the book, where they offer a sample chapter (Chapter 4: Sessions and Cookies), in PDF format, as well as the book's table of contents, index, errata, and links to the online version of the book, in O'Reilly's Safari service. As of the writing of this review, the confirmed errata is reassuringly sparse, and the unconfirmed errata is nonexistent, which speaks well of the author keeping on top of reader feedback — a worthy quality not shared by all technical writers. The author also has his own Web site dedicated to the book, where he has posted a table of contents, brief reader reviews, and two free chapters in PDF format: Chapters 2 (Forms and URLs) and 4.

In the book's forward, Andi Gutmans briefly explains how increasing Internet usage has resulted in a corresponding increase in security risks, for individuals and businesses operating online. He also notes that most of the security problems related to PHP-based applications, are not the result of weaknesses in the language itself, but rather in the way that developers have used the language in creating those applications. The intent of the book is to bring together the guidelines and lessons learned for writing secure PHP code, into a single volume. He concludes by noting that most of the principles presented in the book apply equally well to other Web development languages.

The bulk of the book's material is organized into seven chapters, focusing on the following topics: forms and URLs, databases and SQL, sessions and cookies, includes, files and commands, authentication and authorization, and shared hosting. These are preceded by an introduction, which oddly is labeled as a chapter. The true chapters are succeeded by three appendices, which cover the topics of configuration directives, functions, and cryptography. A short index rounds out the volume.

In the introduction, Shiflett presents the security-related PHP features, principles, and best practices that he uses as a foundation throughout the rest of the book, when focusing on the specific PHP topics covered by all of the subsequent chapters. The two features of PHP discussed are: register globals, of which most experienced PHP developers know the dangers, and PHP's error reporting capabilities. The four principles espoused by the author for writing secure PHP systems are: safeguard redundancy, minimum privileges, clarity through simplicity, and minimizing data exposure. The heart of the book appears to be his four recommended practices: tempering usability with security, tracking input and output data, filtering all input, and escaping or encoding output to preserve its meaning.

The seven topic chapters that follow the introduction provide fairly terse coverage of how those principles and practices are put to use, when designing and implementing forms, URLs, SQL commands, sessions, cookies, etc. Each subtopic within them is discussed briefly, and illustrated with code snippets.

If anyone is well-suited to writing such a work, it is Chris Shiflett, a well-known authority on PHP security, a respected contributor to the PHP community, founder and spokesman of the PHP Security Consortium, and founder and President of Brain Bulb, a PHP consulting firm.

In light of the author's expertise, one would presume that he would make every effort to write the definitive volume on PHP security — covering every conceivable topic, including: execution of system commands, verification of user IDs and authorization, e-mail spamming via Web forms, (the related topic of) exclusion of bots, and remote procedure calls. However, Essential PHP Security does not discuss those critical matters specifically. Moreover, the topics chosen are discussed in a rather cursory manner. The code samples throughout the book are generally quite minimal, with little to no explanation as to how they work. In addition, many of the techniques presented are but variations on the theme of "filter user input." These weaknesses may be why the book clocks in at only 109 pages. In fact, the seven core chapters comprise only 71 pages, leaving the reader to wonder how PHP security could possibly be adequately plumbed by such a short treatment.

On the other hand, there is something to be said for terse writing, as wizened fans of Kernighan and Richie's C language classic can attest. In agreement would be any developer who has purchased one of the many 700+ page technical tomes that turn out to be padded with excessive margins, poorly-tested code, and pointless appendices lifted from the respective products' documentation. Perhaps Shiflett intended his book to be more a primer on PHP security, rather than a comprehensive coverage — and hence the title of the book. As such, it would primarily be of value to PHP developers unfamiliar with basic security pitfalls and defenses. Regardless, any PHP developer would be wise to begin with this book as a first step towards PHP security mastery, but even wiser if they were to follow it up with more substantial works, as well as keeping current by reading security-focused Web sites and other current publications.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter."

You can purchase Essential PHP Security from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "The typical computer program has more bugs than there are ants at a picnic -- except ants are usually easier to find. Programs written in Perl are no exception, because the compactness of the language does not make any existent bugs easier to spot; they can simply be packed into fewer lines of code. To help remedy this problem, Richard Foley and Andy Lester, two seasoned Perl programmers, offer a new book, Pro Perl Debugging: From Professional to Expert." Read the rest of Michael's review. Pro Perl Debugging: From Professional to Expert author Richard Foley with Andy Lester pages 269 publisher Apress rating 8 reviewer Michael J. Ross ISBN 1590594541 summary A comprehensive tutorial and reference for the Perl debugger

This title was published in hardcover in March 2005 by Apress, a relatively new member of the technical publishing world. The publisher has a Web page for the book that includes links to all of the source code in a Zip file, the table of contents in PDF format, and a form for submitting errata. The book comprises 269 pages, the majority of which are organized into 16 chapters: Introduction (not to be confused with the true Introduction immediately preceding it), Inspecting Variables and Getting Help, Controlling Program Execution, Debugging a Simple Command Line Program, Tracing Execution, Debugging Modules, Debugging Object-Oriented Perl, Using the Debugger As a Shell, Debugging a CGI Program, Perl Threads and Forked Processes, Debugging Regular Expressions, Debugger Customization, Optimization and Performance Hints and Tips, Command Line and GUI Debuggers, Comprehensive Command Reference, Book References and URLs.

For programmers who wish to learn how to fully utilize Perl's debugger, what options are open to them? A terse summary of the debugger's commands are always close by, within the debugger itself. Those Perl coders who have yet to try the built-in Perl debugger, really owe it to themselves to give it a whirl. In most cases, it is superior to embedding lots of "print" statements in your scripts, and then wading through the results. Simply include perl.exe's -d flag on the system command line, and you should be put right into the debugger, and see the debugger's "DB<1>" command prompt -- the "1" meaning that it is ready for your first command. To display the aforementioned command summary, simply enter "h", or "|h" to see the output one screen-ful at a time, which you will probably want to do unless your system window can show all of the dozens of lines at once. The command summary is best used as a quick reference, and naturally cannot be expected to serve as any sort of tutorial. Yet it has its use, and for that, it's fine.

Most Perl books devote at least some space to explaining the basics of firing up and using Perl's debugger. The (in)famous "camel book," Larry Wall's Programming Perl, has a chapter on the debugger. It covers breakpoints, running, stepping, tracing, displaying code, commands, debugger customization, debugger options, unattended execution, creating your own debugger, and performance profiling. Aside from that last topic, the chapter is mostly an expansion of the command summary mentioned earlier. It is sparse on examples, and does not cover any advanced topics, such as using the debugger in the context of forking, threads, and POE, as well as the debugger's special capabilities for regular expressions, CGI programs, and shelling out.

The advanced topics are where Pro Perl Debugging really shines in relation to the coverage that I have seen in any other book, partly because the authors have the space to thoroughly explore those topics in depth, and to provide much more meaty examples, with adequately illustrative sample code. Even for the more complex topics, the writing is clear, and the examples are worthwhile.

The authors clearly intend for the book to serve as both a comprehensive tutorial and a reference for the Perl debugger. In both respects, they succeed admirably. But the practical value of their accomplishment could be called into question by any programmer who has grown tired of the limitations of the Perl debugger, and has switched over to any Perl-capable standalone GUI debugger or integrated development environment (IDE). More specifically, watching a variable change value, while stepping through the lines of a Perl script using the debugger, requires that the programmer manually or programmatically echo that variable's value, by issuing a print command ("p") followed by the variable name, one way or another. This process quickly becomes tedious when multiple variables need to be watched, because each individual variable must be printed, one at a time. Admittedly, previously entered print statements can be recalled by using the up-arrow key, but only if the particular command has not been pushed out of the debugger's limited storage. This usually becomes even more frustrating when trying to print the values of indexed arrays, hashes, and nested arrays and other structures. There are workarounds, but none are pretty, and even the most promising techniques still seem to require excessive focusing on the debugger commands themselves, drawing attention away from the code being debugged.

As a result, some disheartened Perl coders eventually switch back to embedding "print" statements in their code. Fortunately, there is a better alternative, in the form of IDEs, which can automatically report the changing values of a large set of variables, none of which need to be typed in, owing to the drag-and-drop capabilities of most IDEs. There are many IDEs available, including freeware and open source offerings. Most if not all of them support advanced editing, syntax highlighting and verification, visual breakpoints, and other much-appreciated capabilities. Even if they were to lack all of these features, and only have the advantage of easily and dynamically displaying the current values of variables, then they would be much more pleasant to use than the built-in Perl debugger. This is especially true in the case of nested structures, which can be expanded with a mouse click within most IDEs. All of this being said, it should be noted that the authors include a chapter that briefly touches upon the most well-known Perl GUI debuggers -- but at only seven pages in length, the chosen applications get only a cursory treatment, highlighting their major features.

Nonetheless, given the intended purpose of Pro Perl Debugging, and its target audience, the book cannot be faulted for its contents nor its approach to presenting the material. Anyone looking for a detailed and competent explication of the native Perl debugger, would likely not be able to find a more thorough treatment anywhere else.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter."

You can purchase Pro Perl Debugging from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "The typical computer program has more bugs than there are ants at a picnic -- except ants are usually easier to find. Programs written in Perl are no exception, because the compactness of the language does not make any existent bugs easier to spot; they can simply be packed into fewer lines of code. To help remedy this problem, Richard Foley and Andy Lester, two seasoned Perl programmers, offer a new book, Pro Perl Debugging: From Professional to Expert." Read the rest of Michael's review. Pro Perl Debugging: From Professional to Expert author Richard Foley with Andy Lester pages 269 publisher Apress rating 8 reviewer Michael J. Ross ISBN 1590594541 summary A comprehensive tutorial and reference for the Perl debugger

This title was published in hardcover in March 2005 by Apress, a relatively new member of the technical publishing world. The publisher has a Web page for the book that includes links to all of the source code in a Zip file, the table of contents in PDF format, and a form for submitting errata. The book comprises 269 pages, the majority of which are organized into 16 chapters: Introduction (not to be confused with the true Introduction immediately preceding it), Inspecting Variables and Getting Help, Controlling Program Execution, Debugging a Simple Command Line Program, Tracing Execution, Debugging Modules, Debugging Object-Oriented Perl, Using the Debugger As a Shell, Debugging a CGI Program, Perl Threads and Forked Processes, Debugging Regular Expressions, Debugger Customization, Optimization and Performance Hints and Tips, Command Line and GUI Debuggers, Comprehensive Command Reference, Book References and URLs.

For programmers who wish to learn how to fully utilize Perl's debugger, what options are open to them? A terse summary of the debugger's commands are always close by, within the debugger itself. Those Perl coders who have yet to try the built-in Perl debugger, really owe it to themselves to give it a whirl. In most cases, it is superior to embedding lots of "print" statements in your scripts, and then wading through the results. Simply include perl.exe's -d flag on the system command line, and you should be put right into the debugger, and see the debugger's "DB<1>" command prompt -- the "1" meaning that it is ready for your first command. To display the aforementioned command summary, simply enter "h", or "|h" to see the output one screen-ful at a time, which you will probably want to do unless your system window can show all of the dozens of lines at once. The command summary is best used as a quick reference, and naturally cannot be expected to serve as any sort of tutorial. Yet it has its use, and for that, it's fine.

Most Perl books devote at least some space to explaining the basics of firing up and using Perl's debugger. The (in)famous "camel book," Larry Wall's Programming Perl, has a chapter on the debugger. It covers breakpoints, running, stepping, tracing, displaying code, commands, debugger customization, debugger options, unattended execution, creating your own debugger, and performance profiling. Aside from that last topic, the chapter is mostly an expansion of the command summary mentioned earlier. It is sparse on examples, and does not cover any advanced topics, such as using the debugger in the context of forking, threads, and POE, as well as the debugger's special capabilities for regular expressions, CGI programs, and shelling out.

The advanced topics are where Pro Perl Debugging really shines in relation to the coverage that I have seen in any other book, partly because the authors have the space to thoroughly explore those topics in depth, and to provide much more meaty examples, with adequately illustrative sample code. Even for the more complex topics, the writing is clear, and the examples are worthwhile.

The authors clearly intend for the book to serve as both a comprehensive tutorial and a reference for the Perl debugger. In both respects, they succeed admirably. But the practical value of their accomplishment could be called into question by any programmer who has grown tired of the limitations of the Perl debugger, and has switched over to any Perl-capable standalone GUI debugger or integrated development environment (IDE). More specifically, watching a variable change value, while stepping through the lines of a Perl script using the debugger, requires that the programmer manually or programmatically echo that variable's value, by issuing a print command ("p") followed by the variable name, one way or another. This process quickly becomes tedious when multiple variables need to be watched, because each individual variable must be printed, one at a time. Admittedly, previously entered print statements can be recalled by using the up-arrow key, but only if the particular command has not been pushed out of the debugger's limited storage. This usually becomes even more frustrating when trying to print the values of indexed arrays, hashes, and nested arrays and other structures. There are workarounds, but none are pretty, and even the most promising techniques still seem to require excessive focusing on the debugger commands themselves, drawing attention away from the code being debugged.

As a result, some disheartened Perl coders eventually switch back to embedding "print" statements in their code. Fortunately, there is a better alternative, in the form of IDEs, which can automatically report the changing values of a large set of variables, none of which need to be typed in, owing to the drag-and-drop capabilities of most IDEs. There are many IDEs available, including freeware and open source offerings. Most if not all of them support advanced editing, syntax highlighting and verification, visual breakpoints, and other much-appreciated capabilities. Even if they were to lack all of these features, and only have the advantage of easily and dynamically displaying the current values of variables, then they would be much more pleasant to use than the built-in Perl debugger. This is especially true in the case of nested structures, which can be expanded with a mouse click within most IDEs. All of this being said, it should be noted that the authors include a chapter that briefly touches upon the most well-known Perl GUI debuggers -- but at only seven pages in length, the chosen applications get only a cursory treatment, highlighting their major features.

Nonetheless, given the intended purpose of Pro Perl Debugging, and its target audience, the book cannot be faulted for its contents nor its approach to presenting the material. Anyone looking for a detailed and competent explication of the native Perl debugger, would likely not be able to find a more thorough treatment anywhere else.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter."

You can purchase Pro Perl Debugging from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "A professional programmer could at any time be tasked with developing a nontrivial application using a language or Web technology with which he or she is unfamiliar. A common response is to quickly scan code snippets in Internet newsgroups and online tutorials, copy and paste code that looks applicable to the task at hand, and then lose valuable time trying to make it all work and control what was created -- not unlike Dr. Frankenstein's experience. A smarter approach is to learn the language basics in sequence as rapidly as possible, not getting bogged down in excessive sample code. For developers seeking to learn PHP using the latter approach, Steven Holzner's Spring Into PHP 5, published by Addison-Wesley, would be an excellent choice." Read on for the rest of Ross's review. Spring Into PHP 5 author Steven Holzner pages 340 publisher Addison-Wesley rating 8 reviewer Michael J. Ross ISBN 0131498622 summary A comprehensive and no-nonsense primer on the basics of PHP.

This title is another entry in Addison-Wesley's promising "Spring Into" series, which, as suggested by the name, is aimed at developers who want to jump into a new technology and get up to speed as quickly as possible, but without missing any of the essentials. In the case of Holzner's PHP book, this goal is pursued by presenting the information in so-called "chunks," with each spanning just a few pages. Every chunk attempts to cover only one or a few related ideas, and is designed to build upon earlier chunks. The bulk of the explanation takes the form of code samples, which fortunately are short enough in length and clear enough in composition to be easily digestible. This is in stark contrast to far too many other programming books on the market, whose code samples can span multiple pages, making it difficult for the reader to discern all of the ideas that the author is trying to get across -- especially when the reader has to flip back and forth between pages. Even worse is how some authors (such as Deitel and Deitel) use lengthy code listings -- sometimes even complete applications -- to demonstrate many ideas at once, which can be quite confusing, especially for the newbie reading about a challenging language for the first time. As Holzner notes in his preface, his book is example-oriented, with dozens of tested code samples. But none are overwhelming.

Spring Into PHP 5 was published on 12 April 2005. It is organized into nine chapters, covering a range of topics: PHP essentials; operators and flow control; strings and arrays; functions; PHP in HTML pages; Web forms and input validation; object-oriented programming and file handling; PHP and databases; cookies, user sessions, FTP, e-mail, and hit counters. The book has two appendices. The first one, on PHP language elements, is remarkably complete, considering that it only fills 18 pages. Owners of the book will likely find themselves turning to this material quite frequently. The second appendix lists the most commonly used functions in PHP, particularly those dealing with arrays, strings, and files. These two appendices combined go a long way to making this book more than an approachable primer -- it could serve as a reference book for the language for any reader not required to dig into the more obscure intricacies of PHP. Readers with those needs will have to use more detailed sources, such as the online PHP Manual.

Each one of Holzner's chapters explains the core concepts, using the bite-sized chunks mentioned earlier. This approach is somewhat similar to the "recipes" found in many books published by O'Reilly Media, and it works well here for introducing a computer language. Holzner's writing style is clear yet never condescending, and concise yet never cryptic. The intended reader only really needs an understanding of simple HTML and how to edit text files, to make this book worthwhile and usable. The book is meaty with information, and yet not too lengthy. This is a refreshing change of pace from countless other computer language books that are bloated with redundant sample code and overly wide margins, apparently in an attempt to entice the consumer with maximum page count per dollar.

Some programming books try to move the novice along at too rapid a pace, which can get quite discouraging if and when the reader is unable to follow the discussion, and particularly if trying to follow the author in building a working example. But a far more common mistake among programming books, is to drag out the process with humongous code listings or redundant verbiage (such as following the senseless rule of telling the reader something three times -- a technique that makes far more sense for speechwriting). Holzner sets and maintains an excellent pace, partly by keeping the code snippets reasonably sized, and partly through his modular approach of presenting ideas in chunks.

The physical book itself is well made and attractive, with a readable font face and size, and intelligent use of bolding to highlight those lines of code upon which the reader should focus. My only complaint in terms of the presentation, is that the gray background used for the code samples could be lightened up a bit, to make the text itself stand out more, especially the bold text. All of the screenshots are in black-and-white, which works just fine, as there would be no value in using color in the majority of the sample Web pages.

The author does an excellent job of explaining and illustrating all of the most commonly used and needed elements of the language. But he provides little guidance as to when a particular technique or approach should be used over another. For instance, when explaining how the programmer can use PHP to connect to a MySQL database, the author presents two alternatives -- direct layer and Pear::DB -- but no recommendations as to the choice of one over the other. On the other hand, one might argue that to include recommendations of techniques, as well as language best practices, would require the book to be much longer than it is, which would detract from the book's goal of getting a programmer up to speed on PHP in an efficient manner. The serious programmer who wishes to take PHP to the next level, can be expected to read more advanced books, to learn from expert PHP developers posting in online newsgroups, and to learn from experience as the programmer creates his or her own applications.

Another potential point of criticism could be that the book does not adequately explain how to use PHP with the various available database systems, only covering MySQL (the industry's favorite for use with PHP). But the database chapter, number 8, provides just enough information for the beginner to get started and to try out the basics. For simple database needs, the material in that chapter might be sufficient. Yet for more extensive MySQL usage, including installation and administration, other resources will need to be consulted. This book is clearly not intended to be one of those PHP + MySQL combo books that have proven so popular during the past few years.

The publisher's Web site for the book does not appear to have any collection of errata. Here are some that I found: On page 6, in the NOTE, "scripts can be used" should read "scripts cannot be used." On page 20, "#/ message to the user" should read "# message to the user." On page 49, in Table 2-4, in the last line, the formatting is partly wrong. Examples 3-1 through 4-14 contain incorrect indentation. On page 158, the last line in the $_FILES['userfile'] values is missing $_FILES['userfile']['error']. In Examples 5-19 and 5-20, the <head> and <h1> tags are missing ": Take 1." On page 169, the formatting of Example 6-2 is inconsistent with the others.

Aside from the errata, there were some other weaknesses -- none of them serious: The chapter summaries are useless, like in most other technical books, as there's not enough details to be instructive, and more details would make them even more redundant and space-consuming. On page 176, in Figure 6-6's caption, "Navigating" should be "Redirected." On page 197, the discussion of HTTP authentication is too brief to enable the typical reader to implement it. For instance, there is no mention of where to set $_SERVER[ 'PHP_AUTH_USER' ] to make it work. Chapter 7, on object-oriented programming and file handling, should be split into two chapters. Combining them makes no sense, and the author does not even transition from the first topic to the second.

Like others in the "Spring Into" series, this title is reasonably priced, at only $29.99 list for over 300 pages of quality material. The publisher, Addison-Wesley, has a page on their Web site devoted to the book, which includes a book description, a table of contents, an index, source code from the book, and a link for downloading a sample chapter (in PDF format), namely, Chapter 3, which covers strings and arrays. The site also has a link to a bonus chapter (also in PDF) that explains how to draw graphics interactively on a Web server and then send them back to the browser. Oddly enough, the page's title is "Spring Into PHP 5 - $20.99," but there's no indication as to how to get the book for only $20.99. That could simply be a typo. But there is a link to purchase the book online for $26.99. For those looking to spring into Web server-side development in general, or PHP in particular, it would be money well spent.

Michael J. Ross is a freelance writer, computer consultant, and the editor of the free newsletter for PristinePlanet.com. You can purchase Spring Into PHP 5 from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "A professional programmer could at any time be tasked with developing a nontrivial application using a language or Web technology with which he or she is unfamiliar. A common response is to quickly scan code snippets in Internet newsgroups and online tutorials, copy and paste code that looks applicable to the task at hand, and then lose valuable time trying to make it all work and control what was created -- not unlike Dr. Frankenstein's experience. A smarter approach is to learn the language basics in sequence as rapidly as possible, not getting bogged down in excessive sample code. For developers seeking to learn PHP using the latter approach, Steven Holzner's Spring Into PHP 5, published by Addison-Wesley, would be an excellent choice." Read on for the rest of Ross's review. Spring Into PHP 5 author Steven Holzner pages 340 publisher Addison-Wesley rating 8 reviewer Michael J. Ross ISBN 0131498622 summary A comprehensive and no-nonsense primer on the basics of PHP.

This title is another entry in Addison-Wesley's promising "Spring Into" series, which, as suggested by the name, is aimed at developers who want to jump into a new technology and get up to speed as quickly as possible, but without missing any of the essentials. In the case of Holzner's PHP book, this goal is pursued by presenting the information in so-called "chunks," with each spanning just a few pages. Every chunk attempts to cover only one or a few related ideas, and is designed to build upon earlier chunks. The bulk of the explanation takes the form of code samples, which fortunately are short enough in length and clear enough in composition to be easily digestible. This is in stark contrast to far too many other programming books on the market, whose code samples can span multiple pages, making it difficult for the reader to discern all of the ideas that the author is trying to get across -- especially when the reader has to flip back and forth between pages. Even worse is how some authors (such as Deitel and Deitel) use lengthy code listings -- sometimes even complete applications -- to demonstrate many ideas at once, which can be quite confusing, especially for the newbie reading about a challenging language for the first time. As Holzner notes in his preface, his book is example-oriented, with dozens of tested code samples. But none are overwhelming.

Spring Into PHP 5 was published on 12 April 2005. It is organized into nine chapters, covering a range of topics: PHP essentials; operators and flow control; strings and arrays; functions; PHP in HTML pages; Web forms and input validation; object-oriented programming and file handling; PHP and databases; cookies, user sessions, FTP, e-mail, and hit counters. The book has two appendices. The first one, on PHP language elements, is remarkably complete, considering that it only fills 18 pages. Owners of the book will likely find themselves turning to this material quite frequently. The second appendix lists the most commonly used functions in PHP, particularly those dealing with arrays, strings, and files. These two appendices combined go a long way to making this book more than an approachable primer -- it could serve as a reference book for the language for any reader not required to dig into the more obscure intricacies of PHP. Readers with those needs will have to use more detailed sources, such as the online PHP Manual.

Each one of Holzner's chapters explains the core concepts, using the bite-sized chunks mentioned earlier. This approach is somewhat similar to the "recipes" found in many books published by O'Reilly Media, and it works well here for introducing a computer language. Holzner's writing style is clear yet never condescending, and concise yet never cryptic. The intended reader only really needs an understanding of simple HTML and how to edit text files, to make this book worthwhile and usable. The book is meaty with information, and yet not too lengthy. This is a refreshing change of pace from countless other computer language books that are bloated with redundant sample code and overly wide margins, apparently in an attempt to entice the consumer with maximum page count per dollar.

Some programming books try to move the novice along at too rapid a pace, which can get quite discouraging if and when the reader is unable to follow the discussion, and particularly if trying to follow the author in building a working example. But a far more common mistake among programming books, is to drag out the process with humongous code listings or redundant verbiage (such as following the senseless rule of telling the reader something three times -- a technique that makes far more sense for speechwriting). Holzner sets and maintains an excellent pace, partly by keeping the code snippets reasonably sized, and partly through his modular approach of presenting ideas in chunks.

The physical book itself is well made and attractive, with a readable font face and size, and intelligent use of bolding to highlight those lines of code upon which the reader should focus. My only complaint in terms of the presentation, is that the gray background used for the code samples could be lightened up a bit, to make the text itself stand out more, especially the bold text. All of the screenshots are in black-and-white, which works just fine, as there would be no value in using color in the majority of the sample Web pages.

The author does an excellent job of explaining and illustrating all of the most commonly used and needed elements of the language. But he provides little guidance as to when a particular technique or approach should be used over another. For instance, when explaining how the programmer can use PHP to connect to a MySQL database, the author presents two alternatives -- direct layer and Pear::DB -- but no recommendations as to the choice of one over the other. On the other hand, one might argue that to include recommendations of techniques, as well as language best practices, would require the book to be much longer than it is, which would detract from the book's goal of getting a programmer up to speed on PHP in an efficient manner. The serious programmer who wishes to take PHP to the next level, can be expected to read more advanced books, to learn from expert PHP developers posting in online newsgroups, and to learn from experience as the programmer creates his or her own applications.

Another potential point of criticism could be that the book does not adequately explain how to use PHP with the various available database systems, only covering MySQL (the industry's favorite for use with PHP). But the database chapter, number 8, provides just enough information for the beginner to get started and to try out the basics. For simple database needs, the material in that chapter might be sufficient. Yet for more extensive MySQL usage, including installation and administration, other resources will need to be consulted. This book is clearly not intended to be one of those PHP + MySQL combo books that have proven so popular during the past few years.

The publisher's Web site for the book does not appear to have any collection of errata. Here are some that I found: On page 6, in the NOTE, "scripts can be used" should read "scripts cannot be used." On page 20, "#/ message to the user" should read "# message to the user." On page 49, in Table 2-4, in the last line, the formatting is partly wrong. Examples 3-1 through 4-14 contain incorrect indentation. On page 158, the last line in the $_FILES['userfile'] values is missing $_FILES['userfile']['error']. In Examples 5-19 and 5-20, the <head> and <h1> tags are missing ": Take 1." On page 169, the formatting of Example 6-2 is inconsistent with the others.

Aside from the errata, there were some other weaknesses -- none of them serious: The chapter summaries are useless, like in most other technical books, as there's not enough details to be instructive, and more details would make them even more redundant and space-consuming. On page 176, in Figure 6-6's caption, "Navigating" should be "Redirected." On page 197, the discussion of HTTP authentication is too brief to enable the typical reader to implement it. For instance, there is no mention of where to set $_SERVER[ 'PHP_AUTH_USER' ] to make it work. Chapter 7, on object-oriented programming and file handling, should be split into two chapters. Combining them makes no sense, and the author does not even transition from the first topic to the second.

Like others in the "Spring Into" series, this title is reasonably priced, at only $29.99 list for over 300 pages of quality material. The publisher, Addison-Wesley, has a page on their Web site devoted to the book, which includes a book description, a table of contents, an index, source code from the book, and a link for downloading a sample chapter (in PDF format), namely, Chapter 3, which covers strings and arrays. The site also has a link to a bonus chapter (also in PDF) that explains how to draw graphics interactively on a Web server and then send them back to the browser. Oddly enough, the page's title is "Spring Into PHP 5 - $20.99," but there's no indication as to how to get the book for only $20.99. That could simply be a typo. But there is a link to purchase the book online for $26.99. For those looking to spring into Web server-side development in general, or PHP in particular, it would be money well spent.

Michael J. Ross is a freelance writer, computer consultant, and the editor of the free newsletter for PristinePlanet.com. You can purchase Spring Into PHP 5 from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "When it comes to creating a dynamic Web site with data store capabilities, the site developer can choose from many technologies, including PHP and MySQL. The combination of the two is rapidly emerging as a favorite, partly because they work well together, and partly because they are both available under open-source licenses. As a result, technical book publishers are cranking out a growing number of high-priced tomes that try to cover all of the details of either technology, or both. But for the developer just getting started in either one, there is a new title that could prove more accessible: Vikram Vaswani's How to Do Everything with PHP and MySQL, published by McGraw-Hill/Osborne." Read on for the rest of Ross's review. How to Do Everything with PHP and MySQL author Vikram Vaswani pages 381 publisher McGraw-Hill/Osborne rating 7 reviewer Michael J. Ross ISBN 0072257954 summary A tutorial on PHP and MySQL, geared to the new developer.

The publisher has a page on their Web site devoted to the book; for some reason, it lists the book as containing 400 pages, but my copy has 381. The page also has links to a table of contents and a sample chapter, namely the first one. For those readers with very slow Internet access or unstable Adobe Acrobat plug-ins installed, be aware that the sample chapter -- and even the table of contents -- are offered only as PDFs, but the two links give no warning.

Most technical publishers, for every one of their books, wisely have links to the errata and sample code, right there on each book's Web page. This is the best approach, because when readers are having difficulty getting a book's examples to work correctly, they want to be able to quickly find and download the most up-to-date sample code, as well as check the errata page for any bugs in the printed code. Unfortunately, McGraw-Hill/Osborne has their links to those two types of information in an easily-overlooked part of a menubar, using small black text on a blue background. The links are near the upper left-hand corner, and outside the content section of the Web page, where the typical reader would be seeking fruitlessly for them.

The companion Web site for the book is hosted by Vaswani's software consulting firm, Melonfire. The site has the book's table of contents (in HTML), a link to chapter 1 in PDF, a profile of the author, three full-length case studies, a feedback form, and an extensive collection of links to PHP and MySQL reference material, discussion lists, articles, and tutorials. At the end of the Introduction in the book, the author invites the reader to use that companion site for connecting with other PHP users, and sharing their thoughts on PHP and MySQL development. The site itself has no such forum, so the author probably meant the discussion lists.

The companion site also has a link to download a Zip file containing all of the sample applications from the book -- from chapters 7, 12, and 16 -- comprising nine PHP scripts, an SQL file, and a data file. The code snippets themselves do not appear to be included in the download. This shouldn't pose a difficulty for the typical reader, since few of the code snippets are long. Besides, typing them in on one's computer can help to reinforce the language syntax that one is learning, as well as decent code formatting (valuable for newbies).

The book is organized into four parts.The first of these presents the basics of PHP and MySQL, including the history and features of both technologies, as well as how to install them on Unix and Windows systems, verify the integrity of the installations, and make some critical security and configuration changes, such as changing passwords. Parts II and III cover the basics of PHP and MySQL, respectively. The fourth and final part describes how to use the two together. To that end, every chapter contains snippets of code to illustrate the ideas being described. In addition, each section is wrapped up and illustrated with a sample application. For PHP, the author shows how to build a session-based shopping cart. For MySQL, he presents a simple order-tracking system. For using PHP and MySQL together, he shows a news-publishing system.

Despite its title, the book clearly does not tell the reader how to do everything with PHP and MySQL. As the author notes in the Introduction, the book is not designed to be a complete reference for either technology, but instead intended as a tutorial for Web developers who are interested in learning how to do server-side scripting in combination with a database management system. Vaswani states that he does not assume prior knowledge of programming or database fundamentals, and that these basic concepts will be taught by example, using tutorials and realistic examples. I suspect a reader not familiar with HTML, however, could be easily baffled by the book. On the other hand, most if not all developers reading a book on PHP or MySQL are likely to already know HTML well enough to understand the output of PHP-enhanced Web pages.

One strength that this book has over many similar ones is that the author explains up front how to install PHP and MySQL, rather than relegating these topics to an appendix, or skipping them entirely. This is critical, because many programmers will find that the most challenging aspects of getting started with PHP and MySQL, are simply getting them installed and working, along with a Web server, such as Apache -- and not coding the applications themselves.

Another welcome aspect of the book is the author's enthusiasm for the technologies -- although characterizing MySQL as "quite friendly" (page 150) is a stretch. Furthermore, his explanations are clear and concise. In addition, Vaswani makes no pretense that his book has all the answers; he frequently refers the reader to URLs in the online manuals of the products, for more details. In addition, he does a nice job of illustrating the advantages of normalized database tables, and later explaining how to format query output -- an important topic omitted in many similar books.

Yet, like all books, this one is not perfect. There are a number of errors or pitfalls in the book that could confuse the reader. They range from incomplete explanations of what a user will see when running particular commands, to the sort of errata one finds in all technical books. I found over two dozen in total (there may be more). In the interests of keeping this Slashdot version of the book review close to the recommended length, I won't list all of the problems here, but will instead refer the reader to a longer version of this book review, if they are interested in those details.

Aside from its many minor flaws, I recommend this title to any programmer who wants to learn the basics of PHP and MySQL. Even though the publisher could improve their production quality, choice of binding, and Web page, the author has done a good job of clearly presenting the major points. Future editions could incorporate fixes to the errors noted in the longer version of this review, as well as better explain to the neophyte how to test/debug the code snippets. Nonetheless, the intended reader would be well served by this particular book.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter. You can purchase How to Do Everything with PHP and MySQL from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "When it comes to creating a dynamic Web site with data store capabilities, the site developer can choose from many technologies, including PHP and MySQL. The combination of the two is rapidly emerging as a favorite, partly because they work well together, and partly because they are both available under open-source licenses. As a result, technical book publishers are cranking out a growing number of high-priced tomes that try to cover all of the details of either technology, or both. But for the developer just getting started in either one, there is a new title that could prove more accessible: Vikram Vaswani's How to Do Everything with PHP and MySQL, published by McGraw-Hill/Osborne." Read on for the rest of Ross's review. How to Do Everything with PHP and MySQL author Vikram Vaswani pages 381 publisher McGraw-Hill/Osborne rating 7 reviewer Michael J. Ross ISBN 0072257954 summary A tutorial on PHP and MySQL, geared to the new developer.

The publisher has a page on their Web site devoted to the book; for some reason, it lists the book as containing 400 pages, but my copy has 381. The page also has links to a table of contents and a sample chapter, namely the first one. For those readers with very slow Internet access or unstable Adobe Acrobat plug-ins installed, be aware that the sample chapter -- and even the table of contents -- are offered only as PDFs, but the two links give no warning.

Most technical publishers, for every one of their books, wisely have links to the errata and sample code, right there on each book's Web page. This is the best approach, because when readers are having difficulty getting a book's examples to work correctly, they want to be able to quickly find and download the most up-to-date sample code, as well as check the errata page for any bugs in the printed code. Unfortunately, McGraw-Hill/Osborne has their links to those two types of information in an easily-overlooked part of a menubar, using small black text on a blue background. The links are near the upper left-hand corner, and outside the content section of the Web page, where the typical reader would be seeking fruitlessly for them.

The companion Web site for the book is hosted by Vaswani's software consulting firm, Melonfire. The site has the book's table of contents (in HTML), a link to chapter 1 in PDF, a profile of the author, three full-length case studies, a feedback form, and an extensive collection of links to PHP and MySQL reference material, discussion lists, articles, and tutorials. At the end of the Introduction in the book, the author invites the reader to use that companion site for connecting with other PHP users, and sharing their thoughts on PHP and MySQL development. The site itself has no such forum, so the author probably meant the discussion lists.

The companion site also has a link to download a Zip file containing all of the sample applications from the book -- from chapters 7, 12, and 16 -- comprising nine PHP scripts, an SQL file, and a data file. The code snippets themselves do not appear to be included in the download. This shouldn't pose a difficulty for the typical reader, since few of the code snippets are long. Besides, typing them in on one's computer can help to reinforce the language syntax that one is learning, as well as decent code formatting (valuable for newbies).

The book is organized into four parts.The first of these presents the basics of PHP and MySQL, including the history and features of both technologies, as well as how to install them on Unix and Windows systems, verify the integrity of the installations, and make some critical security and configuration changes, such as changing passwords. Parts II and III cover the basics of PHP and MySQL, respectively. The fourth and final part describes how to use the two together. To that end, every chapter contains snippets of code to illustrate the ideas being described. In addition, each section is wrapped up and illustrated with a sample application. For PHP, the author shows how to build a session-based shopping cart. For MySQL, he presents a simple order-tracking system. For using PHP and MySQL together, he shows a news-publishing system.

Despite its title, the book clearly does not tell the reader how to do everything with PHP and MySQL. As the author notes in the Introduction, the book is not designed to be a complete reference for either technology, but instead intended as a tutorial for Web developers who are interested in learning how to do server-side scripting in combination with a database management system. Vaswani states that he does not assume prior knowledge of programming or database fundamentals, and that these basic concepts will be taught by example, using tutorials and realistic examples. I suspect a reader not familiar with HTML, however, could be easily baffled by the book. On the other hand, most if not all developers reading a book on PHP or MySQL are likely to already know HTML well enough to understand the output of PHP-enhanced Web pages.

One strength that this book has over many similar ones is that the author explains up front how to install PHP and MySQL, rather than relegating these topics to an appendix, or skipping them entirely. This is critical, because many programmers will find that the most challenging aspects of getting started with PHP and MySQL, are simply getting them installed and working, along with a Web server, such as Apache -- and not coding the applications themselves.

Another welcome aspect of the book is the author's enthusiasm for the technologies -- although characterizing MySQL as "quite friendly" (page 150) is a stretch. Furthermore, his explanations are clear and concise. In addition, Vaswani makes no pretense that his book has all the answers; he frequently refers the reader to URLs in the online manuals of the products, for more details. In addition, he does a nice job of illustrating the advantages of normalized database tables, and later explaining how to format query output -- an important topic omitted in many similar books.

Yet, like all books, this one is not perfect. There are a number of errors or pitfalls in the book that could confuse the reader. They range from incomplete explanations of what a user will see when running particular commands, to the sort of errata one finds in all technical books. I found over two dozen in total (there may be more). In the interests of keeping this Slashdot version of the book review close to the recommended length, I won't list all of the problems here, but will instead refer the reader to a longer version of this book review, if they are interested in those details.

Aside from its many minor flaws, I recommend this title to any programmer who wants to learn the basics of PHP and MySQL. Even though the publisher could improve their production quality, choice of binding, and Web page, the author has done a good job of clearly presenting the major points. Future editions could incorporate fixes to the errors noted in the longer version of this review, as well as better explain to the neophyte how to test/debug the code snippets. Nonetheless, the intended reader would be well served by this particular book.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter. You can purchase How to Do Everything with PHP and MySQL from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "When it comes to creating a dynamic Web site with data store capabilities, the site developer can choose from many technologies, including PHP and MySQL. The combination of the two is rapidly emerging as a favorite, partly because they work well together, and partly because they are both available under open-source licenses. As a result, technical book publishers are cranking out a growing number of high-priced tomes that try to cover all of the details of either technology, or both. But for the developer just getting started in either one, there is a new title that could prove more accessible: Vikram Vaswani's How to Do Everything with PHP and MySQL, published by McGraw-Hill/Osborne." Read on for the rest of Ross's review. How to Do Everything with PHP and MySQL author Vikram Vaswani pages 381 publisher McGraw-Hill/Osborne rating 7 reviewer Michael J. Ross ISBN 0072257954 summary A tutorial on PHP and MySQL, geared to the new developer.

The publisher has a page on their Web site devoted to the book; for some reason, it lists the book as containing 400 pages, but my copy has 381. The page also has links to a table of contents and a sample chapter, namely the first one. For those readers with very slow Internet access or unstable Adobe Acrobat plug-ins installed, be aware that the sample chapter -- and even the table of contents -- are offered only as PDFs, but the two links give no warning.

Most technical publishers, for every one of their books, wisely have links to the errata and sample code, right there on each book's Web page. This is the best approach, because when readers are having difficulty getting a book's examples to work correctly, they want to be able to quickly find and download the most up-to-date sample code, as well as check the errata page for any bugs in the printed code. Unfortunately, McGraw-Hill/Osborne has their links to those two types of information in an easily-overlooked part of a menubar, using small black text on a blue background. The links are near the upper left-hand corner, and outside the content section of the Web page, where the typical reader would be seeking fruitlessly for them.

The companion Web site for the book is hosted by Vaswani's software consulting firm, Melonfire. The site has the book's table of contents (in HTML), a link to chapter 1 in PDF, a profile of the author, three full-length case studies, a feedback form, and an extensive collection of links to PHP and MySQL reference material, discussion lists, articles, and tutorials. At the end of the Introduction in the book, the author invites the reader to use that companion site for connecting with other PHP users, and sharing their thoughts on PHP and MySQL development. The site itself has no such forum, so the author probably meant the discussion lists.

The companion site also has a link to download a Zip file containing all of the sample applications from the book -- from chapters 7, 12, and 16 -- comprising nine PHP scripts, an SQL file, and a data file. The code snippets themselves do not appear to be included in the download. This shouldn't pose a difficulty for the typical reader, since few of the code snippets are long. Besides, typing them in on one's computer can help to reinforce the language syntax that one is learning, as well as decent code formatting (valuable for newbies).

The book is organized into four parts.The first of these presents the basics of PHP and MySQL, including the history and features of both technologies, as well as how to install them on Unix and Windows systems, verify the integrity of the installations, and make some critical security and configuration changes, such as changing passwords. Parts II and III cover the basics of PHP and MySQL, respectively. The fourth and final part describes how to use the two together. To that end, every chapter contains snippets of code to illustrate the ideas being described. In addition, each section is wrapped up and illustrated with a sample application. For PHP, the author shows how to build a session-based shopping cart. For MySQL, he presents a simple order-tracking system. For using PHP and MySQL together, he shows a news-publishing system.

Despite its title, the book clearly does not tell the reader how to do everything with PHP and MySQL. As the author notes in the Introduction, the book is not designed to be a complete reference for either technology, but instead intended as a tutorial for Web developers who are interested in learning how to do server-side scripting in combination with a database management system. Vaswani states that he does not assume prior knowledge of programming or database fundamentals, and that these basic concepts will be taught by example, using tutorials and realistic examples. I suspect a reader not familiar with HTML, however, could be easily baffled by the book. On the other hand, most if not all developers reading a book on PHP or MySQL are likely to already know HTML well enough to understand the output of PHP-enhanced Web pages.

One strength that this book has over many similar ones is that the author explains up front how to install PHP and MySQL, rather than relegating these topics to an appendix, or skipping them entirely. This is critical, because many programmers will find that the most challenging aspects of getting started with PHP and MySQL, are simply getting them installed and working, along with a Web server, such as Apache -- and not coding the applications themselves.

Another welcome aspect of the book is the author's enthusiasm for the technologies -- although characterizing MySQL as "quite friendly" (page 150) is a stretch. Furthermore, his explanations are clear and concise. In addition, Vaswani makes no pretense that his book has all the answers; he frequently refers the reader to URLs in the online manuals of the products, for more details. In addition, he does a nice job of illustrating the advantages of normalized database tables, and later explaining how to format query output -- an important topic omitted in many similar books.

Yet, like all books, this one is not perfect. There are a number of errors or pitfalls in the book that could confuse the reader. They range from incomplete explanations of what a user will see when running particular commands, to the sort of errata one finds in all technical books. I found over two dozen in total (there may be more). In the interests of keeping this Slashdot version of the book review close to the recommended length, I won't list all of the problems here, but will instead refer the reader to a longer version of this book review, if they are interested in those details.

Aside from its many minor flaws, I recommend this title to any programmer who wants to learn the basics of PHP and MySQL. Even though the publisher could improve their production quality, choice of binding, and Web page, the author has done a good job of clearly presenting the major points. Future editions could incorporate fixes to the errors noted in the longer version of this review, as well as better explain to the neophyte how to test/debug the code snippets. Nonetheless, the intended reader would be well served by this particular book.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter. You can purchase How to Do Everything with PHP and MySQL from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "As Windows users hear more about Linux, they may be intrigued to give it a try, if only to learn what the buzz is about. But a major hurdle, possibly the most daunting, is how to obtain and install Linux on their PCs without disrupting their Windows installation. To the average PC user (not a techie), the required steps are intimidating; to a computer newbie, they appear impossible. But with the introduction of Linux in the form of 'live CDs,' trying out Linux is as easy as popping a CD into one's computer and rebooting. The entire operating system is stored on the CD, thus avoiding having to install it on the hard drive. Test Driving Linux: From Windows to Linux in 60 Seconds , by David Brickner, includes a live CD and explains how to use it." Read on for the rest of Ross's review. Test Driving Linux: From Windows to Linux in 60 Seconds author David Brickner pages 341 publisher O'Reilly Media rating 8 reviewer Michael J. Ross ISBN 059600754X summary A guide for trying Linux on a bootable CD included with the book

This title is another in the growing list of books published by O'Reilly Media, whose user group representative kindly gave me a copy of the book to review. The book comprises 341 pages, and has plenty of screenshots, an appendix of solutions, and a Linux CD secured in an envelope within the back cover.

The particular Linux distribution ("distro") provided on the book's CD is Move, which is based upon Mandriva Linux, which was formerly known as Mandrake. While most Linux aficionados have their favorite distro, and can argue vehemently in favor of one against all others, there is widespread agreement in the Linux community that Mandrake established itself as a solid choice years ago.

Brickner begins this manuscript with an enthusiastic first chapter in which he introduces the computer neophyte to Linux, using cars and test driving as analogies. He briefly mentions how Linux got started, how it fits into GNU/Linux, and what the terms "free software" and "open source" mean. He then describes how to get started with Move by booting off of the CD -- assuming that one's computer has the minimum system requirements (detailed in the book's preface). Non-confident readers will likely appreciate the author's reassuring explanation that Move will not affect their computer's current setup. The chapter continues with an explanation of the KDE desktop, its "kicker" panel, the look and feel of a typical KDE application, window control, desktop background customization, KDE programs that replace Windows applications, and finally how to log out properly.

The next nine chapters of the book cover major application areas, and how to perform common tasks using the corresponding KDE applications of those areas: Web surfing (using Konqueror or Mozilla), file management (Konqueror again), music and videos, games, communication (e-mail and instant messaging), digital image editing (using the GIMP), desktop customization (using the KDE Control Center), office suite (OpenOffice.org), and money management. The final three chapters explore the Linux command line (Konsole), popular programs that are not included on the CD, and advice to those users who decide to switch over to Linux long-term.

In all of the chapters devoted to the major KDE applications, Brickner does a competent job of explaining the basics to the beginner, including handy summaries for more proficient users (such as keyboard shortcuts), and plenty of screenshots that help the reader to verify that they are running the correct application under discussion, and that they are looking in the right places within the application windows. However, all of the figures are in black and white, which makes distinguishing text extremely difficult in those cases where adjacent colors, that are typically well contrasting, merge into shades of dark gray. In addition, I spotted one erratum, on page 84, in which the first letter of "Booting advice for Move" is in a strangely different font, for no apparent reason. This is not representative of the book as a whole, which is well-made, neatly laid out, and uses a flexible layout-flat binding.

Brickner helpfully warns the user of potential pitfalls, such as showstopper dialog boxes being hidden by other Windows. He should be commended for advising the user to set their browser identification to alternatives other than Internet Explorer, if only to encourage Web site owners to not limit the browsers that will work with their sites. One minor error in the browser chapter is, when referring to the Gecko rendering engine used by Mozilla, the author incorrectly identifies it as "gecko," though that may have been an error on the part of the publisher.

For those users who enjoy trying out Linux enough to consider abandoning Windows completely, the final chapter of the book will be most welcome. Brickner identifies which distros are capable of resizing an NTFS-formatted partition; this determines whether or not a user can install that distro on a hard drive already containing Windows, and thus have a dual-boot system. He also distinguishes between those distros that are Windows-like, in that the Linux characteristics are hidden as much as possible, versus those which make no such effort. One potential weakness in his discussion, is that he mentions the ability or inability of particular editions of various distros to authenticate against Windows servers, and yet he does not explain to the reader what that means. On the other hand, any reader who does not understand the idea, probably does not need to.

Overall, I found this book to be worthy of recommendation to anyone who would like to learn more about how to use a robust Linux distro on a live CD. The coverage of topics appears complete, at least for those tasks that the typical computer user needs to perform on a daily basis. There are few errors in the text, and the author has done an admirable job of warning the reader as to potential problems, as well as noting when certain features will not work when running off of the CD, and why. These explanations go a long way to assuaging the reader, who might otherwise become frustrated and conclude that either Move is not operating properly, or that they are doing something wrong. The publisher's choice to use only black and white images, no doubt has the advantage of keeping the book's cost reasonable (a list price of U.S. $24.95), but it has the disadvantages of reducing the utility of those illustrations -- especially when discussing color customization -- in addition to the aforesaid problem of adjacent grayscale regions merging into dark blobs that are difficult to distinguish from one another.

Test Driving Linux is clearly of value in better introducing the public to the power and promise of Linux. It is undoubtedly one of the most user-friendly tools that could assist Linux advocates in spreading the word, and encouraging computer users to break away from operating systems that are expensive, buggy, and non-secure. As Brickner notes in his preface, when people unfamiliar with Linux give it a test drive, by simply booting off of the CD provided with the book, they just might want to stay with Linux long-term.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter. You can purchase Test Driving Linux: From Windows to Linux in 60 Seconds from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "As Windows users hear more about Linux, they may be intrigued to give it a try, if only to learn what the buzz is about. But a major hurdle, possibly the most daunting, is how to obtain and install Linux on their PCs without disrupting their Windows installation. To the average PC user (not a techie), the required steps are intimidating; to a computer newbie, they appear impossible. But with the introduction of Linux in the form of 'live CDs,' trying out Linux is as easy as popping a CD into one's computer and rebooting. The entire operating system is stored on the CD, thus avoiding having to install it on the hard drive. Test Driving Linux: From Windows to Linux in 60 Seconds , by David Brickner, includes a live CD and explains how to use it." Read on for the rest of Ross's review. Test Driving Linux: From Windows to Linux in 60 Seconds author David Brickner pages 341 publisher O'Reilly Media rating 8 reviewer Michael J. Ross ISBN 059600754X summary A guide for trying Linux on a bootable CD included with the book

This title is another in the growing list of books published by O'Reilly Media, whose user group representative kindly gave me a copy of the book to review. The book comprises 341 pages, and has plenty of screenshots, an appendix of solutions, and a Linux CD secured in an envelope within the back cover.

The particular Linux distribution ("distro") provided on the book's CD is Move, which is based upon Mandriva Linux, which was formerly known as Mandrake. While most Linux aficionados have their favorite distro, and can argue vehemently in favor of one against all others, there is widespread agreement in the Linux community that Mandrake established itself as a solid choice years ago.

Brickner begins this manuscript with an enthusiastic first chapter in which he introduces the computer neophyte to Linux, using cars and test driving as analogies. He briefly mentions how Linux got started, how it fits into GNU/Linux, and what the terms "free software" and "open source" mean. He then describes how to get started with Move by booting off of the CD -- assuming that one's computer has the minimum system requirements (detailed in the book's preface). Non-confident readers will likely appreciate the author's reassuring explanation that Move will not affect their computer's current setup. The chapter continues with an explanation of the KDE desktop, its "kicker" panel, the look and feel of a typical KDE application, window control, desktop background customization, KDE programs that replace Windows applications, and finally how to log out properly.

The next nine chapters of the book cover major application areas, and how to perform common tasks using the corresponding KDE applications of those areas: Web surfing (using Konqueror or Mozilla), file management (Konqueror again), music and videos, games, communication (e-mail and instant messaging), digital image editing (using the GIMP), desktop customization (using the KDE Control Center), office suite (OpenOffice.org), and money management. The final three chapters explore the Linux command line (Konsole), popular programs that are not included on the CD, and advice to those users who decide to switch over to Linux long-term.

In all of the chapters devoted to the major KDE applications, Brickner does a competent job of explaining the basics to the beginner, including handy summaries for more proficient users (such as keyboard shortcuts), and plenty of screenshots that help the reader to verify that they are running the correct application under discussion, and that they are looking in the right places within the application windows. However, all of the figures are in black and white, which makes distinguishing text extremely difficult in those cases where adjacent colors, that are typically well contrasting, merge into shades of dark gray. In addition, I spotted one erratum, on page 84, in which the first letter of "Booting advice for Move" is in a strangely different font, for no apparent reason. This is not representative of the book as a whole, which is well-made, neatly laid out, and uses a flexible layout-flat binding.

Brickner helpfully warns the user of potential pitfalls, such as showstopper dialog boxes being hidden by other Windows. He should be commended for advising the user to set their browser identification to alternatives other than Internet Explorer, if only to encourage Web site owners to not limit the browsers that will work with their sites. One minor error in the browser chapter is, when referring to the Gecko rendering engine used by Mozilla, the author incorrectly identifies it as "gecko," though that may have been an error on the part of the publisher.

For those users who enjoy trying out Linux enough to consider abandoning Windows completely, the final chapter of the book will be most welcome. Brickner identifies which distros are capable of resizing an NTFS-formatted partition; this determines whether or not a user can install that distro on a hard drive already containing Windows, and thus have a dual-boot system. He also distinguishes between those distros that are Windows-like, in that the Linux characteristics are hidden as much as possible, versus those which make no such effort. One potential weakness in his discussion, is that he mentions the ability or inability of particular editions of various distros to authenticate against Windows servers, and yet he does not explain to the reader what that means. On the other hand, any reader who does not understand the idea, probably does not need to.

Overall, I found this book to be worthy of recommendation to anyone who would like to learn more about how to use a robust Linux distro on a live CD. The coverage of topics appears complete, at least for those tasks that the typical computer user needs to perform on a daily basis. There are few errors in the text, and the author has done an admirable job of warning the reader as to potential problems, as well as noting when certain features will not work when running off of the CD, and why. These explanations go a long way to assuaging the reader, who might otherwise become frustrated and conclude that either Move is not operating properly, or that they are doing something wrong. The publisher's choice to use only black and white images, no doubt has the advantage of keeping the book's cost reasonable (a list price of U.S. $24.95), but it has the disadvantages of reducing the utility of those illustrations -- especially when discussing color customization -- in addition to the aforesaid problem of adjacent grayscale regions merging into dark blobs that are difficult to distinguish from one another.

Test Driving Linux is clearly of value in better introducing the public to the power and promise of Linux. It is undoubtedly one of the most user-friendly tools that could assist Linux advocates in spreading the word, and encouraging computer users to break away from operating systems that are expensive, buggy, and non-secure. As Brickner notes in his preface, when people unfamiliar with Linux give it a test drive, by simply booting off of the CD provided with the book, they just might want to stay with Linux long-term.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter. You can purchase Test Driving Linux: From Windows to Linux in 60 Seconds from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "For veterans of the information technology (IT) industry, the late 1990s was a remarkable time. The "dot-com bubble" expanded, the venture capital flowed, and the NASDAQ stocks soared. But now that the bubble has deflated and the e-commerce party has wound down, U.S. IT managers are struggling with reduced budgets. Yet apparently many believe that the sector will regain its past glory and blistering growth rates. According to experienced IT consultant Erik Keller, it's not going to happen. He presents his case in Technology Paradise Lost, published by Manning Publications, whose user group representative kindly provided me with a copy of the book for review." Read on for the rest of Ross's review. Technology Paradise Lost author Erik Keller pages 243 publisher Manning Publications rating 4 reviewer Michael J. Ross ISBN 1932394133 summary American programmers and IT departments must do more despite shrinking IT budgets

The dust cover blurb summarizes Keller's position: "...American corporations let IT grow until it reached one half of all corporate capital spending by the year 2000. Now, chastened by their spending failures, IT managers are converging on a new consensus: to exploit IT competitively they must use their smarts over big money. ... Counterintuitively, companies that spend less in order to get more from information technology will likely be the big winners." That's quite a claim, and a thorough reading of the book finds that Keller only supports half of that thesis.

The thought is reiterated early in the book: "...companies can move ahead over the next few years without large increases in their IT budgets. The only thing a company needs is a different perspective." (page xii). That prescription sounds suspiciously similar to the oversimplistic advice found in positive thinking self-help books. Keller does not yet make explicit what the different perspective will do for business. Perhaps it should be taken at face value, in that it will allow companies to move ahead without increasing their IT budgets. But is continued progress without budget increases such a massive gain? More significantly, how does that address the larger issues of failed IT projects, to which he alludes earlier? In my opinion, that issue is of much greater consequence.

Keller correctly points to some of the reasons why the heady e-commerce binges are not about to return: increasing scrutiny of IT budgets, greater demand for return on investment (ROI), cheaper and simpler solutions, offshoring of software development, lower wages to American programmers, abandonment of failing projects, Internet-based architecture, and adoption of open source software (OSS), such as Linux. Addressing these changes at a more strategic level, Keller notes that, "After years of questionable returns, cost overruns, and increased complexity, companies are pushing financial rigor to IT groups." (page 6).

The book's first seven chapters discuss the primary factors in leading to reduced IT expenditures, at least within the U.S. business community. But the last four chapters go over previous ground, with more variations on the theme of reduced IT spending, interspersed with several examples from various corporations. The reader may get the sense that not much new information or recommendations are being offered, but instead that these four chapters are serving as filler, to beef up the size of the book. Otherwise, it would be more obvious that the book's usable contents could be boiled down into one meaty article.

Keller's primary thesis, that American IT could in the future produce more returns for less investment, has two primary components. The near-term and likely long-term trend for declining corporate spending on IT, is well established in his book. In fact, one could argue that reduced IT spending is not something that American companies will adopt by choice, but instead will be forced upon them due to deflationary pressures, increased costs for natural resources, and declining ability to pass along cost increases to U.S. consumers falling further behind financially. But the flip side of his thesis, that companies will get even more results despite spending less money, is not nearly as well substantiated. Not a single one of the chapters in the book is devoted to demonstrating that this is happening, or will happen. Companies may be able to maintain current levels of service despite reduced funding; but greater results per dollar invested (i.e., efficiency) does not imply greater results on an absolute basis. As such, Keller's big claim noted earlier, is only half fulfilled.

The critical questions -- concerning the proper role and funding of IT -- are presented in the book couched in the language used by high-level business managers, who speak in vague terms about "technology" and "infrastructure," and yet have little or no real understanding of how it truly works, having spent their earlier years pursuing MBAs rather than programming computers. It could be argued that such general terminology must necessarily be used when discussing information technology among business managers. That may be true, but it does not lessen the dangers of fuzzy thinking and overly broad conclusions found in Keller's book and in the typical articles discussing IT purpose, strategy, and utilization. In particular, such excessively broad strokes, in my experience, not only mask the ignorance of the IT manager demanding miracles from their staff, but invariably increases the odds that upper management will be seduced by the handwaving consulting firms -- and thus fall prey to the mistakes delineated by Keller.

Of all the inapt analogies in the book, its title is perhaps the most egregious. Alluding to John Milton's famous narrative poem, "technology paradise lost" implies that there was a time when IT resource usage was idyllic, if not perfect. Yet by Keller's own account, the misspending and failed projects, followed by financial discipline imposed by the outside world, are anything but heaven-sent. One cannot lose what has never been found.

Weighing in at 243 pages, Technology Paradise Lost is a quicker read than many other business books. Part of that is due to the unfortunate repetition of a few core ideas. Fortunately, the book has just enough tables, charts, and breakouts, to add some visual variety to the text.

The book benefits from the author's clear writing style, no doubt honed from over two decades of creating articles, documents, and presentations intended for business managers. Keller does a solid job of utilizing real world statistics and examples to back up his assessments.

Despite the repetition, sloppy analogies, and business-speak generality, Technology Paradise Lost offers a valid discussion of changes currently being experienced by the American IT industry as it grudgingly recovers from the Internet boom and bust. The book may be of value to IT managers who, for whatever reason, are ignorant of the obvious transformations that are taking place. Yet, any IT industry participant who devotes even a modicum of time to monitoring the latest developments and trends, should be well aware of IT budget trimming, offshoring, open source software, and other cost-saving methods. Otherwise, to be so out of touch with reality would be inexcusable. On the other hand, that was one of the primary symptoms before and during the widespread dot-com insanity, and could easily account for any beliefs in its imminent return.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter." You can purchase Technology Paradise Lost from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

Michael J. Ross writes "For veterans of the information technology (IT) industry, the late 1990s was a remarkable time. The "dot-com bubble" expanded, the venture capital flowed, and the NASDAQ stocks soared. But now that the bubble has deflated and the e-commerce party has wound down, U.S. IT managers are struggling with reduced budgets. Yet apparently many believe that the sector will regain its past glory and blistering growth rates. According to experienced IT consultant Erik Keller, it's not going to happen. He presents his case in Technology Paradise Lost, published by Manning Publications, whose user group representative kindly provided me with a copy of the book for review." Read on for the rest of Ross's review. Technology Paradise Lost author Erik Keller pages 243 publisher Manning Publications rating 4 reviewer Michael J. Ross ISBN 1932394133 summary American programmers and IT departments must do more despite shrinking IT budgets

The dust cover blurb summarizes Keller's position: "...American corporations let IT grow until it reached one half of all corporate capital spending by the year 2000. Now, chastened by their spending failures, IT managers are converging on a new consensus: to exploit IT competitively they must use their smarts over big money. ... Counterintuitively, companies that spend less in order to get more from information technology will likely be the big winners." That's quite a claim, and a thorough reading of the book finds that Keller only supports half of that thesis.

The thought is reiterated early in the book: "...companies can move ahead over the next few years without large increases in their IT budgets. The only thing a company needs is a different perspective." (page xii). That prescription sounds suspiciously similar to the oversimplistic advice found in positive thinking self-help books. Keller does not yet make explicit what the different perspective will do for business. Perhaps it should be taken at face value, in that it will allow companies to move ahead without increasing their IT budgets. But is continued progress without budget increases such a massive gain? More significantly, how does that address the larger issues of failed IT projects, to which he alludes earlier? In my opinion, that issue is of much greater consequence.

Keller correctly points to some of the reasons why the heady e-commerce binges are not about to return: increasing scrutiny of IT budgets, greater demand for return on investment (ROI), cheaper and simpler solutions, offshoring of software development, lower wages to American programmers, abandonment of failing projects, Internet-based architecture, and adoption of open source software (OSS), such as Linux. Addressing these changes at a more strategic level, Keller notes that, "After years of questionable returns, cost overruns, and increased complexity, companies are pushing financial rigor to IT groups." (page 6).

The book's first seven chapters discuss the primary factors in leading to reduced IT expenditures, at least within the U.S. business community. But the last four chapters go over previous ground, with more variations on the theme of reduced IT spending, interspersed with several examples from various corporations. The reader may get the sense that not much new information or recommendations are being offered, but instead that these four chapters are serving as filler, to beef up the size of the book. Otherwise, it would be more obvious that the book's usable contents could be boiled down into one meaty article.

Keller's primary thesis, that American IT could in the future produce more returns for less investment, has two primary components. The near-term and likely long-term trend for declining corporate spending on IT, is well established in his book. In fact, one could argue that reduced IT spending is not something that American companies will adopt by choice, but instead will be forced upon them due to deflationary pressures, increased costs for natural resources, and declining ability to pass along cost increases to U.S. consumers falling further behind financially. But the flip side of his thesis, that companies will get even more results despite spending less money, is not nearly as well substantiated. Not a single one of the chapters in the book is devoted to demonstrating that this is happening, or will happen. Companies may be able to maintain current levels of service despite reduced funding; but greater results per dollar invested (i.e., efficiency) does not imply greater results on an absolute basis. As such, Keller's big claim noted earlier, is only half fulfilled.

The critical questions -- concerning the proper role and funding of IT -- are presented in the book couched in the language used by high-level business managers, who speak in vague terms about "technology" and "infrastructure," and yet have little or no real understanding of how it truly works, having spent their earlier years pursuing MBAs rather than programming computers. It could be argued that such general terminology must necessarily be used when discussing information technology among business managers. That may be true, but it does not lessen the dangers of fuzzy thinking and overly broad conclusions found in Keller's book and in the typical articles discussing IT purpose, strategy, and utilization. In particular, such excessively broad strokes, in my experience, not only mask the ignorance of the IT manager demanding miracles from their staff, but invariably increases the odds that upper management will be seduced by the handwaving consulting firms -- and thus fall prey to the mistakes delineated by Keller.

Of all the inapt analogies in the book, its title is perhaps the most egregious. Alluding to John Milton's famous narrative poem, "technology paradise lost" implies that there was a time when IT resource usage was idyllic, if not perfect. Yet by Keller's own account, the misspending and failed projects, followed by financial discipline imposed by the outside world, are anything but heaven-sent. One cannot lose what has never been found.

Weighing in at 243 pages, Technology Paradise Lost is a quicker read than many other business books. Part of that is due to the unfortunate repetition of a few core ideas. Fortunately, the book has just enough tables, charts, and breakouts, to add some visual variety to the text.

The book benefits from the author's clear writing style, no doubt honed from over two decades of creating articles, documents, and presentations intended for business managers. Keller does a solid job of utilizing real world statistics and examples to back up his assessments.

Despite the repetition, sloppy analogies, and business-speak generality, Technology Paradise Lost offers a valid discussion of changes currently being experienced by the American IT industry as it grudgingly recovers from the Internet boom and bust. The book may be of value to IT managers who, for whatever reason, are ignorant of the obvious transformations that are taking place. Yet, any IT industry participant who devotes even a modicum of time to monitoring the latest developments and trends, should be well aware of IT budget trimming, offshoring, open source software, and other cost-saving methods. Otherwise, to be so out of touch with reality would be inexcusable. On the other hand, that was one of the primary symptoms before and during the widespread dot-com insanity, and could easily account for any beliefs in its imminent return.

Michael J. Ross is a freelance writer, computer consultant, and the editor of PristinePlanet.com's free newsletter." You can purchase Technology Paradise Lost from bn.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.